Method and system for performing a transaction using a dynamic authorization code
First Claim
Patent Images
1. A method for authorizing a transaction over a transaction network employing a standardized message format having a data portion reserved for a static PIN, comprising:
- receiving dynamic code data based on a dynamic code;
preparing a transaction message in said standardized message format, said dynamic code data inserted in said data portion reserved for said static PIN;
transmitting said traction message to an authorization entity over a communications link;
receiving a response from said authorization entity; and
authorizing a transaction in response to said receiving step.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for conducting a transaction involving transmission of a dynamic authentication code in place of a static PIN block using currently existing messaging standards or PIN acceptance devices. Minimal changes to existing processes an equipment are made while greatly improving security and fraud minimization.
-
Citations
12 Claims
-
1. A method for authorizing a transaction over a transaction network employing a standardized message format having a data portion reserved for a static PIN, comprising:
-
receiving dynamic code data based on a dynamic code;
preparing a transaction message in said standardized message format, said dynamic code data inserted in said data portion reserved for said static PIN;
transmitting said traction message to an authorization entity over a communications link;
receiving a response from said authorization entity; and
authorizing a transaction in response to said receiving step. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for authorizing a transaction over a transaction network employing a standardized message format having a data portion reserved for a static PIN, comprising:
-
making available to an account holder a code generating device;
receiving a transaction message in said standardized message format, said message including dynamic code data based on a dynamic code provided by said code generating device, said dynamic code data inserted in said data portion reserved for said static PIN, and said message including account data;
using at least said received account data to determine expected dynamic code data;
comparing said received dynamic code data to said expected dynamic code data; and
authorizing a transaction in response to said comparing step. - View Dependent Claims (7, 8, 10)
-
-
9. The method of 8 wherein said retrieving from an account database includes retrieving a counter value associated with said code generating device.
-
11. A system for authorizing a transaction, comprising:
-
a transaction network employing a standardized message format having a data portion reserved for a static PIN;
a dynamic code generator for generating a dynamic code;
an account database storing information regarding one or more account;
a receiver for receiving a transaction message in said standardized message format, said message having said dynamic code inserted in said data portion reserved for said static PIN, and said message including account data; and
a processor for (a) retrieving, using said account data, account information from said account database, (b) determining an expected dynamic code based on at least said retrieved account information, (c) comparing said received dynamic code to said expected dynamic code, and (d) authorizing a transaction in response to said comparing. - View Dependent Claims (12)
-
Specification