ACCOUNT AUTHENTICATION SERVICE WITH CHIP CARD
First Claim
1. A method of authenticating a cardholder during an online transaction for a requesting party, said method comprising:
- establishing a connection between a cardholder computer and a requesting party computer over an Internet connection by a cardholder in possession of a chip card;
receiving a cardholder authentication request from said requesting party at said cardholder computer that includes a cardholder account identifier, and forwarding said cardholder authentication request to a trusted party access control server;
receiving a chip authentication request at said cardholder computer from said access control server;
generating a cryptogram by said chip card, said chip card being in communication with said cardholder computer;
receiving at said cardholder computer a cardholder authentication password that is a valid password corresponding to said cardholder account identifier;
sending said cryptogram and said cardholder authentication password from said cardholder computer to said access control server; and
forwarding a cardholder authentication response from said trusted party access control server to said requesting party computer indicating that said chip card and said cardholder authentication password are authentic, whereby said access control server authenticates said cardholder for said requesting party during said online transaction.
1 Assignment
0 Petitions
Accused Products
Abstract
A payment authentication service authenticates the identity of a payer during online transactions. The authentication service of the present invention allows a card issuer to verify a cardholder'"'"'s identity using a variety of authentication methods, such as the use of passwords. Also, the only system participant requiring a certificate is the issuing financial institution. One embodiment of the invention for authenticating the identity of a cardholder during an online transaction involves querying an access control server to determine if a cardholder is enrolled in the payment authentication service, requests a password from the cardholder, verifies the password, and notifies a merchant whether the cardholder'"'"'s authenticity has been verified. In another aspect of the invention, a chip card and the authentication service independently generate cryptograms that must match in order for the service to verify that the correct chip card is being used by the cardholder.
265 Citations
22 Claims
-
1. A method of authenticating a cardholder during an online transaction for a requesting party, said method comprising:
-
establishing a connection between a cardholder computer and a requesting party computer over an Internet connection by a cardholder in possession of a chip card; receiving a cardholder authentication request from said requesting party at said cardholder computer that includes a cardholder account identifier, and forwarding said cardholder authentication request to a trusted party access control server; receiving a chip authentication request at said cardholder computer from said access control server; generating a cryptogram by said chip card, said chip card being in communication with said cardholder computer; receiving at said cardholder computer a cardholder authentication password that is a valid password corresponding to said cardholder account identifier; sending said cryptogram and said cardholder authentication password from said cardholder computer to said access control server; and forwarding a cardholder authentication response from said trusted party access control server to said requesting party computer indicating that said chip card and said cardholder authentication password are authentic, whereby said access control server authenticates said cardholder for said requesting party during said online transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of authenticating a cardholder during an online transaction for a requesting party, said method comprising:
-
receiving a cardholder authentication request originating from a requesting party computer at a trusted party access control server, said cardholder authentication request being routed via a cardholder computer and including a cardholder account identifier; sending a chip authentication request from said access control server to said cardholder computer; receiving a chip authentication response from said cardholder computer at said access control server that includes a cryptogram and a cardholder authentication password, said cryptogram being generated by a chip card and application in communication with said cardholder computer; generating a second cryptogram at said access control server and comparing said second cryptogram to said cryptogram; comparing, by said access control server, said cardholder authentication password with a stored password that corresponds to said cardholder account identifier; and upon a positive comparison of said cryptograms and a positive comparison of said passwords, sending, via said cardholder computer, a cardholder authentication response from said trusted party access control server to said requesting party computer indicating that said chip card and said cardholder authentication password are authentic, whereby said access control server authenticates said cardholder for said requesting party during said online transaction. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A method of authenticating a cardholder having a cardholder account identifier during an online transaction, said method comprising:
-
receiving a chip authentication request at a cardholder computer from an access control server over an Internet connection; selecting an application on a chip card in communication with said cardholder computer; requesting that said chip card generate a cryptogram using data specific to said chip card; receiving said cryptogram from said chip card and said data specific to said chip card, said cryptogram being generated using said data specific to said chip card; prompting said cardholder to enter a cardholder authentication password into said cardholder computer; receiving at said cardholder computer said cardholder authentication password entered by said cardholder that is a valid password corresponding to said cardholder account identifier; and sending said cryptogram, said data specific to said chip card, and said cardholder authentication password to said access control server, whereby said cryptogram and said cardholder authentication password serve to authenticate said cardholder. - View Dependent Claims (16, 17, 18)
-
-
19. A method of authenticating a cardholder having a cardholder account identifier during an online transaction, said method comprising:
-
receiving a chip card authentication request message at a cardholder computer from an access control server over an Internet connection; prompting said cardholder to enter a chip card access password into said cardholder computer; receiving at said cardholder computer a chip card access password entered by said cardholder; selecting an application on a chip card in communication with said cardholder computer; using said chip card access password to unlock said application on said chip card and to receive a cardholder authentication password from said chip card that is a valid password corresponding to said cardholder account identifier; requesting that said chip card generate a cryptogram using data specific to said chip card; receiving said cryptogram from said chip card and said data specific to said chip card, said cryptogram being generated using said data specific to said chip card; and sending said cryptogram, said data specific to said chip card, and said cardholder authentication password to said access control server, whereby said cryptogram and said cardholder authentication password serve to authenticate said cardholder. - View Dependent Claims (20, 21, 22)
-
Specification