Systems and methods for secure authentication of transactions initiated at a client device
First Claim
1. A method for authenticating a cardholder for a candidate purchase using an authentication system including an authentication computing device and a merchant device associated with a merchant, the authentication computing device in communication with a memory, the method comprising:
- receiving, by the authentication computing device, an authentication profile associated with the cardholder during an enrollment process for an authentication service;
storing the authentication profile within the memory;
transmitting, to a user device associated with the cardholder, by the merchant device, a purchase request notification prompting the cardholder to review the candidate purchase, wherein the candidate purchase is initiated by an initiator at a client device;
receiving, from the user device, at the merchant device, a cardholder response to the purchase request notification, the cardholder response indicating that the cardholder approves the candidate purchase and that the initiator is authorized by the cardholder to make the candidate purchase;
sending, in response to the cardholder response, by the merchant computing device via a payment processing network, to the authentication computing device, an authentication request for the candidate purchase over a first communication link;
retrieving, by the authentication computing device, in response to the authentication request, the stored authentication profile from the memory;
generating, by the authentication computing device in response to the authentication request, a challenge message based on the stored authentication profile;
transmitting, by the authentication computing device, the challenge message to the user device associated with the cardholder over a second communication link to authenticate the cardholder for the candidate purchase, the first communication link different than the second communication link, the user device different than the client device, wherein the challenge message is configured to cause the user device to request a paired device to collect authentication information and transmit the collected authentication information to the user device;
receiving, by the authentication computing device, a challenge response including authentication information associated with the cardholder collected from the user device;
comparing, by the authentication computing device, the collected authentication information to the stored authentication profile; and
transmitting, by the authentication computing device, to an issuer device, a notification that the cardholder for the candidate purchase is authenticated based on the comparison.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for authenticating a cardholder for a candidate purchase using an authentication computing device in communication with a memory is provided. The method includes receiving an authentication profile associated with the cardholder during an enrollment process for an authentication service, storing the authentication profile within the memory, and receiving an authentication request for the candidate purchase over a first communication link. The candidate purchase is initiated at a client device. The method further includes retrieving the stored authentication profile from the memory, generating a challenge message based on the stored authentication profile, transmitting the challenge message to a user device over a second communication link, receiving a challenge response including authentication information collected from the user device, comparing the collected authentication information to the stored authentication profile, and authenticating the cardholder for the candidate purchase based on the comparison.
-
Citations
20 Claims
-
1. A method for authenticating a cardholder for a candidate purchase using an authentication system including an authentication computing device and a merchant device associated with a merchant, the authentication computing device in communication with a memory, the method comprising:
-
receiving, by the authentication computing device, an authentication profile associated with the cardholder during an enrollment process for an authentication service; storing the authentication profile within the memory; transmitting, to a user device associated with the cardholder, by the merchant device, a purchase request notification prompting the cardholder to review the candidate purchase, wherein the candidate purchase is initiated by an initiator at a client device; receiving, from the user device, at the merchant device, a cardholder response to the purchase request notification, the cardholder response indicating that the cardholder approves the candidate purchase and that the initiator is authorized by the cardholder to make the candidate purchase; sending, in response to the cardholder response, by the merchant computing device via a payment processing network, to the authentication computing device, an authentication request for the candidate purchase over a first communication link; retrieving, by the authentication computing device, in response to the authentication request, the stored authentication profile from the memory; generating, by the authentication computing device in response to the authentication request, a challenge message based on the stored authentication profile; transmitting, by the authentication computing device, the challenge message to the user device associated with the cardholder over a second communication link to authenticate the cardholder for the candidate purchase, the first communication link different than the second communication link, the user device different than the client device, wherein the challenge message is configured to cause the user device to request a paired device to collect authentication information and transmit the collected authentication information to the user device; receiving, by the authentication computing device, a challenge response including authentication information associated with the cardholder collected from the user device; comparing, by the authentication computing device, the collected authentication information to the stored authentication profile; and transmitting, by the authentication computing device, to an issuer device, a notification that the cardholder for the candidate purchase is authenticated based on the comparison. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An authentication system for authenticating a cardholder for a candidate purchase associated with the cardholder, the authentication system comprising an authentication computing device and a merchant device associated with a merchant, wherein:
-
the authentication computing device is programmed to; receive an authentication profile associated with the cardholder during an enrollment process for an authentication service; and store the authentication profile within the memory; the merchant device is programmed to; transmit, to a user device associated with the cardholder a purchase request notification prompting the cardholder to review the candidate purchase, wherein the candidate purchase is initiated by an initiator at a client device; receive, from the user device, a cardholder response to the purchase request notification, the cardholder response indicating that the cardholder approves the candidate purchase and that the initiator is authorized by the cardholder to make the candidate purchase; and send, in response to the cardholder response, via a payment processing network, to the authentication computing device, an authentication request for the candidate purchase over a first communication link; and the authentication computing device is further programmed to; retrieve, in response to the authentication request, the stored authentication profile from the memory; generate, in response to the authentication request, a challenge message based on the stored authentication profile; transmit the challenge message to the user device associated with the cardholder over a second communication link to authenticate the cardholder for the candidate purchase, the first communication link different from the second communication link, the user device different than the client device, wherein the challenge message is configured to cause the user device to request a paired device to collect authentication information and transmit the collected authentication information to the user device; receive a challenge response including an authentication profile associated with the cardholder collected from the user device; compare the collected authentication profile to the stored authentication profile; and transmit, to an issuer device, a notification that the cardholder for the candidate purchase is authenticated based on the comparison. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. Non-transitory computer-readable storage media for authenticating a cardholder for a candidate purchase associated with the cardholder, the computer-readable storage media having a first set of computer-executable instructions embodied thereon for execution by an authentication computing device, and a second set of computer-executable instructions embodied thereon for execution by a merchant device associated with a merchant, wherein, when executed by the authentication computing device, the first set of computer-executable instructions cause the authentication computing device to:
-
receive authentication profile associated with the cardholder from the cardholder during an enrollment process for an authentication service; and store the authentication profile in a memory in communication with the processor; and wherein the second set of computer-executable instructions, when executed by the merchant device, cause the merchant device to; transmit, to a user device associated with the cardholder, a purchase request notification prompting the cardholder to review the candidate purchase, wherein the candidate purchase is initiated by an initiator at a client device; receive, from the user device, a cardholder response to the purchase request notification, the cardholder response indicating that the cardholder approves the candidate purchase and that the initiator is authorized by the cardholder to make the candidate purchase; and send, in response to the cardholder response, via a payment processing network, to the authentication computing device, an authentication request for the candidate purchase over a first communication link; and wherein the first set of computer-executable instructions, when executed by the authentication computing device, further cause the authentication computing device to; retrieve, in response to the authentication request, the stored authentication profile associated with the cardholder from the memory; generate, in response to the authentication request, a challenge message based on the stored authentication profile; transmit the challenge message to the user device associated with the cardholder over a second communication link to authenticate the cardholder for the candidate purchase, the first communication link different from the second communication link, the user device different than the client device, wherein the challenge message is configured to cause the user device to request a paired device to collect authentication information and transmit the collected authentication information to the user device; receive a challenge response including an authentication profile associated with the cardholder collected from the user device; compare the collected authentication profile to the stored authentication profile; and transmit, to an issuer device, a notification that the cardholder for the candidate purchase based on the comparison. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification