Portable Consumer Device Verification System

US 20080040271A1
Filed: 06/18/2007
Published: 02/14/2008
Est. Priority Date: 06/19/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving an authorization request message associated with a transaction conducted using a portable consumer device, wherein the portable consumer device comprises a portable consumer device fingerprint, and wherein the authorization request message comprises an altered portable consumer device fingerprint and an algorithm identifier;

selecting an algorithm from among a plurality of algorithms using the algorithm identifier;

determining the portable consumer device fingerprint using selected algorithm and the altered portable consumer device fingerprint;

determining if the portable consumer device fingerprint matches a stored portable consumer device fingerprint; and

sending an authorization response message after determining if the portable consumer device fingerprint matches the stored portable consumer device fingerprint.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for verifying a portable consumer device. The method includes receiving an authorization request message associated with a transaction conducted using a portable consumer device. The portable consumer device includes a portable consumer device fingerprint. The authorization request message includes an altered portable consumer device fingerprint and an algorithm identifier. The method also includes selecting an algorithm from among a plurality of algorithms using the algorithm identifier, determining the portable consumer device fingerprint using selected algorithm and the altered portable consumer device fingerprint, determining if the portable consumer device fingerprint matches a stored portable consumer device fingerprint, and sending an authorization response message after determining if the portable consumer device fingerprint matches the stored portable consumer device fingerprint.

Citations

40 Claims

1. A method comprising:
- receiving an authorization request message associated with a transaction conducted using a portable consumer device, wherein the portable consumer device comprises a portable consumer device fingerprint, and wherein the authorization request message comprises an altered portable consumer device fingerprint and an algorithm identifier;
  
  selecting an algorithm from among a plurality of algorithms using the algorithm identifier;
  
  determining the portable consumer device fingerprint using selected algorithm and the altered portable consumer device fingerprint;
  
  determining if the portable consumer device fingerprint matches a stored portable consumer device fingerprint; and
  
  sending an authorization response message after determining if the portable consumer device fingerprint matches the stored portable consumer device fingerprint.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1 wherein the altered portable consumer device fingerprint was formed an at access device at a merchant.
  - 3. The method of claim 2 wherein the stored portable consumer device fingerprint is stored in a database, which also stores an account number associated with the portable consumer device.
  - 4. The method of claim 1 wherein the portable consumer device is a payment card comprising a magnetic stripe, wherein the portable consumer device fingerprint is a magnetic stripe fingerprint.
  - 5. The method of claim 1 wherein the algorithm is a key used in an encryption process.
  - 6. The method of claim 1 wherein the authorization request message further comprises an account number associated with the portable consumer device and a transaction amount associated with the transaction.
  - 7. The method of claim 1 further comprising receiving the authorization response message from an issuer of the portable consumer device before sending the authorization response message.
  - 8. A computer readable medium comprising code for performing the method of claim 1.
  - 9. The computer readable medium of claim 8 wherein the portable consumer device is a payment card comprising a magnetic stripe, wherein the portable consumer device fingerprint is a magnetic stripe fingerprint
  - 10. A server computer comprising the computer readable medium of claim 8.

11. A system comprising:
- means for receiving an authorization request message associated with a transaction conducted using a portable consumer device, wherein the portable consumer device comprises a portable consumer device fingerprint, and wherein the authorization request message comprises an altered portable consumer device fingerprint and an algorithm identifier;
  
  means for selecting an algorithm from among a plurality of algorithms using the algorithm identifier;
  
  means for determining the portable consumer device fingerprint using selected algorithm and the altered portable consumer device fingerprint;
  
  means for determining if the portable consumer device fingerprint matches a stored portable consumer device fingerprint; and
  
  means for sending an authorization response message after determining if the portable consumer device fingerprint matches the stored portable consumer device fingerprint.

12. A method comprising:
- sending an authorization request message associated with a transaction conducted using a portable consumer device, wherein the portable consumer device comprises a portable consumer device fingerprint, and wherein the authorization request message comprises an altered portable consumer device fingerprint and an algorithm identifier, wherein an algorithm is selected from among a plurality of algorithms using the algorithm identifier, the portable consumer device fingerprint is determined using selected algorithm and the altered portable consumer device fingerprint, and a server computer determines if the portable consumer device fingerprint matches a stored portable consumer device fingerprint; and
  
  receiving an authorization response message, wherein the authorization response message indicates whether or not the transaction is approved.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The method of claim 12 wherein the authorization request message comprises an account number.
  - 14. The method of claim 12 wherein the portable consumer device is a phone.
  - 15. The method of claim 12 wherein the portable consumer device is a payment card comprising a magnetic stripe, wherein the portable consumer device fingerprint is a magnetic stripe fingerprint.
  - 16. The method of claim 12 wherein the algorithm is a key associated with an encryption process.
  - 17. The method of claim 12 wherein the transaction is a payment transaction.
  - 18. A computer readable medium comprising code for performing the method of claim 12.
  - 19. An access device comprising the computer readable medium of claim 18.
  - 20. The access device of claim 19 wherein the access device is a point of sale terminal.

21. A method comprising:
- receiving an authorization request message, wherein the authorization request message is generated after an interaction between a portable consumer device and an access device;
  
  analyzing the authorization request message for one or more characteristics or the portable consumer device or the access device to determine if a confidence threshold is met or exceeded; and
  
  if the confidence threshold is not exceeded, performing additional authentication processing.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 22. The method of claim 21 wherein the one or more characteristics of the portable consumer device include a particular portable consumer device used.
  - 23. The method of claim 21 wherein the one or more characteristics of the access device include a particular algorithm used to alter a portable consumer device fingerprint associated with the portable consumer device.
  - 24. The method of claim 23 wherein analyzing the authorization request message comprises analyzing at least one characteristic of the access device and at least one characteristic of the portable consumer device to determine if the confidence threshold is met or exceeded.
  - 25. The method of claim 24 wherein the one or more characteristics of the access device include a particular algorithm present in the access device
  - 26. The method of claim 24 wherein the portable consumer device is a payment card.
  - 27. The method of claim 24 wherein the portable consumer device is a phone.
  - 28. The method of claim 24, wherein the method further comprises:
    - sending an authorization response message to the consumer without performing additional authentication processing if the confidence threshold is met.
  - 29. The method of claim 21 wherein the additional authentication processing comprises sending the consumer a message to a phone operated by a consumer or to an access device used to conduct the transaction, wherein the message indicates that the transaction is occurring.
  - 30. The method of claim 29 wherein the transaction is a payment transaction.

31. A system comprising:
- means for receiving an authorization request message, wherein the authorization request message is generated after an interaction between a portable consumer device and an access device;
  
  means for analyzing the authorization request message for one or more characteristics or the portable consumer device or the access device to determine if a confidence threshold is met or exceeded; and
  
  means for performing additional authentication processing if the confidence threshold is not exceeded.
- View Dependent Claims (32, 33, 34, 35)
- - 32. The system of claim 31 wherein the one or more characteristics of the portable consumer device include a particular portable consumer device.
  - 33. The system of claim 31 wherein the one or more characteristics of the access device include a particular algorithm in the access device.
  - 34. The system of claim 31 wherein the means for analyzing the authorization request message comprises means for analyzing at least one characteristic of the access device and at least one characteristic of the portable consumer device.
  - 35. The system of claim 31 wherein the portable consumer device is a payment card.

36. A system comprising:
- a server computer comprising a processor; and
  
  computer readable medium comprising code for receiving an authorization request message, wherein the authorization request message is generated after an interaction between a portable consumer device and an access device, code for analyzing the authentication request message for one or more characteristics of the portable consumer device or the access device to determine if a confidence threshold is met or exceeded, and code for performing additional authentication processing if the confidence threshold is not exceeded.
- View Dependent Claims (37, 38, 39, 40)
- - 37. The system of claim 36 further comprising an access device in operative communication with the server computer.
  - 38. The system of claim 37 wherein the access device is a POS terminal.
  - 39. The system of claim 36 wherein the one or more characteristics of the access device includes a particular algorithm that is used by the access device to encrypt data from the portable consumer device.
  - 40. The system of claim 36 wherein the one or more characteristics comprises of the portable consumer device includes a particular portable consumer device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa USA, Inc. (Visa, Inc.)
Original Assignee
Visa USA, Inc. (Visa, Inc.)
Inventors
Faith, Patrick, Hammad, Ayman

Granted Patent

US 7,819,322 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/41
CPC Class Codes

G06Q 20/085   involving remote charge det...

G06Q 20/105   involving programming of a ...

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/204   comprising interface for re...

G06Q 20/367   involving electronic purses...

G06Q 20/3672   initialising or reloading t...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/3829   involving key management

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 2220/00   Business processing using c...

G06Q 30/06   Buying, selling or leasing ...

G06Q 40/00   Finance; Insurance; Tax str...

H04L 2209/56   Financial cryptography, e.g...

H04L 9/3271   using challenge-response

Portable Consumer Device Verification System

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

40 Claims

Specification

Solutions

Use Cases

Quick Links

Portable Consumer Device Verification System

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

40 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links