DYNAMIC NUMBER AUTHENTICATION FOR CREDIT/DEBIT CARDS
First Claim
1. A method for conducting commercial transactions comprising the steps of:
- providing an authentication system;
providing a transaction device including;
a power source;
a unique set of predetermined random numbers, said set including at least a plurality of numbers;
software for selecting and dispensing an unused number from the set of random numbers;
a memory for storing the software and the set of random numbers, wherein the set of random numbers is identical to a set of numbers stored in the external authentication system;
a display device for displaying the dispensed random number; and
,an account selection means;
selecting via the account selection means a unique account identifier number representing a type of account for conducting a commercial transaction;
invoking the software, for each activation of the selection means, to select and dispense a previously unused number from the set of random numbers and display the dispensed number and the unique account identifier in the display device; and
,providing the authentication system with the account identifier and the dispensed number, wherein the authentication system;
compares the dispensed number to the next unused number stored on the authentication system; and
,accepts the transaction if the dispensed number matches the next unused number stored on the authentication system or rejects the transaction if the dispensed number does not match the next unused number stored on the authentication system.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for conducting a commercial transaction over the Internet or other network connection are provided. The method includes the use of random numbers which are unique for each user session. These random numbers are pre-loaded onto a handheld, portable device, token, at the time of the device'"'"'s manufacture or programming. These numbers are generated by external systems. The external systems then deliver the number sets to the token for storage in the token'"'"'s internal memory and also to another random number database that is accessible by an authentication system. The random numbers are dispensed by the token to a user by pressing a button on the token or otherwise signaling the token. A simple polynomial equation may be employed in order to increase the number of codes. A dispensed number is cross referenced, by the authentication system, to the random number database that was created when the token was programmed. In this way the user or transaction can be authenticated. In its preferred configuration, it is intended that once the total number of random combinations, including the original random numbers and numbers generated by polynomial transformations, have been exhausted, the device becomes inoperable.
58 Citations
6 Claims
-
1. A method for conducting commercial transactions comprising the steps of:
-
providing an authentication system; providing a transaction device including; a power source; a unique set of predetermined random numbers, said set including at least a plurality of numbers; software for selecting and dispensing an unused number from the set of random numbers; a memory for storing the software and the set of random numbers, wherein the set of random numbers is identical to a set of numbers stored in the external authentication system; a display device for displaying the dispensed random number; and
,an account selection means; selecting via the account selection means a unique account identifier number representing a type of account for conducting a commercial transaction; invoking the software, for each activation of the selection means, to select and dispense a previously unused number from the set of random numbers and display the dispensed number and the unique account identifier in the display device; and
,providing the authentication system with the account identifier and the dispensed number, wherein the authentication system; compares the dispensed number to the next unused number stored on the authentication system; and
,accepts the transaction if the dispensed number matches the next unused number stored on the authentication system or rejects the transaction if the dispensed number does not match the next unused number stored on the authentication system. - View Dependent Claims (2, 3, 4, 5)
-
-
6. The method for conducting commercial transactions according to claim further including providing a PIN number, wherein the software is configured to request a user to enter the predetermined PIN number each time the transaction device is activated, and wherein the software is configured to not dispense a random number until the correct PIN number has been entered.
Specification
-
- Resources
-
Current AssigneeCardinalCommerce Corporation (Visa, Inc.)
-
Original AssigneeCardinalCommerce Corporation (Visa, Inc.)
-
InventorsHARTRIDGE, ANDREW J., BALASUBRAMANIAN, CHANDRA A., KERESMAN, MICHAEL A. III
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current705/41
-
CPC Class CodesC07D 209/88 with hetero atoms or with c...G06F 21/34 involving the use of extern...G06F 21/46 by designing passwords or c...G06F 21/77 in smart cardsG06Q 20/0855 involving a third partyG06Q 20/105 involving programming of a ...G06Q 20/3415 Cards acting autonomously a...G06Q 20/367 involving electronic purses...G06Q 20/3674 involving authenticationG06Q 20/382 insuring higher security of...G06Q 20/385 using an alias or single-us...G06Q 20/40 Authorisation, e.g. identif...G06Q 20/401 Transaction verificationG06Q 2220/00 Business processing using c...G06Q 2220/10 Usage protection of distrib...G06Q 2220/145 Specific computer ID, e.g. ...G06Q 2220/18 LicensingG07F 7/1008 Active credit-cards provide...H04L 2209/56 Financial cryptography, e.g...H04L 9/3228 One-time or temporary data,...
