Method and system for conducting secure payments over a computer network
First Claim
1. A method of conducting a transaction using a payment network, comprising:
- (a) receiving by a service provider a first authorization request for the authorization of a transaction using a first payment account number, wherein;
(i) the first payment account number has a first BIN code associated with the service provider and is associated with a second payment account number having a second BIN code associated with an issuer of said second number, said second payment account number not being included in said first authorization request;
(ii) the first authorization request includes a first acquirer code associated with an acquirer; and
(iii) the first authorization request is routable through the payment network to the service provider based on said first BIN code;
(b) responsive to the first authorization request, transmitting by the service provider a second authorization request for authorization of the transaction using the second payment account number, the second authorization request including a second acquirer code associated with the service provider and being routable through the payment network to the issuer based on said second BIN code;
(c) receiving a response to the second authorization request by the service provider from the issuer, the response including the second acquirer code and being routable through the payment network based on that code; and
(d) transmitting a response to the first authorization request by the service provider to the acquirer based on the response to the second authorization request, the response to the first authorization request including the first acquirer code and being routable through the payment network based on that code.
0 Assignments
0 Petitions
Accused Products
Abstract
A method is provided for conducting a financial transaction by a purchaser with a merchant having an acquirer bank, over a communications network. The method includes the steps of sending a first authorization request using a pseudo account number associated with a real account number to a service provider which forwards a second authorization request to the issuer using the real account number and preferably a pseudo acquirer code associated with the service provider such that the response to the second request is based on the real account number and sent back to the service provider who preferably forwards a response to the first request preferably to the “real” acquirer. A message authentication code is further provided which includes transaction data, and where the authorization request is formatted as a standard payment card track having one or more fields including a discretionary field in which the message authentication code is placed.
-
Citations
13 Claims
-
1. A method of conducting a transaction using a payment network, comprising:
-
(a) receiving by a service provider a first authorization request for the authorization of a transaction using a first payment account number, wherein;
(i) the first payment account number has a first BIN code associated with the service provider and is associated with a second payment account number having a second BIN code associated with an issuer of said second number, said second payment account number not being included in said first authorization request;
(ii) the first authorization request includes a first acquirer code associated with an acquirer; and
(iii) the first authorization request is routable through the payment network to the service provider based on said first BIN code;
(b) responsive to the first authorization request, transmitting by the service provider a second authorization request for authorization of the transaction using the second payment account number, the second authorization request including a second acquirer code associated with the service provider and being routable through the payment network to the issuer based on said second BIN code;
(c) receiving a response to the second authorization request by the service provider from the issuer, the response including the second acquirer code and being routable through the payment network based on that code; and
(d) transmitting a response to the first authorization request by the service provider to the acquirer based on the response to the second authorization request, the response to the first authorization request including the first acquirer code and being routable through the payment network based on that code. - View Dependent Claims (2, 3, 4)
-
-
5. A method of conducting a transaction with a merchant over a communications network using a first payment account number that is associated with a second payment account number, the method comprising:
-
(a) generating a message authentication code based on one or more transaction details;
(b) transmitting at least the first payment account number and the message authentication code to the merchant;
(c) requesting by the merchant an authorization for payment of the transaction using the first payment account number, the request being formatted as if payment were tendered at a point-of-sale terminal with a conventional magnetic-stripe payment card, the format having a track with at least a discretionary data field and said message authentication code being transmitted in said discretionary data field;
(d) responsive to the authorization request for the first payment account number, requesting an authorization for payment of the transaction using the second payment account number; and
(e) accepting or declining the authorization request for the first payment account number based on the response to the authorization request for the second payment account number and the message authentication code. - View Dependent Claims (6, 7, 8)
-
-
9. A method of conducting a transaction over a communications network comprising:
-
issuing by an issuer having an issuer BIN a first payment account number to a user having a computer, said issuer BIN being associated with said first payment account number;
providing a security module for generating a secret key unique to each first account number issued;
generating a second account number associated with said first payment account number;
providing a secure payment application by a service provider to said computer, said application comprising said second account number and said secret key;
storing said secure payment application on said computer;
selecting a merchant with whom to conduct said financial transaction, said merchant having an associated acquirer BIN;
passing to said computer transaction data;
generating a message authentication code based on said transaction data;
transmitting track data to said merchant, said track data comprising said message authentication code and said second account number;
generating a first authorization request based on said data;
transmitting said first request to said service provider;
verifying said first request with said secret key;
obtaining said first payment account number associated with said second account number;
transmitting a second authorization request using said first payment account number to said issuer BIN associated with said number; and
authorizing or rejecting said second request. - View Dependent Claims (10, 11, 12, 13)
-
Specification