PROCESSING OF FINANCIAL TRANSACTIONS USING DEBIT NETWORKS

US 20080208759A1
Filed: 02/22/2007
Published: 08/28/2008
Est. Priority Date: 02/22/2007
Status: Active Grant

First Claim

Patent Images

1. A method of executing a financial transaction between a customer and a merchant, the method comprising:

receiving an identifier of a financial account from the customer at a merchant system;

receiving a one-time password from the customer at the merchant system, wherein the customer is provided with the one-time password by a mobile electronic device or by a contactless presentation instrument;

generating a cryptogram comprising the identifier of the financial account encrypted using the one-time password;

formulating an authorization request at the merchant system, the authorization request comprising the cryptogram and transaction information describing at least a portion of the financial transaction; and

transmitting the authorization request from the merchant system to an authorization processor for authorization of the financial transaction.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems are disclosed for executing financial transactions between customers and merchants. An identifier of a financial account is received from the customer at a merchant system. A one-time password is also received from the customer at the merchant system, with the customer having been provided with the one-time password by a mobile electronic device or contactless presentation instrument. A cryptogram is generated to included the identifier of the financial account encrypted using the one-time password. An authorization request is formulated at the merchant system. The authorization request includes the cryptogram and transaction information describing at least a portion of the financial transaction. The authorization request is transmitted from the merchant system to an authorization processor for authorization of the financial transaction.

192 Citations

45 Claims

1. A method of executing a financial transaction between a customer and a merchant, the method comprising:
- receiving an identifier of a financial account from the customer at a merchant system;
  
  receiving a one-time password from the customer at the merchant system, wherein the customer is provided with the one-time password by a mobile electronic device or by a contactless presentation instrument;
  
  generating a cryptogram comprising the identifier of the financial account encrypted using the one-time password;
  
  formulating an authorization request at the merchant system, the authorization request comprising the cryptogram and transaction information describing at least a portion of the financial transaction; and
  
  transmitting the authorization request from the merchant system to an authorization processor for authorization of the financial transaction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method recited in claim 1 wherein the identifier comprises an account number of the financial account.
  - 3. The method recited in claim 1 wherein the identifier comprises an identification number extracted from a presentation instrument, the method further comprising translating the identification number to an account number of the financial account.
  - 4. The method recited in claim 1 wherein the one-time password comprises a two-factor one-time password.
  - 5. The method recited in claim 1 wherein the one-time password is a second one-time password provided to the customer by the mobile electronic device or contactless presentation instrument after passage of an expiry time after a first one-time password is provided to the customer by the mobile electronic device or contactless presentation instrument.
  - 6. The method recited in claim 1 wherein the merchant system comprises an Internet web server.
  - 7. The method recited in claim 1 wherein the merchant system comprises a merchant point-of-sale device.
  - 8. The method recited in claim 1 further comprising receiving a personal identification number from the customer at the merchant system, wherein the authorization request further comprises the personal identification number.
  - 9. The method recited in claim 1 wherein the mobile electronic device or contactless presentation instrument comprises a cellular telephone.
  - 10. The method recited in claim 1 wherein the transaction information comprises data selected from the group consisting of a total cost for the financial transaction, a location, a point-of-sale-device identifier, a point-of-sale-device sequence number, a date, and a time.
  - 11. The method recited in claim 1 wherein the financial account comprises an account selected from the group consisting of a debit account, a credit account, and a stored-value account.

12. A method of executing a financial transaction between a customer and a merchant, the method comprising:
- receiving an encrypted authorization request from a merchant system at an authorization processor, wherein the authorization request was encrypted by application of a one-time password provided to the merchant by a presentation instrument;
  
  decrypting the authorization request;
  
  identifying a financial account from the decrypted authorization request;
  
  determining transaction information describing at least a portion of the financial transaction from the decrypted authorization request;
  
  determining authenticity of the transaction information by validating the one-time password; and
  
  determining whether the identified financial account is capable of supporting the financial transaction based on the transaction information.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 13. The method recited in claim 12 further comprising delivering a loyalty customer identification number from the presentation instrument to the merchant.
  - 14. The method recited in claim 12 wherein the identifier comprises an account number of the financial account.
  - 15. The method recited in claim 12 wherein the one-time password comprises a two-factor one-time password.
  - 16. The method recited in claim 12 wherein the merchant system comprises an Internet web server.
  - 17. The method recited in claim 12 wherein the merchant system comprises a merchant point-of-sale device.
  - 18. The method recited in claim 12 further comprising verifying authenticity of the one-time password by validating the personal identification number associated with the identified financial account.
  - 19. The method recited in claim 12 wherein the debit presentation instrument comprises a cellular telephone.
  - 20. The method recited in claim 12 wherein the transaction information comprises data selected from the group consisting of a total cost for the financial transaction, a location, a point-of-sale-device identifier, a point-of-sale-device sequence number, a date, and a time.
  - 21. The method recited in claim 12 wherein the financial account comprises an account selected from the group consisting of a debit account, a credit account, and a stored-value account.

22. A computer-readable storage medium having a computer-readable program embodied therein for directing operation of a merchant system, mobile electronic device, or a contactless presentation instrument to execute a financial transaction between a customer and a merchant, the merchant system, mobile electronic device, or contactless presentation instrument including a communications system, a processor, and a storage device, wherein the computer-readable program includes:
- instructions for receiving an identifier of a financial account from the customer at the merchant system;
  
  instructions for receiving a one-time password from the customer at the merchant system, wherein the customer is provided with the one-time password by a mobile electronic device or contactless presentation instrument;
  
  instructions for generating a cryptogram comprising the identifier of the financial account encrypted using the one-time password;
  
  instructions for formulating an authorization request at the merchant system, the authorization request comprising the cryptogram and transaction information describing at least a portion of the financial transaction; and
  
  instructions for transmitting the authorization request from the merchant system to an authorization processor for authorization of the financial transaction.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 23. The system recited in claim 22 wherein the identifier comprises an account number of the financial account.
  - 24. The system recited in claim 22 wherein;
    - the identifier comprises an identification number extracted from a presentation instrument; and
      
      the computer-readable program further includes instructions for translating the identification number to an account number of the financial account.
  - 25. The system recited in claim 22 wherein the one-time password comprises a two-factor one-time password.
  - 26. The system recited in claim 22 wherein the one-time password is a second one-time password provided to the customer by the mobile electronic device or contactless presentation instrument after passage of an expiry time after a first one-time password is provided to the customer by the mobile electronic device or contactless presentation instrument.
  - 27. The system recited in claim 22 wherein the merchant system comprises an Internet web server.
  - 28. The system recited in claim 22 wherein the merchant system comprises a merchant point-of-sale device.
  - 29. The system recited in claim 22 wherein:
    - the computer-readable program further includes instructions for receiving a personal identification number from the customer at the merchant system; and
      
      the authorization request further comprises the personal identification number.
  - 30. The system recited in claim 22 wherein the mobile electronic device or contactless presentation instrument comprises a cellular telephone.
  - 31. The system recited in claim 22 wherein the transaction information comprises data selected from the group consisting of a total cost for the financial transaction, a location, a point-of-sale-device identifier, a point-of-sale-device sequence number, a date, and a time.
  - 32. The system recited in claim 22 wherein cryptographic keys used to generate the one-time password on the presentation instrument are generated on the presentation instrument and transmitted to an authentication processor or are generated on the authentication processor and transmitted to the presentation instrument.
  - 33. The system recited in claim 22 wherein the debit presentation instrument does not divulge the one-time password until the merchant system as been validated using a mutual authentication scheme.
  - 34. The system recited in claim 22 wherein the financial account comprises an account selected from the group consisting of a debit account, a credit account, and a stored-value account.

35. A computer-readable storage medium having a computer-readable program embodied therein for directing operation of an authorization processor to execute a financial transaction between a customer and a merchant, the authorization processor including a communications system, a processor, and a storage device, wherein the computer-readable program includes:
- instructions for receiving an encrypted authorization request from a merchant system at the authorization processor, wherein the authorization request was encrypted by application of a one-time password provided to the customer by a presentation instrument;
  
  instructions for decrypting the authorization request;
  
  instructions for identifying a financial account from the decrypted authorization request;
  
  instructions for determining transaction information describing at least a portion of the financial transaction from the decrypted authorization request;
  
  instructions for determining authenticity of the transaction information by validating the one-time password; and
  
  instructions for determining whether the identified financial account is capable of supporting the financial transaction based on the transaction information.
- View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45)
- - 36. The system recited in claim 35 wherein the computer-readable program further includes instructions for delivering a loyalty customer identification number from the presentation instrument to the merchant.
  - 37. The system recited in claim 35 wherein the identifier comprises an account number of the financial account.
  - 38. The system recited in claim 35 wherein the one-time password comprises a two-factor one-time password.
  - 39. The system recited in claim 35 wherein the merchant system comprises an Internet web server.
  - 40. The system recited in claim 35 wherein the merchant system comprises a merchant point-of-sale device.
  - 41. The system recited in claim 35 wherein the computer-readable program further includes instructions for verifying authenticity of the one-time password by validating the personal identification number associated with the identified financial account.
  - 42. The system recited in claim 35 wherein the debit presentation instrument comprises a cellular telephone.
  - 43. The system recited in claim 35 wherein the transaction information comprises data selected from the group consisting of a total cost for the financial transaction, a location, a point-of-sale-device identifier, a point-of-sale-device sequence number, a date, and a time.
  - 44. The system recited in claim 35 wherein cryptographic keys used to generate the one-time password on the presentation instrument are generated on the presentation instrument and transmitted to an authentication processor or are generated on the authentication processor and transmitted to the presentation instrument.
  - 45. The system recited in claim 35 wherein the financial account comprises an account selected from the group consisting of a debit account, a credit account, and a stored-value account.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
First Data Corporation (Fiserv Incorporated)
Original Assignee
First Data Corporation (Fiserv Incorporated)
Inventors
Royyuru, Vijay

Granted Patent

US 9,846,866 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/72
CPC Class Codes

G06Q 20/00   Payment architectures, sche...

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/4012   Verifying personal identifi...

G06Q 30/06   Buying, selling or leasing ...

PROCESSING OF FINANCIAL TRANSACTIONS USING DEBIT NETWORKS

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

192 Citations

45 Claims

Specification

Solutions

Use Cases

Quick Links

PROCESSING OF FINANCIAL TRANSACTIONS USING DEBIT NETWORKS

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

192 Citations

45 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links