VERIFYING DYNAMIC TRANSACTION SECURITY CODE IN PAYMENT CARD SYSTEM

US 20080306876A1
Filed: 12/07/2007
Published: 12/11/2008
Est. Priority Date: 06/05/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

receiving an authorization request for a purchase transaction;

determining whether a transaction security code included in the authorization request is valid; and

relaying the authorization request to an issuer financial institution with an indication as to whether the transaction security code is valid.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method includes receiving an authorization request for a purchase transaction. The method further includes determining (a) whether the purchase transaction is eligible for security code checking based on whether an account number included in the authorization request is in an eligible account number range, and (b) whether a transaction security code included in the authorization request is valid. The method also includes relaying the authorization request to an issuer financial institution with an indication as to whether the transaction security code is valid. Alternatively, the method may include declining the transaction when the security code is found to be invalid, and sending an advice message to the issuer regarding the declined transaction. In this alternative, the authorization request is relayed to the issuer only if the security code is found to be valid.

70 Citations

View as Search Results

20 Claims

1. A method comprising:
- receiving an authorization request for a purchase transaction;
  
  determining whether a transaction security code included in the authorization request is valid; and
  
  relaying the authorization request to an issuer financial institution with an indication as to whether the transaction security code is valid.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein said determining whether said transaction security code is valid includes performing a cryptographic calculation.
  - 3. The method of claim 1, wherein the authorization request includes an indication that the purchase transaction was initiated by proximity-reading a proximity payment device.
  - 4. The method of claim 3, wherein said determining whether said transaction security code is valid includes performing a cryptographic calculation.
  - 5. The method of claim 4, wherein the cryptographic calculation has a plurality of inputs, said inputs including:
    - (a) a cryptographic key associated with the proximity payment device;
      
      (b) a transaction count value regenerated by using at least one transaction count digit included in the authorization request; and
      
      (c) an unpredictable number generated for the transaction by a point of sale terminal and included in the authorization request.
  - 6. The method of claim 1, further comprising:
    - before said determining step, determining whether the purchase transaction is eligible for security code checking, said determining whether the purchase transaction is eligible based on whether an account number included in the authorization request is in an eligible account number range.

7. A method comprising:
- receiving an authorization request for a purchase transaction;
  
  determining that a computer operated by or on behalf of an issuer financial institution is not available to receive the authorization request;
  
  determining whether a transaction security code included in the authorization request is valid;
  
  transmitting an authorization response to an acquirer financial institution with an indication as to whether the transaction security code is valid; and
  
  transmitting an authorization advice message to the computer operated by or on behalf of an issuer financial institution in regard to the purchase transaction.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The method of claim 7, wherein said determining whether said transaction security code is valid includes performing a cryptographic calculation.
  - 9. The method of claim 7, wherein the authorization request includes an indication that the purchase transaction was initiated by proximity-reading a proximity payment device.
  - 10. The method of claim 9, wherein said determining whether said transaction security code is valid includes performing a cryptographic calculation.
  - 11. The method of claim 10, wherein the cryptographic calculation has a plurality of inputs, said inputs including:
    - (a) a cryptographic key associated with the proximity payment device;
      
      (b) a transaction count value regenerated by using at least one transaction count digit included in the authorization request; and
      
      (c) an unpredictable number generated for the transaction by a point of sale terminal and included in the authorization request.

12. An apparatus comprising:
- a processor; and
  
  a memory in communication with the processor and storing program instructions, the processor operative with the program instructions to;
  
  receive an authorization request for a purchase transaction;
  
  determine whether a transaction security code included in the authorization request is valid; and
  
  relay the authorization request to an issuer financial institution with an indication as to whether the transaction security code is valid.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The apparatus of claim 12, wherein said determining whether said transaction security code is valid includes performing a cryptographic calculation.
  - 14. The apparatus of claim 12, wherein the authorization request includes an indication that the purchase transaction was initiated by proximity-reading a proximity payment device.
  - 15. The apparatus of claim 14, wherein said determining whether said transaction security code is valid includes performing a cryptographic calculation.
  - 16. The apparatus of claim 15, wherein the cryptographic calculation has a plurality of inputs, said inputs including:
    - (a) a cryptographic key associated with the proximity payment device;
      
      (b) a transaction count value regenerated by using at least one transaction count digit included in the authorization request; and
      
      (c) an unpredictable number generated for the transaction by a point of sale terminal and included in the authorization request.
  - 17. The apparatus of claim 12, wherein the processor is further operative, before said determining function, to determine whether the purchase transaction is eligible for security code checking, said determining whether the purchase transaction is eligible based on whether an account number included in the authorization request is in an eligible account number range.

18. A method comprising:
- receiving an authorization request for a purchase transaction;
  
  determining whether a transaction security code included in the authorization request is valid;
  
  if said transaction security code is determined not to be valid, (a) declining the authorization request, and (b) sending a message to an issuer financial institution to report said declined authorization request; and
  
  if said transaction security code is determined to be valid, relaying the authorization request to the issuer financial institution with an indication that the transaction security code is valid.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18, wherein said determining whether said transaction security code is valid includes performing a cryptographic calculation.
  - 20. The method of claim 18, wherein the authorization request includes an indication that the purchase transaction was initiated by proximity-reading a proximity payment device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Original Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Inventors
Liscia, Maurice David, Horvath, Kris M., Rouquet, Jean-Louis

Application Number

US11/952,379
Publication Number

US 20080306876A1
Time in Patent Office

Days
Field of Search
US Class Current

705/76
CPC Class Codes

G06Q 20/3821   Electronic credentials

G07F 7/10   together with a coded signa...

G07F 7/1066   PIN data being compared to ...

VERIFYING DYNAMIC TRANSACTION SECURITY CODE IN PAYMENT CARD SYSTEM

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

70 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

VERIFYING DYNAMIC TRANSACTION SECURITY CODE IN PAYMENT CARD SYSTEM

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

70 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links