CARDLESS CHALLENGE SYSTEMS AND METHODS

US 20080319896A1
Filed: 06/20/2008
Published: 12/25/2008
Est. Priority Date: 06/25/2007
Status: Active Grant

First Claim

Patent Images

1. A method for authorizing a transaction between a consumer and a merchant, the method comprising:

receiving, at a server of a non-merchant entity, a consumer message from an access device used by the consumer, wherein the consumer message includes account information of an account of the consumer to be used for the transaction;

subsequent to receiving the consumer message, sending, to the consumer from the non-merchant server, a challenge question;

receiving, at the non-merchant server from the consumer, a challenge answer to the challenge question; and

sending, to a merchant server from the non-merchant server, a funding message.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, and apparatus for handling and/or authorizing payment requests by a consumer for a transaction are provided. Challenge questions may be presented from the non-merchant to the consumer after receiving the payment information, thereby allowing a judicious determination of when to ask such challenge questions and allowing complex and probative questions. The time limit for such challenge questions may advantageously be unconstrained, while still preserving security. Also, a risk analysis may be started prior to the consumer submitting payment information, thus allowing an efficient and complex risk analysis. Information about an access device used by the consumer may be obtained at the non-merchant from the access device with code sent to the access device from the merchant, and the device information may be used in the risk analysis.

152 Citations

View as Search Results

32 Claims

1. A method for authorizing a transaction between a consumer and a merchant, the method comprising:
- receiving, at a server of a non-merchant entity, a consumer message from an access device used by the consumer, wherein the consumer message includes account information of an account of the consumer to be used for the transaction;
  
  subsequent to receiving the consumer message, sending, to the consumer from the non-merchant server, a challenge question;
  
  receiving, at the non-merchant server from the consumer, a challenge answer to the challenge question; and
  
  sending, to a merchant server from the non-merchant server, a funding message.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising repeating sending at least one challenge question and receiving at least one challenge answer.
  - 3. The method of claim 1, wherein the challenge question is sent to a consumer device that is not the access device.
  - 4. The method of claim 3, wherein the consumer device is a mobile phone of the consumer and the access device is a point of sale terminal at a retail location associated with the merchant.
  - 5. The method of claim 1, further comprising:
    - prior to sending the authorization request to the issuer of the account, sending a challenge question to the consumer.
  - 6. The method of claim 1, further comprising determining whether to send a challenge question to the user based on information collected from a client device of the user.
  - 7. The method of claim 1 further comprising:
    - receiving transaction information about at least one of an access device being used by a consumer to initiate the transaction, an amount of the transaction, and one or more items to be purchased in the transaction; and
      
      determining a challenge question based on the transaction information.
  - 8. The method of claim 1, further comprising:
    - after receiving the consumer message, selecting, by the non-merchant server, the challenge question to send to the consumer.
  - 9. The method of claim 1, wherein the consumer message is received at the non-merchant server directly from the access device.

10. A system for authorizing a transaction between a consumer and a merchant, the system comprising:
- a server having an external interface for receiving a consumer message from an access device used by the consumer, wherein the consumer message includes account information of an account of the consumer to be used for the transaction, and wherein the server is associated with a non-merchant entity;
  
  one or more processors; and
  
  one or more memory devices containing instructions for directing the one or more processors to;
  
  send, to the consumer from the non-merchant server, a challenge question, wherein the challenge question is sent subsequent to receiving the consumer message at the non-merchant server;
  
  receive, at the non-merchant server from the consumer, a challenge answer to the challenge question; and
  
  send, to a merchant server from the non-merchant server, a funding message.

11. A method for authorizing a transaction between a consumer and a merchant, the method comprising:
- prior to the consumer submitting account information of an account of the consumer to be used for the transaction, receiving, at a server of a non-merchant entity, transaction information;
  
  initiating, at the non-merchant server, a risk analysis using the received transaction information; and
  
  calculating a first risk score based on the risk analysis.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The method of claim 11, further comprising determining whether to deny the transaction based on the first risk score.
  - 13. The method of claim 11, further comprising determining whether to send at least one challenge question to the consumer based on the first risk score.
  - 14. The method of claim 11, further comprising:
    - receiving, at the non-merchant server, a consumer message directly from an access device used by the consumer, wherein the consumer message includes account information of an account of the consumer to be used for the transaction, wherein receiving the consumer message results from the consumer submitting the account information.
  - 15. The method of claim 11, wherein the transaction information includes information about at least one of:
    - an access device being used by a consumer to initiate the transaction;
      
      an amount of the transaction; and
      
      one or more items to be purchased in the transaction.
  - 16. The method of claim 15, wherein at least a portion of the transaction information is received from the access device and includes information about the access device, and wherein the information about the access device includes at least one of a geographical location of the access device, an operating system of the access device, and a processor type of the access device.
  - 17. The method of claim 16, wherein all of the transaction information is received from the access device.
  - 18. The method of claim 15, wherein at least a portion of the transaction information is received from the merchant and includes information about the amount of the transaction.
  - 19. The method of claim 11, wherein the third party is an issuer and the account information is contained within an authorization request to the issuer.

20. A system for authorizing a transaction between a consumer and a merchant, the system comprising:
- a server having an external interface, wherein the server is associated with a non-merchant entity;
  
  one or more processors; and
  
  one or more memory devices containing instructions for directing the one or more processors to;
  
  prior to the consumer submitting account information of an account of the consumer to be used for the transaction, receive, at the external interface, transaction information;
  
  initiate a risk analysis using the received transaction information; and
  
  calculating a first risk score based on the risk analysis.

21. A method for conducting a transaction between a consumer and a merchant, the method comprising:
- receiving, at a server of the merchant from an access device used by the consumer, a checkout request to initiate a transaction;
  
  providing, from the merchant server to the access device, a first code for displaying an application page, wherein the first code sends information about the access device to a server not operated by the merchant; and
  
  receiving, at the merchant server from the non-merchant server, a response message regarding the transaction.
- View Dependent Claims (22)
- - 22. The method of claim 21, wherein the application page contains a plurality of payment mechanism options for the transaction, wherein a first subset of the payment mechanism options includes one or more first payment mechanisms, and wherein the first code sends the information about the access device in response to one of the first payment mechanisms being selected by the consumer.

23. A system for conducting a transaction between a consumer and a merchant, the system comprising:
- a server having an external interface, wherein the server is associated with the merchant;
  
  one or more processors; and
  
  one or more memory devices containing instructions for directing the one or more processors to;
  
  receive, at the external interface from an access device used by the consumer, a checkout request to initiate a transaction;
  
  provide, from the merchant server to the access device, a first code for displaying an application page, wherein the first code sends information about the access device to a server not operated by the merchant; and
  
  receive, at the merchant server from the non-merchant server, a response message regarding the transaction.

24. A method for requesting authorization of a transaction between a consumer and a merchant, the method comprising:
- initiating, by the consumer, a transaction involving the merchant;
  
  sending, to a server of a non-merchant entity, a consumer message directly from an access device used by the consumer, wherein the consumer message includes account information of an account of the consumer to be used for the transaction;
  
  subsequent to sending the consumer message, receiving, by the consumer from the non-merchant server, a challenge question;
  
  sending, to the non-merchant server by the consumer, a challenge answer to the challenge question; and
  
  receiving a response message including status information about the transaction.
- View Dependent Claims (25, 26, 27, 28)
- - 25. The method of claim 24, wherein the challenge question is received at a consumer device that is not the access device.
  - 26. The method of claim 25, wherein the consumer device is a mobile phone of the consumer and the access device is a point of sale terminal at a retail location associated with the merchant.
  - 27. The method of claim 24, wherein the response message is a receipt confirming an authorization of the transaction.
  - 28. The method of claim 27, wherein the receipt is received from the merchant.

29. A system for requesting authorization of a transaction between a consumer and a merchant, the system comprising:
- an external interface operable to connect to a merchant server, wherein the connection allows a consumer to initiate a transaction involving the merchant;
  
  one or more processors; and
  
  one or more memory devices containing instructions for directing the one or more processors to;
  
  send, to a server of a non-merchant entity, a consumer message directly from the external interface, wherein the consumer message includes account information of an account of the consumer to be used for the transaction;
  
  subsequent to sending the consumer message, receive, from the non-merchant server, a challenge question;
  
  send, to the non-merchant server, a challenge answer to the challenge question in response to a command from the consumer; and
  
  receive a response message including status information about the transaction.

30. A method for requesting authorization of a transaction between a consumer and a merchant, the method comprising:
- providing, to a server of the merchant by the consumer, a checkout request to initiate a transaction;
  
  receiving, from the merchant server by an access device used by the consumer, a first code for displaying an application page, wherein the first code sends information about the access device to a server not operated by the merchant;
  
  sending the information about the access device to the non-merchant server;
  
  subsequent to sending the access device information, sending a consumer message including account information of an account of the consumer to be used for the transaction; and
  
  receiving a response message including status information about the transaction.
- View Dependent Claims (31)
- - 31. The method of claim 30, wherein the consumer message is sent directly from an access device to the non-merchant server.

32. A system for requesting authorization of a transaction between a consumer and a merchant, the system comprising:
- an external interface operable to connect to a merchant server, wherein the connection allows a consumer to provide, to the merchant server, a checkout request to initiate a transaction;
  
  one or more processors; and
  
  one or more memory devices containing instructions for directing the one or more processors to;
  
  send information about the system to a server not operated by the merchant;
  
  subsequent to sending the system information, send a consumer message in response to a command from the consumer, the consumer message including account information of an account of the consumer to be used for the transaction; and
  
  receive a response message including status information about the transaction.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa USA, Inc. (Visa, Inc.)
Original Assignee
Visa USA, Inc. (Visa, Inc.)
Inventors
Faith, Patrick, Keshan, Surendra, CARLSON, Mark

Granted Patent

US 8,121,956 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/38
CPC Class Codes

G06Q 20/00   Payment architectures, sche...

G06Q 20/02   involving a neutral party, ...

G06Q 20/027   involving a payment switch ...

G06Q 20/10   specially adapted for elect...

G06Q 20/12   specially adapted for elect...

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/322   Aspects of commerce using m...

G06Q 20/3227   using secure elements embed...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 20/4016   involving fraud or risk lev...

G06Q 30/06   Buying, selling or leasing ...

G06Q 30/0601   Electronic shopping [e-shop...

G06Q 30/0613   Third-party assisted

G06Q 40/00   Finance; Insurance; Tax str...

G06Q 40/03   Credit; Loans; Processing t...

CARDLESS CHALLENGE SYSTEMS AND METHODS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

152 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

CARDLESS CHALLENGE SYSTEMS AND METHODS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

152 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links