Systems and Methods For Secure Pin-Based Transactions Via a Host Based Pin Pad
First Claim
1. A method for securely authorizing a PIN-based transaction between a merchant system and a consumer device, comprising:
- receiving, from the merchant system via a first communication link, transaction data comprising an account identifier and a payment amount;
presenting a verification interface to the consumer device via a second communication link, said verification interface including a plurality of interactive controls;
receiving from the consumer device via said verification interface coordinates representing locations within the verification interface of selected interactive controls corresponding to PIN elements;
determining the PIN elements based on said coordinates;
building a PIN block based on said PIN elements and said transaction data within a secure server; and
providing said PIN block to a third party payment processor system and awaiting a confirmation from the third party payment processor system that the transaction has been authorized.
7 Assignments
0 Petitions
Accused Products
Abstract
A method and system for securely verifying over an open network a transaction using a payment card requiring authorization, such as a PIN, to be used. The system utilizes a secure host system to establish two lines of communication between a merchant and a consumer device used by an individual using the payment card. The secure host system provides a verification interface that is presented to the consumer device, providing a means for the individual to provide verification information. The secure host system receives verification information from the consumer device, couples the verification information with card information supplied by a merchant for verification from a third party payment provider. The transaction service provider verifies the transaction without sending the cardholder'"'"'s actual PIN over the open network.
-
Citations
19 Claims
-
1. A method for securely authorizing a PIN-based transaction between a merchant system and a consumer device, comprising:
-
receiving, from the merchant system via a first communication link, transaction data comprising an account identifier and a payment amount; presenting a verification interface to the consumer device via a second communication link, said verification interface including a plurality of interactive controls; receiving from the consumer device via said verification interface coordinates representing locations within the verification interface of selected interactive controls corresponding to PIN elements; determining the PIN elements based on said coordinates; building a PIN block based on said PIN elements and said transaction data within a secure server; and providing said PIN block to a third party payment processor system and awaiting a confirmation from the third party payment processor system that the transaction has been authorized. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system for of securely authorizing a PIN-based transaction between a merchant system and a consumer device, comprising:
-
a transaction gateway server for receiving from the merchant system via a first communication link transaction data comprising an account identifier and a payment amount; a verification application server for generating a verification interface and for randomly arranging a plurality of interactive controls within the verification interface; a verification gateway for providing the verification interface to the consumer device via a second communication link and for receiving from the consumer device via the verification interface coordinates representing locations within the verification interface of selected interactive controls corresponding to PIN elements; and a secured server for receiving the coordinates and the transaction data, determining the PIN elements based on said coordinates, building a PIN block based on said PIN elements and said transaction data, and providing said PIN block to a third party payment processor system for authorization of the transaction. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A method of securely authorizing a PIN-based transaction between a merchant system and a consumer device, comprising:
-
establishing a first communication link with the merchant system; receiving from the merchant system via said first communication link transaction data comprising an account identifier, a merchant ID, and a payment amount; in response to receiving the transaction data from the merchant system, determining that an account associated with the account identifier is PIN-able, that a BIN included within the account identifier is associated with a valid participating financial institution, and verifying that the merchant system is registered and in good standing based on the merchant ID; presenting a verification interface to the consumer device via a second communication link, said verification interface including a plurality of interactive controls randomly arranged within the verification interface; receiving from the consumer device via said verification interface coordinates representing locations within the verification interface of selected interactive controls corresponding to PIN elements; determining the PIN elements based on said coordinates within a hardware security module; building a PIN block based on said PIN elements and said transaction data within the hardware security module; providing said PIN block to a third party payment processor system and awaiting a confirmation from the third party payment processor system that the transaction has been authorized; and in response to receiving said confirmation, notifying the merchant system that the transaction has been authorized.
-
Specification