CN101512957A

CN101512957A - Transaction authentication using network

Info

Publication number: CN101512957A
Application number: CNA2007800272593A
Authority: CN
Inventors: A·哈玛德; P·费斯; M·卡尔森
Original assignee: Visa USA Inc
Current assignee: Visa USA Inc; Visa International Service Association
Priority date: 2006-06-19
Filing date: 2007-06-18
Publication date: 2009-08-19
Anticipated expiration: 2027-06-18
Also published as: CN106936587B; CN101512957B; CN107067246A; CN106936587A; CN101485128A; CN101485128B; CN101502031A; CN101502031B; CN101473344A

Abstract

Systems and method for improved consumer and portable consumer device authentication are disclosed. Such systems and methods may include using dynamic verification values, challenge questions, and consumer notification as ways to prevent fraudulent transactions from being conducted.

Description

Use the transaction authentication of network

The cross reference of related application

The application is the U.S. Provisional Patent Application of submitting on June 19th, 2,006 60/815, the U.S. Provisional Patent Application 60/815 that on June 20th, No. 059 1 submitted to, the U.S. Provisional Patent Application 60/884 that No. 430 and on January 9th, 2007 submit to, No. 089 non-temporary patent application, and require the priority of the applying date of these provisional application.It is comprised in this in full by reference for all purposes in all these applications.

Background

There is the multiple mode of guaranteeing that safety is paid and concluded the business.For example, exist the authentication consumer to guarantee that real consumer is that people's the multitude of different ways of transaction of paying.The multitude of different ways that also has the portable consumer device that authentication just used by the consumer.

Although have the different modes of authentication payment transaction, expect to have the risk of improved authentication mechanism with further reduction fraudulent trading.

Various embodiments of the present invention address these problems and other problem individually or jointly.

General introduction

The system and method for improved consumer and portable consumer device authentication is disclosed.Embodiments of the invention comprise each mode that authentication such as portable consumer devices such as Payment Card, authentication are used the consumer of portable consumer device, execution back-end processing and the notice of purchase-transaction is provided to the consumer.

One embodiment of the present of invention are at the method that may further comprise the steps: carry out the verification process that is used for the consumer, wherein the consumer uses portable consumer device to conclude the business; Execution is used for the verification process of portable consumer device, wherein carries out fingerprint or the dynamic authentication value that the verification process that is used for portable consumer device comprises that checking is associated with this portable consumer device; And after carrying out authentication consumer and authentication portable consumer device, carry out risk analysis, wherein risk analysis determines whether this transaction will be authorized to.

One embodiment of the present of invention are at the method that may further comprise the steps: use the dynamic data that is generated by the portable consumer device or the access device of communicating by letter with portable consumer device to authenticate this portable consumer device; And the authentication consumer comprises to the consumer and sends challenge message, and receives challenge response from the consumer.

An alternative embodiment of the invention is at the method that may further comprise the steps: receive the authentication request message that the transaction carried out with the use portable consumer device is associated, wherein this portable consumer device comprises the portable consumer device fingerprint, and wherein this authentication request message comprises the portable consumer device fingerprint and the algorithm identifier of change; Use this algorithm identifier from polyalgorithm, to select an algorithm; Use the portable consumer device fingerprint of selected algorithm and change to determine the portable consumer device fingerprint; Determine whether this portable consumer device fingerprint mates the portable consumer device fingerprint of being stored; Send challenge message to the consumer who is associated with portable consumer device; And send authorization response message to the consumer, wherein this authorization response message indicates whether the approval transaction.

An alternative embodiment of the invention is at the method that may further comprise the steps: authenticate no battery (batteryless) portable consumer device, wherein this portable consumer device comprises the no battery portable consumer that contains antenna; Authenticate this consumer; And to this consumer send the transaction ongoing notification message.

Other embodiment of the present invention are at the particular combinations of following other authenticated connections that provide in detailed description.

The accompanying drawing summary

Fig. 1 illustrates the block diagram according to the system of one embodiment of the invention.

Fig. 2 illustrates the block diagram according to the each side of the payment transaction Verification System of one embodiment of the invention.

Fig. 3 (a)-3 (c) illustrates the schematic diagram according to the no battery card of various embodiments of the present invention.

Fig. 4 illustrates portable secure device.

Fig. 5 illustrates the expression with the data field that is associated such as portable consumer devices such as credits card.

Fig. 6 illustrates the each several part of main number of the account (PAN).

Fig. 7 illustrates the block diagram of the system that comprises the challenge engine.

Fig. 8-9 illustrates and comprises the flow chart that uses challenge message to authenticate each method of consumer.

Figure 10 (a) illustrates the block diagram of the system that can use algorithm ID.

Figure 10 (b) illustrates the block diagram of each module in the server computer in the system that can be present in Figure 10 (a).

Figure 11-12 illustrates the flow chart according to the method for various embodiments of the present invention.

Describe in detail

I. example system and payment transaction

Embodiments of the invention can be used for authenticating the transaction (for example, money transfer transactions) of conventional purchase-transaction and other types.Specific Verification System and method can relate to the authentication of consumer's (for example, the buyer), portable consumer device (for example, credit card) and/or access device (for example, POS terminal) to guarantee that transaction is real.

In typical purchase-transaction, the consumer uses portable consumer device (for example, credit card) to come to buy commodity or service from businessman.

Fig. 1 shows the system 20 that can use in one embodiment of this invention.System 20 comprises businessman 22 and the acquirer 24 who is associated with businessman 22.In typical payment transaction, consumer 30 can use portable consumer device 32 to buy commodity or service at businessman 22 places.Acquirer 24 can communicate with publisher 28 via payment processing network 26.

Consumer 30 can be individual or such as the tissues such as enterprise that can buy commodity or service.

Portable consumer device 32 can be any suitable form.For example, suitable portable consumer device can be hand-hold type and be compact, makes it be suitable for putting into consumer's wallet and/or pocket (for example, pocket-size).They can comprise smart card, common credit card or debit card (have magnetic stripe and do not have microprocessor), key chain device (as the SpeedpassTM that can buy from Exxon-Mobil company) etc.Other example of portable consumer device comprises cell phone, PDA(Personal Digital Assistant), beep-pager, Payment Card, safety card, charge card, intelligent medium, transponder etc.Portable consumer device can also be debit devices (for example, debit card), credit equipment (for example, credit card) or Stored Value equipment (for example, stored value card).

Payment processing network 26 can comprise data process subsystem, network and operations such as being used to support and transmitting authorization service, abnormal document service and clearance and clearing service.The exemplary payment process network can comprise VisaNet ^TMSuch as VisaNet ^TMCan handle the business transaction of credit card trade, debit card transactions and other type etc. payment processing network.Particularly, VisaNet ^TMComprise the VIP system (Visa integrated payment system) that handles authorization requests and carry out clearance and the Base II system of clearing service.

Payment processing network 26 can comprise server computer.Computer that server computer is normally powerful or computer cluster.For example, server computer can be mainframe computer, minicom group or the server group that operates as a unit.In one example, server computer can be to be coupled to web data in server storehouse server.Payment processing network 26 can be used any suitable wired or wireless network, comprises the internet.

Businessman 22 also can have can carry out mutual access device 34 with portable consumer device 32 maybe can be from its received communication.Access device according to various embodiments of the present invention can be any suitable form.The example of access device comprises point of sale (POS) equipment, cell phone, PDA, personal computer (PC), board PC, handheld specialized readers, set-top box, electronic cash register (ECR), Automatic Teller Machine (ATM), virtual cashier's machine (VCR), self-service terminal, safety system, connecting system etc.

If access device 34 is point of sales terminals, then can use any suitable point of sales terminal, comprise card reader.Card reader can comprise any suitable contact or contactless operator scheme.For example, exemplary card readers can comprise with portable consumer device 32 and carries out mutual RF (radio frequency) antenna, magnetic strip reader etc.

In typical purchase-transaction, consumer 30 uses such as portable consumer devices such as credit card 32 and buys commodity or service at businessman 22 places.Consumer's portable consumer device 32 can be mutual such as access devices 34 such as POS (point of sale) terminals with businessman 22 places.For example, consumer 30 can hold credit card and it can be brushed suitable groove in the POS terminal.Perhaps, the POS terminal can be contactless reader, and portable consumer device 32 can be such as contactless devices such as contactless cards.

Authorization request message is forwarded to acquirer 24 then.After receiving this authorization request message, this authorization request message is sent to payment processing network 26 then.Payment processing network 26 is transmitted to this authorization request message the publisher 28 of portable consumer device 32 then.

After publisher 28 received this authorization request message, publisher 28 beamed back authorization response message (step 56) to indicate whether to authorize (or not authorizing) current transaction to payment processing network 26.Payment processing network 26 is transmitted this authorization response message then and is reclaimed folk prescription 24.Acquirer 24 sends back to response message businessman 22 then.

After businessman 22 received this authorization response message, the access device 34 at businessman 22 places can be consumer 30 then authorization response message is provided.This response message can be shown by access device 24, or can print on receipt.

When finishing in one day, payment processing system 26 can be cleared and settlement process normally.The clearance process be between acquirer and publisher exchange finance detailed so that to consumer's account transfer items and with the process of consumer's striking a balance reconciliation.Clearance and clearing can take place simultaneously.

II. transaction authentication

With reference to figure 2, show conceptual schema 100, the authentication of aforesaid purchase-transaction can have various aspects.These aspects comprise that the consumer of portable consumer device authentication 100 (a), consumer authentication 100 (b), the back-end processing 100 (c) that comprises real-time risk analysis and purchase-transaction notifies 100 (d).

The portable consumer device authentication relates to the authentication to portable consumer device.That is, in the portable consumer device verification process, making about the portable consumer device that just is being used in this purchase-transaction is the judgement of the real portable consumer device or the portable consumer device of personation.The concrete example technique that is used to improve to the authentication of portable consumer device comprises:

Such as the dynamic CVV on the portable consumer devices such as magnetic stripe card

Card security feature (existing and new)

Contactless chip (limited use)

The magnetic stripe sign

Card validation value (CVV and CVV2)

Contact EMV chip

Consumer authentication relates to the whether owner of portable consumer device or the judgement of authorized user about the people that concludes the business.Conventional consumer authentication process is undertaken by businessman.For example, before carrying out business transaction with the credit cardholder, businessman can ask to check this credit cardholder's driving license.Authentication consumer's alternate manner will be desirable, because the consumer authentication of locating in businessman is not all to take place in each case.The concrete example of improving the possible method of consumer authentication process comprises following at least:

Challenge-response based on knowledge

Hardware token (many solution options)

OTP (one-time password, limited use)

AVS (not as independently solution)

Signature

Software token

PIN (on-line)

User ID/pass code

Dual channel road verification process (for example, via phone)

Bio-measurement

Back-end processing relates to the processing that can occur in the non-merchant location of publisher or payment processing network or other place.As described in detail in the following, can locate to carry out various processes to assist in ensuring that ongoing any transaction all is real in " rear end " of payment transaction.Back-end processing can also stop the transaction that should not be authorized to, and can allow the transaction that should be authorized to.

At last, consumer notice be transaction authentication on the other hand.In some cases, can notify consumer's purchase-transaction to take place or take place.If consumer's notified (for example, via cell phone) is just using its portable consumer device to conclude the business, and in fact this consumer do not carry out this transaction, and then can take appropriate steps stops the generation of transaction.The concrete example of consumer's notification procedure comprises:

Purchase notice via SMS

Purchase notice via e-mail

Purchase notice by phone

Below provide about certain some the detail in the above-mentioned each side.The detail of each concrete aspect can make up in any suitable manner and not deviate from the spirit and scope of various embodiments of the present invention.For example, portable consumer device authentication, consumer authentication, back-end processing and consumer transaction notice can be combined in certain embodiments of the present invention all.Yet other embodiments of the invention can be at the specific embodiment that relates to each independent aspect, or the particular combinations of these independent aspects.

III. portable consumer device authentication

Can make improvements for various portable consumer device verification process.So improved example below is provided.

A. dynamic card verification value (dCVV)

For assist in ensuring that the portable consumer device that is just using is actually real portable consumer device in payment transaction, can provide " dynamically " data from portable consumer device.Dynamic data is the data that can change in time, thereby more safer than static data (for example, name).For example, the portable consumer device verification process can comprise " dynamically " verification msgs such as (being dynamic card verification value) such as dynamic CVV.

As a comparison, " static state " data can be the data that do not change in time.For example, current credit card can be printed on card validation value (CVV value) at card backside.These values can be used for verifying that the portable consumer device that is using is real.For example, when using credit card to carry out purchase-transaction by phone or internet, businessman can require the CVV value of back of credit cards.This CVV value can be mated with credit number, in fact has real portable consumer device to guarantee the caller.The problem of current C VV is that they are static.They may go adrift and be used.

Dynamically CVV (" dCVV ") describes in No. the 10/642nd, 878, U.S. Patent application, this application for all purposes by reference its integral body be comprised in this.U.S. Patent application is described for the 10/642nd, No. 878 and is used the information that comprises PAN (main number of the account), the term of validity, service codes and automated transaction counter to generate validation value.This validation value sends to service supplier's (for example, payment processes tissue or publisher) from businessman, there to its decoding and the assessment to obtain possible approval.The number of times that automated transaction counter keeps track portable consumer device uses, and if between the counter of received Counter Value of issuer and issuer, have mismatch, then this may indicate possible data to skim or swindle use.

DCVV or other dynamic datas can use any suitable secure data transmission process to transmit, and can use DES (dynamic encryption standard) and ECC (elliptic curve cipher art) or AEC (superencipherment cryptography).Can use any symmetry or asymmetric cryptography element.

Other improvements in security of dCVV process can comprise the longer DES of use number and longer counter.

B. use the dCVV of specific input data creation

By using different data or the dissimilar different dynamic authentication values of variable information generation to come existing dCVV process is improved is desirable.For example, dynamically changing more transaction and/or customer-specific data is that correct equipment with the checking portable consumer device.This is more safer than only using simple counter.For example, customizing messages can comprise following: Termination ID, the time in one day, telephone number, SIM card number, turnover, number of the account, service codes (two), the term of validity, current date, come the random number of self terminal etc.Customizing messages preferably includes at least one dynamic data element, such as counter, time, purchase volume etc. in one day.In other embodiments, the customizing messages that is used to create the dynamic authentication value comprises dynamically, the consumer is special-purpose or the transaction specific information, such as the time in one day when the transaction generation, purchase volume, in the past transaction data etc.In these any, certain some or all can be used for creating validation value, or can dynamically change other customizing messages to create new dCVV.Can handle new dCVV according to being similar to or being different from then in the mode of the general process scheme described in No. the 10/642nd, 878, the U.S. Patent application.In a specific example, can be dynamic data element about the data of in the past transaction (for example, turnover, time of buying etc.) in the past in the past, they can be used for is transaction authentication portable consumer device in the future.Further details about such dCW method can find in the U.S. Patent application of submitting on the same day with the application, be entitled as Verification Value System and Method (validation value system and method) (agency's numbering 16222U-031900US).

C. reduce the number of unaccepted dCVV transaction

Above-mentioned dCVV process is useful.Yet, may exist wherein from portable consumer device and send and in the do not match multiple situation of the corresponding dynamic data (another corresponding Counter Value) that generate at publisher's server place of the dynamic data (for example, Counter Value) that service supplier's server receives.For example, sometimes, businessman in time is not transmitted to the publisher with transaction data.If this situation takes place, then the transaction in consumer future of carrying out might by mistake be refused.For example, if the employed portable consumer device of consumer wherein has the counter to the transaction number counting that is carried out, and the counter in publisher's server is owing to receive and do not keep corresponding transaction count the delay from the transaction data of one or more businessmans, then certain in the consumer transaction some may by mistake be refused.The approval transaction is desirable as much as possible under the situation of disapproving transaction that may be skimmed.

Can comprise the scope of widening transaction counter (or widen such as some other variable datas such as time, dates permission) to the solution of this problem, making has certain surplus to possible mistake.For example, consumer's portable consumer device can have the counter that current transaction sum equals 100 therein.When the consumer when the POS terminal is concluded the business, can send authorization messages to the server of publisher or payment processing network from the POS terminal.It is the number of deals 100 of consumer A that this authorization messages can be indicated this.Publisher's server can be checked corresponding counter range then.If the transaction counter that is received falls into by in the determined corresponding counter range of publisher, then transaction goes through.For example, corresponding counter range can be between 98 and 102.Because consumer's counter is 100, fall between 98 and 102, therefore transaction goes through.Therefore, if publisher's server has the counter of the counter of value on consumer's the portable consumer device, then transaction can by mistake not refused.If taken place that actual data are skimmed or if consumer's payment accounts is being used and without permission, then the counter at publisher's server place may be significantly different with the actual count device on consumer's the portable consumer device.

These embodiment of the present invention can help to reduce the number of wrong transaction refusal.As an alternative or other authentication measures, if publisher's discovering server does not match from the transaction counter of POS terminal reception and the transaction counter of publisher's server, if or counter does not fall into by the determined preset count device of publisher's server computer scope, then the publisher can provide challenge (for example, when you are the birthday) to the consumer.If the consumer has correctly answered challenge, then transaction goes through.If problem is not correctly answered, then it does not go through.Below provide about the possible challenge message that can use in such embodiments and the other details of challenge.

In other embodiments, if about counter (or other dynamic data element) fall into preset range be carry out further authentication processing (for example, sending challenge) to the consumer still do not carry out the decision-making of further authentication processing can be based on other factors.For example, if counter or other dynamic data element fall in the preset range, then the transaction that only ought analyze greater than the predetermined dollar limit (for example, surpass ＄ 1000) or the transaction analyzed just from the position that may indicate the higher trend of initiating fraudulent trading or businessman when carrying out, just carry out further authentication processing.Therefore, embodiments of the invention can comprise its dependent variable that can consider when determining whether to carry out additional authentication processing.

About in conjunction with the further details of the embodiment of the dynamic data element scope of application that is used for validation value the Application No. of submitting on the same day with the application, be entitled as Verification Error Reduction System (verification error reduction system) _ _ _ _ _ _ _ _ _ _ _ (agency numbering 16222U-031800US) describe, this application for all purposes by reference its integral body be comprised in this.

D. can produce the portable consumer device of dCVV

Can produce a plurality of different portable consumer devices, they can provide such as variable transaction data such as counters.The example of this portable consumer device comprises the magnetic stripe card that the data that provide on its magnetic stripe can be provided.Be used in overwriting data on the magnetic stripe such as rewriting equipment such as magnetic write heads.The patent that such card is discussed is a United States Patent (USP) the 7th, 044, and No. 394, it whole is comprised in this to this patent by reference for its all purposes.Battery is positioned at card, and can be the rewriting power devices.

Use to battery in Payment Card is not desirable especially in some cases.For example, battery need be replaced, and disposes in eco-friendly mode.And, if the battery powered given time that is stuck in does not have sufficient electric power, then stick into capable particular transaction and may not can be undertaken by expectation with this.In addition, if the consumer has a plurality of battery powered cards in its wallet, the potential safety problem when then this may cause airline traveling.Therefore, the card that does not preferably have battery.

In certain embodiments, portable consumer device is no battery card (or other no battery forms factors), and they can comprise the chip that comprises counter.These no battery cards replace the internal cell power supply by certain external power source.The example of external power source comprises such as access devices such as POS terminal and transaction calculators.In an embodiment of the present invention, whenever no battery card by such as external power source such as POS terminals the time, Counter Value (or other variable datas) can not have the battery card by this and produces.In Fig. 3 (a)-3 (c), a plurality of specific embodiments have been shown.

Fig. 3 (a) illustrates the magnetic stripe card 202 that comprises plastic body 202 (a).Magnetic stripe 202 (e) is positioned on the plastic body 202 (a).Plastic body 202 (a) can comprise bulge area, and it can have such as information (not shown) such as cardholder name, card number and the terms of validity.Processor (for example, microprocessor) 202 (b) are positioned on the plastic body 202 (a), and read-write equipment 202 (d) and antenna 202 (c) are coupled to processor 202 (b).In this example, antenna 202 (c) is the wire turn that can receive electric power from the Non-contact Media Reader (not shown).

During use, antenna 202 (c) can allow magnetic stripe card 202 to communicate by letter with outside contactless reader (not shown), makes number of the account and can choose counter information (or other variable datas) wantonly and can obtain from magnetic stripe 202 (e) via processor 202 (b) and read-write equipment 202 (d).Simultaneously, antenna 202 (c) also can be used for processor 202 (b) and read-write equipment 202 (d) being powered temporarily, makes read-write equipment 202 (d) also can change the dynamic data (for example, counter) on the magnetic stripe 202 (e).Therefore, as shown in this example, embodiments of the invention can comprise the use to the no battery magnetic stripe card that the dynamic data that can be used for the portable consumer device authenticating transactions can be provided.

Although the example among Fig. 3 (a) comprises the read-write equipment 202 (d) that is used for magnetic stripe 202 (e), but in other embodiments, can be embodied as can be to such as the volatibility of flash chip etc. or half volatile solid-state equipment is read and/or the logic of write data for read-write equipment.

Another card embodiment 204 of the present invention is shown in Fig. 3 (b).In Fig. 3 (a) and 3 (b), the same same element of numbering indication.Yet, in Fig. 3 (b), showing conduction contact zone 202 (f), this conductive contact replaces antenna to be coupled to processor 202 (b).In this example, contact zone 202 (f) can comprise a plurality of electric connections, makes it and to electrically contact with corresponding contact zone interface in the card reader (not shown).When use blocks 204, can power to processor 202 (b) via conductive contact 204 (f), and read-write equipment 202 (d) can as above operate.

Fig. 3 (c) shows another magnetic stripe card 206 according to an embodiment of the invention.It can comprise that this interface area can be taked the form of above-mentioned antenna 202 (c) or conductive contact 202 (f) such as interface area 202 portable consumer device reader interfaces districts such as (g).As mentioned above, can be via interface area 202 (g) to processor 202 (b) and read-write equipment 202 (d) power supply.

Yet in the present embodiment, semi-static display 202 (h) is coupled to processor 202 (b).When processor 202 (b) was powered by card reader during purchase-transaction, processor 202 (b) can make display 202 (h) show such as dynamic card verification value validation values such as (dCVV).DCVV can check by the consumer, and orders at mail, uses to help the checking consumer to have real card in phone or the internet purchases transaction.In this example, identical or different dCVV value (or other dynamic datas) can be sent to card reader electronically and be sent further to verify in to publisher's authorization request message subsequently.

Fig. 4 shows the safety means 300 that can be used for the card power supply of type shown in Fig. 3 (a)-3 (c).Safety means 300 can have data input area 300 (b) (for example, key) on shell 300 (a).Shell 300 (a) can limit the groove 300 (d) that can hold aforesaid no battery card.Display 300 (c) also can be present on the shell 300 (a).

Safety means 300 can comprise microprocessor, battery and comprise the memory of the computer code of the number that is used to produce one-time transaction sign indicating number or consumer's purchase-transaction.The logic that is used to produce the one-time transaction sign indicating number also can reside on another server or the computer (for example, publisher's server), makes publisher, businessman or the opposing party can verify that the people who holds card is actually authorized holder.In this example, safety means 300 can be characterized as being hard security token and can be used for helping the authentication consumer.

During use, the consumer can be inserted into no battery magnetic stripe card (as mentioned above) in the groove 300 (d).Can go up at screen 300 (c) then and show the one-time transaction sign indicating number.In the time of in card is inserted into safety means 300, processor in the card and read-write equipment are powered, make that the dynamic data (for example, counter) on the card can change from the electric power of the power supply in the safety means 300.Therefore, safety means 300 can be transaction and produce one-time transaction number, and can power to no battery card temporarily, make counter (or other dynamic element) to change in card.Equipment 300 safe in utilization can advantageously authenticate consumer and portable consumer device with the system that can have the no battery card of dynamic data.

About the further details of the embodiment that uses no battery portable consumer device the U.S. Patent application of submitting on the same day with the application, be entitled as Batteryless Portable Consumer Device (no battery portable consumer device) _ _ _ _ _ _ _ _ _ (agency's numbering 16222U-031700US) in description, this application for all purposes by reference its integral body be comprised in this.

E. the main number of the account (PAN) of mask

It is main number of the account that the another way of authentication portable consumer device is to use the PAN of mask.In this example, the part of the PAN that is sent is by mask and/or dynamically change.PAN comprises that such as BIN number be bank identifier number part such as identification number such as grade.Other examples of identification number part comprise merchant location, financial institution position even IP address.Last four of PAN and BIN number will remain unchanged, and other numerals among the PAN change.These numerals that dynamically change generally can make the consumer can not see any uncommon thing by mask on the Payment Card receipt that is received by the consumer.

Fig. 5 shows in purchase-transaction the schematic diagram of data field that sends to publisher's data from businessman.Data field comprises PAN, the term of validity, service codes, PINCVV and arbitrary data field.

The exemplary PAN380 that can reside in the memory (for example, magnetic stripe) of portable consumer device is shown in Figure 6.In this example, the first six digits of PAN380 (that is first end section) " 123456 " 380 (a) can be corresponding to BIN number.Ensuing 6 380 (b) can be changed or be different from 6 of real PAN, use " XXXXXX " expression in this example.Last four 380 (c) (that is, the rearmost end part) is " 9999 " in this example, and will remain unchanged.By making BIN identical with last four maintenances, transaction will look as real for businessman and consumer.In a preferred embodiment, middle six usage counters etc. dynamically change.This makes any unwarranted individual more be difficult to determine real PAN.

In one embodiment, residing in the mid portion of the PAN in the memory of portable consumer device can be different with the mid portion of true PAN.The PAN that resides in the memory can be called as auxiliary PAN, and real PAN can be called as main PAN.Can use suitable algorithm or look-up table (for example, be stored in publisher or such as in the access devices such as POS equipment) to link main and auxiliary PAN.For example, six of PAN number centres at main PAN (for example, 1234566666669999) be 666666 in, but be 222222 among the auxiliary PAN (for example, 1234562222229999) in six memories in being stored in consumer's portable consumer device in this centre.In one embodiment, auxiliary PAN can receive in the POS end, and the POS terminal will assist PAN to convert main PAN to, and main PAN can send to the publisher from the POS terminal and is used for handling and/or authorizing.In another embodiment, auxiliary PAN can be sent to the publisher, and the publisher can will assist PAN to convert main PAN to, and after handle and/or authorized transactions.

In this embodiment, the publisher can to receive the portable consumer device that main PAN and auxiliary PAN using with checking be real.If unwarranted people attempts to use main PAN, then this unwarranted people will can not know auxiliary PAN, and can not carry out purchase-transaction in swindle ground under the situation of not knowing auxiliary PAN.Perhaps, if unwarranted people's electronics intercepts or " skimmed " auxiliary PAN, then unwarranted people can know to carry out purchase-transaction under the situation of main PAN.

In another embodiment, the mid portion of PAN can dynamically change.For example, when using portable consumer device, can use suitable algorithm or counter dynamically to change the mid portion of PAN.In this way, even PAN is intercepted by unwarranted people's electronics and knows main PAN, but auxiliary PAN will dynamically change.Even unwarranted people knows main PAN and had once intercepted auxiliary PAN, but the auxiliary PAN that is intercepted is with useless, because it is the auxiliary PAN that dynamically changes.In this case, except that main PAN and auxiliary PAN, unwarranted people knows the employed algorithm of dynamic change PAN with needs.Therefore, present embodiment is particularly useful for carrying out Secure Transaction.

About the further details of the embodiment of the main number of the account of using mask at U.S. Patent application the 11/761st that submit to, that be entitled as Track Data Encryption (tracking data encryption) on June 12nd, 2007, describe in No. 821, it wholely is comprised in this to this application by reference for all purposes.

VI. consumer authentication

As mentioned above, can use a plurality of consumer authentication processes in an embodiment of the present invention.The concrete example of improving the possible mode of consumer authentication comprises:

Challenge-response based on knowledge

Hardware token (many solution options)

OTP (one-time password, limited use)

AVS (not as independently solution)

Signature

Software token

PIN (on-line)

User ID/pass code

Dual channel road authentication via phone

Bio-measurement

As implied above, can use various mechanism to authenticate the consumer, and each mechanism can not used the user to import (for example, automatic software security token), use limited users input (for example, user's pressing button) or use complete user's input (for example, bio-measurement).

In addition, can use various " security tokens " to help authenticated user.Security token is article or the information that can be used for verifying real information or data.For example, PIN can be a security token, and can be used for verifying consumer's identity when the consumer buys.In another example, challenge and corresponding answer can be considered to help to authenticate consumer's security token.This back one example is the example with the token of " two-way channel ", and information flow direction consumer, and consumer whereby beams back information such as the opposing party such as publishers, makes the consumer can authenticate he itself.

A. based on the inquiry of knowledge

In an embodiment of the present invention, businessman, payment processes tissue, publisher or any other suitable entity can propose challenge with the authentication consumer to the consumer.Challenge can be static, wherein to the same problem of each purchase-transaction inquiry; Or dynamic, wherein passage can be inquired different problems in time.

The problem of being inquired also can have, and (half is dynamic or dynamically complete) static state or dynamic answers.For example, problem " when your birthday is? " require static the answer, can not change because answer.Problem " how many your postcodes is? " it requires half dynamic the answer, because can change or can change once in a while.At last, problem " 4 of you what having been bought? " yesterday afternoon to require dynamic answer, because answer frequent the change.Therefore, in each preferred embodiment, " in real time " information that challenge preferably has based on publisher's most probable.For example, the consumer may be asked problem more specifically, as " you went out and had a meal in the Mexican dining room last nights? " by providing more specifically consumer to address inquires to, guaranteed authentication to the consumer based on knowledge.

In one embodiment, this method comprises that the use portable consumer device carries out such as transaction such as purchase-transactions.Portable consumer device can be credit card or similar devices.Purchase-transaction can take place at the businessman place that has such as access devices such as point of sales terminals.

The consumer can use this portable consumer device and carry out mutual such as access devices such as point of sales terminals and start this process.Authorization request message can be initiated and be generated subsequently to point of sales terminal, can be sent to payment processing network after this message, and be sent to the publisher of this portable consumer device subsequently.When payment processing network or publisher receive this authorization request message, analyze this message.Generating subsequently can be dynamic or half dynamic challenge message in essence, and sends it to the consumer.Challenge message can be beamed back access device, or sends to consumer's portable consumer device (being under the situation of mobile phone at portable consumer device for example).

This consumer provides the response to this challenge message subsequently.Receive this challenge response message from this consumer.If this challenge response message is verified subsequently and it is verified, then analyze authorization response message to determine whether this transaction is authorized to (for example, exist in this consumer's the account in enough funds or this consumer's the account and have enough credit lines).If this transaction is authorized to, publisher and also have payment processing network to send authorization response message then to this consumer.Whether this authorization response message indicates this transaction to be authorized to.

In above and following described each specific embodiment, described challenge in detail, but various embodiments of the present invention are not limited thereto.Various embodiments of the present invention generally can relate to the challenge message that use can comprise challenge.In certain embodiments, following will the description in more detail, challenge message can by or can not read by the consumer, and can address inquires to consumer's authenticity with direct or indirect mode.The example of challenge comprise relate to the consumer portable consumer device (for example, is it what that CVV on your card promptly blocks check value?), consumer's position (for example, what is your postcode?), the consumer move or landline telephone (for example, what is your Mobile Directory Number?), consumer's personal information (for example, what is your mother's nee name?) problem that waits.Not that the example of the challenge message of the problem clearly answered by the consumer comprises to phone and automatically inquires about its position or telephone number and cause message to the retrieval of this type of information.Another example of challenge message can be the message that code (or other authentication token) is provided to phone, and uses this code will authenticate this user at the access device place.

B. use the system of challenge message

Fig. 7 illustrates example system 420 according to an embodiment of the invention.Other system according to other embodiments of the invention can comprise than more or less assembly illustrated in fig. 7.

System 420 shown in Fig. 7 comprises businessman 422 and the acquirer 424 who is associated with businessman 422.In typical payment transaction, consumer 430 can use portable consumer device 432 to buy goods or service at businessman 422 places.Acquirer 424 can communicate with publisher 428 via payment processing network 426.

Consumer 430 can be individual or such as the tissues such as enterprise that can buy commodity or service.In other embodiments, consumer 430 can only be the individual who wants to carry out such as the transaction of certain other types such as money transfer transactions.Consumer 430 is operate wireless phone 435 randomly.

Portable consumer device 432 can be any suitable form.More than at Fig. 1 suitable portable consumer device (for example, portable consumer device 32) has been described.

Payment processing network 426 can be similar to or be different from the payment processing network 26 of Fig. 1.As shown in Figure 7, payment processing network 426 can comprise server 426 (a), and it can comprise challenge engine 426 (a)-1.Server 426 (a) also can be communicated by letter with challenge database 426 (c) with transaction history data storehouse 426 (b).Following will the description in more detail, challenge engine 426 (a)-1 can extract challenge simply from the challenge database 426 (c).Alternatively or additionally, challenge engine 426 (a)-1 can use the information in the transaction history data storehouse 426 (b) to generate challenge.

Following will the explanation in more detail, challenge can be static or dynamic in essence.For example, challenge engine 426 (a)-1 can receive authorization request message, and this authorization request message can comprise consumer's number of the account and buy the amount of money.It can search consumer's number of the account and any consumer information that is associated with this consumer's number of the account subsequently.Can from challenge database 426 (c), retrieve suitable problem or can generate suitable challenge independently after it.For example, in some cases, after receiving authorization request message, challenge engine 426 (a)-1 can be from challenge database 426 (c) search problem " what your Mobile Directory Number is? "In addition, challenge engine 426 (a)-1 can generate such as " you used this credit card in McDonald last night? " etc. dynamic problem.Information about the particular restaurant at consumer place 420 the previous day can retrieve from transaction history data storehouse 426 (b).

Challenge database 426 (c) can be filled with the problem of any adequate types.These problems (for example can relate to position in the past, the current family of consumer, consumer be the city of visit recently) or current location (current location in the shop at the current place of consumer), the consumer is visiting at present or the type of the businessman visited in the past or title, consumer's family or personal data (for example, name, telephone number, social security number etc.), or the like.Problem in the challenge database 426 (c) can generate and be stored in subsequently in the challenge database 426 (c) by challenge engine 426 (a)-1.

Perhaps, or additionally, challenge can generate and be stored in subsequently the challenge database 426 (c) from external source.For example, consumer 430 can use browser on personal computer or the similar devices via coming to provide concrete challenge to server 426 (a) such as communication media (not shown) such as internets.

In certain embodiments, the consumer can determine to inquire the kind and/or the quantity of his or she challenge.For example, this consumer wants to be inquired three challenge if the consumer can specify this consumer to go to the jeweler's shop, if only ask a problem but this consumer goes to the fast food restaurant.The type of the problem that the consumer proposed can be based on businessman's type, purchase frequency etc.Describe in No. 10/093,002, the U.S. Patent application that some notion that relates to user-defined authorization parameter was submitted on March 5th, 2002, it wholely is comprised in this by reference for all purposes for it.

In each preferred embodiment, challenge is to draw in the transaction data in the past from transaction history data storehouse 426 (b).Passage in time, consumer 430 may carry out many transaction with payment processing network 26 (and/or publisher 428).Passage in time, this consumer transaction information can be stored in the transaction history data storehouse 426 (b), and can use Transaction Information to generate challenge.The Transaction Information in past provides the good basis that is used to authenticate consumer 430, has carried out what transaction in the past because consumer 430 will know consumer 430.For example, the consumer may use its credit card to pay hotel room 430 the previous days in New York, and one day after may by the inquiry such as " you stayed in the hotel in New York yesterday? " etc. problem.In another example, the consumer may buy the article that surpass $2000 430 the first days, and one day after may by inquiry " you carried out surpassing the shopping of $2000 yesterday? " the question/response of presenting to consumer 430 can be free form and/or the answer that can comprise the pre-formatting that can therefrom select such as consumers such as multiselect or true and false answers in essence.

Businessman 422 also can have can carry out mutual access device 434 with portable consumer device 432 maybe can be from its received communication.The access device (for example, the access device among Fig. 1 34) of adequate types has more than been described.

If access device 434 is point of sales terminals, then can use any suitable point of sales terminal, comprise card reader.Card reader can comprise any suitable contact or contactless operator scheme.For example, exemplary card readers can comprise with portable consumer device 432 and carries out mutual RF (radio frequency) antenna, magnetic strip reader etc.

Publisher 428 can be bank or other tissue that can have the account that is associated with consumer 430.Publisher 426 can operate the server 428 (a) that can have challenge engine 428 (a)-1.Can communicate by letter with server 428 (a) with challenge database 428 (c) in transaction history data storehouse 426 (b).Publisher's server 428 (a), challenge engine 428 (a)-1, transaction history data storehouse 426 (b) and challenge database 428 (c) can be operated with mode identical with challenge database 428 (c) with payment processing network server 428 (a), challenge engine 428 (a)-1, transaction history data storehouse 428 (b) or different modes.More than go for element 428 (a), 428 (a)-1,428 (b) and 428 (c) about the description of element 426 (a), 426 (a)-1,426 (b) and 426 (c).

Various embodiments of the present invention are not limited to the various embodiments described above.For example, although for publisher, payment processing network and acquirer illustrate independent functional block, some entity is carried out whole or any suitable combinations of these functions and can be included in the various embodiments of the present invention.Other assembly also can be included in the various embodiments of the present invention.

C. use the method for challenge message

Can method according to various embodiments of the present invention be described with reference to figure 7 and Fig. 8.In typical purchase-transaction, consumer 430 uses such as portable consumer devices such as credit card 432 and buys commodity or service at businessman 422 places.Consumer's portable consumer device 432 can with businessman 422 places carry out mutual (step 502) such as access devices 434 such as POS (point of sale) terminals.For example, consumer 430 can hold credit card and it can be brushed suitable groove in the POS terminal.Perhaps, the POS terminal can be contactless reader, and portable consumer device 432 can be such as contactless devices such as contactless cards.

First authorization request message is forwarded to acquirer 424 subsequently.After acquirer 424 received this first authorization request message, this first authorization request message was sent to payment processing network 426 (step 504) subsequently.This first authorization request message is located to be received and payment processing network server 426 (a) need to determine whether to address inquires to subsequently at payment processing network server 426 (a) subsequently.

Can use various criterions need to determine whether to address inquires to.For example, payment processing network server 426 (a) can determine that particular transaction is high-value transactions (for example, surpass ＄ 1000) and therefore to address inquires to be suitable.In another example, payment processing network server 426 (a) can determine that it is suitable having certain to suspect and can determine in view of the above to address inquires to current transaction.For example, payment processing network server 426 (a) can determine that portable consumer device 432 current different with consumer's state, local positions are used, and nearest this consumer of purchase history display of consumer is not in travelling.

In case it is suitable determining to address inquires to concerning current transaction, then challenge engine 426 (a)-1 can read (Local or Remote) challenge (step 508) subsequently.In certain embodiments, challenge engine 426 (a)-1 can be from challenge database 426 (c) search problem.

At this moment, replace sending first authorization request message to publisher 426, payment processing network 426 is beamed back access device 434 (step 510) via businessman 422 and acquirer 424 with first authorization response message.First authorization response message can comprise the data of expression challenge engine 426 (a)-1 previous challenge request that obtain.This first authorization response message can be characterized as being tentatively decline, because it does not indicate the approval transaction.

In case 434 places receive this challenge at access device, then consumer 430 promptly provides challenge response to access device 434.Can in any suitable manner challenge response be offered access device 434 (for example, by keypad, contactless reader etc.).In case access device 434 receives this challenge response, then access device 434 just is forwarded to payment processing network server 426 (a) via businessman 422 and acquirer 424 with this challenge response subsequently, and this response is received (step 512) by businessman and acquirer.Challenge response message can be the part of second authorization request message.

Payment processing network server 426 (a) is confirmed this challenge response message (step 514) subsequently.If this challenge response message does not obtain confirming that then payment processing network server 426 (a) can be beamed back the not approved response message of this transaction of indication to access device 434.Perhaps or additionally, payment processing network server 426 (a) can send another challenge to access device 434.On the other hand, if this inquiry is identified, then payment processing network server 426 (a) can send second authorization request message (step 516) to publisher 428, and consumer 430 has satisfied the indication of any inquiry that payment processing network 426 proposed.

After publisher 428 received this second authorization requests, publisher 428 used publisher's servers 428 (a) to determine that this transaction is authorized to or uncommitted (step 518).This transaction may not be authorized to because consumer 430 does not have enough funds or credit line.If consumer 430 has enough funds or credit line, then publisher 428 can beam back second authorization response message (step 522) that this transaction of indication is authorized to access device 434 via payment processing network 426, acquirer 424 and businessman 422 subsequently.

When finishing in one day, payment processing system 426 can be cleared and settlement process normally.The clearance process be between acquirer and publisher exchange finance detailed so that to consumer's account transfer items and with the process of consumer's striking a balance reconciliation.Clearance and clearing can take place simultaneously.

A plurality of alternative embodiments also are possible.For example, publisher 428 can generate challenge, and replaces or except payment processing network 426, can send it to consumer 430.Publisher's 428 operated challenge engine 428 (a)-1, transaction history data storehouse 428 (b) and challenge databases 426 (c) can be used with above-mentioned and be used by the identical or different mode of payment processing network 426 operated challenge engine 426 (a)-1, transaction history data storehouse 426 (b) and challenge database 426 (c).

In the various embodiments described above, there are two authorization request message to be sent to payment processing network 426 (and/or publisher 428).This is desirable, because existing payment processing network has " timer " that is provided with at the each point place between access device 434 and publisher 428 during the payment authorization process.This timer to the payment authorization process during each incident timing should take place how long to carry out.This timer can be set up and be embodied as computer code at acquirer 424, payment processing network 426 and publisher 428 places.For example, the timer at acquirer 424, payment processing network 426 and publisher 428 places can correspondingly be set to 3 seconds, 6 seconds and 10 seconds.If do not receive authorization request message in these corresponding times, then some incident can be triggered.For example, if 10 seconds inherent publisher 428 places do not receive authorization request message, then error messages can be beamed back access device 434, and request businessman 422 resubmits authorization request message.If challenge request is being created during the licensing process and before this authorization request message arrives publisher 428, then publisher's timer can trigger the wrong incident that taken place of indicating.During single licensing process, create challenge request and respond and to conflict mutually with the timer that is pre-stored in the payment system.

By use at least two authorization request message in two independent licensing process, above-mentioned timer is advantageously uninfluenced.Timer needn't be changed to consumer 430 and send challenge.This allows various embodiments of the present invention to be used for existing payment foundation structure, and need not to make change widely in various embodiments of the present invention.As a comparison, if use single authorization request message that the retrieval of challenge takes place during the payment authorization process, then this may postpone this authorization request message and the change to the timer that exists in the payment processing system is necessitated.

These at least two authorization request message can have such as information such as BIN (bank identifier number), dealing money, number of the account, service code.They can also comprise about the same dealing money of ongoing transaction and/or different dealing money.For example, first authorization request message can have actual dealing money, and second authorization request message can have 0 dollar of amount of money or other identifier is submitted with the previous authentication request that indication has dealing money.In certain embodiments, can use transaction code to link first and second authorization requests.

Can be characterized as being " closing canal (closed channel) " process with reference to figure 8 described methods, because access device 434 receives challenge and response to this challenge is provided.Yet other embodiments of the invention can be used (open channel) solution of building canals, and challenge can be sent to the equipment except that the access device that sends first authorization response message by this.

Can example according to the method for building canals of various embodiments of the present invention be described with reference to figure 7 and Fig. 9.In typical purchase-transaction, consumer 430 uses such as portable consumer devices such as credit card 432 and buys commodity or service at businessman 422 places.Consumer's portable consumer device 432 can with businessman 422 places carry out mutual (step 602) such as access devices 434 such as POS (point of sale) terminals.For example, consumer 30 can hold credit card and it can be brushed suitable groove in the POS terminal.Perhaps, the POS terminal can be contactless reader, and portable consumer device 432 can be such as contactless devices such as contactless cards.

First authorization request message is forwarded to acquirer 424 subsequently.After receiving this first authorization request message, this first authorization request message is sent to payment processing network 426 (604) subsequently.This first authorization request message is located to be received and payment processing network server 426 (a) need to determine whether to address inquires to subsequently at payment processing network server 26 (a).

Can use various criterions need to determine whether to address inquires to.For example, payment processing network server 426 (a) can determine that particular transaction is high-value transactions (for example, surpass $1000) and therefore to address inquires to be suitable.In another example, payment processing network server 426 (a) can determine that it is suitable having certain to suspect and can determine in view of the above to address inquires to current transaction.

In case it is suitable determining to address inquires to concerning current transaction, then challenge engine 426 (a)-1 can read (Local or Remote) challenge (step 608) subsequently.In certain embodiments, challenge engine 426 (a)-1 can be from challenge database 426 (c) search problem.

Replacement sends first authorization request message to publisher 426, and replace first authorization response message is beamed back access device 434, payment processing network 426 is beamed back consumer's the mobile phone 435 (step 610) or the access device of other type with first authorization response message.This first authorization response message can be beamed back consumer's mobile phone 435.This can directly or by a certain intermediate entities finish.First authorization response message can comprise expression before by the data of challenge engine 426 (a)-1 challenge request that is obtained.This first authorization response message can be characterized as being tentatively decline, because it does not indicate the approval transaction.

In case 435 places receive this challenge at mobile phone, consumer 430 promptly provides challenge response (step 612) to access device 434.Access device 434 is forwarded to payment processing network server 426 (a) via businessman 422 and acquirer 424 with this challenge response subsequently, and response is received (step 614) by businessman and acquirer.Challenge response message can be the part of second authorization response message.

Notice that though describe the challenge that the consumer answers on one's own initiative in detail, the challenge request of other type can be sent to mobile phone 435.For example, in some cases, challenge request may not require consumer's 430 unsolicited answers.Passive answer to challenge request can be provided.For example, in certain embodiments, the challenge request that offers mobile phone 435 can be the inquiry about the physical location of mobile phone 435.Mobile phone 435 can have GPS equipment or other positioning equipment and this information (or password etc.) can be sent to payment processing network 426, and payment processing network 426 can use this positional information to authenticate consumer 434.

In case payment processing network server 426 (a) receives challenge response message, then payment processing network server 426 (a) is confirmed this challenge response message (step 616) subsequently.If this challenge response message does not obtain confirming that then payment processing network server 426 (a) can be beamed back the not approved response message of this transaction of indication to access device 434.Perhaps or additionally, payment processing network server 426 (a) can send another challenge message to access device 434 and/or mobile phone 435.On the other hand, if this inquiry is identified, then payment processing network server 426 (a) can send second authorization request message (step 618) to publisher 428 subsequently, and consumer 430 has satisfied the indication of any inquiry that payment processing network 426 proposed.

After publisher 428 received this second authorization requests, publisher 428 used publisher's server 428 (a) to determine that this transaction is authorized to still uncommitted (step 620).This transaction may not be authorized to because consumer 430 does not have enough funds or credit line.If consumer 430 has enough funds or credit line, then publisher 428 can beam back second authorization response message (step 622) that this transaction of indication is authorized to access device 434 via payment processing network 426, acquirer 424 and businessman 422 subsequently.

A plurality of alternative embodiments also are possible.For example, publisher 428 can generate challenge, and replaces or except that payment processing network 426, can also send it to mobile phone 435.Publisher's 428 operated challenge engine 428 (b)-1, transaction history data storehouse 428 (b) and challenge databases 426 (c) can be used with above-mentioned and be used by the identical or different mode of payment processing network 426 operated challenge engine 426 (a)-1, transaction history data storehouse 426 (b) and challenge database 426 (c).

In another embodiment, replace sending challenge, can send electronic coupons to consumer's mobile phone 435 to payment processing network server 426 (a).Payment processing network 426 can be determined to address inquires to be suitable and can to send electronic coupons to phone 435.After receiving these electronic coupons, can point out the consumer to use this reward voucher subsequently at access device 434 places.If consumer 430 uses this reward voucher at access device 434 places, then access device 434 is transmitted this reward voucher to payment processing network 426, and the reception of 426 pairs of these reward vouchers of payment processing network indication consumer 430 is certified.It is real inferring consumer 430, because fict consumer can not have consumer's phone 435.

About the further details of the embodiment that use to address inquires at U.S. Patent application the 11/763rd that submit to, that be entitled as Consumer Authentication System and Method (consumer authentication system and method) on June 14th, 2007, describe in No. 240 (agencies numbering 16222U-031600US), it wholely is comprised in this to this application by reference for all purposes.

VII. other transaction authentication technology

A. use the method for algorithm identifier

In various embodiments of the present invention, payment processes tissue or other entities can be supported the different safe practices that different company provides.Different safe practices can be used the portable consumer device fingerprint.For example, two magnetic stripes on two Payment Cards can be stored identical consumer data (for example, account information), but the magnetic structure of these two magnetic stripes may be different.Concrete magnetic structure can be the fingerprint that is associated with Payment Card or the example of " DNA ".If the consumer data that the burglar will be stored on the magnetic stripe copies to unwarranted credit card, then the magnetic stripe of this unwarranted credit card will have magnetic structure or the fingerprint that is different from authorized credit card.The back-end server computer that receives authorization request message can determine that in response to the use of this unwarranted card this unwarranted credit card is not genuine, because fingerprint is not present in the authorization request message.It is Magtek that two companies of such technology are provided ^TMAnd Semtek ^TMEach company uses its own proprietary algorithm to send to the fingerprint of change before publisher or other entities (or, encryption) its oneself with fingerprint in verification process subsequently that it is own in point of sales terminal.

In an embodiment of the present invention, the portable consumer device fingerprint can comprise and allows to be independent of any suitable identifier mechanism that identifies portable consumer device such as static consumer data such as the number of the account that is associated with portable consumer device or the term of validity.Generally, different with consumer data, the portable consumer device finger print data is not known to the consumer.For example, in certain embodiments, finger print data can relate to the properties of materials of making portable consumer device.For example, as mentioned above, the portable consumer device fingerprint can be embedded in the specific microstructure of the magnetic particle in the magnetic stripe in the Payment Card.In some cases, there are not two magnetic stripes can have identical portable consumer device fingerprint.

The portable consumer device fingerprint can adopt other forms.For example, another card verification technique is from QSecure by name ^TMCompany.By QSecure ^TMThe technology that provides is used can be by the dynamic CVV (card validation value) of the chip in the Payment Card (chip can be positioned at the magnetic stripe below, and dynamic CVV or the number relevant with dynamic CVV can be write on the magnetic stripe) generation.In this case, dynamically CVV can take on the portable consumer device fingerprint that identifies specific portable consumer device.Dynamically CVV can send to point of sale device during payment transaction.Special algorithm in the point of sale device can be the publisher who dynamic CVV is sent to Payment Card with this dynamic CVV of change before authorizing (for example encrypting).Publisher, payment processes tissue or other entities can receive the dynamic CVV after the change, and it is reduced to its primitive form.Dynamically whether CVV then can be by the inspection of back-end server computer checking it corresponding to the dynamic CVV that independently obtains, thereby authenticates portable consumer device.In this example, dynamically CVV also can be considered to the portable consumer device fingerprint, even it is dynamic in itself.

Embodiments of the invention allow to use together the portable consumer device system of fingerprints of number of different types in single payment processing system.In an embodiment of the present invention, the algorithm of each type in the POS of each type terminal is assigned different identifier or ID.For example, can use as those algorithm identifier in the following table 1 such as rear end entities such as publisher or payment processes tissues.

As shown in table 1, algorithm ID can adopt any suitable form.For example, algorithm ID can be as simple as one, two or three bit digital.

When the POS terminal when the publisher sends authorization request message, authorization request message can comprise the portable consumer device fingerprint after the special algorithm ID that is associated with the POS terminal and the change.When authorization request message was received by the back-end server computer, which kind of algorithm it can determine to have used come the portable consumer device encrypting fingerprint.The back-end server computer can be deciphered the portable consumer device fingerprint after encrypting then, and can determine that whether this portable consumer device fingerprint is corresponding to the portable consumer device fingerprint that is stored in the back-end data base.The portable consumer device fingerprint may be stored in the back-end data base with corresponding consumer data (for example, number of the account) before together, as a part of portable consumer device being provided to the consumer's that will use this equipment process.

Use such algorithm identifier, embodiments of the invention can be integrated into different technology in the single payment processing system effectively.For example, the consumer can brush Payment Card POS (point of sale) terminal so that be office appliances payment $5.00.The POS terminal can comprise the cryptographic algorithm of being produced by the A of company.This cryptographic algorithm can be to the encrypting fingerprint in the magnetic structure of the magnetic stripe that is embedded in Payment Card.The POS terminal can send to authorization request message the back-end server computer then.Authorization request message can comprise comprise buy the amount of money, the information of the fingerprint such as consumer data such as consumer's numbers of the account, after encrypting and the algorithm identifier that is associated with the cryptographic algorithm of producing especially etc. by the A of company.The back-end server computer can receive authorization request message from POS (point of sale) terminal.Can determine to have used which algorithm to come, can decipher fingerprint subsequently then to encrypting fingerprint.In case determined after the fingerprint, the back-end server computer can determine that whether received fingerprint is corresponding to the fingerprint of being stored.If then Payment Card is certified.

Other details about the method and system that utilizes algorithm identifier below are provided.

B. confidence level appraisal procedure

In certain embodiments, back-end processor is that the back-end server computer also can determine before definite portable consumer device obtains authenticating whether transaction satisfies the confidence threshold value of required possible validity.If do not satisfy confidence threshold value, then can carry out additional verification process.Such Additional Verification process can comprise to the consumer and sends one or more challenge and/or notification message.

Illustrative ground, the back-end server computer can receive authorization request message from the POS terminal after the consumer attempts to use Payment Card payment office appliances.The back-end server computer can determine that one of three kinds of card verification techniques in the above table 1 exist, and any recent suspicious transaction that is associated with this Payment Card had not been arranged.Can determine after the back-end server computer transaction effectively (that is, satisfying confidence threshold value) and if transaction authorize by the publisher of Payment Card then can continue.Relatively; if using old (tradition) card and reader concludes the business; do not use (more than) in three kinds of card protection technology in the table 1 any; and the recent suspicious activity that existence is associated with Payment Card; then server computer can determine not satisfy confidence threshold value, and can start additional verification process by server computer.For example, can before approval, send dynamic inquiry (inquiry), and/or can have a transaction to take place to consumer's notice to the consumer.

The judgement of transaction confidence level considers also whether an algorithm is more reliable than another algorithm.The back-end server computer can be evaluated at the algorithm that front end (for example, in the POS terminal) uses, and can determine whether to answer continuous business.For example, the back-end server computer can determine to have 90% reliability from the algorithm of the A of company, and has 50% reliability from the algorithm of the B of company.

Owing to numerous reasons, different algorithms have the reliability of varying level.For example, depend on terminal sensitivity, depend on the mode of swiping the card and depend on the aging of card that some algorithm is deal with data more accurately.In this example, exist from the algorithm of the B of company and have the authorization request message of the recent suspicious activity that is associated with this Payment Card, then can start additional authentication processing if server computer receives indication.On the other hand, exist from the algorithm of the A of company and have the authorization request message of recent suspicious activity if server computer receives indication, then the back-end server computer may not start Additional Verification and handles.

Illustrative ground, may there be relation in McDonald with the A of company, and Taco Bell may have relation with the B of company.They can use different algorithms at its point of sale device place.Use two kinds of different algorithms to send two groups of data separately.When data are got back to when organizing such as payment processes such as Visa, it can be with Data Identification for being derived from the A of company algorithm and/or from the B of company algorithm.Can algorithm weights be made and can determine level of confidence.If level of confidence (being threshold value) is not met, then the authentication processing that can add then.

C. use the example system of algorithm identifier and confidence level evaluation

Figure 10 (a) shows the system 720 that can use in one embodiment of this invention.System 720 comprises a plurality of businessmans 722 (a), 722 (b), 722 (c) and a plurality of acquirers 724 (a) that are associated with businessman 722 (a), 722 (b), 722 (c), 724 (b), 724 (c).In typical payment transaction, consumer 730 (a), 730 (b), 730 (c) can use its portable consumer device 732 (a), 732 (b), 732 (c) to locate to buy commodity or service at businessman 722 (a), 722 (b), 722 (c).Consumer 730 (a), 730 (b), 730 (c) can be individual or such as tissues such as enterprises.Acquirer 724 (a), 724 (b), 724 (c) can communicate by letter with publisher 728 (a), 728 (b), 728 (c) via payment processing network 726.Publisher 728 (a), 728 (b), 728 (c) can provide portable consumer device 730 (a), 730 (b), 730 (c) to consumer 730 (a), 730 (b), 730 (c) respectively.

For purposes of illustration, access device A732 (a) can be produced by the A of company, and it can be associated with the algorithm with algorithm identifier " 01 ".Access device B732 (b) can be produced by the B of company, and can be associated with the algorithm with algorithm identifier " 02 ".Access device C732 (c) can be associated with the D of company, and may not have algorithm associated therewith.

Portable consumer device 732 (a), 732 (b), 732 (c) can be any suitable forms.For example, suitable portable consumer device 732 (a), 732 (b), 732 (c) can be hand-hold types and be compact, make it be suitable for putting into consumer's wallet and/or pocket (for example, pocket-size).Suitable portable consumer device (for example, the portable consumer device among Fig. 1 32) has more than been described.

Businessman 722 (a), 722 (b), 722 (c) also can have can with portable consumer device 732 (a), mutual corresponding access device 734 (a), 734 (b), 734 (c) of 732 (b), 732 (c), maybe can be from its received communication.The access device (for example, the access device among Fig. 1 34) of adequate types has more than been described.

If access device is a point of sales terminal, then can use any suitable point of sales terminal, comprise card reader.Card reader can comprise any suitable contact or contactless operator scheme.For example, exemplary card readers can comprise RF (radio frequency) antenna mutual with portable consumer device 732 (a), 732 (b), 732 (c), magnetic strip reader etc.

Payment processing network 726 can comprise above-mentioned any characteristic (for example, about the payment processing network among Fig. 1 26).It can comprise server computer 726 (a).

Server computer 726 (a) can comprise the software module of any suitable number, and they can be any adequate types.As shown in Figure 10 (b), server computer 726 (a) can comprise algorithm identification module 726 (a)-1, and confidence level assessment module 726 (a)-2.It also can comprise deciphering module 726 (a)-3 and data formatter module 726 (a)-4.

Algorithm identification module 726 (a)-1 can be checked the authorization request message of portable consumer device fingerprint after algorithm ID and the change of comprising that is received in conjunction with deciphering module 726 (a)-3.According to the algorithm ID that receives, which algorithm it can determine to have used change (for example, encrypting) portable consumer device fingerprint then.Can use look-up table to wait marking algorithm ID, be used for changing the portable consumer device fingerprint or reduce the algorithm of the portable consumer device fingerprint after changing and the correspondence between the consumer data (for example, number of the account).(in some cases, algorithm may be the key in the ciphering process.) can use server computer 726 (a) to determine (for example, encrypting by removing) portable consumer device fingerprint according to the portable consumer device fingerprint after changing in the authorization request message then.In case determined the portable consumer device fingerprint, this information can be analyzed to determine that whether it is corresponding to the fingerprint of being stored that is linked to the consumer data (for example number of the account) that is associated with this portable consumer device.

Confidence level assessment module 726 (a)-2 can generate the confidence level evaluation according to various information.The type that such information can comprise employed portable consumer device (for example, phone may be more safer than Payment Card), be used for type (for example, some cryptographic algorithm is more safer than other algorithms) to the algorithm of portable consumer device encrypting fingerprint etc.Use confidence level module 726 (a)-2, server computer 726 (a) can determine whether to carry out the Additional Verification process subsequently.Such Additional Verification process can comprise challenge and/or conclude the business occurent consumer's notice.

Confidence level assessment module 726 (a)-2 can be based on a plurality of transaction variables to transaction " scoring ".If this mark surpasses predetermined threshold, then transaction can be considered to effectively, and need not to carry out the Additional Verification processing.Relatively, suspicious if this mark above predetermined threshold, then can be characterized by transaction, and can start additional verification process.

Can use data formatter module 726 (a)-4 to come formatted data, make it to use by confidence level assessment module 726 (a)-2.In some cases, can be from the data of the different POS terminals of different company by deciphering module 726 (a)-3 deciphering, and can be different-format.Data formatter can format any data, and it can be used by confidence level assessment module 726 (a)-2.

Various embodiments of the present invention are not limited to the various embodiments described above.For example, although for publisher, payment processing network and acquirer illustrate independent functional block, some entity is carried out the whole of these functions and can be included in the various embodiments of the present invention.

D. be used to use the illustrative methods of fingerprint and identifier

Can the whole bag of tricks according to an embodiment of the invention be described with reference to figure 10-12.Figure 11-12 comprises flow chart.

Some or all step shown in Figure 11 can be included in the various embodiments of the present invention.For example, some embodiment of the present invention can use algorithm identifier to determine whether the portable consumer device fingerprint in the authorization request message mates the portable consumer device fingerprint that is stored in the back-end data base, and may not carry out the transaction confidence level and handle before determining whether Trading Authorization.In other embodiments, can carry out the transaction confidence process under the situation of portable consumer device not using the portable consumer device fingerprint to authenticate.Yet, in a preferred embodiment, use algorithm identifier, portable consumer device fingerprint and transaction confidence level to handle whole authentication portable consumer device and transaction.

And although the flow chart shown in Figure 11 and 12 shows the particular step of carrying out with certain order, embodiments of the invention can comprise the method that comprises such step with different order.This also is applied to other flow charts or the process described in the application.

With reference to Figure 10 (a) and 11, the access device A 734 (a) mutual (step 802) that consumer A 730 (a) can use portable consumer device A 732 (a) and the A of businessman 732 (a) to locate.For example, portable consumer device 732 (a) can be a credit card, and access device A 734 (a) can be a point of sales terminal, and the A732 of businessman (a) can be the gas station.Consumer A 730 (a) may want to use portable consumer device A 732 (a) to buy gasoline from the A of businessman 722 (a).

After access device A 734 (a) interface that portable consumer device A 732 (a) and the A of businessman 722 (a) locate, access device A 734 (a) reads consumer data and such as portable consumer device finger print datas (step 804) such as magnetic stripe finger print datas from portable consumer device A 732 (a).Consumer data can comprise the information that the consumer knows usually.The example of consumer data comprises consumer's number of the account, the term of validity and service codes.As mentioned above, the portable consumer device finger print data is general for known to the consumer but be used to authenticate the data of portable consumer device.In this example, the portable consumer device finger print data can be the magnetic stripe finger print data.The magnetic stripe finger print data also can comprise in the magnetic structure that is embedded in magnetic stripe and the data that only can use the access device by the specific company manufacturing to read.

In case access device A 734 (a) obtains consumer data from consumer device A 734 (a), promptly create the authorization request message (step 806) that comprises algorithm identifier.Authorization request message also can comprise consumer data (for example, number of the account), with buy relevant data and the portable consumer device finger print data of the amount of money.Access device A 734 (a) can use the algorithm in the memory that is stored in access device A 734 (a) to change (for example, encrypting) finger print data before incorporating into received finger print data in the authorization request message.In certain embodiments, portable consumer device fingerprint and algorithm identifier can be stored in the auxiliary data field that is called field 55.

The different portable consumer devices that provided by different manufacturers can be provided dissimilar fingerprints with size.These different fingerprints can be inserted in the data field of normal size, make what the particular fingerprint no matter transmitting is, the transmission by payment processing system all is unified.For example, in some cases, using such as zero field such as fill data such as character such as grade is desirable to fill up data field.For example, data field may size be 64 bytes.Fingerprint from one type portable consumer device may be 54 bytes, and may be 56 bytes from the fingerprint of the portable consumer device of another type.Additional fill up character and can be present in the field of 64 bytes with the algorithm identifier of two characters.The character of filling up can place field by predetermined way.

In an embodiment of the present invention, aforementioned algorithm identifier may not identify the algorithm that is used for the portable consumer device encrypting fingerprint; The algorithm that is identified can be used for that also fingerprint is reduced into its primitive form makes it can be evaluated.For example, algorithm identifier can be used for identifying and is used to remove any character of filling up and makes the algorithm that it can be evaluated fingerprint received but that be modified is reduced into its primitive form.

Authorization request message sends to payment processing network 726 via the acquirer A 724 (a) that is associated with the A of businessman 722 (a) from access device 734 (a) then.In other embodiments, access device 734 (a) can replace by acquirer A 724 (a) authorization request message directly being sent to payment processing network.

After authorization request message was received by payment processing network 726, the server computer 726 (a) in the payment processing network 726 was analyzed authorization request message, and the algorithm ID in the use authority request message comes selection algorithm (step 810) then.Selected algorithm ID and selected algorithm can be selected from algorithm data-base 726 (c).Algorithm data-base 726 (c) can comprise polyalgorithm ID and the polyalgorithm that is associated with various access devices (for example, access device A 732 (a) and access device B 734 (b)).

After having identified algorithm, the portable consumer device fingerprint is determined (step 812) by the server computer in the payment processing network 726 726 (a).Selected algorithm is used for the portable consumer device fingerprint after reduction (for example, deciphering) is present in the change in the authorization request message then.

Then, server computer 726 (a) determines that whether determined portable consumer device fingerprint is corresponding to the fingerprint of storing before in the database (step 814).Server computer 726 (a) can be at first obtains consumer data such as number of the account such as the consumer from authorization request message, and/or can obtain additional consumer data from customer database 726 (b) after analyzing authorization request message.In case determined consumer data, server computer 726 (a) can obtain the portable consumer device fingerprint from customer database 726 (b).Whether portable consumer device fingerprint in the definite then authorization request message of server computer 726 (a) and the portable consumer device fingerprint among the customer database 726 (b) mate.

If the portable consumer device fingerprint that obtains from customer database 726 (a) does not correspond to the portable consumer device fingerprint of reduction before that obtains from authorization request message, then can carry out additional verification process and/or can beam back indication transaction unaccepted authorization response message (step 822) to consumer A 722 (a).Additional authentication processing can comprise to consumer A 722 (a) transmission has transaction ongoing Notice Of Transactions message (for example, sending to consumer's cell phone or consumer's computer) to this consumer's notice.But notification message requesting consumption person A 722 (a) determines that transaction is real.Perhaps or additionally, the inquiry of other types can be sent to consumer A 722 (a) such as challenge.Such as inquiries such as challenge at U.S. Patent application the 11/763rd that submit to, that be entitled as " Consumer Authentication System and Method (consumer authentication system and method) " on June 14th, 2007, describe in No. 240 (agencies numbering 16222U-031600US), it wholely is comprised in this to this application by reference for all purposes.

In certain embodiments, if fingerprint that obtains from authorization request message and the fingerprint matching the customer database 726 (b), then server computer 726 (a) also can randomly determine whether to satisfy transaction confidence threshold value (step 815).If do not satisfy confidence threshold value, then can carry out additional authorisation process (step 823).Yet,, authorization request message can be transmitted to publisher A428 (a) (step 816) if confidence threshold value is met.

It is true or potential suspicious with the transaction scoring that the transaction confidence threshold value can adopt the transaction characteristic of any number.Such transaction characteristic (for example can relate to access device, access device uses new still old technology, access device whether come data encryption etc. by cryptographic algorithm safe in utilization), portable consumer device (for example, whether portable consumer device is phone, the magnetic stripe card with old technology, has a magnetic stripe card of new technology etc.) etc.

As mentioned above, in payment processing system, may there be numerous various combinations of mutual together at any given time access device and portable consumer device.These various combinations of access device and portable consumer device can start the transaction of the potential authenticity that may have varying level.For example, with reference to Figure 10 (a), access device A 734 (a) can use cryptographic algorithm from the A of company to the data encryption in the authorization request message, and access device B 734 (b) can use the cryptographic algorithm from the B of company, and access device C 734 (c) can not use any encryption technology.Cryptographic algorithm A is considered to the more reliable cryptographic algorithm than cryptographic algorithm B.Therefore, can have recently the higher levels of potential authenticity of authorization request message from the authorization request message of access device A 734 (a) from access device B734 (b) or access device C 734 (c).When transaction by access device B734 (b) and C 734 (c) but not during access device A 734 (a) execution, can carry out additional authentication processing.In another example, if portable consumer device A732 (a), B732 (b) and C732 (c) all are portable consumer devices of high safety, then only may need the authentication processing of adding, because only access device C 734 (c) does not comprise cryptographic algorithm from the authorization request message of access device C 734 (c).Shown in this example, be used to determine whether that the threshold value that needs execution additional authorization is handled can change, and can be according to the pre-defined rule setting.

When authorization request message was received by publisher A 728 (a), publisher A can determine then whether transaction is authorized to.If transaction is not authorized to (for example, because interior fund of the account of consumer A or credit line deficiency), then can carries out additional authorisation process and/or can send indication transaction unaccepted authorization response message (step 824) to consumer A 730 (a).

Released side A 728 (a) approval if conclude the business, then authorization response message can send back to consumer A 730 (a) (step 820) via payment processing network 726, acquirer A 724 (a), the A of businessman 722 (a) and access device A 734 (a).

When finishing in one day, payment processing network 726 can be cleared and settlement process normally.The clearance process be between acquirer and publisher exchange finance detailed so that to consumer's account transfer items and with the process of consumer's striking a balance reconciliation.Clearance and clearing can take place simultaneously.

Further details about the embodiment that uses said method and system is described in the U.S. Patent application of submitting on the same day with the application, be entitled as Portable Consumer Device Verification System and Method (portable consumer device verification system and method) (agency's numbering 16222U-031400US), this application for all purposes by reference its integral body be comprised in this.

Should be appreciated that as mentioned above the present invention can realize with the form of control logic with modularization or the integrated mode software that uses a computer.Based on open and teaching mentioned herein, those skilled in the art will appreciate that and recognize and use the combination of hardware and hardware and software to realize alternate manner of the present invention and/or method.

Any component software of Miao Shuing or function all can be implemented as by processor and use such as, the software code of carrying out such as any suitable computer languages such as using Java, C++ conventional or OO technology or Perl for example in this application.Software code can be used as a series of instructions or order and is stored in such as random-access memory (ram), read-only memory (ROM), such as magnetic medium such as hard disk or floppy disk or such as on the computer-readable mediums such as optical medium such as CD-ROM.Any this computer-readable medium can reside on the single calculation element or within, and can be present on the various computing device in system or the network or within.

Above specification is illustrative and nonrestrictive.Many variants of the present invention are conspicuous after checking the disclosure to those skilled in the art.Therefore, scope of the present invention should not determine with reference to above description, but should with reference to claims with and four corner or equivalents determine.

Can combine with one or more features of any other embodiment and do not deviate from scope of the present invention from one or more features of any embodiment.

Narration to " one ", " one " or " being somebody's turn to do " is intended to expression " one or more ", unless opposite indication is arranged especially.

Claims

1. method comprises:

Execution is used for consumer's verification process, and wherein said consumer uses portable consumer device to conclude the business;

Execution is used for the verification process of portable consumer device, wherein carries out fingerprint or dynamic authentication value that the described verification process that is used for portable consumer device comprises that checking is associated with described portable consumer device; And

Carry out risk analysis after having carried out described consumer's authentication and the authentication to described portable consumer device, wherein said risk analysis determines whether described transaction will be authorized to.

2. the method for claim 1 is characterized in that, also comprises to described consumer notifying described transaction to take place.

3. the method for claim 1 is characterized in that, described fingerprint is the magnetic stripe fingerprint.

4. the method for claim 1 is characterized in that, described portable consumer device is a phone.

5. the method for claim 1 is characterized in that, the described consumer's of being used for verification process comprises to described consumer and sends challenge message.

6. system comprises:

Be used to carry out the device of the verification process that is used for the consumer, wherein said consumer uses portable consumer device to conclude the business;

Be used to carry out the device of the verification process that is used for described portable consumer device, wherein carry out fingerprint or dynamic authentication value that the described verification process that is used for portable consumer device comprises that checking is associated with described portable consumer device; And

Be used for carrying out after having carried out described consumer's authentication and the authentication to described portable consumer device the device of risk analysis, wherein said risk analysis determines whether described transaction will be authorized to.

7. computer-readable medium comprises:

Execution is used for the code of consumer's verification process, and wherein said consumer uses portable consumer device to conclude the business;

Be used to carry out the code of the verification process that is used for portable consumer device, wherein carry out fingerprint or dynamic authentication value that the described verification process that is used for portable consumer device comprises that checking is associated with described portable consumer device; And

Be used for carrying out after having carried out described consumer's authentication and the authentication to described portable consumer device the code of risk analysis, wherein said risk analysis determines whether described transaction will be authorized to.

8. computer-readable medium as claimed in claim 7 is characterized in that described portable consumer device is a phone.

9. server that comprises computer-readable medium as claimed in claim 8.

10. system that comprises server as claimed in claim 9.

11. a method comprises:

Use authenticates described portable consumer device by the dynamic data that the portable consumer device or the access device of communicating by letter with described portable consumer device generate; And

Authenticate described consumer, comprise to described consumer sending challenge message and receiving challenge response from described consumer.

12. method as claimed in claim 11 is characterized in that, described challenge message is a challenge.

13. method as claimed in claim 11 is characterized in that, described portable consumer device is a card.

14. method as claimed in claim 11 is characterized in that, challenge message is sent by non-merchant entities.

15. a computer-readable medium comprises:

Be used to use the dynamic data that generates by the portable consumer device or the access device of communicating by letter to authenticate the code of described portable consumer device with described portable consumer device; And

Be used to authenticate described consumer's code, authenticate described consumer and comprise to described consumer and send challenge message and receive challenge response from described consumer.

16. server computer that comprises computer-readable medium as claimed in claim 15.

17. payment processing system that comprises server computer as claimed in claim 16.

18. a method comprises:

Receive the authorization request message that is associated with the transaction of using portable consumer device to carry out, wherein said portable consumer device comprises the portable consumer device fingerprint, and wherein said authorization request message comprises portable consumer device fingerprint and algorithm identifier after the change;

Use described algorithm identifier from polyalgorithm, to select an algorithm;

Use the portable consumer device fingerprint after selected algorithm and the described change to determine described portable consumer device fingerprint;

Determine whether described portable consumer device fingerprint mates the portable consumer device fingerprint of being stored;

Send challenge message to the consumer who is associated with described portable consumer device; And

Send authorization response message to described consumer, wherein said authorization response message indicates whether to ratify described transaction.

19. authentication method as claimed in claim 18 is characterized in that, also comprises receiving dynamic data and assessing described dynamic data to authenticate described portable consumer device.

20. method as claimed in claim 18 is characterized in that, described challenge message is a challenge.

21. a computer-readable medium comprises:

Be used to receive the code of the authorization request message that is associated with the transaction of using portable consumer device to carry out, wherein said portable consumer device comprises the portable consumer device fingerprint, and wherein said authorization request message comprises portable consumer device fingerprint and algorithm identifier after the change;

Be used for using described algorithm identifier to select the code of an algorithm from polyalgorithm;

Be used to use portable consumer device fingerprint after selected algorithm and the described change to determine the code of described portable consumer device fingerprint;

Be used for determining whether described portable consumer device fingerprint mates the code of the portable consumer device fingerprint of being stored;

Be used for sending the code of challenge message to the consumer who is associated with described portable consumer device; And

22. server computer that comprises computer-readable medium as claimed in claim 21.

23. a method comprises:

Authenticate no battery portable consumer device, wherein said portable consumer device comprises the no battery portable consumer that contains antenna;

Authenticate described consumer; And

Send the ongoing notification message of transaction to described consumer.

24. method as claimed in claim 23 is characterized in that, described authentication consumer comprises to described consumer and sends inquiry.

25. method as claimed in claim 23 is characterized in that, sends a notification message to comprise to described consumer's phone and send described notification message.

26. method as claimed in claim 23 is characterized in that, described no battery portable consumer device can generate validation value.

27. a computer-readable medium comprises:

Be used to authenticate the code of no battery portable consumer device, wherein said portable consumer device comprises the no battery portable consumer that contains antenna;

Be used to authenticate described consumer's code; And

Be used for sending the code of the ongoing notification message of transaction to described consumer.

28. server computer that comprises computer-readable medium as claimed in claim 27.

29. one kind comprises described server computer and the system that is coupled to the access device of described server computer.