TRANSACTION AUTHORISATION SYSTEM & METHOD

US 20090313165A1
Filed: 08/01/2007
Published: 12/17/2009
Est. Priority Date: 08/01/2006
Status: Abandoned Application

First Claim

Patent Images

1. A transaction authorisation system for allowing a customer to authorise transactions relating to at least one customer account associated with an institution, the system including:

a data storage for enabling access to(a) identification data associated with the customer;

(b) identification data associated with a remote communication device (RCD) of the customer; and

(c) security identifier data associating the at least one customer account with either one or both of (a) and (b);

a first communication device for enabling communication with the customer via the RCD to authorise a transaction on the at least one customer account;

a data processing architecture including a data processor to identify the customer using (a), identify the RCD using (b) and determine if the transaction is authorised by the customer; and

a second communication device for receiving an authorisation request in relation to the transaction and providing an indication to the institution of whether or not the transaction is authorised by the customer,wherein the authorisation request received and the indication provided to the institution are referenced to the security identifier data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A transaction authorisation system for allowing a customer to authorise transactions relating to an institution account, the system including a data storage for enabling access to identification data associated with the customer and a remote communication device (RCD) of the customer, and security identifier data associating the customer account with the identification data. The system also includes a communication device for receiving an authorisation request, which is referenced to the security identifier data, in relation to the transaction from the institution and for enabling communication with the customer via the RCD to authorise a transaction on the customer account. A system data processor identifies the customer and RCD using the identification data and determines if the transaction is authorised by the customer. The communication device provides an indication, which is referenced to the security identifier data, to the institution of whether or not the transaction is authorised by the customer.

85 Citations

View as Search Results

34 Claims

1. A transaction authorisation system for allowing a customer to authorise transactions relating to at least one customer account associated with an institution, the system including:
- a data storage for enabling access to(a) identification data associated with the customer;
  
  (b) identification data associated with a remote communication device (RCD) of the customer; and
  
  (c) security identifier data associating the at least one customer account with either one or both of (a) and (b);
  
  a first communication device for enabling communication with the customer via the RCD to authorise a transaction on the at least one customer account;
  
  a data processing architecture including a data processor to identify the customer using (a), identify the RCD using (b) and determine if the transaction is authorised by the customer; and
  
  a second communication device for receiving an authorisation request in relation to the transaction and providing an indication to the institution of whether or not the transaction is authorised by the customer,wherein the authorisation request received and the indication provided to the institution are referenced to the security identifier data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 27, 28)
- - 2. The transaction authorisation system of claim 1, wherein the security identifier data is not communicated to the customer.
  - 3. The transaction authorisation system of claim 2, wherein the security identifier data is not the same as, nor derived from, characteristics of or personal information relating to the customer.
  - 4. The transaction authorisation system of claim 1, wherein the first communication device enables communication with the customer via the RCD utilising a communication medium which is distinct from the communications medium utilised to conduct the transaction.
  - 5. The transaction authorisation system of claim 1, wherein the first communication device enables communication with the customer via the RCD utilising two or more communication sessions.
  - 6. The transaction authorisation system of claim 1, wherein (a) includes one or more of a PIN, a password, pass phrase, or biometric data.
  - 7. The transaction authorisation system of claim 1, wherein the customer is identified by comparing (a) to a voice print or voice biometric data derived from a verbal response by the customer to a random word, phrase and/or request for information provided by the system, and comparing the verbal response of the customer to the randomly generated word or phrase and/or information accessed by the system.
  - 8. The transaction authorisation system of claim 1, wherein (b) includes one or more of a phone number, an International Mobile Equipment Identity (IMEI), Internet Protocol (IP) address, or Media Access Control (MAC) address.
  - 9. The transaction authorisation system of claim 1, wherein the first communication device allows the customer to indicate if a transaction on the at least one customer account is fraudulent, the data processor determines if the transaction has been indicated as being fraudulent by the customer, and the second communication device provides an indication to the institution of whether the transaction is indicated as being fraudulent by the customer.
  - 10. The transaction authorisation system of claim 1, wherein the first communication device includes an interactive voice response (IVR) system.
  - 11. The transaction authorisation system of claim 10, wherein the IVR system provides the customer with at least the options of authorising the transaction, cancelling the transaction or indicating the transaction as fraudulent.
  - 12. The transaction authorisation system of claim 1, wherein the data storage further enables access to RCD contact information for use by the first communication device in enabling communication with the customer via the RCD.
  - 27. A remote payment system allowing a customer to transact payments for goods and services remotely in a secure manner with members of the system including a transaction authorisation system according to claim 1.
  - 28. A transaction authorisation system according to claim 1 for use in the context of authenticating credit card transactions.

13. A method for allowing a customer to authorise transactions relating to at least one customer account held at an institution, the method including the steps of:
- a) an authorisation server receiving an authorisation request from the institution in relation to a transaction on the at least one customer account;
  
  b) the authorisation server communicating with the customer via a remote communication device (RCD) of the customer to authorise the transaction;
  
  c) the authorisation server identifying the customer using identification data associated with the customer to which the authorisation server has access;
  
  d) the authorisation server identifying the RCD using store identification data associated with the RCD to which the authorisation server has access;
  
  e) the authorisation server determining if the transaction is authorised by the customer;
  
  f) the authorisation server communicating an indication to the institution of whether or not the transaction is authorised by the customerwherein the authorisation request received by the authorisation server and the indication provided to the institution are referenced by the institution and the authentication server to security identifier data for associating the at least one customer account with one or both of the stored identification data associated with the customer and the stored identification data associated with the RCD.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 29, 32)
- - 14. The transaction authorisation method of claim 13, wherein the security identifier data is not communicated to the customer.
  - 15. The transaction authorisation method of claim 13, wherein the security identifier data is not the same as, nor derived from, characteristics of or personal information relating to the customer.
  - 16. The transaction authorisation method of claim 13, wherein the communication with the customer via the RCD utilises a communication medium which is distinct from the communications medium utilised to conduct the transaction.
  - 17. The transaction authorisation method of claim 13, wherein the communication with the customer via the RCD utilises two or more communication sessions.
  - 18. The transaction authorisation method of claim 13, wherein the stored identification data associated with the customer includes one or more of a PIN, a password, pass phrase, or biometric data.
  - 19. The transaction authorisation method of claim 13, wherein step c) involves the sub-steps ofi) the authorisation server comparing the identification data associated with the customer to a voice print or voice biometric data derived from a verbal response by the customer to a random word, phrase and/or request for information provided by the authorisation server;
    - and
20. The transaction authorisation method of claim 13, wherein stored identification data associated with the RCD includes one or more of a phone number, an International Mobile Equipment Identity (IMEI), Internet Protocol (IP) address, or Media Access Control (MAC) address.
21. The transaction authorisation method of claim 13, wherein the authorisation server determines if the transaction on the at least one customer account has been indicated as being fraudulent by the customer, and communicates an indication to the institution of whether the transaction is indicated as being fraudulent by the customer.
22. The transaction authorisation method of claim 13, wherein the communication with the customer via the RCD includes the use of an interactive voice response (IVR) system.
23. The transaction authorisation method of claim 22, wherein the IVR system provides the customer with at least the options of authorising the transaction, cancelling the transaction or indicating the transaction as fraudulent.
24. The transaction authorisation method of claim 13, wherein communication with the customer via the RCD is enabled using stored RCD contact information.
29. A remote payment system allowing a customer to transact payments for goods and services remotely in a secure manner with members of the system including a transaction authorisation method according to claim 13.
32. A transaction authorisation method according to claim 13 for use in the context of authenticating credit card transactions.

25. A method for allowing a customer to authorise transactions relating to at least one customer account, the method including the steps of:
- a) an authorisation server receiving an authorisation request in relation to a transaction on the customer account;
  
  b) the authorisation server communicating with the customer via a remote communication device (RCD) of the customer to authorise the transaction;
  
  c) the authorisation server requesting the customer to verbally repeat a random word or phrase generated by the server, and/or provide at least some information associated with the customer or the customer account;
  
  d) the authorisation server accessing data associated with the customer and/or the customer account, and voice print or voice biometric identification data associated with the customer; and
  
  e) the authorisation server identifying the customer by comparing the word, phrase and/or information provided by the customer to the random word or phrase generated by the system, and/or data accessed by the server, and comparing the resulting voice print or voice biometric data of the customer to the voice print or voice biometric identification data accessed by the server;
  
  f) wherein the customer is only allowed to authorise a transaction once the customer has been identified.
- View Dependent Claims (30, 33)
- - 30. A remote payment system allowing a customer to transact payments for goods and services remotely in a secure manner with members of the system including a transaction authorisation method according to claim 25.
  - 33. A transaction authorisation method according to claim 25 for use in the context of authenticating credit card transactions.

26. A transaction authorisation system for allowing a customer to authorise transactions relating to at least one customer account, the system including:
- a data storage for enabling access toa) voice print or voice biometric identification data associated with the customer; and
  
  b) identification data associated with a remote communication device (RCD) of the customer; and
  
  c) data associated with the customer and/or the customer account;
  
  a communication device for enabling communication with the customer via the RCD and requesting the customer to verbally repeat a random word or phrase generated by the system, and/or provide at least some information associated with the customer or the customer account; and
  
  a data processing architecture including a data processor to identify the RCD using (b), identify the customer by comparing the word, phrase and/or information provided by the customer to the random word or phrase generated by the system and/or (c), and comparing the resulting voice print or voice biometric data of the customer to (a), and determine if the transaction is authorised by the customer;
  
  wherein the customer is only allowed to authorise a transaction once the customer has been identified.
- View Dependent Claims (31, 34)
- - 31. A remote payment system allowing a customer to transact payments for goods and services remotely in a secure manner with members of the system including a transaction authorisation system according to claim 26.
  - 34. A transaction authorisation system according to claim 26 for use in the context of authenticating credit card transactions.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SQID Technologies Ltd.
Original Assignee
SQID Technologies Ltd.
Inventors
Walter, Greg

Application Number

US12/297,591
Publication Number

US 20090313165A1
Time in Patent Office

Days
Field of Search
US Class Current

705/41
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 21/629   to features or functions of...

G06F 2221/2103   Challenge-response

G06F 2221/2129   Authenticate client device ...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4014   Identity check for transact...

G06Q 20/40145   Biometric identity checks

G06Q 20/425   using two different network...

H04L 63/08   for authentication of entit...

TRANSACTION AUTHORISATION SYSTEM & METHOD

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

85 Citations

34 Claims

Specification

Solutions

Use Cases

Quick Links

TRANSACTION AUTHORISATION SYSTEM & METHOD

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

85 Citations

34 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links