VERIFICATION OF PORTABLE CONSUMER DEVICES

US 20100293382A1
Filed: 05/14/2010
Published: 11/18/2010
Est. Priority Date: 05/15/2009
Status: Active Grant

First Claim

Patent Images

1. A verification token comprising:

a peripheral interface adapted to couple to a peripheral interface of a computer;

a reader adapted to read identification information from portable consumer devices;

a computer-readable medium;

a data processor electrically coupled to the peripheral interface of the verification token, the reader, and the computer-readable medium;

code embodied on the computer-readable medium that directs the data processor to receive identification information read from a portable consumer device by the reader;

code embodied on the computer-readable medium that directs the data processor to communicate with a computer by way of the peripheral interface of the verification token and to gain access to a networking facility of the computer;

code embodied on the computer-readable medium that directs the data processor to transmit by way of the networking facility of the computer at least a portion of the received identification information to an entity that can provide a device verification value; and

code embodied on the computer-readable medium that directs the data processor to receive, after transmitting said identification information, a device verification value from the entity by way of the networking facility of the computer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Apparatuses, methods, and systems pertaining to the verification of portable consumer devices are disclosed. In one implementation, a verification token is coupled to a computer by a USB connection so as to use the computer'"'"'s networking facilities. The verification token reads identification information from a user'"'"'s portable consumer device (e.g., credit card) and sends the information to a validation entry over a communications network using the computer'"'"'s networking facilities. The validation entity applies one or more validation tests to the information that it receives from the verification token. If a selected number of tests are passed, the validation entity sends a device verification value to the verification token, and optionally to a payment processing network. The verification token may enter the device verification value into a CVV field of a web page appearing on the computer'"'"'s display, or may display the value to the user using the computer'"'"'s display.

205 Citations

29 Claims

1. A verification token comprising:
- a peripheral interface adapted to couple to a peripheral interface of a computer;
  
  a reader adapted to read identification information from portable consumer devices;
  
  a computer-readable medium;
  
  a data processor electrically coupled to the peripheral interface of the verification token, the reader, and the computer-readable medium;
  
  code embodied on the computer-readable medium that directs the data processor to receive identification information read from a portable consumer device by the reader;
  
  code embodied on the computer-readable medium that directs the data processor to communicate with a computer by way of the peripheral interface of the verification token and to gain access to a networking facility of the computer;
  
  code embodied on the computer-readable medium that directs the data processor to transmit by way of the networking facility of the computer at least a portion of the received identification information to an entity that can provide a device verification value; and
  
  code embodied on the computer-readable medium that directs the data processor to receive, after transmitting said identification information, a device verification value from the entity by way of the networking facility of the computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 2. The verification token of claim 1, wherein the peripheral interface of the verification token comprises a universal serial bus connector.
  - 3. The verification token of claim 1, wherein the identification information is encrypted and includes an account number of a portable consumer device and at least one of the following:
    - a digital fingerprint of a magnetic stripe of the portable consumer device, or a variable datum that varies each time the portable consumer device is read for its identification information.
  - 4. The verification token of claim 1, wherein the code that directs the data processor to communicate with a computer comprises code that directs the data processor to send a device driver to the computer and an instruction to install the device driver in the computer'"'"'s operating system, wherein the device driver enables the computer to recognize the verification token and communicate with the verification token;
    - wherein the code that directs the data processor to gain access to a networking facility of the computer comprises a function call to a network services module of the computer'"'"'s operating system.
  - 5. The verification token of claim 1 further comprising a serial number and an encryption key, and wherein the verification token transmits the serial number and a message encrypted by the encryption key to the entity, the serial number and the encryption key being uniquely assigned to the verification token.
  - 6. The verification token of claim 1, further comprising:
    - code embodied on the computer-readable medium that directs the data processor to locate a browser web page on the computer that has a form field for a device verification value, and to enter the device verification value received from the entity in the form field.
  - 7. The verification token of claim 1, further comprising:
    - code embodied on the computer-readable medium that directs the data processor to locate a browser web page on the computer that has a hidden field for a device verification value, and to enter the device verification value received from the entity in the hidden field.
  - 8. The verification token of claim 1, further comprising:
    - code embodied on the computer-readable medium that directs the data processor to display the device verification value received from the entity to the user on a display of the computer.
  - 9. The verification token of claim 1, wherein the code that directs the data processor to receive the device verification value from the entity further directs the data processor to receive a dynamic account number from the entity.
  - 10. The verification token of claim 9, further comprising:
    - code embodied on the computer-readable medium that directs the data processor to locate a browser web page on the computer that has a first form field for an account number and a second form field for a device verification value, and to fill the first field with the dynamic account number and the second field with the device verification value received from the entity.
  - 11. The verification token of claim 9, further comprising:
    - code embodied on the computer-readable medium that directs the data processor to display the dynamic account number and the device verification value received from the entity to the user on a display device of the computer.
  - 12. The verification token of claim 1, wherein the code that directs the data processor to receive the device verification value from the entity further directs the data processor to receive address information from the entity;
    - andwherein the verification token further comprises code embodied on the computer-readable medium that directs the data processor to locate a browser web page on the computer that has a plurality of form fields for address information, and to fill said fields with respective portions of the address information received from the entity.
  - 13. The verification token of claim 1, further comprising the code that directs the data processor to obtain address information from the computer-readable medium;
    - andcode embodied on the computer-readable medium that directs the data processor to locate a browser web page on the computer that has a plurality of form fields for address information, and to fill said fields with respective portions of the obtained address information.
  - 14. The verification token of claim 1, further comprising:
    - code embodied on the computer-readable medium that directs the data processor to prompt a user to enter a password on a keyboard of the computer, to read a password entered by the user, and to compare the entered password against a stored password embodied on the computer-readable medium; and
      
      code embodied on the computer-readable medium that directs the data processor to prevent identification information from at least being read or sent when the read password is not the same as the stored password.
  - 15. The verification token of claim 1, further comprising:
    - code embodied on the computer-readable medium that directs the data processor to establish, using the networking facility of the computer, a communications session with the entity that can provide a device verification value; and
      
      code embodied on the computer-readable medium that directs the data processor to transmit the at least a portion of the received identification information using the established communications session.
  - 16. The verification token of claim 15, wherein the code that directs the data processor to establish a communications session with the entity using the networking facility of the computer comprises one or more function calls to an application program interface of a network services module of the computer, the one or more function calls providing a universal resource identifier of an entity and an instruction to establish a communications session with the entity, the universal resource identifier being stored in the computer-readable medium or read from the portable consumer device.
  - 17. The verification token of claim 16, wherein the communications session is established before the data processor reads device data from the reader.
  - 18. The verification token of claim 16, further comprising code that directs the data processor to select one of a number of universal resource identifiers stored in the token based on a bank number provided in the read identification information or embedded in the account number of the read identification information.
  - 19. The verification token of claim 1, further comprising code that directs the processor to encrypt the at least a portion of the identification information prior to transmitting it to the entity that can provide a device verification value.

20. A method comprising:
- establishing a communications link between a verification token and a computer, the computer having a networking facility;
  
  reading identification information from a portable consumer device into the verification token;
  
  transmitting the read identification information from the verification token to an entity that can provide a device verification value through the networking facility of the computer; and
  
  after transmitting the identification information, receiving, at the verification token, a device verification value from the entity by way of the networking facility of the computer.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28)
- - 21. The method of claim 20, further comprising encrypting, in the verification token, at least a portion of the identification information read from the portable consumer device using an encryption key stored in the verification token.
  - 22. The method of claim 20 further comprising:
    - prompting a user to enter a password into the computer;
      
      reading a password entered by the user;
      
      comparing the entered password against a password stored in the verification token; and
      
      preventing identification information from at least being read or sent when the read password is not the same as the stored password.
  - 23. The method of claim 20 further comprising:
    - transmitting from the verification token to the entity through the networking facility of the computer a serial number stored in the verification token and a message encrypted by an encryption key stored in the verification token, the serial number and the encryption key being uniquely assigned to the verification token.
  - 24. The method of claim 20 further comprising at least one of the actions of:
    - displaying the device verification value received from the entity to the user on a display of the computer; and
      
      locating a browser web page on the computer that has a form field for a device verification value, and entering the device verification value received from the entity in the form field.
  - 25. The method of claim 20 further comprising locating a browser web page on the computer that has a hidden field for a device verification value, and entering the device verification value received from the entity in the hidden field.
  - 26. The method of claim 20, further comprising, after transmitting the identification information:
    - receiving, at the verification token, a dynamic account number from the entity by way of the communications session.
  - 27. The method of claim 26, further comprising:
    - locating a browser web page on the computer that has a first form field for an account number and a second form field for a device verification value; and
      
      filling the first field with the dynamic account number and the second field with the device verification value received from the entity.
  - 28. The method of claim 20, further comprising:
    - receiving, in the verification token, address information from the entity that can provide a device verification value;
      
      locating a browser web page on the computer that has a plurality of form fields for address information; and
      
      filling said fields with respective portions of the obtained address information.

29-74. -74. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Hammad, Ayman

Granted Patent

US 9,038,886 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/173
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 2221/2129   Authenticate client device ...

G06Q 20/12   specially adapted for elect...

G06Q 20/3674   involving authentication

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 20/42   Confirmation, e.g. check or...

G06Q 20/425   using two different network...

G06Q 2220/00   Business processing using c...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/0853   using an additional device,...

H04L 63/126   the source of the received ...

H04L 9/3234   involving additional secure...

VERIFICATION OF PORTABLE CONSUMER DEVICES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

205 Citations

29 Claims

Specification

Solutions

Use Cases

Quick Links

VERIFICATION OF PORTABLE CONSUMER DEVICES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

205 Citations

29 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links