System and method for authenticating a transaction using a one-time pass code (OTPK)
First Claim
1. A method for authenticating a financial transaction, the method comprising:
- retrieving and storing an identification data parameter associated with a mobile device at the mobile device;
receiving a personal identification number (PIN) from a user at the mobile device;
generating a dynamic variable that is determinable at more than one location at the mobile device;
calculating an One-Time Pass Code (OTPK) based on the identification data parameter, the PIN, and the dynamic variable at the mobile device;
associating the OTPK with a monetary limit amount; and
providing the OTPK to be used at a financial institution for withdrawing monetary funds up to the monetary limit amount.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided is a system and method for authenticating a financial transaction using a dynamic code tied to a preset monetary limit. The dynamic code is generated at the user'"'"'s mobile device and linked to the preset monetary limit. The user uses the generated dynamic code instead of his or her static automated teller machine (ATM) personal identification number (PIN). The dynamic code, transaction data, and financial account data are transmitted to a validating entity for authorization of the transaction. If the withdrawal request exceeds the preset monetary limit, a request is sent to the user'"'"'s mobile device for an additional authorization of the new amount or the transaction is rejected based on the information in the user'"'"'s profile. The dynamic code may also be generated for use in Internet transactions and web payment transactions.
-
Citations
29 Claims
-
1. A method for authenticating a financial transaction, the method comprising:
-
retrieving and storing an identification data parameter associated with a mobile device at the mobile device; receiving a personal identification number (PIN) from a user at the mobile device; generating a dynamic variable that is determinable at more than one location at the mobile device; calculating an One-Time Pass Code (OTPK) based on the identification data parameter, the PIN, and the dynamic variable at the mobile device; associating the OTPK with a monetary limit amount; and providing the OTPK to be used at a financial institution for withdrawing monetary funds up to the monetary limit amount. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for authenticating a financial transaction, the method comprising:
-
receiving and storing at a server an identification data parameter associated with a mobile device and a personal identification number (PIN); generating at the mobile device a dynamic variable that is determinable at more than one location; transmitting the dynamic variable to the server to be used in decrypting the messages from the mobile device and authorizing the transaction; receiving at the server an authorization request to authorize the transaction, the request including at least an unique financial account identifier, the OTPK generated by the mobile device, and a monetary limit amount associated with the OTPK generated by the mobile device; the server determining whether the OTPK was generated by the mobile device based on the identification data parameter, the PIN, and the dynamic variable; and authorizing the transaction request in response to the determining step. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A system for authenticating a financial transaction, the system comprising:
-
an authorization database receiving and storing an identification data parameter associated with a mobile device, a transaction card and a personal identification number (PIN); a dynamic variable generator that generates a dynamic variable that is determinable at more than one location; a receiver that receives an authorization request to authorize a transaction, the request including at least an unique financial account identifier, the OTPK generated by the mobile device, and a monetary limit amount associated with the OTPK; and a processor determining whether the OTPK was generated by the mobile device based on the identification data parameter, the PIN, and the dynamic variable, and for authorizing the transaction request in response to the determining. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29)
-
Specification