WO2010005681A1 - System and method for authorizing financial transactions with online merchants - Google Patents
System and method for authorizing financial transactions with online merchants Download PDFInfo
- Publication number
- WO2010005681A1 WO2010005681A1 PCT/US2009/047199 US2009047199W WO2010005681A1 WO 2010005681 A1 WO2010005681 A1 WO 2010005681A1 US 2009047199 W US2009047199 W US 2009047199W WO 2010005681 A1 WO2010005681 A1 WO 2010005681A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- verification value
- dynamic verification
- dynamic
- generating
- peripheral device
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/12—Card verification
- G07F7/122—Online card verification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4093—Monitoring of device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4097—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
- G06Q20/40975—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
Definitions
- the present invention relates to data processing, and more particularly relates to a system and method for authorizing financial transactions of online merchants.
- Dynamic verification data is data that is uniquely associated with a specific financial presentation device, wherein the verification data dynamically changes from transaction to transaction. Therefore, even if a third party was able to steal the account information including the verification data used during a transaction, such information would be insufficient for subsequent unauthorized transactions because they would require different verification data.
- the present invention provides a system for authorizing a financial transaction of a financial presentation device that is presentable to online merchants.
- the system comprises a peripheral device that includes: 1 ) a memory for storing information used to generate a dynamic verification value for the financial presentation device, 2) an I/O interface adapted to be coupled to a user computer; and 3) a processor configured to generate a dynamic verification value for the financial transaction using the information stored in memory and to transmit the dynamic verification value to the user computer via the I/O interface.
- the system also comprises an authentication computer that includes: 1 ) a memory for storing information used to generate a comparison verification value, 2) a communication device adapted to receive the dynamic verification value generated by the peripheral device, 3) a processor coupled to the memory and the communication device, and 4) an authentication module executable by the processor and adapted to generate the comparison verification value using the information stored in memory and to determine whether to authorize the financial transaction based on a comparison between the comparison verification value and the dynamic verification value.
- an authentication computer includes: 1 ) a memory for storing information used to generate a comparison verification value, 2) a communication device adapted to receive the dynamic verification value generated by the peripheral device, 3) a processor coupled to the memory and the communication device, and 4) an authentication module executable by the processor and adapted to generate the comparison verification value using the information stored in memory and to determine whether to authorize the financial transaction based on a comparison between the comparison verification value and the dynamic verification value.
- FIG. 1 is a block diagram of a system for dynamically authenticating a financial presentation device presentable to merchants according to an embodiment of the present invention.
- FIG. 2 is a block diagram of an exemplary peripheral device for generating dynamic verification values according to an embodiment of the present invention.
- FIG. 3 shows a portion of a table of preset dynamic verification values for a financial presentation device according to an embodiment of the present invention.
- FIG. 4 is a block diagram of an exemplary computer implemented by an authorizing entity that performs authentication of dynamic verification values according to an embodiment of the present invention.
- FIG. 5 is a flow chart of a method of dynamically authorizing a financial transaction of a financial presentation device that is presentable to merchants according to the present invention.
- an electronic peripheral device having an I/O interface for insertion into a port of a computer, such as a universal serial bus (USB) connector, is adapted to store either a series of verification values (e.g., a table of values) or an algorithm that dynamically generates verification values for authorizing a financial presentation device, such as a credit or debit card.
- a series of verification values e.g., a table of values
- an algorithm that dynamically generates verification values for authorizing a financial presentation device, such as a credit or debit card.
- the peripheral device may be used by a customer during checkout to verify that the financial presentation device is being presented by an authorized user.
- the peripheral device can generate the dynamic verification data associated with the customer's financial presentation device account and deliver the verification data to the browser program, i.e., by automatically filling in data into a web form of the online merchant site during checkout.
- a financial transaction facilitator such as VISANETTM, or the issuer of the financial presentation device, receives the dynamic verification value and compares the verification value against a comparison verification value.
- the comparison verification value is generated using a series of data that corresponds to the series of dynamic verification values stored in the peripheral device, or by using an algorithm that corresponds to an algorithm stored on the peripheral device.
- FIG. 1 illustrates a block diagram of an exemplary system 100 for dynamically authenticating a financial presentation device according to an embodiment of the present invention.
- a customer computer 102 is coupled to a merchant server computer 104 that hosts an online merchant site over a public network 106 such as the Internet.
- Computer 102 includes, among other components, an input device such as a keyboard 108, one or more universal serial bus (USB) ports 110, and a display 1 12.
- Computer 102 executes a browser program for viewing HTML, XML documents on display 112.
- Computer 102 also includes an operating system (not shown) having commonly included device drivers including a HID (Human Interface Device) class driver and related specific device drivers.
- HID Human Interface Device
- the online merchant web site hosted by server 104 may display details of goods and services which the customer may select to purchase.
- the merchant web site will typically include a payment details screen (not shown) during "checkout" into which the customer may enter payment details via an input device 108 coupled to computer 102.
- the customer typically enters name, address and payment instrument information such as the account number and expiration date of a financial presentation device in the payment details screen.
- a peripheral device 1 14, which in some embodiments may be a USB peripheral device, is insertable into USB port 1 10 of computer 102 during checkout.
- the peripheral device 1 14 is initially configured by a financial presentation device authorizing entity 116 such as VISANET (TM) or the issuer of the financial presentation device.
- VISANET VISANET
- the peripheral device 1 14 includes functionality to generate a dynamic verification value (such as a three-digit number) based on stored values and/or an algorithm, and to emulate a keyboard so as to automatically input the generated dynamic verification value into an appropriate field of the payment details screen during checkout.
- computer 102 includes software (possibly downloaded as an applet from the merchant server 104) which is adapted to monitor for the presence of peripheral device 1 14 and includes a driver for converting signals received from the peripheral device into keyboard input information.
- peripheral device 114 is configured to include dynamic verification data that uniquely corresponds with a particular financial presentation device before the financial presentation device is assigned to a particular customer.
- the peripheral device 1 14 is then given to the customer along with the financial presentation device when it is issued.
- the peripheral device 1 14 is then used by the customer when performing online transactions with the financial presentation device to generate dynamic verification values, as described below.
- the authorizing entity 116 accordingly stores comparison verification values and/or algorithms corresponding to those stored on peripheral device 1 14, so that the values generated by peripheral device 1 14 can be verified by the authorizing entity 116. After verifying that the value generated by the peripheral device 1 14 matches the value stored by the authorizing entity 1 16, the associated financial presentation device is authorized by the authorizing entity 1 16 for that particular transaction.
- the information is transmitted to server 104, which in turn sends the payment information to authorizing entity 1 16 over a secure private network 1 18.
- the authorizing entity 1 16 may be a financial transaction facilitator, such as VISANET (TM), which determines whether the dynamic verification value received from server 104 has been generated by an authorized peripheral device 1 14.
- FIG. 2 is a block diagram of an exemplary peripheral device 1 14 for generating dynamic verification values according to an embodiment of the present invention.
- Peripheral device 1 14 includes a processor 202, which may be an inexpensive microprocessor chip or wired logic, and non-volatile memory 204 such as flash memory coupled to processor 202.
- Processor 202 is coupled to a I/O connector 206 via a switch 208, which may be manually activated by the customer through an activation mechanism 210 such as a button.
- Connector 206 is preferably a standard USB connector, which is generally available on any personal computer.
- peripheral device 1 14 does not include a power source of its own and only receives power when connected to computer 102 via connector 206.
- peripheral device 1 14 Once the peripheral device 1 14 is connected to computer 102, the customer may then power on or off the peripheral device 1 14 by activating or deactivating switch 208, which allows or prevents power from reaching processor 202 from connector 206. In another embodiment, the peripheral device 1 14 is always powered on whenever it is connected to computer 102.
- memory 204 of peripheral device 1 14 stores a keyboard emulation module 212 and in one embodiment, stores a table 214 of financial presentation device verification values (see FIG. 3).
- Keyboard emulation module 212 is adapted to output signals that a HID (Human Input Device) class driver (not shown) of the operating system of computer 102 recognizes as signals outputted from a standard keyboard device.
- the HID class driver causes the data to be delivered to a keyboard driver of the operating system of computer 102.
- the peripheral device 1 14 may mimic the operation of a numerical keypad on a standard keyboard.
- the checkout webpage of the merchant server 104 may download an applet into the user computer 102 such that it requests and receives the dynamic verification value from the peripheral device 1 14, and automatically fills in the corresponding input field of the checkout page.
- memory 204 of peripheral device 1 14 stores a table 214 which includes a number (e.g., between 10 and 1000) of preset 3-digit dynamic verification values, which are indexed by a transaction number.
- the dynamic verification values can be 4-digit, 5- digit, or any other number of digits.
- FIG. 3 illustrates a portion of a table 214 according to one example, including the dynamic verification values which correspond to the first thirty-six (36) transaction numbers.
- the keyboard emulation module 212 keeps track of the last transaction number that was used to generate the dynamic verification value and is adapted to extract the dynamic verification values from table 214 in sequence, preferably starting with the value associated with transaction number 1.
- the keyboard emulation module 212 then moves consecutively to the next transaction dynamic verification value for each new transaction or each time the processor is powered on via switch 208. Upon extracting a dynamic verification value, the keyboard emulation module 212 converts the value into signals that the keyboard driver of computer 102 will recognize as signals generated by entering the corresponding numbers using a keyboard.
- memory 204 may store an algorithm or value generation module 216 which generates a new dynamic verification value upon activation based on certain stored kernel information such as the account number of the financial presentation device.
- algorithm or value generation module 216 which generates a new dynamic verification value upon activation based on certain stored kernel information such as the account number of the financial presentation device.
- Exemplary algorithms that may be used to generate dynamic verification values are discussed below and in commonly-assigned U.S. Patent Application Serial No. 10/642,878 entitled "Method and System for Generating a Dynamic Verification Value".
- the keyboard emulation module 212 receives the newly generated dynamic verification value from value generation module 216 and formats the value in the form of keyboard output signals accordingly.
- Two example algorithms that may be used to generate dynamic verification values are counter-based and time-based algorithms, both of which use variable data together with customer account information to generate dynamic verification values.
- a transaction counter stored in the peripheral device increments with each transaction.
- a string is constructed by replacing certain digits of the customer's financial presentation device account number with the transaction counter to create an 'altered account number'.
- the altered account number is concatenated with the expiration date of the account and with other specified digits.
- the concatenated result is placed into a 128-bit field, and then spit into two blocks, block A and block B.
- Block A is then encrypted using an encryption key, and the encrypted result (block C) is put through an exclusive OR operation with block B.
- Resulting block D is then encrypted with the encryption key.
- hexadecimal digits are converted into decimal, the blocks are concatenated, and three digits are selected from the concatenated result as the dynamic verification value.
- the process may be similar, with a time-based number (based on a known time window) used instead of a transaction counter to create the altered account number.
- a time-based number based on a known time window
- the process may be similar, with a time-based number (based on a known time window) used instead of a transaction counter to create the altered account number.
- FIG. 4 is a block diagram of an exemplary computer system 400 which may be implemented by authorizing entity 1 16 for authenticating financial transactions performed using financial presentation devices.
- computer system 400 is implemented at or operated by a financial transaction facilitator such as VISANET.
- Computer system 400 includes a communication device 402 which sends/receives information via a communication link (not shown) to customer computers 102 and merchant servers 104 although the signal may pass through multiple networks and computers (see FIG. 1 ), a processor 404, such as a central processing unit (CPU), and support circuitry 406.
- the communication device 402, processor 404, and support circuitry 406 are commonly connected to a bus 408 which also connects to a memory 410.
- Memory 410 includes program storage memory 412 and data storage memory 414.
- Program storage memory 412 and data storage memory 414 may each comprise volatile (RAM) and non-volatile (ROM) memory units and may also comprise hard disk and backup storage capacity.
- Program storage memory 412 stores software program modules and associated data, and in particular stores a verification module 416.
- Verification module 416 is adapted to receive the dynamic verification value generated by peripheral device 1 14 and to match the dynamic verification value against a comparison verification value which is obtained from a set of stored values (e.g., in a table) or generated by an algorithm that corresponds to the algorithm used to generate the dynamic verification value by peripheral device 1 14.
- Received dynamic verification values may be stored in data storage memory 414 along with other stored cardholder information, a table of stored dynamic verification values, and/or values/parameters such as a transaction counter used for generating comparison verification values dynamically according to an algorithm.
- the computer system 400 can be any computer such as a personal computer, minicomputer, workstation, mainframe, or a combination thereof. While the computer system 400 is shown, for illustration purposes, as a single computer unit, the system may comprise a group/farm of computers which can be scaled depending on the processing load and database size.
- FIG. 5 illustrates a flow chart of a method for authenticating a financial transaction in which a peripheral device according to the present invention is used to generate dynamic verification values for the financial presentation device.
- the method begins in step 502.
- a customer at computer 102 selects an item to purchase on an online merchant site, which then generates a payment details screen during checkout.
- step 506 after providing whatever information needs to be input manually, if any, the customer moves the cursor to a dynamic verification value (CVV2) field (e.g., input box) in the payment details screen, and in step 508, activates peripheral device 1 14 to generate a dynamic verification value which will be inputted into the dynamic verification value field.
- CVV2 dynamic verification value
- the processor 202 retrieves the last used transaction counter/number and increments it by one and retrieves the verification value corresponding to the new transaction number. For example, if the last used transaction number was 15, the retrieved verification value is 967 (corresponding to transaction number 16) according to the table in FIG. 3. The processor 202 then resets the last used transaction number to 16.
- an applet downloaded from the merchant server 104 and running inside the user computer 102 may prompt the user to plug the peripheral device 1 14 into the computer 102. When the user does so, the processor 202 retrieves an appropriate dynamic verification value from the table 214 as described above and transmits it through the usb port.
- peripheral device 114 generates a signal that encodes the dynamic verification value as keyboard input and sends the encoded value to user computer 102.
- user computer 102 receives the signal from peripheral device 1 14 and interprets the signal as keyboard input instructions and enters the dynamic verification value into the dynamic verification value field of the payment details screen.
- the online merchant server 104 receives transaction data, including the financial presentation device account number and dynamic verification value.
- merchant server 104 provides the financial presentation device information and dynamic verification value to an acquirer (not shown) using conventional financial presentation device authentication procedures.
- the transaction data is then received from the acquirer by an authorizing computer 400 of the authorizing entity 116.
- the verification module being executed by the processor 404 of authorizing computer 400 generates a comparison verification value to compare with the received dynamic verification value.
- the comparison verification value may be generated using a table corresponding to a table of verification values stored on peripheral device 1 14, or based on an algorithm that corresponds to an algorithm stored on peripheral device 1 14.
- the verification module 416 maintains the same table and the same last used transaction number.
- the module 416 increments the last used transaction number by one and retrieves the verification value corresponding to the new transaction number. For example, if the last used transaction number was 15, the retrieved verification value is 967 (corresponding to transaction number 16) according to the table in FIG. 3.
- the verification module 416 then resets the last used transaction number to 16.
- the module 416 uses the retrieved value as the comparison verification value.
- step 520 verification module 416 determines whether the comparison verification value matches the dynamic verification value received from the online merchant server 104.
- step 520 If it is determined in step 520 that the comparison verification value matches the dynamic verification value, then, in step 522, verification module 416 authorizes the transaction (assuming of course that all other tests such as credit limit pass) and sends a notification to the merchant server 104 according to conventional procedures. The method then ends in step 530. [0039] If it is determined in step 520 that the comparison verification value does not match the dynamic verification value, then, in step 524, verification module 416 sends a notification to the merchant server 104 that the financial transaction is denied. The method then ends in step 530.
Abstract
A system for authorizing a financial transaction of a financial presentation device such as a credit or debit card being presented from a customer to an online merchant. The system includes a peripheral device having a processor configured to generate a dynamic verification value for the card which changes for each financial transaction, and to transmit the dynamic verification value to a user computer via an I/O interface during an online transaction. The system also includes an authentication computer having a memory for storing information used to generate a comparison verification value, a communication device for receiving the dynamic verification value originating from the peripheral device, a processor and an authentication module executable by the processor adapted to generate the comparison verification value using information stored in memory. The authentication computer determines whether to authorize the financial transaction based on whether the comparison verification value matches the received dynamic verification value.
Description
SYSTEM AND METHOD FOR AUTHORIZING FINANCIAL TRANSACTIONS
WITH ONLINE MERCHANTS
Cross Reference To Related Applications
[001] This application claims the benefit of priority under 35 U.S.C. Section 119(e) to U.S. Provisional Application Ser. No. 61/061 ,936, filed June 16, 2008, entitled "Method And System Of Authenticating A Financial Presentation Device Using A Token", which is fully incorporated by reference herein.
Field of the Invention
[002] The present invention relates to data processing, and more particularly relates to a system and method for authorizing financial transactions of online merchants.
Background of the Invention
[003] The ability to conduct financial and commercial transactions online via the World Wide Web has proven to be a great convenience and a boost to economic activity. Since payments to online merchants generally cannot be done with cash or checks, most online merchants accept payments from their customers via payment accounts such as credit or debit card accounts. However, when using such payment accounts in online transactions, there is an associated risk of counterfeit and fraud because such payment account information can be discovered and pirated by unauthorized parties. For example, if a customer uses a financial presentation device such as a credit card or debit card to make a purchase online, the name of the customer, the credit card
number and expiration date, and other sensitive information is entered through the online merchant's web page and passed electronically through a communication channel that may be compromised. [004] One way to prevent the unauthorized third party use of a financial presentation device is to require the use of dynamic verification data each time a transaction takes place. Dynamic verification data is data that is uniquely associated with a specific financial presentation device, wherein the verification data dynamically changes from transaction to transaction. Therefore, even if a third party was able to steal the account information including the verification data used during a transaction, such information would be insufficient for subsequent unauthorized transactions because they would require different verification data.
[005] Commonly assigned U.S. Patent Application Ser. No. 12/032,095 entitled "DYNAMIC PAYMENT DEVICE CHARACTERISTICS", which is incorporated by reference herein, describes a system and method in which a credit card is embedded with a display and a processor that is adapted to generate a number shown on the display. This number is dynamically generated for each transaction and can be used as a card verification value (CVV). Accordingly, this dynamically generated CVV can be entered as verification data (e.g., via a keyboard) onto a web page provided by a merchant web site during check out.
[006] However, it has been found that providing a financial presentation device with a processor and display is not cost-effective and requires a significant
change in the manufacturing process of financial presentation devices. It would be desirable to find an equally secure, convenient and cost-effective system and method for generating dynamic verification data for financial presentation devices.
Summary of the Disclosure
[007] The present invention provides a system for authorizing a financial transaction of a financial presentation device that is presentable to online merchants. The system comprises a peripheral device that includes: 1 ) a memory for storing information used to generate a dynamic verification value for the financial presentation device, 2) an I/O interface adapted to be coupled to a user computer; and 3) a processor configured to generate a dynamic verification value for the financial transaction using the information stored in memory and to transmit the dynamic verification value to the user computer via the I/O interface. The system also comprises an authentication computer that includes: 1 ) a memory for storing information used to generate a comparison verification value, 2) a communication device adapted to receive the dynamic verification value generated by the peripheral device, 3) a processor coupled to the memory and the communication device, and 4) an authentication module executable by the processor and adapted to generate the comparison verification value using the information stored in memory and to determine whether to authorize the financial transaction based on a comparison between the comparison verification value and the dynamic verification value.
Brief Description of the Drawings
[008] FIG. 1 is a block diagram of a system for dynamically authenticating a financial presentation device presentable to merchants according to an embodiment of the present invention.
[009] FIG. 2 is a block diagram of an exemplary peripheral device for generating dynamic verification values according to an embodiment of the present invention.
[0010] FIG. 3 shows a portion of a table of preset dynamic verification values for a financial presentation device according to an embodiment of the present invention.
[0011] FIG. 4 is a block diagram of an exemplary computer implemented by an authorizing entity that performs authentication of dynamic verification values according to an embodiment of the present invention.
[0012] FIG. 5 is a flow chart of a method of dynamically authorizing a financial transaction of a financial presentation device that is presentable to merchants according to the present invention.
Detailed Description of the Invention
[0013] For purposes of illustration and clarity, the present invention will be discussed in the context of using a credit card. However, persons of ordinary skill in the art will appreciate that the novel features disclosed herein apply to all types of portable financial presentation devices including, but not limited to, credit cards, debit cards, prepaid cards, electronic benefit cards, charge cards, smart cards, virtual cards, key chain devices, personal digital assistants, cell phones,
stored value devices or the like so long as the device can be presented to a seller of goods or services for payment.
[0014] According to the present invention, an electronic peripheral device having an I/O interface for insertion into a port of a computer, such as a universal serial bus (USB) connector, is adapted to store either a series of verification values (e.g., a table of values) or an algorithm that dynamically generates verification values for authorizing a financial presentation device, such as a credit or debit card. During an online transaction, the peripheral device may be used by a customer during checkout to verify that the financial presentation device is being presented by an authorized user. When a customer enters information onto a web form of an online merchant site via a browser program, the peripheral device can generate the dynamic verification data associated with the customer's financial presentation device account and deliver the verification data to the browser program, i.e., by automatically filling in data into a web form of the online merchant site during checkout. During authorization of the transaction, a financial transaction facilitator, such as VISANET™, or the issuer of the financial presentation device, receives the dynamic verification value and compares the verification value against a comparison verification value. The comparison verification value is generated using a series of data that corresponds to the series of dynamic verification values stored in the peripheral device, or by using an algorithm that corresponds to an algorithm stored on the peripheral device. When the dynamic verification value and the comparison verification value
match, the customer's financial presentation device is authenticated and the financial transaction facilitator or issuer authorizes the online transaction. [0015] FIG. 1 illustrates a block diagram of an exemplary system 100 for dynamically authenticating a financial presentation device according to an embodiment of the present invention. A customer computer 102 is coupled to a merchant server computer 104 that hosts an online merchant site over a public network 106 such as the Internet. Computer 102 includes, among other components, an input device such as a keyboard 108, one or more universal serial bus (USB) ports 110, and a display 1 12. Computer 102 executes a browser program for viewing HTML, XML documents on display 112. Computer 102 also includes an operating system (not shown) having commonly included device drivers including a HID (Human Interface Device) class driver and related specific device drivers.
[0016] The online merchant web site hosted by server 104 may display details of goods and services which the customer may select to purchase. The merchant web site will typically include a payment details screen (not shown) during "checkout" into which the customer may enter payment details via an input device 108 coupled to computer 102. The customer typically enters name, address and payment instrument information such as the account number and expiration date of a financial presentation device in the payment details screen. [0017] According to the present invention, a peripheral device 1 14, which in some embodiments may be a USB peripheral device, is insertable into USB port 1 10 of computer 102 during checkout. The peripheral device 1 14 is initially
configured by a financial presentation device authorizing entity 116 such as VISANET (TM) or the issuer of the financial presentation device. The peripheral device 1 14 includes functionality to generate a dynamic verification value (such as a three-digit number) based on stored values and/or an algorithm, and to emulate a keyboard so as to automatically input the generated dynamic verification value into an appropriate field of the payment details screen during checkout. As discussed below, computer 102 includes software (possibly downloaded as an applet from the merchant server 104) which is adapted to monitor for the presence of peripheral device 1 14 and includes a driver for converting signals received from the peripheral device into keyboard input information.
[0018] More specifically, peripheral device 114 is configured to include dynamic verification data that uniquely corresponds with a particular financial presentation device before the financial presentation device is assigned to a particular customer. The peripheral device 1 14 is then given to the customer along with the financial presentation device when it is issued. The peripheral device 1 14 is then used by the customer when performing online transactions with the financial presentation device to generate dynamic verification values, as described below. The authorizing entity 116 accordingly stores comparison verification values and/or algorithms corresponding to those stored on peripheral device 1 14, so that the values generated by peripheral device 1 14 can be verified by the authorizing entity 116. After verifying that the value generated by the peripheral device 1 14 matches the value stored by the authorizing entity 1 16, the
associated financial presentation device is authorized by the authorizing entity 1 16 for that particular transaction.
[0019] After the customer has entered all of the requested information including the dynamic verification value into the payment details screen during checkout, the information is transmitted to server 104, which in turn sends the payment information to authorizing entity 1 16 over a secure private network 1 18. As discussed above, the authorizing entity 1 16 may be a financial transaction facilitator, such as VISANET (TM), which determines whether the dynamic verification value received from server 104 has been generated by an authorized peripheral device 1 14.
[0020] FIG. 2 is a block diagram of an exemplary peripheral device 1 14 for generating dynamic verification values according to an embodiment of the present invention. Peripheral device 1 14 includes a processor 202, which may be an inexpensive microprocessor chip or wired logic, and non-volatile memory 204 such as flash memory coupled to processor 202. Processor 202 is coupled to a I/O connector 206 via a switch 208, which may be manually activated by the customer through an activation mechanism 210 such as a button. Connector 206 is preferably a standard USB connector, which is generally available on any personal computer. In one embodiment, peripheral device 1 14 does not include a power source of its own and only receives power when connected to computer 102 via connector 206. Once the peripheral device 1 14 is connected to computer 102, the customer may then power on or off the peripheral device 1 14 by activating or deactivating switch 208, which allows or prevents power from
reaching processor 202 from connector 206. In another embodiment, the peripheral device 1 14 is always powered on whenever it is connected to computer 102.
[0021] In some embodiments, memory 204 of peripheral device 1 14 stores a keyboard emulation module 212 and in one embodiment, stores a table 214 of financial presentation device verification values (see FIG. 3). Keyboard emulation module 212 is adapted to output signals that a HID (Human Input Device) class driver (not shown) of the operating system of computer 102 recognizes as signals outputted from a standard keyboard device. The HID class driver causes the data to be delivered to a keyboard driver of the operating system of computer 102. In this manner, the peripheral device 1 14 may mimic the operation of a numerical keypad on a standard keyboard. Alternatively, the checkout webpage of the merchant server 104 may download an applet into the user computer 102 such that it requests and receives the dynamic verification value from the peripheral device 1 14, and automatically fills in the corresponding input field of the checkout page.
[0022] In an exemplary embodiment, memory 204 of peripheral device 1 14 stores a table 214 which includes a number (e.g., between 10 and 1000) of preset 3-digit dynamic verification values, which are indexed by a transaction number. In other embodiments the dynamic verification values can be 4-digit, 5- digit, or any other number of digits. FIG. 3 illustrates a portion of a table 214 according to one example, including the dynamic verification values which correspond to the first thirty-six (36) transaction numbers. The keyboard
emulation module 212 keeps track of the last transaction number that was used to generate the dynamic verification value and is adapted to extract the dynamic verification values from table 214 in sequence, preferably starting with the value associated with transaction number 1. The keyboard emulation module 212 then moves consecutively to the next transaction dynamic verification value for each new transaction or each time the processor is powered on via switch 208. Upon extracting a dynamic verification value, the keyboard emulation module 212 converts the value into signals that the keyboard driver of computer 102 will recognize as signals generated by entering the corresponding numbers using a keyboard.
[0023] In alternative embodiments, memory 204 may store an algorithm or value generation module 216 which generates a new dynamic verification value upon activation based on certain stored kernel information such as the account number of the financial presentation device. Exemplary algorithms that may be used to generate dynamic verification values are discussed below and in commonly-assigned U.S. Patent Application Serial No. 10/642,878 entitled "Method and System for Generating a Dynamic Verification Value". In these embodiments, the keyboard emulation module 212 receives the newly generated dynamic verification value from value generation module 216 and formats the value in the form of keyboard output signals accordingly. [0024] Two example algorithms that may be used to generate dynamic verification values are counter-based and time-based algorithms, both of which
use variable data together with customer account information to generate dynamic verification values.
[0025] In a counter-based algorithm a transaction counter stored in the peripheral device increments with each transaction. In one example algorithm, a string is constructed by replacing certain digits of the customer's financial presentation device account number with the transaction counter to create an 'altered account number'. In a second step, the altered account number is concatenated with the expiration date of the account and with other specified digits. The concatenated result is placed into a 128-bit field, and then spit into two blocks, block A and block B. Block A is then encrypted using an encryption key, and the encrypted result (block C) is put through an exclusive OR operation with block B. Resulting block D is then encrypted with the encryption key. After further encryptions, hexadecimal digits are converted into decimal, the blocks are concatenated, and three digits are selected from the concatenated result as the dynamic verification value.
[0026] In an example time-based algorithm, the process may be similar, with a time-based number (based on a known time window) used instead of a transaction counter to create the altered account number. [0027] According to these algorithms, even if an unauthorized party was able to obtain financial presentation device account number and expiration date information, there would be no way for the unauthorized party to precisely determine the dynamic verification value without the variable data of a transaction counter or time-based number. Moreover, if an unauthorized party
uses a number generating algorithm to continually guess at the dynamic verification value, verification may be disallowed after a certain number (e.g., 2 or 3) of unsuccessful attempts.
[0028] FIG. 4 is a block diagram of an exemplary computer system 400 which may be implemented by authorizing entity 1 16 for authenticating financial transactions performed using financial presentation devices. In preferred embodiments of the present invention, computer system 400 is implemented at or operated by a financial transaction facilitator such as VISANET. Computer system 400 includes a communication device 402 which sends/receives information via a communication link (not shown) to customer computers 102 and merchant servers 104 although the signal may pass through multiple networks and computers (see FIG. 1 ), a processor 404, such as a central processing unit (CPU), and support circuitry 406. The communication device 402, processor 404, and support circuitry 406 are commonly connected to a bus 408 which also connects to a memory 410. Memory 410 includes program storage memory 412 and data storage memory 414.
[0029] Program storage memory 412 and data storage memory 414 may each comprise volatile (RAM) and non-volatile (ROM) memory units and may also comprise hard disk and backup storage capacity. Program storage memory 412 stores software program modules and associated data, and in particular stores a verification module 416. Verification module 416 is adapted to receive the dynamic verification value generated by peripheral device 1 14 and to match the dynamic verification value against a comparison verification value which is
obtained from a set of stored values (e.g., in a table) or generated by an algorithm that corresponds to the algorithm used to generate the dynamic verification value by peripheral device 1 14. Received dynamic verification values may be stored in data storage memory 414 along with other stored cardholder information, a table of stored dynamic verification values, and/or values/parameters such as a transaction counter used for generating comparison verification values dynamically according to an algorithm. [0030] It is to be appreciated that the computer system 400 can be any computer such as a personal computer, minicomputer, workstation, mainframe, or a combination thereof. While the computer system 400 is shown, for illustration purposes, as a single computer unit, the system may comprise a group/farm of computers which can be scaled depending on the processing load and database size.
[0031] FIG. 5 illustrates a flow chart of a method for authenticating a financial transaction in which a peripheral device according to the present invention is used to generate dynamic verification values for the financial presentation device. The method begins in step 502. In step 504, a customer at computer 102 selects an item to purchase on an online merchant site, which then generates a payment details screen during checkout. In step 506, after providing whatever information needs to be input manually, if any, the customer moves the cursor to a dynamic verification value (CVV2) field (e.g., input box) in the payment details screen, and in step 508, activates peripheral device 1 14 to generate a dynamic verification value which will be inputted into the dynamic verification value field.
[0032] In one embodiment, the processor 202 retrieves the last used transaction counter/number and increments it by one and retrieves the verification value corresponding to the new transaction number. For example, if the last used transaction number was 15, the retrieved verification value is 967 (corresponding to transaction number 16) according to the table in FIG. 3. The processor 202 then resets the last used transaction number to 16. [0033] Alternatively, an applet downloaded from the merchant server 104 and running inside the user computer 102 may prompt the user to plug the peripheral device 1 14 into the computer 102. When the user does so, the processor 202 retrieves an appropriate dynamic verification value from the table 214 as described above and transmits it through the usb port.
[0034] In step 510, peripheral device 114 generates a signal that encodes the dynamic verification value as keyboard input and sends the encoded value to user computer 102. In step 512, user computer 102 receives the signal from peripheral device 1 14 and interprets the signal as keyboard input instructions and enters the dynamic verification value into the dynamic verification value field of the payment details screen.
[0035] Upon completion of the payment details screen, in step 514, the online merchant server 104 receives transaction data, including the financial presentation device account number and dynamic verification value. In step 515, merchant server 104 provides the financial presentation device information and dynamic verification value to an acquirer (not shown) using conventional financial presentation device authentication procedures. In step 516, the transaction data
is then received from the acquirer by an authorizing computer 400 of the authorizing entity 116. Upon receiving the transaction data including the dynamic verification value, in step 518, the verification module being executed by the processor 404 of authorizing computer 400 generates a comparison verification value to compare with the received dynamic verification value. As explained above, the comparison verification value may be generated using a table corresponding to a table of verification values stored on peripheral device 1 14, or based on an algorithm that corresponds to an algorithm stored on peripheral device 1 14.
[0036] In the case of using the table, like the peripheral device 1 14, the verification module 416 maintains the same table and the same last used transaction number. The module 416 increments the last used transaction number by one and retrieves the verification value corresponding to the new transaction number. For example, if the last used transaction number was 15, the retrieved verification value is 967 (corresponding to transaction number 16) according to the table in FIG. 3. The verification module 416 then resets the last used transaction number to 16. The module 416 uses the retrieved value as the comparison verification value.
[0037] In step 520, verification module 416 determines whether the comparison verification value matches the dynamic verification value received from the online merchant server 104.
[0038] If it is determined in step 520 that the comparison verification value matches the dynamic verification value, then, in step 522, verification module 416
authorizes the transaction (assuming of course that all other tests such as credit limit pass) and sends a notification to the merchant server 104 according to conventional procedures. The method then ends in step 530. [0039] If it is determined in step 520 that the comparison verification value does not match the dynamic verification value, then, in step 524, verification module 416 sends a notification to the merchant server 104 that the financial transaction is denied. The method then ends in step 530.
[0040] The foregoing specific embodiments represent just some of the ways of practicing the present invention. Many other embodiments are possible within the spirit of the invention. Accordingly, the scope of the invention is not limited to the foregoing specification, but instead is given by the appended claims along with their full range of equivalents.
Claims
1. A system for authorizing a financial transaction of a financial presentation device that is presentable to online merchants, comprising: a peripheral device including: a first memory for storing information used to generate a dynamic verification value for the financial presentation device; an I/O interface adapted to be coupled to a user computer; a first processor configured to generate a dynamic verification value for the financial transaction of the financial presentation device using the information stored in the first memory and to transmit the dynamic verification value to the user computer via the I/O interface; an authentication computer including: a communication device adapted to receive the dynamic verification value generated by the peripheral device; a second memory for storing information used to generate a comparison verification value; a second processor coupled to the second memory and the communication device; and an authentication module executable by the processor and adapted to generate the comparison verification value using the information stored in the second memory and to determine whether to authorize the financial transaction of the financial presentation device based on a comparison between the comparison verification value and the received dynamic verification value.
2. The system of claim 1 , wherein the first memory storing information used to generate the dynamic verification value includes a table of preset dynamic verification values.
3. The system of claim 2, wherein the first processor sequentially retrieves a preset value in the table for use as the dynamic verification value.
4. The system of claim 1 , wherein the first memory storing information used to generate the dynamic verification value includes a transaction counter that increments or decrements each time a dynamic verification value is generated, and the first processor generates the dynamic verification value based on the transaction counter.
5. The system of claim 1 , wherein the peripheral device is a universal serial bus (USB) device and is connectable to the user computer through a USB port.
6. The system of claim 5, wherein the first memory storing information used to generate the dynamic verification value includes a table of preset dynamic verification values.
7. The system of claim 6, wherein the first processor sequentially retrieves a preset value in the table for use as the dynamic verification value.
8. The system of claim 6, wherein the first memory storing information used to generate the dynamic verification value includes a transaction counter that increments or decrements each time a dynamic verification value is generated, and the first processor generates the dynamic verification value based on the transaction counter.
9. The system of claim 1 , wherein the first processor is adapted to encode the dynamic verification value as keyboard input signals.
10. A method for authorizing a financial transaction of a financial presentation device that is presentable to online merchants, comprising: generating, by a peripheral device connectable to a user computer, a dynamic verification value for the financial transaction of the financial presentation device; receiving, at an authentication computer, the dynamic verification value; generating, at the authentication computer, a comparison verification value for the financial transaction of the financial presentation device; determining, at the authentication computer, whether to authorize the financial transaction based on a comparison between the comparison verification value and the received dynamic verification value.
1 1. The method of claim 8, wherein the step of generating a dynamic verification value includes: generating the dynamic verification value using a table of preset dynamic verification values stored in the peripheral device.
12. The method of claim 1 1 , wherein the step of generating the dynamic verification value using a table of preset dynamic verification values includes extracting, in sequence, a preset value in the stored table.
13. The method of claim 10, wherein the step of generating a dynamic verification value includes generating the dynamic verification value according to a transaction counter stored in a memory of the peripheral device which increments or decrements each time a dynamic verification value is generated.
14. The method of claim 10, wherein: the peripheral device is a universal serial bus (USB) device connectable to the user computer through a USB port; and the step of generating a dynamic verification value includes generating the dynamic verification value using the USB device.
15. The system of claim 14, wherein the step of generating a dynamic verification value includes generating the dynamic verification value using a table of preset dynamic verification values stored in a memory of the peripheral device.
16. The method of claim 15, wherein the step of generating the dynamic verification value using a table of preset dynamic verification values includes extracting, in sequence, a preset value in the stored table.
17. The method of claim 15, wherein the step of generating a dynamic verification value includes generating the dynamic verification value according to a transaction counter stored in a memory of the peripheral device which increments or decrements each time a dynamic verification value is generated.
18. The method of claim 10, further comprising encoding the dynamic verification value as keyboard input signals.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US6193608P | 2008-06-16 | 2008-06-16 | |
US61/061,936 | 2008-06-16 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2010005681A1 true WO2010005681A1 (en) | 2010-01-14 |
Family
ID=41415656
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2009/047199 WO2010005681A1 (en) | 2008-06-16 | 2009-06-12 | System and method for authorizing financial transactions with online merchants |
Country Status (2)
Country | Link |
---|---|
US (2) | US10008067B2 (en) |
WO (1) | WO2010005681A1 (en) |
Families Citing this family (29)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7383231B2 (en) * | 2004-07-19 | 2008-06-03 | Amazon Technologies, Inc. | Performing automatically authorized programmatic transactions |
US7502760B1 (en) * | 2004-07-19 | 2009-03-10 | Amazon Technologies, Inc. | Providing payments automatically in accordance with predefined instructions |
US7866551B2 (en) | 2007-02-15 | 2011-01-11 | Visa U.S.A. Inc. | Dynamic payment device characteristics |
US20140067675A1 (en) * | 2012-09-06 | 2014-03-06 | American Express Travel Related Services Company, Inc. | Authentication using dynamic codes |
US10008067B2 (en) * | 2008-06-16 | 2018-06-26 | Visa U.S.A. Inc. | System and method for authorizing financial transactions with online merchants |
US8326759B2 (en) * | 2009-04-28 | 2012-12-04 | Visa International Service Association | Verification of portable consumer devices |
US9715681B2 (en) * | 2009-04-28 | 2017-07-25 | Visa International Service Association | Verification of portable consumer devices |
US7891560B2 (en) * | 2009-05-15 | 2011-02-22 | Visa International Service Assocation | Verification of portable consumer devices |
US8893967B2 (en) | 2009-05-15 | 2014-11-25 | Visa International Service Association | Secure Communication of payment information to merchants using a verification token |
US9038886B2 (en) | 2009-05-15 | 2015-05-26 | Visa International Service Association | Verification of portable consumer devices |
US10846683B2 (en) | 2009-05-15 | 2020-11-24 | Visa International Service Association | Integration of verification tokens with mobile communication devices |
US8602293B2 (en) | 2009-05-15 | 2013-12-10 | Visa International Service Association | Integration of verification tokens with portable computing devices |
US8534564B2 (en) | 2009-05-15 | 2013-09-17 | Ayman Hammad | Integration of verification tokens with mobile communication devices |
US9105027B2 (en) | 2009-05-15 | 2015-08-11 | Visa International Service Association | Verification of portable consumer device for secure services |
US10255591B2 (en) | 2009-12-18 | 2019-04-09 | Visa International Service Association | Payment channel returning limited use proxy dynamic value |
WO2011112394A2 (en) | 2010-03-09 | 2011-09-15 | Visa International Service Association | System and method including dynamic verification value |
RU2580086C2 (en) | 2010-04-09 | 2016-04-10 | Виза Интернэшнл Сервис Ассосиэйшн | System and method for robust validation of transactions |
KR101895243B1 (en) | 2011-03-04 | 2018-10-24 | 비자 인터네셔널 서비스 어소시에이션 | Integration of payment capability into secure elements of computers |
US8713656B2 (en) | 2011-10-23 | 2014-04-29 | Gopal Nandakumar | Authentication method |
US20130104197A1 (en) | 2011-10-23 | 2013-04-25 | Gopal Nandakumar | Authentication system |
US10282724B2 (en) | 2012-03-06 | 2019-05-07 | Visa International Service Association | Security system incorporating mobile device |
US9922322B2 (en) | 2013-12-19 | 2018-03-20 | Visa International Service Association | Cloud-based transactions with magnetic secure transmission |
CA2931093A1 (en) | 2013-12-19 | 2015-06-25 | Visa International Service Association | Cloud-based transactions methods and systems |
US10846694B2 (en) | 2014-05-21 | 2020-11-24 | Visa International Service Association | Offline authentication |
US10546293B2 (en) * | 2014-05-29 | 2020-01-28 | Apple Inc. | Apparatuses and methods for using a random authorization number to provide enhanced security for a secure element |
US9775029B2 (en) | 2014-08-22 | 2017-09-26 | Visa International Service Association | Embedding cloud-based functionalities in a communication device |
US10187363B2 (en) | 2014-12-31 | 2019-01-22 | Visa International Service Association | Hybrid integration of software development kit with secure execution environment |
WO2020036608A1 (en) * | 2018-08-17 | 2020-02-20 | Visa International Service Association | Techniques for securely communicating sensitive data |
US11558370B2 (en) * | 2021-06-14 | 2023-01-17 | Bank Of America Corporation | Electronic system for generation of authentication tokens using digital footprint |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5771101A (en) * | 1994-08-02 | 1998-06-23 | Gestetner Management Limited | Data security system |
US20050077349A1 (en) * | 2000-03-07 | 2005-04-14 | American Express Travel Related Services Company, Inc. | Method and system for facilitating a transaction using a transponder |
US20080034221A1 (en) * | 2006-06-19 | 2008-02-07 | Ayman Hammad | Portable consumer device configured to generate dynamic authentication data |
Family Cites Families (195)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4578530A (en) | 1981-06-26 | 1986-03-25 | Visa U.S.A., Inc. | End-to-end encryption system and method of operation |
US4423287A (en) | 1981-06-26 | 1983-12-27 | Visa U.S.A., Inc. | End-to-end encryption system and method of operation |
US4701601A (en) | 1985-04-26 | 1987-10-20 | Visa International Service Association | Transaction card with magnetic stripe emulator |
US4812628A (en) | 1985-05-02 | 1989-03-14 | Visa International Service Association | Transaction system with off-line risk assessment |
US4734564A (en) | 1985-05-02 | 1988-03-29 | Visa International Service Association | Transaction system with off-line risk assessment |
US4646351A (en) | 1985-10-04 | 1987-02-24 | Visa International Service Association | Method and apparatus for dynamic signature verification |
US4870259A (en) | 1987-01-06 | 1989-09-26 | Visa International Service Association | Transaction approval system |
US4908521A (en) | 1987-01-06 | 1990-03-13 | Visa International Service Association | Transaction approval system |
US4943707A (en) | 1987-01-06 | 1990-07-24 | Visa International Service Association | Transaction approval system |
US4822985A (en) | 1987-01-06 | 1989-04-18 | Visa International Service Association | Transaction approval system |
US4906826A (en) | 1988-09-19 | 1990-03-06 | Visa International Service Association | Usage promotion method for payment card transaction system |
DE3906349A1 (en) | 1989-03-01 | 1990-09-13 | Hartmut Hennige | METHOD AND DEVICE FOR SIMPLIFYING THE USE OF A VARIETY OF CREDIT CARDS AND THE LIKE |
US5870724A (en) * | 1989-12-08 | 1999-02-09 | Online Resources & Communications Corporation | Targeting advertising in a home retail banking delivery service |
JPH03180968A (en) | 1989-12-08 | 1991-08-06 | Hitachi Ltd | Data base retrieving method and formated document outputting method using the retrieving method |
US5396624A (en) | 1990-12-20 | 1995-03-07 | Visa International Service Association | Account file for off-line transaction authorization |
US5640577A (en) | 1991-12-30 | 1997-06-17 | Davox Corporation | Data processing system with automated at least partial forms completion |
US5450491A (en) | 1993-08-26 | 1995-09-12 | At&T Corp. | Authenticator card and system |
USRE36365E (en) | 1993-10-25 | 1999-11-02 | Visa International Service Association | Method and apparatus for distributing currency |
US5477038A (en) | 1993-10-25 | 1995-12-19 | Visa International | Method and apparatus for distributing currency |
US5465206B1 (en) | 1993-11-01 | 1998-04-21 | Visa Int Service Ass | Electronic bill pay system |
US6438527B1 (en) | 1993-11-01 | 2002-08-20 | Visa International Service Association | Method and apparatus for paying bills electronically using machine readable information from an invoice |
US5920847A (en) | 1993-11-01 | 1999-07-06 | Visa International Service Association | Electronic bill pay system |
US5623552A (en) | 1994-01-21 | 1997-04-22 | Cardguard International, Inc. | Self-authenticating identification card with fingerprint identification |
US5500513A (en) | 1994-05-11 | 1996-03-19 | Visa International | Automated purchasing control system |
US5627355A (en) * | 1994-07-13 | 1997-05-06 | Rahman; Sam | Transaction device, equipment and method for protecting account numbers and their associated personal identification numbers |
US5500512A (en) | 1994-12-16 | 1996-03-19 | General Electric Company | Welding wire verification control system |
US5742845A (en) | 1995-06-22 | 1998-04-21 | Datascape, Inc. | System for extending present open network communication protocols to communicate with non-standard I/O devices directly coupled to an open network |
US5790677A (en) | 1995-06-29 | 1998-08-04 | Microsoft Corporation | System and method for secure electronic commerce transactions |
US5703344A (en) | 1995-06-30 | 1997-12-30 | Visa International Service Association | Electronic funds confirmation at point of transaction |
US6003763A (en) | 1995-12-29 | 1999-12-21 | Visa International Service | Method and apparatus for recording magnetic information on traveler's checks |
US5794259A (en) | 1996-07-25 | 1998-08-11 | Lextron Systems, Inc | Apparatus and methods to enhance web browsing on the internet |
KR100213188B1 (en) | 1996-10-05 | 1999-08-02 | 윤종용 | Apparatus and method for user authentication |
DE69739173D1 (en) | 1996-10-09 | 2009-01-29 | Visa Int Service Ass | ELECTRONIC SYSTEM FOR PRESENTING EXPLANATIONS |
US6285991B1 (en) | 1996-12-13 | 2001-09-04 | Visa International Service Association | Secure interactive electronic account statement delivery system |
US6247129B1 (en) | 1997-03-12 | 2001-06-12 | Visa International Service Association | Secure electronic commerce employing integrated circuit cards |
US6005942A (en) | 1997-03-24 | 1999-12-21 | Visa International Service Association | System and method for a multi-application smart card which can facilitate a post-issuance download of an application onto the smart card |
US6282522B1 (en) | 1997-04-30 | 2001-08-28 | Visa International Service Association | Internet payment system using smart card |
US6003014A (en) | 1997-08-22 | 1999-12-14 | Visa International Service Association | Method and apparatus for acquiring access using a smart card |
US6163771A (en) | 1997-08-28 | 2000-12-19 | Walker Digital, Llc | Method and device for generating a single-use financial account number |
US5883810A (en) | 1997-09-24 | 1999-03-16 | Microsoft Corporation | Electronic online commerce card with transactionproxy number for online transactions |
US6000832A (en) | 1997-09-24 | 1999-12-14 | Microsoft Corporation | Electronic online commerce card with customer generated transaction proxy number for online transactions |
US5974430A (en) | 1997-09-30 | 1999-10-26 | Unisys Corp. | Method for dynamically embedding objects stored in a web server within HTML for display by a web browser |
AU755458B2 (en) | 1997-10-14 | 2002-12-12 | Visa International Service Association | Personalization of smart cards |
AU758710B2 (en) | 1997-12-19 | 2003-03-27 | Visa International Service Association | Card activation at point of distribution |
US6263446B1 (en) | 1997-12-23 | 2001-07-17 | Arcot Systems, Inc. | Method and apparatus for secure distribution of authentication credentials to roaming users |
US6019284A (en) | 1998-01-27 | 2000-02-01 | Viztec Inc. | Flexible chip card with display |
US6421729B1 (en) | 1998-04-14 | 2002-07-16 | Citicorp Development Center, Inc. | System and method for controlling transmission of stored information to internet websites |
US6044349A (en) | 1998-06-19 | 2000-03-28 | Intel Corporation | Secure and convenient information storage and retrieval method and apparatus |
US6808111B2 (en) | 1998-08-06 | 2004-10-26 | Visa International Service Association | Terminal software architecture for use with smart cards |
US6499042B1 (en) | 1998-10-07 | 2002-12-24 | Infospace, Inc. | Selective proxy approach to filling-in forms embedded in distributed electronic documents |
EP1125262A1 (en) | 1998-10-27 | 2001-08-22 | Visa International Service Association | Delegated management of smart card applications |
US7937325B2 (en) | 1998-12-08 | 2011-05-03 | Yodlee.Com, Inc. | Interactive bill payment center |
US6571339B1 (en) | 1998-12-30 | 2003-05-27 | Intel Corporation | Use of a processor identification for authentication |
US6490601B1 (en) | 1999-01-15 | 2002-12-03 | Infospace, Inc. | Server for enabling the automatic insertion of data into electronic forms on a user computer |
US7334184B1 (en) | 1999-03-10 | 2008-02-19 | American Express Travel Related Services Company, Inc. | Method for online information sharing for completing electronic forms |
US7451114B1 (en) | 1999-02-19 | 2008-11-11 | Visa International Service Association | Conducting commerce between individuals |
US6985583B1 (en) * | 1999-05-04 | 2006-01-10 | Rsa Security Inc. | System and method for authentication seed distribution |
US6227447B1 (en) | 1999-05-10 | 2001-05-08 | First Usa Bank, Na | Cardless payment system |
US7350139B1 (en) * | 2000-06-16 | 2008-03-25 | American Express Travel Related Services Company, Inc. | System and method for utilizing a drag and drop technique to complete electronic forms |
US6873974B1 (en) | 1999-08-17 | 2005-03-29 | Citibank, N.A. | System and method for use of distributed electronic wallets |
KR100392792B1 (en) | 1999-08-21 | 2003-07-28 | 주식회사 다날 | User authentication system and method using a second channel |
US7231045B1 (en) | 1999-08-30 | 2007-06-12 | Intel Corporation | Secure transaction modem storing unique indicia |
US7343351B1 (en) | 1999-08-31 | 2008-03-11 | American Express Travel Related Services Company, Inc. | Methods and apparatus for conducting electronic transactions |
US7216292B1 (en) | 1999-09-01 | 2007-05-08 | Microsoft Corporation | System and method for populating forms with previously used data values |
AU1654501A (en) | 1999-10-27 | 2001-05-08 | Visa International Service Association | Method and apparatus for leveraging an existing cryptographic infrastructure |
US6589290B1 (en) | 1999-10-29 | 2003-07-08 | America Online, Inc. | Method and apparatus for populating a form with data |
WO2001045008A1 (en) | 1999-12-16 | 2001-06-21 | Debit.Net, Inc. | Secure networked transaction system |
US6925562B2 (en) * | 1999-12-17 | 2005-08-02 | International Business Machines Corporation | Scheme for blocking the use of lost or stolen network-connectable computer systems |
AU3086101A (en) | 2000-01-05 | 2001-07-16 | American Express Travel Related Services Company, Inc. | Smartcard internet authorization system |
AUPQ564400A0 (en) | 2000-02-16 | 2000-03-09 | Ong, Yong Kin (Michael) | Electronic credit card-ecc |
EP2290577B1 (en) | 2000-02-18 | 2017-08-16 | Vasco Data Security International GmbH | Token device having a USB connector |
US7379919B2 (en) | 2000-04-11 | 2008-05-27 | Mastercard International Incorporated | Method and system for conducting secure payments over a computer network |
US7177848B2 (en) | 2000-04-11 | 2007-02-13 | Mastercard International Incorporated | Method and system for conducting secure payments over a computer network without a pseudo or proxy account number |
EP2278538A1 (en) | 2000-04-24 | 2011-01-26 | Visa International Service Association | Online payer authentication service |
US7257581B1 (en) | 2000-08-04 | 2007-08-14 | Guardian Networks, Llc | Storage, management and distribution of consumer information |
US20020178112A1 (en) | 2000-08-14 | 2002-11-28 | Visa International Service Association | Point of sale check service |
JP4586250B2 (en) * | 2000-08-31 | 2010-11-24 | ソニー株式会社 | Personal identification certificate link system, information processing apparatus, information processing method, and program providing medium |
US7606771B2 (en) | 2001-01-11 | 2009-10-20 | Cardinalcommerce Corporation | Dynamic number authentication for credit/debit cards |
US20020116330A1 (en) * | 2001-02-21 | 2002-08-22 | Hed Aharon Zeev | Wireless communicating credit card |
US7809650B2 (en) | 2003-07-01 | 2010-10-05 | Visa U.S.A. Inc. | Method and system for providing risk information in connection with transaction processing |
WO2002069561A2 (en) | 2001-02-27 | 2002-09-06 | Visa International Service Association | Distributed quantum encrypted pattern generation and scoring |
US7292999B2 (en) | 2001-03-15 | 2007-11-06 | American Express Travel Related Services Company, Inc. | Online card present transaction |
US20020153424A1 (en) | 2001-04-19 | 2002-10-24 | Chuan Li | Method and apparatus of secure credit card transaction |
US6816058B2 (en) * | 2001-04-26 | 2004-11-09 | Mcgregor Christopher M | Bio-metric smart card, bio-metric smart card reader and method of use |
US7533063B2 (en) | 2001-06-14 | 2009-05-12 | Silicon Storage Technology, Inc. | Smart memory card wallet |
US7360689B2 (en) * | 2001-07-10 | 2008-04-22 | American Express Travel Related Services Company, Inc. | Method and system for proffering multiple biometrics for use with a FOB |
US20060237528A1 (en) * | 2001-07-10 | 2006-10-26 | Fred Bishop | Systems and methods for non-traditional payment |
US7996324B2 (en) * | 2001-07-10 | 2011-08-09 | American Express Travel Related Services Company, Inc. | Systems and methods for managing multiple accounts on a RF transaction device using secondary identification indicia |
US20030120593A1 (en) | 2001-08-15 | 2003-06-26 | Visa U.S.A. | Method and system for delivering multiple services electronically to customers via a centralized portal architecture |
US7103576B2 (en) | 2001-09-21 | 2006-09-05 | First Usa Bank, Na | System for providing cardless payment |
US7099850B1 (en) | 2001-09-21 | 2006-08-29 | Jpmorgan Chase Bank, N.A. | Methods for providing cardless payment |
US7363494B2 (en) * | 2001-12-04 | 2008-04-22 | Rsa Security Inc. | Method and apparatus for performing enhanced time-based authentication |
US7243853B1 (en) | 2001-12-04 | 2007-07-17 | Visa U.S.A. Inc. | Method and system for facilitating memory and application management on a secured token |
US20030115142A1 (en) | 2001-12-12 | 2003-06-19 | Intel Corporation | Identity authentication portfolio system |
US7159180B2 (en) | 2001-12-14 | 2007-01-02 | America Online, Inc. | Proxy platform integration system |
WO2003077080A2 (en) * | 2002-03-08 | 2003-09-18 | Jp Morgan Chase Bank | Financial system for isolated economic environment |
US20030182241A1 (en) * | 2002-03-25 | 2003-09-25 | Everhart Glenn Cobourn | Time variable financial authentication apparatus |
US7899753B1 (en) * | 2002-03-25 | 2011-03-01 | Jpmorgan Chase Bank, N.A | Systems and methods for time variable financial authentication |
US8082575B2 (en) | 2002-03-28 | 2011-12-20 | Rampart-Id Systems, Inc. | System, method and apparatus for enabling transactions using a user enabled programmable magnetic stripe |
US7707120B2 (en) | 2002-04-17 | 2010-04-27 | Visa International Service Association | Mobile account authentication service |
US7356516B2 (en) | 2002-06-13 | 2008-04-08 | Visa U.S.A. Inc. | Method and system for facilitating electronic dispute resolution |
US20040230489A1 (en) * | 2002-07-26 | 2004-11-18 | Scott Goldthwaite | System and method for mobile payment and fulfillment of digital goods |
US7512975B2 (en) | 2002-08-16 | 2009-03-31 | Intel Corporation | Hardware-assisted credential validation |
US7210169B2 (en) | 2002-08-20 | 2007-04-24 | Intel Corporation | Originator authentication using platform attestation |
US7280981B2 (en) | 2002-08-27 | 2007-10-09 | Visa U.S.A. Inc. | Method and system for facilitating payment transactions using access devices |
US20050044385A1 (en) | 2002-09-09 | 2005-02-24 | John Holdsworth | Systems and methods for secure authentication of electronic transactions |
SG152061A1 (en) | 2002-09-10 | 2009-05-29 | Visa Int Service Ass | Data authentication and provisioning method and system |
US7356706B2 (en) | 2002-09-30 | 2008-04-08 | Intel Corporation | Personal authentication method and apparatus sensing user vicinity |
US7346587B2 (en) | 2002-12-06 | 2008-03-18 | Aol Llc | Intelligent method of order completion in an e-commerce environment based on availability of stored billing information |
US7702916B2 (en) | 2003-03-31 | 2010-04-20 | Visa U.S.A. Inc. | Method and system for secure authentication |
US8589335B2 (en) | 2003-04-21 | 2013-11-19 | Visa International Service Association | Smart card personalization assistance tool |
US7827077B2 (en) | 2003-05-02 | 2010-11-02 | Visa U.S.A. Inc. | Method and apparatus for management of electronic receipts on portable devices |
US7437575B2 (en) | 2003-05-29 | 2008-10-14 | Dell Products L.P. | Low power mode for device power management |
US7483845B2 (en) | 2003-06-24 | 2009-01-27 | Nokia Corporation | Methods, system, and computer readable medium for user data entry, at a terminal, for communication to a remote destination |
WO2005003924A2 (en) | 2003-07-02 | 2005-01-13 | Visa International Service Association | Managing activation of cardholders in a secure authentication program |
DE10330773A1 (en) * | 2003-07-08 | 2005-04-28 | Glenn Rolus Borgward | Input device for portable digital computers and portable digital computers with variable mouse |
US7519989B2 (en) * | 2003-07-17 | 2009-04-14 | Av Thenex Inc. | Token device that generates and displays one-time passwords and that couples to a computer for inputting or receiving data for generating and outputting one-time passwords and other functions |
US7275263B2 (en) | 2003-08-11 | 2007-09-25 | Intel Corporation | Method and system and authenticating a user of a computer system that has a trusted platform module (TPM) |
US7740168B2 (en) * | 2003-08-18 | 2010-06-22 | Visa U.S.A. Inc. | Method and system for generating a dynamic verification value |
US7761374B2 (en) * | 2003-08-18 | 2010-07-20 | Visa International Service Association | Method and system for generating a dynamic verification value |
US7689459B2 (en) | 2003-09-24 | 2010-03-30 | Industiral Technology Research Institute | Card with embedded bistable display having short and long term information |
US7653602B2 (en) | 2003-11-06 | 2010-01-26 | Visa U.S.A. Inc. | Centralized electronic commerce card transactions |
US7039611B2 (en) | 2003-11-06 | 2006-05-02 | Visa U.S.A., Inc. | Managing attempts to initiate authentication of electronic commerce card transactions |
US20050177510A1 (en) | 2004-02-09 | 2005-08-11 | Visa International Service Association, A Delaware Corporation | Buyer initiated payment |
KR101143399B1 (en) | 2004-03-05 | 2012-05-22 | 주식회사 비즈모델라인 | Method for Giving Multi-Cards' Function to a Card |
US7580898B2 (en) | 2004-03-15 | 2009-08-25 | Qsecure, Inc. | Financial transactions with dynamic personal account numbers |
US7584153B2 (en) * | 2004-03-15 | 2009-09-01 | Qsecure, Inc. | Financial transactions with dynamic card verification values |
US7574600B2 (en) | 2004-03-24 | 2009-08-11 | Intel Corporation | System and method for combining user and platform authentication in negotiated channel security protocols |
US8762283B2 (en) | 2004-05-03 | 2014-06-24 | Visa International Service Association | Multiple party benefit from an online authentication service |
WO2005107130A1 (en) * | 2004-05-04 | 2005-11-10 | Research In Motion Limited | Challenge response system and method |
US7660779B2 (en) | 2004-05-12 | 2010-02-09 | Microsoft Corporation | Intelligent autofill |
WO2005119607A2 (en) * | 2004-06-03 | 2005-12-15 | Tyfone, Inc. | System and method for securing financial transactions |
US8016185B2 (en) | 2004-07-06 | 2011-09-13 | Visa International Service Association | Money transfer service with authentication |
US7328850B2 (en) | 2004-08-12 | 2008-02-12 | Codecard, Inc. | Financial and similar identification cards and methods relating thereto |
CA2577333C (en) * | 2004-08-18 | 2016-05-17 | Mastercard International Incorporated | Method and system for authorizing a transaction using a dynamic authorization code |
US7156313B2 (en) | 2004-08-30 | 2007-01-02 | Smart Displayer Technology Co., Ltd. | IC card with display panel but without batteries |
US7590589B2 (en) * | 2004-09-10 | 2009-09-15 | Hoffberg Steven M | Game theoretic prioritization scheme for mobile ad hoc networks permitting hierarchal deference |
US7051929B2 (en) | 2004-10-18 | 2006-05-30 | Gongling Li | Secure credit card having daily changed security number |
US7097108B2 (en) | 2004-10-28 | 2006-08-29 | Bellsouth Intellectual Property Corporation | Multiple function electronic cards |
US20060131393A1 (en) | 2004-12-22 | 2006-06-22 | Eastman Kodak Company | Multi-role transaction card |
US8820637B1 (en) * | 2005-02-26 | 2014-09-02 | James A. Roskind | Time-varying security code for enabling authorizations and other uses of financial accounts |
US7793851B2 (en) * | 2005-05-09 | 2010-09-14 | Dynamics Inc. | Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card |
DE102005024732A1 (en) * | 2005-05-31 | 2006-12-07 | Phoenix Contact Gmbh & Co. Kg | Connector for PCB connection |
US7347361B2 (en) | 2005-06-13 | 2008-03-25 | Robert Lovett | System, method and program product for account transaction validation |
US7774402B2 (en) | 2005-06-29 | 2010-08-10 | Visa U.S.A. | Adaptive gateway for switching transactions and data on unreliable networks using context-based rules |
US7694287B2 (en) | 2005-06-29 | 2010-04-06 | Visa U.S.A. | Schema-based dynamic parse/build engine for parsing multi-format messages |
US8762263B2 (en) | 2005-09-06 | 2014-06-24 | Visa U.S.A. Inc. | System and method for secured account numbers in proximity devices |
US20070055597A1 (en) | 2005-09-08 | 2007-03-08 | Visa U.S.A. | Method and system for manipulating purchase information |
US7844490B2 (en) | 2005-11-02 | 2010-11-30 | Visa U.S.A. Inc. | Method and system for conducting promotional programs |
US7568631B2 (en) | 2005-11-21 | 2009-08-04 | Sony Corporation | System, apparatus and method for obtaining one-time credit card numbers using a smart card |
US8270947B2 (en) | 2005-12-19 | 2012-09-18 | Motorola Solutions, Inc. | Method and apparatus for providing a supplicant access to a requested service |
US7664699B1 (en) | 2005-12-21 | 2010-02-16 | Symantec Corporation | Automatic generation of temporary credit card information |
WO2007076476A2 (en) * | 2005-12-22 | 2007-07-05 | Mastercard International Incorporated | Methods and systems for two-factor authentication using contactless chip cards or devices and mobile devices or dedicated personal readers |
FR2896060A1 (en) * | 2006-01-06 | 2007-07-13 | Gemplus Sa | GENERIC ELECTRONIC KEY HAVING A PERSONALIZED CHIP CARD |
US20070241183A1 (en) * | 2006-04-14 | 2007-10-18 | Brown Kerry D | Pin-secured dynamic magnetic stripe payment card |
MX2009002148A (en) | 2006-08-29 | 2009-05-12 | Visa Int Service Ass | Method and system for processing internet purchase transactions. |
BRPI0716738A2 (en) | 2006-09-15 | 2013-09-17 | Visa Int Service Ass | Method and system for providing one or more transaction card services to a transaction cardholder |
US8386349B2 (en) | 2007-02-28 | 2013-02-26 | Visa U.S.A. Inc. | Verification of a portable consumer device in an offline environment |
US8346639B2 (en) | 2007-02-28 | 2013-01-01 | Visa U.S.A. Inc. | Authentication of a data card using a transit verification value |
US20080203170A1 (en) | 2007-02-28 | 2008-08-28 | Visa U.S.A. Inc. | Fraud prevention for transit fare collection |
EP2074726A4 (en) | 2006-10-11 | 2011-06-01 | Visa Int Service Ass | Method and system for processing micropayment transactions |
US10068220B2 (en) | 2006-10-11 | 2018-09-04 | Visa International Service Association | Systems and methods for brokered authentication express seller links |
US20100223184A1 (en) | 2006-10-11 | 2010-09-02 | Visa International Service Association | Sponsored Accounts For Computer-Implemented Payment System |
US7716596B2 (en) | 2006-11-08 | 2010-05-11 | International Business Machines Corporation | Dynamic input field protection |
US9251637B2 (en) | 2006-11-15 | 2016-02-02 | Bank Of America Corporation | Method and apparatus for using at least a portion of a one-time password as a dynamic card verification value |
US8504451B2 (en) * | 2006-11-16 | 2013-08-06 | Visa U.S.A. Inc. | Method and system using candidate dynamic data elements |
US9940627B2 (en) | 2006-12-26 | 2018-04-10 | Visa U.S.A. Inc. | Mobile coupon method and system |
US20080177796A1 (en) | 2007-01-19 | 2008-07-24 | Eldering Charles A | Method of Distributing Contact Information to Merchant Websites |
US7866551B2 (en) | 2007-02-15 | 2011-01-11 | Visa U.S.A. Inc. | Dynamic payment device characteristics |
TW200845690A (en) | 2007-05-14 | 2008-11-16 | David Chiu | Business protection system in internet |
US7835988B2 (en) * | 2007-06-05 | 2010-11-16 | Mastercard International, Inc. | Methods and apparatus for preventing fraud in payment processing transactions |
US20090006646A1 (en) | 2007-06-26 | 2009-01-01 | Data Frenzy, Llc | System and Method of Auto Populating Forms on Websites With Data From Central Database |
KR101486103B1 (en) * | 2007-07-17 | 2015-01-23 | 린텍 가부시키가이샤 | Pressure-sensitive adhesive sheet |
US20090031407A1 (en) * | 2007-07-24 | 2009-01-29 | Shaobo Kuang | Method and system for security check or verification |
WO2009025605A2 (en) * | 2007-08-19 | 2009-02-26 | Yubico Ab | Device and method for generating dynamic credit card data |
US8359630B2 (en) * | 2007-08-20 | 2013-01-22 | Visa U.S.A. Inc. | Method and system for implementing a dynamic verification value |
US7849014B2 (en) | 2007-08-29 | 2010-12-07 | American Express Travel Related Services Company, Inc. | System and method for facilitating a financial transaction with a dynamically generated identifier |
US8341083B1 (en) * | 2007-09-12 | 2012-12-25 | Devicefidelity, Inc. | Wirelessly executing financial transactions |
US8038068B2 (en) * | 2007-11-28 | 2011-10-18 | Visa U.S.A. Inc. | Multifunction removable cover for portable payment device |
WO2009089099A1 (en) * | 2008-01-04 | 2009-07-16 | M2 International Ltd. | Dynamic card verification value |
US20090248579A1 (en) * | 2008-03-31 | 2009-10-01 | Ronald Kaminski | Method and System for Accepting and Processing Financial Transactions over a Mobile Computing Device |
US10008067B2 (en) | 2008-06-16 | 2018-06-26 | Visa U.S.A. Inc. | System and method for authorizing financial transactions with online merchants |
BRPI0921124A2 (en) | 2008-11-06 | 2016-09-13 | Visa Int Service Ass | system for authenticating a consumer, computer implemented method, computer readable medium, and server computer. |
US8326759B2 (en) | 2009-04-28 | 2012-12-04 | Visa International Service Association | Verification of portable consumer devices |
US9715681B2 (en) | 2009-04-28 | 2017-07-25 | Visa International Service Association | Verification of portable consumer devices |
US7891560B2 (en) * | 2009-05-15 | 2011-02-22 | Visa International Service Assocation | Verification of portable consumer devices |
US8534564B2 (en) * | 2009-05-15 | 2013-09-17 | Ayman Hammad | Integration of verification tokens with mobile communication devices |
US8602293B2 (en) * | 2009-05-15 | 2013-12-10 | Visa International Service Association | Integration of verification tokens with portable computing devices |
US9105027B2 (en) * | 2009-05-15 | 2015-08-11 | Visa International Service Association | Verification of portable consumer device for secure services |
US9038886B2 (en) * | 2009-05-15 | 2015-05-26 | Visa International Service Association | Verification of portable consumer devices |
US8676639B2 (en) | 2009-10-29 | 2014-03-18 | Visa International Service Association | System and method for promotion processing and authorization |
US20110106674A1 (en) | 2009-10-29 | 2011-05-05 | Jeffrey William Perlman | Optimizing Transaction Scenarios With Automated Decision Making |
US8280788B2 (en) | 2009-10-29 | 2012-10-02 | Visa International Service Association | Peer-to-peer and group financial management systems and methods |
BR112012010703A2 (en) | 2009-11-04 | 2019-09-24 | Visa Int Service Ass | check sheet, method, computer program product, validation entity, and device check value provision method |
US8364594B2 (en) * | 2010-03-09 | 2013-01-29 | Visa International Service Association | System and method including security parameters used for generation of verification value |
-
2009
- 2009-06-12 US US12/483,419 patent/US10008067B2/en active Active
- 2009-06-12 WO PCT/US2009/047199 patent/WO2010005681A1/en active Application Filing
-
2018
- 2018-05-30 US US15/993,196 patent/US10803692B2/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5771101A (en) * | 1994-08-02 | 1998-06-23 | Gestetner Management Limited | Data security system |
US20050077349A1 (en) * | 2000-03-07 | 2005-04-14 | American Express Travel Related Services Company, Inc. | Method and system for facilitating a transaction using a transponder |
US20080034221A1 (en) * | 2006-06-19 | 2008-02-07 | Ayman Hammad | Portable consumer device configured to generate dynamic authentication data |
Also Published As
Publication number | Publication date |
---|---|
US20090313168A1 (en) | 2009-12-17 |
US10008067B2 (en) | 2018-06-26 |
US20180276936A1 (en) | 2018-09-27 |
US10803692B2 (en) | 2020-10-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10803692B2 (en) | System and method for authorizing financial transactions with online merchants | |
JP4597529B2 (en) | Authentication mechanisms and methods for use in financial transactions | |
AU2004252824B2 (en) | Customer authentication in e-commerce transactions | |
CA2678101C (en) | Authentication device and method | |
US7983987B2 (en) | System and method for conducting secure payment transaction | |
US8909557B2 (en) | Authentication arrangement and method for use with financial transaction | |
AU2019204157A1 (en) | Method, system and device for e-commerce payment intelligent access control | |
JP5589471B2 (en) | Royalty management system, royalty management method and token | |
WO2010030362A1 (en) | Authentication arrangement and method for use with financial transaction | |
Pircalab | Security of Internet Payments |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 09794886 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 09794886 Country of ref document: EP Kind code of ref document: A1 |