Multifactor Authentication Using A Directory Server
First Claim
1. A method for authenticating a cardholder account, the method comprising:
- obtaining a first identifier and a cryptogram from a first entity, wherein the first identifier is associated with the cardholder account;
identifying an issuer associated with the cardholder account;
forwarding the first account identifier and the cryptogram to a second entity for validation;
receiving a second identifier from the second entity, wherein the second identifier is generated by the second entity and associated with a validated form of the first identifier; and
sending the second identifier to the first entity.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and a server computer are provided for authenticating a cardholder account. The server computer implements the method, which includes obtaining a first identifier and a cryptogram from a first entity, identifying an issuer associated with the cardholder account, forwarding the first account identifier and the cryptogram to a second entity for validation, receiving a second identifier from the second entity, and sending the second identifier to the first entity. The first identifier can be associated with the cardholder account. The second identifier can be generated by the second entity and associated with a validated form of the first identifier.
247 Citations
21 Claims
-
1. A method for authenticating a cardholder account, the method comprising:
-
obtaining a first identifier and a cryptogram from a first entity, wherein the first identifier is associated with the cardholder account; identifying an issuer associated with the cardholder account; forwarding the first account identifier and the cryptogram to a second entity for validation; receiving a second identifier from the second entity, wherein the second identifier is generated by the second entity and associated with a validated form of the first identifier; and sending the second identifier to the first entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A server computer for use in an authenticated transaction, the server computer comprising:
-
a processor; and a computer readable medium coupled to the processor, the computer readable medium comprising code, executable by the processor to implement a method comprising; receiving a first identifier and a cryptogram from an access device; identifying an issuer associated with the first identifier; sending the first identifier and the cryptogram to the issuer for validation; receiving a second identifier from the issuer, wherein the second identifier is associated with a validated form of the first identifier; and providing the second identifier to the access device, wherein the access device communicates the second identifier to a merchant to complete the authenticated transaction. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. A computer readable medium comprising code executable by a processor, for implementing a method comprising:
-
obtaining a first identifier and a cryptogram from a first entity, wherein the first identifier is associated with a cardholder account; identifying a second entity associated with the cardholder account; forwarding the first identifier and the cryptogram to the second entity for validation; receiving a second identifier from the second entity, wherein the second identifier is generated at the second entity and associated with a validated form of the first identifier; and sending the second identifier to the first entity.
-
-
21. A method for authenticating a transaction on an access device, the method comprising:
-
accessing a merchant website; initiating a transaction on the merchant website, wherein the merchant sends a request for payment during the transaction; interfacing with a reader, wherein the reader captures a first identifier stored on a portable consumer device and a cryptogram in response to the request for payment; forwarding the first identifier and the cryptogram to a directory server through a merchant plug in, wherein the directory server communicates the first identifier and the cryptogram to an issuer of the portable consumer device for validation; receiving a second identifier through the MPI, wherein the second identifier is associated with the validated first identifier; and communicating the second identifier to the reader from the MPI.
-
Specification