TRANSACTION AUTHORISATION SYSTEM AND METHOD

US 20090234760A1
Filed: 12/15/2008
Published: 09/17/2009
Est. Priority Date: 08/01/2007
Status: Active Grant

First Claim

Patent Images

1. A transaction authorisation system for allowing a customer to authorise transactions relating to at least one customer account associated with an institution, the system comprising:

data storage means for enabling access to;

(a) identification data associated with the customer;

(b) identification data associated with a remote communication device (RCD) of the customer; and

(c) security identifier data associating the at least one customer account with either one or both of (a) and (b);

a first communication means for enabling communication with the customer via the RCD to authorise a transaction on the at least one customer account or to indicate a transaction on the at least one customer account is fraudulent;

a data processing architecture including data processing means to identify the customer using (a), identify the RCD using (b) and determine if the transaction is authorised by the customer or if the transaction has been indicated as being fraudulent by the customer, and if said transaction is fraudulent, to determine the type of fraud associated with the fraudulent transaction; and

a second communication means for receiving an authorisation request in relation to the transaction and providing an indication to the institution of whether or not the transaction is authorised by the customer,wherein the authorisation request received and the indication provided to the institution are referenced to the security identifier data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A transaction authorisation system allows a customer to authorise transactions relating to at least one account associated with an institution. Data storage means enable access to customer identification data, a customer'"'"'s remote communication device (RCD), and security identifier data associating the account with the identification data. Communication means receive an authorisation request, referenced to the security identifier data, relating to the transaction and enable communication with the customer via the RCD to authorise a transaction or to indicate that a transaction is fraudulent. Data processing means identify the customer and RCD using the identification data and determine if the transaction is authorised, or has been indicated as being fraudulent, and if the transaction is fraudulent, to determine the type of fraud. The communication means provide an indication, referenced to the security identifier data, to the institution of whether the transaction is authorised.

Citations

18 Claims

1. A transaction authorisation system for allowing a customer to authorise transactions relating to at least one customer account associated with an institution, the system comprising:
- data storage means for enabling access to;
  
  (a) identification data associated with the customer;
  
  (b) identification data associated with a remote communication device (RCD) of the customer; and
  
  (c) security identifier data associating the at least one customer account with either one or both of (a) and (b);
  
  a first communication means for enabling communication with the customer via the RCD to authorise a transaction on the at least one customer account or to indicate a transaction on the at least one customer account is fraudulent;
  
  a data processing architecture including data processing means to identify the customer using (a), identify the RCD using (b) and determine if the transaction is authorised by the customer or if the transaction has been indicated as being fraudulent by the customer, and if said transaction is fraudulent, to determine the type of fraud associated with the fraudulent transaction; and
  
  a second communication means for receiving an authorisation request in relation to the transaction and providing an indication to the institution of whether or not the transaction is authorised by the customer,wherein the authorisation request received and the indication provided to the institution are referenced to the security identifier data.
- View Dependent Claims (2, 3, 4)
- - 2. The transaction authorisation system of claim 1, wherein the second communication means provides an indication to the institution of whether the transaction is indicated as being fraudulent by the customer, and if so, the type of fraud determined.
  - 3. The transaction authorisation system of claim 1, wherein the type of fraud includes at least one of a Man-in-the-Middle attack or Identity Theft.
  - 4. The transaction authorisation system of claim 1, wherein the second communication means is arranged to provide information to the institution in order to maintain contact with the fraudulent party.

5. A transaction authorisation system for allowing a customer to authorise transactions relating to at least one customer account associated with an institution, the system comprising:
- data storage means for enabling access to;
  
  (a) identification data associated with the customer;
  
  (b) identification data associated with a remote communication device (RCD) of the customer; and
  
  (c) security identifier data associating the at least one customer account with either one or both of (a) and (b);
  
  a first communication means for enabling communication with the customer via the RCD to authorise a transaction on the at least one customer account, the first communication means including an interactive voice response (IVR) system arranged to provide the customer with a plurality of alternative feedback options;
  
  a data processing architecture including data processing means to identify the customer using (a), identify the RCD using (b) and determine if the transaction is authorised by the customer; and
  
  a second communication means for receiving an authorisation request in relation to the transaction and providing an indication to the institution of whether or not the transaction is authorised by the customer,wherein the authorisation request received and the indication provided to the institution are referenced to the security identifier data.
- View Dependent Claims (6, 7, 8, 9)
- - 6. The transaction authorisation system of claim 5, wherein said feedback options include at least one of authorising the transaction, cancelling the transaction, indicating the transaction as fraudulent, indicating the transaction details are incorrect, or indicating the customer did not initiate the transaction.
  - 7. The transaction authorisation system of claim 5, wherein the IVR system is arranged to provide the customer with additional feedback options upon the customer selecting at least one of said alternative feedback options.
  - 8. The transaction authorisation system of claim 7, wherein the additional feedback options are provided to the customer upon the customer authorising the transaction.
  - 9. The transaction authorisation system of claim 8, wherein at least one of said additional feedback options include the customer being identified with additional security identifier data.

10. A method for allowing a customer to authorise transactions relating to at least one customer account held at an institution, the method comprising the steps of:
- (a) an authorisation server receiving an authorisation request from the institution in relation to a transaction on the at least one customer account;
  
  (b) the authorisation server communicating with the customer via a remote communication device (RCD) of the customer to authorise the transaction;
  
  (c) the authorisation server identifying the customer using identification data associated with the customer to which the authorisation server has access;
  
  (d) the authorisation server identifying the RCD using stored identification data associated with the RCD to which the authorisation server has access;
  
  (e) the authorisation server determining if the transaction is authorised by the customer or if the transaction is indicated as fraudulent by the customer, and if said transaction is fraudulent, determining the type of fraud associated with the fraudulent transaction;
  
  (f) the authorisation server communicating an indication to the institution of whether or not the transaction is authorised by the customer,wherein the authorisation request received by the authorisation server and the indication provided to the institution are referenced by the institution and the authentication server to security identifier data for associating the at least one customer account with one or both of the stored identification data associated with the customer and the stored identification data associated with the RCD.
- View Dependent Claims (11, 12, 13)
- - 11. The transaction authorisation method of claim 10, wherein the authorisation server communicates an indication to the institution of whether the transaction is indicated as being fraudulent by the customer, and if so, the type of fraud determined.
  - 12. The transaction authorisation method of claim 10, wherein the type of fraud includes at least one of a Man-in-the-Middle attack or Identity Theft.
  - 13. The transaction authorisation method of claim 10, wherein the authorisation server provides information to the institution in order to maintain contact with the fraudulent party.

14. A method for allowing a customer to authorise transactions relating to at least one customer account held at an institution, the method comprising the steps of:
- (a) an authorisation server receiving an authorisation request from the institution in relation to a transaction on the at least one customer account;
  
  (b) the authorisation server communicating with the customer via a remote communication device (RCD) of the customer to authorise the transaction, wherein the communication includes use of an interactive voice response (IVR) system which provides the customer with a plurality of alternative feedback options;
  
  (c) the authorisation server identifying the customer using identification data associated with the customer to which the authorisation server has access;
  
  (d) the authorisation server identifying the RCD using stored identification data associated with the RCD to which the authorisation server has access;
  
  (e) the authorisation server determining if the transaction is authorised by the customer;
  
  (f) the authorisation server communicating an indication to the institution of whether or not the transaction is authorised by the customer,wherein the authorisation request received by the authorisation server and the indication provided to the institution are referenced by the institution and the authentication server to security identifier data for associating the at least one customer account with one or both of the stored identification data associated with the customer and the stored identification data associated with the RCD.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The transaction authorisation method of claim 14, wherein said feedback options include at least one of authorising the transaction, cancelling the transaction, indicating the transaction as fraudulent, indicating the transaction details are incorrect, or indicating the customer did not initiate the transaction.
  - 16. The transaction authorisation method of claim 14, wherein the IVR system provides the customer with additional feedback options upon the customer selecting at least one of said alternative feedback options.
  - 17. The transaction authorisation method of claim 16, wherein the additional feedback options are provided to the customer upon the customer authorising the transaction.
  - 18. The transaction authorisation method of claim 17, wherein at least one of said additional feedback options include the customer being identified with additional security identifier data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SQID Technologies Ltd.
Original Assignee
SQID Technologies Ltd.
Inventors
Walter, Greg

Granted Patent

US 8,407,112 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/30
CPC Class Codes

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/425   using two different network...

G06Q 40/00   Finance; Insurance; Tax str...

G06Q 40/12   Accounting

TRANSACTION AUTHORISATION SYSTEM AND METHOD

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

TRANSACTION AUTHORISATION SYSTEM AND METHOD

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links