Transaction verification system
First Claim
1. A financial transaction verification system comprising:
- a transaction processing client;
a transaction processing server under the control of a financial services provider;
a programmable telecommunications client under the control of a transaction initiator;
the transaction processing client, the transaction processing server and the telecommunications client all being connected to or adapted for connection to a telecommunications network;
the transaction processing client being adapted, when in use a transaction is initiated and processed through the transaction processing client, to record;
data pertaining to a transaction initiated, in use, by the transaction initiator; and
data pertaining to a financial account of the transaction initiator with the financial services provider;
the transaction processing client being adapted to transmit the recorded data to the transaction processing server by way of the telecommunications network;
the transaction processing server being adapted to make use of data pertaining to the transaction initiator and the telecommunications client previously stored with the financial services provider to formulate a transaction authorisation request to the telecommunications client;
the transaction processing server being adapted to transmit the transaction authorisation request to the telecommunications client by way of the telecommunications network;
the telecommunications client being programmed to require the entry of an authorisation code into the telecommunications client as a precondition for the further processing of the transaction authorisation request; and
the telecommunications client being programmed, further, to transmit a process outcome message to either or both the transaction processing server and the transaction processing client, which process outcome message;
if the incorrect authorisation code is entered, is constituted by a transaction cancellation signal; and
if the correct authorisation code is entered, is constituted by a transaction authorisation signal.
0 Assignments
0 Petitions
Accused Products
Abstract
This invention uses separate, parallel communication channels to authorise and authenticate a transaction. A primary data channel (PSTN, radio or the like) is used to communicate between the merchant terminal and the bank, and a parallel data channel (a mobile phone network for instance) is used for the authentication process. In the example, the transaction is initiated (on a primary data channel), using a POS terminal as a transaction processing client. The transaction processing server and financial services provider fulfill their normal functions. At this point, the process loops into a transaction authorisation component using the parallel data channel, that requires authentication of the transaction initiator (the card holder). In the example, communications on the parallel data channel are by way of SMS. In the authorisation process, the card holder receives an SMS requesting authorisation of the transaction. If the card holder is not the transaction initiator, the card holder can cancel the transaction. If the transaction can be authorised, an authentication process is initiated in which the mobile phone is programmed to require the entry of a normally secret code (such as a personal identification number (PIN)) that serves to authenticate the card holder and to give final authorisation of the transaction.
-
Citations
16 Claims
-
1. A financial transaction verification system comprising:
-
a transaction processing client;
a transaction processing server under the control of a financial services provider;
a programmable telecommunications client under the control of a transaction initiator;
the transaction processing client, the transaction processing server and the telecommunications client all being connected to or adapted for connection to a telecommunications network;
the transaction processing client being adapted, when in use a transaction is initiated and processed through the transaction processing client, to record;
data pertaining to a transaction initiated, in use, by the transaction initiator; and
data pertaining to a financial account of the transaction initiator with the financial services provider;
the transaction processing client being adapted to transmit the recorded data to the transaction processing server by way of the telecommunications network;
the transaction processing server being adapted to make use of data pertaining to the transaction initiator and the telecommunications client previously stored with the financial services provider to formulate a transaction authorisation request to the telecommunications client;
the transaction processing server being adapted to transmit the transaction authorisation request to the telecommunications client by way of the telecommunications network;
the telecommunications client being programmed to require the entry of an authorisation code into the telecommunications client as a precondition for the further processing of the transaction authorisation request; and
the telecommunications client being programmed, further, to transmit a process outcome message to either or both the transaction processing server and the transaction processing client, which process outcome message;
if the incorrect authorisation code is entered, is constituted by a transaction cancellation signal; and
if the correct authorisation code is entered, is constituted by a transaction authorisation signal. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of verifying a financial transaction comprising the steps of:
-
initiating a transaction at a transaction processing client;
recording, by means of the transaction processing client, data pertaining to the transaction together with data pertaining to a financial account of the transaction initiator with a financial services provider;
transmitting the data so recorded from the transaction processing client to a transaction processing server under control of the financial services provider, by way of a telecommunications network, supplying, to the transaction processing server, data previously stored with the financial services provider and pertaining to a telecommunications client which is under the control of the transaction initiator;
transmitting an authorisation request pertaining to the initiated transaction to the telecommunications client;
requiring, on receipt of such a transaction authorisation request, the entry into the telecommunications client, of an authorisation code as a precondition for the further processing of the transaction authorisation request;
transmitting a process outcome message to either or both the transaction processing server and the transaction processing client, which process outcome message;
if the incorrect authorisation code is entered, is constituted by a transaction cancellation signal ; and
if the correct authorisation code is entered, is constituted by a transaction authorisation signal. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
Specification