Systems and methods for reporting compromised card accounts
First Claim
1. A server machine, associated with a first service provider, for detecting compromised user accounts, comprising:
- a non-transitory memory; and
one or more hardware processors coupled to the non-transitory memory and configured to execute instructions from the non-transitory memory to cause the server machine to perform operations comprising;
monitoring a plurality of online resources for information associated with user accounts;
analyzing information collected from the plurality of online resources during the monitoring;
detecting, by the first service provider based on the analyzing, a compromised user account maintained by a second service provider;
automatically restricting use of the compromised user account with the first service provider;
automatically generating and sending a first ISO 8583 security message to a different server machine of the second service provider, the first ISO 8583 security message comprising one or more first data elements comprising data reporting the compromised user account;
receiving, after the sending the first ISO 8583 security message, a second ISO 8583 security message from the second service provider;
analyzing the second ISO 8583 security message to determine that the second ISO 8583 security message comprises one or more second data elements indicating that the second service provider has received the data reporting the compromised user account; and
responsive to the determining that the second ISO 8583 security message comprises the one or more second data elements indicating that the second service provider has received the data reporting the compromised user account, automatically removing the restriction of the use of the compromised user account with the first service provider.
2 Assignments
0 Petitions
Accused Products
Abstract
A system or method is provided to generate and send a notification to a card issuing bank to report a compromised card. In particular, the notification may be embedded in a pseudo card transaction message based on the ISO 8583 protocol message format. Card issuing banks may be a participant in a compromised card account reporting program to receive the notifications via the ISO 8583 transaction messages from a merchant or a payment service provider. In particular, data elements within the ISO 8583 protocol that are not reserved for carrying information for a transaction may be designated to carry information for reporting the compromised card account. Thus, merchants or payment service providers may send notifications of compromised card accounts to card issuing banks in a secured manner using ISO 8583 transaction messages.
-
Citations
20 Claims
-
1. A server machine, associated with a first service provider, for detecting compromised user accounts, comprising:
-
a non-transitory memory; and one or more hardware processors coupled to the non-transitory memory and configured to execute instructions from the non-transitory memory to cause the server machine to perform operations comprising; monitoring a plurality of online resources for information associated with user accounts; analyzing information collected from the plurality of online resources during the monitoring; detecting, by the first service provider based on the analyzing, a compromised user account maintained by a second service provider; automatically restricting use of the compromised user account with the first service provider; automatically generating and sending a first ISO 8583 security message to a different server machine of the second service provider, the first ISO 8583 security message comprising one or more first data elements comprising data reporting the compromised user account; receiving, after the sending the first ISO 8583 security message, a second ISO 8583 security message from the second service provider; analyzing the second ISO 8583 security message to determine that the second ISO 8583 security message comprises one or more second data elements indicating that the second service provider has received the data reporting the compromised user account; and responsive to the determining that the second ISO 8583 security message comprises the one or more second data elements indicating that the second service provider has received the data reporting the compromised user account, automatically removing the restriction of the use of the compromised user account with the first service provider. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 14, 15, 16, 17)
-
-
9. A machine-implemented method comprising:
-
receiving, by one or more hardware processors of a first server machine of a first party responsible for a user account, a first security message from a second server machine of a second party, wherein the first security message is in an ISO 8583 format and comprising one or more first data elements comprising data reporting the user account as being compromised; analyzing, by one or more of the hardware processors, the first data elements of the security message; identifying, by one or more of the hardware processors, the user account as being compromised based on the analyzing of the one or more first data elements; generating, by one or more of the hardware processors after the identifying the user account as being compromised, a second security message in an ISO 8583 format, the second security message comprising one or more second data elements indicating that the first party received the data reporting the user account as being compromised; and sending, by one or more of the hardware processors, the second security message to the second server machine. - View Dependent Claims (10, 11, 18, 19, 20)
-
-
12. A non-transitory machine-readable medium having stored thereon machine-readable instructions executable to cause a machine to perform operations comprising:
-
analyzing information collected from one or more online resources; detecting, based on the analyzing, a compromised user account maintained by another party; automatically placing an account restriction on the compromised user account; automatically generating and sending, to a server machine of the another party responsible for the compromised user account, a first ISO 8583 security message comprising one or more first data elements comprising a report identifying the compromised user account; receiving, after the sending the first ISO 8583 security message, a second ISO 8583 security message from the another party; analyzing the second ISO 8583 security message to determine that the second ISO 8583 comprises data indicating that the another party has confirmed receipt of the report identifying the compromised user account; and in response to the analyzing the second ISO 8583 security message confirming receipt of the report by the another party, automatically removing the account restriction. - View Dependent Claims (13)
-
Specification