PAYMENT TRANSACTION PROCESSING USING OUT OF BAND AUTHENTICATION
First Claim
1. A transaction processor, comprising:
- an electronic processor;
a memory coupled to the electronic processor; and
a set of instructions stored in the memory which, when executed by the electronic processor implement a process toreceive a request to authenticate a transaction initiated by a user at a merchant'"'"'s web-site;
send a request for authentication data to the user over a first communications channel;
receive a response to the request for authentication data from the user over the first communications channel;
process the received response to obtain the user'"'"'s contact data to enable contacting the user over a second communications channel;
send a request to approve the transaction to the user over the second communications channel; and
in response to the request to approve the transaction, receive a message from the user approving or denying the transaction over the second communications channel, the message including a digitally signed certificate authenticating the user.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, apparatuses, and methods for increasing the security of electronic payment transactions, such as eCommerce transactions conducted over the Internet. A transaction approval or authorization mechanism uses an out of band process to provide authentication or identification data that has previously been registered by a user and associated with the user'"'"'s payment device or account. The out of band authentication data may be provided in response to a message sent to a user'"'"'s mobile phone, where the message is generated in response to entering the user'"'"'s phone number into a form that is provided when the user engages in an electronic payment transaction using a desktop computer. The data may include a digital signature and associated digital certificate that is used to authenticate the user.
198 Citations
18 Claims
-
1. A transaction processor, comprising:
-
an electronic processor; a memory coupled to the electronic processor; and a set of instructions stored in the memory which, when executed by the electronic processor implement a process to receive a request to authenticate a transaction initiated by a user at a merchant'"'"'s web-site; send a request for authentication data to the user over a first communications channel; receive a response to the request for authentication data from the user over the first communications channel; process the received response to obtain the user'"'"'s contact data to enable contacting the user over a second communications channel; send a request to approve the transaction to the user over the second communications channel; and in response to the request to approve the transaction, receive a message from the user approving or denying the transaction over the second communications channel, the message including a digitally signed certificate authenticating the user. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of processing an electronic payment transaction, comprising:
-
registering a user by associating contact data for the user with the user'"'"'s payment account; receiving a request to authorize an electronic payment transaction initiated by the user; sending a request for authentication data to the user over a first communications channel; receiving a response to the request for authentication data over the first communications channel; processing the response to determine contact data for the user; generating a transaction approval message to be sent to the user; sending the transaction approval message to the user over a second communications channel using the contact data; and in response to the transaction approval message, receiving a message from the user approving or denying the transaction, the message including a digitally signed certificate authenticating the user. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A method of processing an electronic payment transaction, comprising:
-
receiving a request to authenticate the electronic payment transaction from a merchant'"'"'s web-site, wherein the electronic payment transaction is initiated by a user; sending a request for authentication data to the user over a first communications channel; receiving a response to the request for authentication data over the first communications channel; processing the response to determine the user'"'"'s mobile phone number; generating a transaction approval message to be sent to the user; sending the transaction approval message to the user'"'"'s mobile phone; and receiving a response to the transaction approval message from the user'"'"'s mobile phone, the response including a digitally signed certificate authenticating the user. - View Dependent Claims (15, 16, 17, 18)
-
Specification