Rule management user interface

US 10,375,078 B2
Filed: 10/10/2016
Issued: 08/06/2019
Est. Priority Date: 10/10/2016
Status: Active Grant

First Claim

Patent Images

1. A method comprising performing by a server computer:

receiving, from a client computer operated by an administrator, credential data of the administrator, the administrator corresponding to a transport computer;

using the credential data to access a database to retrieve a plurality of requesting computers that have been registered with the transport computer, wherein, for each of the plurality of requesting computers, the transport computer is networked to the requesting computer and configured to process authorization request messages for the requesting computer;

causing a list of the plurality of requesting computers to be displayed at the client computer;

receiving, from the client computer, a selection from the list of the plurality of requesting computers, thereby providing a selected requesting computer;

causing a plurality of settings, which represent a set of rules that control which authorization request messages from the selected requesting computer are forwarded to the transport computer, to be displayed at the client computer, wherein the plurality of settings are modifiable by the administrator and comprise a first setting that references one or more attributes that distinguish a subset of authorization request messages from other authorization request messages;

responsive to receiving a first selection of the first setting from the client computer, accessing the database to modify the set of rules in accordance with the plurality of settings;

receiving a first authorization request message that is characterized by the one or more attributes from the selected requesting computer;

responsive to receiving the first authorization request message;

using the first authorization request message to access, from the database, the set of rules that control which authorization request messages from the selected requesting computer are forwarded to the transport computer; and

processing the first authorization request message in accordance with the set of rules, which comprises processing the first authorization request message in accordance with a first protocol in response to determining that the first authorization request message is characterized by the one or more attributes; and

wherein processing the first authorization request message in accordance with the first protocol comprises transmitting an authorization response message to the selected requesting computer without forwarding the first authorization request message to the transport computer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention are directed to techniques for preventing access to protected resources by unauthorized individuals by enabling an administrator associated with a transport computer to customize filtering rules via a user interface. In some embodiments, a server computer can, from a client computer, receive credentials of the administrator. The credentials can be used to retrieve requesting computers registered with the transport computer. The requesting computers may then be displayed at the client computer. A selection of one of the requesting computers is received from the client computer. A plurality of settings, which represent rules controlling which authorization request messages from the selected requesting computer are forwarded, are displayed at the client computer, wherein one of the settings references one or more attributes that distinguish certain authorization request messages. In response to receiving a selection of the respective setting, modifying the rules in accordance with the plurality of settings.

Citations

20 Claims

1. A method comprising performing by a server computer:
- receiving, from a client computer operated by an administrator, credential data of the administrator, the administrator corresponding to a transport computer;
  
  using the credential data to access a database to retrieve a plurality of requesting computers that have been registered with the transport computer, wherein, for each of the plurality of requesting computers, the transport computer is networked to the requesting computer and configured to process authorization request messages for the requesting computer;
  
  causing a list of the plurality of requesting computers to be displayed at the client computer;
  
  receiving, from the client computer, a selection from the list of the plurality of requesting computers, thereby providing a selected requesting computer;
  
  causing a plurality of settings, which represent a set of rules that control which authorization request messages from the selected requesting computer are forwarded to the transport computer, to be displayed at the client computer, wherein the plurality of settings are modifiable by the administrator and comprise a first setting that references one or more attributes that distinguish a subset of authorization request messages from other authorization request messages;
  
  responsive to receiving a first selection of the first setting from the client computer, accessing the database to modify the set of rules in accordance with the plurality of settings;
  
  receiving a first authorization request message that is characterized by the one or more attributes from the selected requesting computer;
  
  responsive to receiving the first authorization request message;
  
  using the first authorization request message to access, from the database, the set of rules that control which authorization request messages from the selected requesting computer are forwarded to the transport computer; and
  
  processing the first authorization request message in accordance with the set of rules, which comprises processing the first authorization request message in accordance with a first protocol in response to determining that the first authorization request message is characterized by the one or more attributes; and
  
  wherein processing the first authorization request message in accordance with the first protocol comprises transmitting an authorization response message to the selected requesting computer without forwarding the first authorization request message to the transport computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the authorization response message indicates that a request to access a resource for which the first authorization request message was transmitted is declined.
  - 3. The method of claim 1:
    - wherein the plurality of settings further comprises a second setting that references user identifiers that are assigned by a resource computer that is associated with the transport computer; and
      
      wherein the method further comprises;
      
      responsive to receiving a second selection of the second setting from the client computer, accessing the database to modify the set of rules in accordance with the plurality of settings;
      
      receiving, from the selected requesting computer, a second authorization request message that is transmitted on behalf of a request to access a resource that is associated with a user identifier that is assigned by the resource computer; and
      
      responsive to receiving the second authorization request message, processing the second authorization request message in accordance with the set of rules, which comprises processing the second authorization request message in accordance with a second protocol in response to determining that the request is associated with the user identifier that is assigned by the resource computer.
  - 4. The method of claim 3:
    - wherein prior to receiving the second selection of the second setting from the client computer, the method further comprises;
      
      receiving, from the client computer, one or more identification numbers that are associated with the resource computer; and
      
      storing the one or more identification numbers within the database; and
      
      wherein determining that the user identifier is issued by the resource computer comprises determining that the user identifier comprises one of the one or more identification numbers.
  - 5. The method of claim 3, wherein processing the second authorization request message in accordance with the second protocol comprises:
    - transmitting the second authorization request message to the resource computer;
      
      receiving an authorization response message from the resource computer, the authorization response message indicating whether the request is authorized by the resource computer; and
      
      transmitting the authorization response message to the selected requesting computer.
  - 6. The method of claim 1, wherein the list of the requesting computers displays, for at least one of the plurality of requesting computers, at least one of the following:
    - an identifier of a venue associated with the requesting computer; and
      
      a name of the venue associated with the requesting computer.
  - 7. The method of claim 2, wherein the method further comprises:
    - receiving, from the client computer, one or more identification numbers;
      
      storing the one or more identification numbers within the database;
      
      receiving, from the selected requesting computer, a second authorization request message that is transmitted on behalf of another request to access a resource, the other request being associated with a user identifier that comprises one of the one or more identification numbers; and
      
      responsive to receiving the second authorization request message, processing the second authorization request message in accordance with the first protocol in response to determining that the user identifier comprises one of the one or more identification numbers.
  - 8. The method of claim 2, wherein the method further comprises:
    - receiving, from the client computer, one or more user identifiers;
      
      storing the one or more user identifiers within the database;
      
      receiving, from the selected requesting computer, a second authorization request message that is transmitted on behalf of another request to access a resource, the other request being associated with one of the one or more user identifiers; and
      
      responsive to receiving the second authorization request message, processing the second authorization request message in accordance with the first protocol in response to determining that the other request is associated with one of the one or more user identifiers.

9. A server computer comprising:
- a computer processor; and
  
  a computer-readable medium coupled to the computer processor, the computer-readable medium including code executable by the computer processor for performing a method comprising;
  
  receiving, from a client computer operated by an administrator, credential data of the administrator, the administrator corresponding to a transport computer;
  
  using the credential data to access a database to retrieve a plurality of requesting computers that have been registered with the transport computer, wherein, for each of the plurality of requesting computers, the transport computer is networked to the requesting computer and configured to process authorization request messages for the requesting computer;
  
  causing a list of the plurality of requesting computers to be displayed at the client computer;
  
  receiving, from the client computer, a selection from the list of the plurality of requesting computers, thereby providing a selected requesting computer;
  
  causing a plurality of settings, which represent a set of rules that control which authorization request messages from the selected requesting computer are forwarded to the transport computer, to be displayed at the client computer, wherein the plurality of settings are modifiable by the administrator and comprise a first setting that references one or more attributes that distinguish a subset of authorization request messages from other authorization request messages;
  
  responsive to receiving a first selection of the first setting from the client computer, accessing the database to modify the set of rules in accordance with the plurality of settings;
  
  receiving a first authorization request message that is characterized by the one or more attributes from the selected requesting computer;
  
  responsive to receiving the first authorization request message;
  
  using the first authorization request message to access, from the database, the set of rules that control which authorization request messages from the selected requesting computer are forwarded to the transport computer; and
  
  processing the first authorization request message in accordance with the set of rules, which comprises processing the first authorization request message in accordance with a first protocol in response to determining that the first authorization request message is characterized by the one or more attributes; and
  
  wherein processing the first authorization request message in accordance with the first protocol comprises transmitting an authorization response message to the selected requesting computer without forwarding the first authorization request message to the transport computer.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The server computer of claim 9, wherein the authorization response message indicates that a request to access a resource for which the first authorization request message was transmitted is declined.
  - 11. The server computer of claim 9:
    - wherein the plurality of settings further comprises a second setting that references user identifiers that are assigned by a resource computer that is associated with the transport computer;
      
      wherein the method further comprises;
      
      responsive to receiving a second selection of the second setting from the client computer, accessing the database to modify the set of rules in accordance with the plurality of settings;
      
      receiving, from the selected requesting computer, a second authorization request message that is transmitted on behalf of a request to access a resource that is associated with a user identifier that is assigned by the resource computer;
      
      responsive to receiving the second authorization request message, processing the second authorization request message in accordance with the set of rules, which comprises processing the second authorization request message in accordance with a second protocol in response to determining that the request is associated with using the user identifier that is assigned by the resource computer.
  - 12. The server computer of claim 11:
    - wherein prior to receiving the second selection of the second setting from the client computer, the method further comprises;
      
      receiving, from the client computer, one or more identification numbers that are associated with the resource computer; and
      
      storing the one or more identification numbers within the database; and
      
      wherein determining that the user identifier is assigned by the resource computer comprises determining that the user identifier comprises one of the one or more identification numbers.
  - 13. The server computer of claim 11, wherein processing the second authorization request message in accordance with the second protocol comprises:
    - transmitting the second authorization request message to the resource computer;
      
      receiving an authorization response message from the resource computer, the authorization response message indicating whether the request is authorized by the resource computer; and
      
      transmitting the authorization response message to the selected requesting computer.
  - 14. The server computer of claim 9, wherein the list of the requesting computers displays, for at least one of the plurality of requesting computers, at least one of the following:
    - an identifier of a venue associated with the requesting computer; and
      
      a name of the venue associated with the requesting computer.
  - 15. The server computer of claim 10, wherein the method further comprises:
    - receiving, from the client computer, one or more identification numbers;
      
      storing the one or more identification numbers within the database;
      
      receiving, from the selected requesting computer, a second authorization request message that is transmitted on behalf of another request to access a resource, the other request being associated with a user identifier that comprises one of the one or more identification numbers; and
      
      responsive to receiving the second authorization request message, processing the second authorization request message in accordance with the first protocol in response to determining that the user identifier comprises one of the one or more identification numbers.
  - 16. The server computer of claim 10, wherein the method further comprises:
    - receiving, from the client computer, one or more user identifiers;
      
      storing the one or more user identifiers within the database;
      
      receiving, from the selected requesting computer, a second authorization request message that is transmitted on behalf of another request to access a resource, the other request being associated with one of the one or more user identifiers; and
      
      responsive to receiving the second authorization request message, processing the second authorization request message in accordance with the first protocol in response to determining that the other request is associated with one of the one or more user identifiers.

17. A non-transitory machine-readable tangible storage medium embodying information indicative of instructions for causing one or more machines to perform operations comprising:
- receiving, from a client computer operated by an administrator, credential data of the administrator, the administrator corresponding to a transport computer;
  
  using the credential data to access a database to retrieve a plurality of requesting computers that have been registered with the transport computer, wherein, for each of the plurality of requesting computers, the transport computer is networked to the requesting computer and configured to process authorization request messages for the requesting computer;
  
  causing a list of the plurality of requesting computers to be displayed at the client computer;
  
  receiving, from the client computer, a selection from the list of the plurality of requesting computers, thereby providing a selected requesting computer;
  
  causing a plurality of settings, which represent a set of rules that control which authorization request messages from the selected requesting computer are forwarded to the transport computer, to be displayed at the client computer, wherein the plurality of settings are modifiable by the administrator and comprise a first setting that references one or more attributes that distinguish a subset of authorization request messages from other authorization request messages;
  
  responsive to receiving a first selection of the first setting from the client computer, accessing the database to modify the set of rules in accordance with the plurality of settings;
  
  receiving a first authorization request message that is characterized by the one or more attributes from the selected requesting computer;
  
  responsive to receiving the first authorization request message;
  
  using the first authorization request message to access, from the database, the set of rules that control which authorization request messages from the selected requesting computer are forwarded to the transport computer; and
  
  processing the first authorization request message in accordance with the set of rules, which comprises processing the first authorization request message in accordance with a first protocol in response to determining that the first authorization request message is characterized by the one or more attributes; and
  
  wherein processing the first authorization request message in accordance with the first protocol comprises transmitting an authorization response message to the selected requesting computer without forwarding the first authorization request message to the transport computer.
- View Dependent Claims (18, 19, 20)
- - 18. The non-transitory machine-readable tangible storage medium of claim 17, wherein the authorization response message indicates that a request to access a resource for which the first authorization request message was transmitted is declined.
  - 19. The non-transitory machine-readable tangible storage medium of claim 18:
    - wherein the plurality of settings further comprises a second setting that references user identifiers that are assigned by a resource computer that is associated with the transport computer; and
      
      wherein the operations further comprise;
      
      responsive to receiving a second selection of the second setting from the client computer, accessing the database to modify the set of rules in accordance with the plurality of settings;
      
      receiving, from the selected requesting computer, a second authorization request message that is transmitted on behalf of a request to access a resource that is associated with a user identifier that is assigned by the resource computer; and
      
      responsive to receiving the second authorization request message, processing the second authorization request message in accordance with the set of rules, which comprises processing the second authorization request message in accordance with a second protocol in response to determining that the request is associated with the user identifier that is assigned by the resource computer.
  - 20. The non-transitory machine-readable tangible storage medium of claim 19:
    - wherein prior to receiving the second selection of the second setting from the client computer, the operations further comprise;
      
      receiving, from the client computer, one or more identification numbers that are associated with the resource computer; and
      
      storing the one or more identification numbers within the database; and
      
      wherein determining that the user identifier is issued by the resource computer comprises determining that the user identifier comprises one of the one or more identification numbers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Burke, Keith, Wood, Nathan, Kumar, Sanjeeva
Primary Examiner(s)
Mehrmanesh, Amir

Application Number

US15/289,848
Publication Number

US 20180103038A1
Time in Patent Office

1,030 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/9038   Presentation of query results

G06F 16/951   Indexing; Web crawling tech...

G06Q 20/4016   involving fraud or risk lev...

G06Q 20/405   Establishing or using trans...

H04L 63/0853   using an additional device,...

H04L 63/101   Access control lists [ACL]

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/20   for managing network securi...

Rule management user interface

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Rule management user interface

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links