Authenticated Payment
First Claim
1. A method for authenticating a payment transaction over a network, comprising:
- at a payment authentication service, linking secret information to at least a first payment instrument of a buyer, the secret information being known only to the buyer;
receiving a request to authenticate the buyer as being authorized to use the first payment instrument in a payment transaction;
subsequent to the step of linking the secret information to the first payment instrument and in response to receiving the request to authenticate the buyer, sending a challenge request to the buyer over the network, the challenge request including a summary of the payment transaction;
subsequent to the step of linking the secret information to the first payment instrument, receiving a selection of the first payment instrument from the buyer;
receiving a challenge response from the buyer over the network, the challenge response proving that the buyer has access to the secret information;
in response to receiving the challenge response, determining that the buyer has access to the secret information and that the buyer is authorized to use the first payment instrument; and
notifying the seller that the buyer is authorized to use the first payment instrument.
0 Assignments
0 Petitions
Accused Products
Abstract
A buyer (110) wishes to use a payment instrument as part of an online commerce transaction with a seller (120) and it is desired to authenticate that the buyer (110) has authority to use the payment instrument. A separate authentication service (130) determines whether the buyer (110) has access to certain secret information without revealing the secret information to the seller (120). Access to the secret information would verify that the buyer (110) has authority to use the payment instrument. The authentication service (130) informs the seller (120) whether the buyer (110) is authorized to use the payment instrument.
47 Citations
13 Claims
-
1. A method for authenticating a payment transaction over a network, comprising:
-
at a payment authentication service, linking secret information to at least a first payment instrument of a buyer, the secret information being known only to the buyer; receiving a request to authenticate the buyer as being authorized to use the first payment instrument in a payment transaction; subsequent to the step of linking the secret information to the first payment instrument and in response to receiving the request to authenticate the buyer, sending a challenge request to the buyer over the network, the challenge request including a summary of the payment transaction; subsequent to the step of linking the secret information to the first payment instrument, receiving a selection of the first payment instrument from the buyer; receiving a challenge response from the buyer over the network, the challenge response proving that the buyer has access to the secret information; in response to receiving the challenge response, determining that the buyer has access to the secret information and that the buyer is authorized to use the first payment instrument; and notifying the seller that the buyer is authorized to use the first payment instrument. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer readable medium storing instructions adapted to be executed by a processor, the instructions causing the processor to perform a method comprising:
-
at a payment authentication service, linking secret information to at least a first payment instrument of a buyer, the secret information being known only to the buyer; receiving a request to authenticate the buyer as being authorized to use the first payment instrument in a payment transaction; subsequent to the step of linking the secret information to the first payment instrument and in response to receiving the request to authenticate the buyer, sending a challenge request to the buyer over the network, the challenge request including a summary of the payment transaction; subsequent to the step of linking the secret information to the first payment instrument, receiving a selection of the first payment instrument from the buyer; receiving a challenge response from the buyer over the network, the challenge response proving that the buyer has access to the secret information; in response to receiving the challenge response, determining that the buyer has access to the secret information and that the buyer is authorized to use the first payment instrument; and notifying the seller that the buyer is authorized to use the first payment instrument.
-
-
13. A system for authenticating a payment transaction over a network, comprising:
-
a transaction archive; and an authentication service coupled to the transaction archive and the network, the authentication service web server configured to; link secret information to at least a first payment instrument of a buyer, the secret information being known only to the buyer; receive a request to authenticate the buyer as being authorized to use the first payment instrument in a payment transaction; subsequent to the step of linking the secret information to the first payment instrument and in response to receiving the request to authenticate the buyer, send a challenge request to the buyer over the network, the challenge request including a summary of the payment transaction; subsequent to the step of linking the secret information to the first payment instrument, receive a selection of the first payment instrument from the buyer; receive a challenge response from the buyer over the network, the challenge response proving that the buyer has access to the secret information; in response to receiving the challenge response, determine that the buyer has access to the secret information and that the buyer is authorized to use the first payment instrument; and notify the seller that the buyer is authorized to use the first payment instrument.
-
Specification