System and method for preventing unauthorized access to financial accounts
First Claim
1. A payment processor system comprising:
- a processor; and
a tangible, non-transitory memory configured to communicate with the processor, the tangible, non-transitory memory having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations comprising;
receiving, by the payment processor system and from the vendor system, a funding account code and a request for a global external code,wherein the funding account code corresponds to the global external code and a vendor identifier,wherein the vendor system received the funding account code from a customer,wherein the vendor system does not retain the funding account code;
determining, by the payment processor system, the global external code based on the funding account code;
transmitting, by the payment processor system and to the vendor system, the global external code in response to the request;
receiving, by the payment processor system and from the vendor system, a transaction settlement request including transaction information and the global external code;
determining, by the payment processor system, an IP address of the vendor system based on the vendor identifier;
determining, by the payment processor system, that the IP address is on a list of authorized IP addresses;
authorizing, by the payment processor system, the transaction settlement request based on the IP address being on the list of authorized IP addresses and based on the global external code.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and a system are provided for preventing unauthorized access to financial accounts. A financial services system creates and stores a global external number corresponding to a funding account number that is associated with a financial account. A vendor system requests the corresponding global external number from the financial services system, which returns the corresponding global external number. The vendor system stores the global external number with customer identification information and/or transaction records. The vendor system requests payments for transactions by supplying the global external number stored in a transaction record to the financial services system. The financial services system authenticates the vendor system, and returns the corresponding funding account number. The vendor system generates a transaction settlement request using the funding account number. If the vendor system is compromised, no financial accounts can be accessed, since the vendor system does not store funding account numbers.
92 Citations
21 Claims
-
1. A payment processor system comprising:
-
a processor; and a tangible, non-transitory memory configured to communicate with the processor, the tangible, non-transitory memory having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations comprising; receiving, by the payment processor system and from the vendor system, a funding account code and a request for a global external code, wherein the funding account code corresponds to the global external code and a vendor identifier, wherein the vendor system received the funding account code from a customer, wherein the vendor system does not retain the funding account code; determining, by the payment processor system, the global external code based on the funding account code; transmitting, by the payment processor system and to the vendor system, the global external code in response to the request; receiving, by the payment processor system and from the vendor system, a transaction settlement request including transaction information and the global external code; determining, by the payment processor system, an IP address of the vendor system based on the vendor identifier; determining, by the payment processor system, that the IP address is on a list of authorized IP addresses; authorizing, by the payment processor system, the transaction settlement request based on the IP address being on the list of authorized IP addresses and based on the global external code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method comprising:
-
receiving, by a payment processor system and from the vendor system, a funding account code and a request for a global external code, wherein the funding account code corresponds to the global external code and a vendor identifier, wherein the vendor system received the funding account code from a customer, wherein the vendor system does not retain the funding account code; determining, by the payment processor system, the global external code based on the funding account code; transmitting, by the payment processor system and to the vendor system, the global external code in response to the request; receiving, by the payment processor system and from the vendor system, a transaction settlement request including transaction information and the global external code; determining, by the payment processor system, an IP address of the vendor system based on the vendor identifier; determining, by the payment processor system, that the IP address is on a list of authorized IP addresses; authorizing, by the payment processor system, the transaction settlement request based on the IP address being on the list of authorized IP addresses and based on the global external code. - View Dependent Claims (16)
-
-
17. An article of manufacture including a non-transitory, tangible computer readable storage medium having instructions stored thereon that, in response to execution by a payment processor system, cause the payment processor system to perform operations comprising:
-
receiving, by the payment processor system and from the vendor system, a funding account code and a request for a global external code, wherein the funding account code corresponds to the global external code and a vendor identifier, wherein the vendor system received the funding account code from a customer, wherein the vendor system does not retain the funding account code; determining, by the payment processor system, the global external code based on the funding account code; transmitting, by the payment processor system and to the vendor system, the global external code in response to the request; receiving, by the payment processor system and from the vendor system, a transaction settlement request including transaction information and the global external code; determining, by the payment processor system, an IP address of the vendor system based on the vendor identifier; determining, by the payment processor system, that the IP address is on a list of authorized IP addresses; authorizing, by the payment processor system, the transaction settlement request based on the IP address being on the list of authorized IP addresses and based on the global external code. - View Dependent Claims (18, 19, 20, 21)
-
Specification