System, Method, and Computer-Readable Medium for Mobile Payment Authentication and Authorization

US 20080103984A1
Filed: 09/14/2007
Published: 05/01/2008
Est. Priority Date: 10/30/2006
Status: Abandoned Application

First Claim

Patent Images

1. A method of electronic commerce, comprising:

maintaining authentication information of a user in association with purchase authorization information of the user, wherein authentication and authorization information of a plurality of users is maintained in association with a common subscriber account;

receiving an identifier of a product to be purchased at a remote location by the user;

performing an authentication of the user based on input supplied by the user;

performing an authorization evaluation of whether the user is authorized to purchase the product based on the authorization information; and

accepting or denying purchase of the product based on at least one of results of the authentication and results of the authorization.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method, and computer-readable medium for user authentication and mobile payment authorization are provided. A user operating a mobile terminal may submit a product for purchase at a point-of-sale and submit the user'"'"'s phone number and personal identification number thereto. An authentication and authorization process is then performed to authenticate the user and authorize the purchase. Upon authentication and authorization, a one-time-password is transmitted to the point-of-sale and the user'"'"'s mobile terminal. The user provides the one-time-password as input to the point-of-sale which compares the one-time-password provided by Mobile Payment System with the one-time-password provided by the user to determine whether to approve or deny the purchase. Multiple users each having different authorization levels and purchase limits may be associated with a common account, and each user may have a distinct identifier used to authenticate the particular user of the account.

189 Citations

20 Claims

1. A method of electronic commerce, comprising:
- maintaining authentication information of a user in association with purchase authorization information of the user, wherein authentication and authorization information of a plurality of users is maintained in association with a common subscriber account;
  
  receiving an identifier of a product to be purchased at a remote location by the user;
  
  performing an authentication of the user based on input supplied by the user;
  
  performing an authorization evaluation of whether the user is authorized to purchase the product based on the authorization information; and
  
  accepting or denying purchase of the product based on at least one of results of the authentication and results of the authorization.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein maintaining authentication information comprises maintaining at least one of a mobile phone number assigned to a mobile terminal of the user and a personal identification number of the user.
  - 3. The method of claim 1, wherein receiving an identifier of a product further comprises receiving a universal product code of the product from a merchant point-of-sale terminal.
  - 4. The method of claim 1, wherein performing an authentication of the user based on input supplied by the user further comprises comparing at least one of a mobile phone number and a personal identification number supplied by the user at a merchant point-of-sale terminal with at least one of a mobile phone number and a personal identification number associated with the user maintained by a network-based mobile payment system.
  - 5. The method of claim 1, wherein performing an authorization evaluation further comprises comparing an authorization level associated with the user with a classification of the product.
  - 6. The method of claim 1, wherein performing an authorization evaluation further comprises comparing a purchase limit associated with the user with a price of the product.
  - 7. The method of claim 1, further comprising:
    - generating a one-time-password;
      
      encrypting the one-time-password;
      
      transmitting the one-time-password in an encrypted format to a merchant point-of-sale terminal at which the user initiated purchase of the product; and
      
      transmitting the one-time-password to a mobile phone of the user.
  - 8. The method of claim 7, further comprising:
    - supplying, by the user, the one-time-password to the merchant point-of-sale terminal;
      
      decrypting the one-time-password received in the encrypted format by the merchant point-of-sale terminal;
      
      performing a comparison the decrypted one-time-password with the one-time-password supplied by the user; and
      
      determining an approval or rejection of the purchase based on results of the comparison.

9. A computer-readable medium having computer-executable instructions for execution by a processing system, the computer-executable instructions for electronic commerce, comprising:
- instructions for maintaining authentication information of a user in association with purchase authorization information of the user, wherein authentication and authorization information of a plurality of users is maintained in association with a common subscriber account;
  
  instructions for receiving an identifier of a product to be purchased at a remote location by the user;
  
  instructions for performing an authentication of the user based on input supplied by the user;
  
  instructions for performing an authorization evaluation of whether the user is authorized to purchase the product based on the authorization information; and
  
  instructions for accepting or denying purchase of the product based on at least one of results of the authentication and results of the authorization.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The computer-readable medium of claim 9, wherein the instructions for maintaining authentication information comprise instructions for maintaining at least one of a mobile phone number assigned to a mobile terminal of the user and a personal identification number of the user.
  - 11. The computer-readable medium of claim 9, wherein the instructions for receiving an identifier of a product further comprise instructions for receiving a universal product code of the product from a merchant point-of-sale terminal.
  - 12. The computer-readable medium of claim 9, wherein the instructions for performing an authentication of the user based on input supplied by the user further comprise instructions for comparing at least one of a mobile phone number and a personal identification number supplied by the user at a merchant point-of-sale terminal with at least one of a mobile phone number and a personal identification number associated with the user maintained by a network-based mobile payment system.
  - 13. The computer-readable medium of claim 9, wherein the instructions for performing an authorization evaluation further comprise instructions for comparing an authorization level associated with the user with a classification of the product.
  - 14. The computer-readable medium of claim 9, wherein the instructions for performing an authorization evaluation further comprise instructions for comparing a purchase limit associated with the user with a price of the product.
  - 15. The computer-readable medium of claim 9, further comprising:
    - instructions for generating a one-time-password;
      
      instructions for encrypting the one-time-password;
      
      instructions for transmitting the one-time-password in an encrypted format to a merchant point-of-sale terminal at which the user initiated purchase of the product; and
      
      instructions for transmitting the one-time-password to a mobile phone of the user.
  - 16. The computer-readable medium of claim 15, further comprising:
    - instructions for supplying, by the user, the one-time-password to the merchant point-of-sale terminal;
      
      instructions for decrypting the one-time-password received in the encrypted format by the merchant point-of-sale terminal;
      
      instructions for performing a comparison the decrypted one-time-password with the one-time-password supplied by the user; and
      
      instructions for determining an approval or rejection of the purchase based on results of the comparison.

17. A system for performing electronic commerce, comprising:
- a mobile terminal assigned to a user having a mobile phone number assigned thereto;
  
  a merchant point-of-sale terminal adapted to receive a product identifier of a product to be purchased by the user, the phone number of the mobile terminal of the user, and a personal identification number of the user, wherein the point-of-sale terminal is adapted to determine a product description and generate a message including the phone number, the personal identification number, the product identifier, and the product description; and
  
  a mobile payment system communicatively coupled with the merchant point-of-sale terminal and adapted to receive the message, wherein the mobile payment system is adapted to authenticate the user and authorize the purchase based at least in part on one of the phone number, the personal identification number and the product identifier, and wherein the mobile payment system is adapted to transmit a one-time-password in an encrypted format to the point-of-sale terminal;
  
  a messaging network communicatively coupled with the mobile payment system, wherein the messaging network receives a request from the mobile payment system to transmit the one-time-password to the mobile terminal, wherein the point-of-sale terminal is adapted to receive the one-time-password received by the mobile terminal from the user and determine whether to accept or deny the purchase based on the one-time-password received by the mobile terminal and the one-time-password transmitted to the point-of-sale terminal from the mobile payment system.
- View Dependent Claims (18, 19, 20)
- - 18. The system of claim 17, wherein the messaging network comprises a mobile carrier network including a short message service infrastructure.
  - 19. The system of claim 17, further comprising a user database that maintains a record assigned to the user, wherein the record includes the phone number, the personal identification number, and an authorization level assigned to the user.
  - 20. The system of claim 17, wherein the product description comprises at least one of a product classification and a product price, and wherein mobile payment system is adapted to determine an authorization level associated with the user and determine whether the user is authorized to purchase the product based on the authorization level and the product classification.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mobilekash Incorporated
Original Assignee
Mobilekash Incorporated
Inventors
Choe, Yeonsook, Park, Min, Choe, Howon

Application Number

US11/855,856
Publication Number

US 20080103984A1
Time in Patent Office

Days
Field of Search
US Class Current

705/76
CPC Class Codes

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/3821   Electronic credentials

G06Q 30/0601   Electronic shopping [e-shop...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless network architectu...

H04L 9/3226   using a predetermined code,...

H04L 9/3228   One-time or temporary data,...

System, Method, and Computer-Readable Medium for Mobile Payment Authentication and Authorization

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

189 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

System, Method, and Computer-Readable Medium for Mobile Payment Authentication and Authorization

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

189 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others