METHODS AND SYSTEMS FOR AUTHENTICATING AN IDENTITY OF A PAYER IN A FINANCIAL TRANSACTION

US 20120011066A1
Filed: 07/12/2010
Published: 01/12/2012
Est. Priority Date: 07/12/2010
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating an identity of a cardholder in a financial transaction initiated by the cardholder with a merchant via a first communication medium, said method comprising:

receiving a purchase authentication request message from the merchant at an interchange computer system, the purchase authentication request message associated with the cardholder and the financial transaction;

generating a one-time password for the financial transaction at the interchange computer system;

transmitting the one-time password to the cardholder via a second communication medium different from the first communication medium;

prompting the cardholder to enter the one-time password;

determining that the entered one-time password is equal to the generated one-time password; and

transmitting a positive purchase authentication response message to the merchant indicating a successful authentication of the identity of the cardholder.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and computer-based method for using a one-time password (OTP) to authenticate an identity of a cardholder in a financial transaction initiated by the cardholder with a merchant via a first communication medium. A one-time password is generated at an interchange computer system and transmitted to the cardholder via a second communication medium. The cardholder is prompted to enter access credential information, including the one-time password. When the entered access credential information is verified (e.g., the entered one time password is equal to the generated one-time password), a successful authentication is indicated to the merchant.

100 Citations

View as Search Results

20 Claims

1. A method for authenticating an identity of a cardholder in a financial transaction initiated by the cardholder with a merchant via a first communication medium, said method comprising:
- receiving a purchase authentication request message from the merchant at an interchange computer system, the purchase authentication request message associated with the cardholder and the financial transaction;
  
  generating a one-time password for the financial transaction at the interchange computer system;
  
  transmitting the one-time password to the cardholder via a second communication medium different from the first communication medium;
  
  prompting the cardholder to enter the one-time password;
  
  determining that the entered one-time password is equal to the generated one-time password; and
  
  transmitting a positive purchase authentication response message to the merchant indicating a successful authentication of the identity of the cardholder.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method in accordance with claim 1, wherein transmitting the one-time password via the second communication medium comprises transmitting the one-time password to a predefined mobile telephone number as a short message service (SMS) message.
  - 3. The method in accordance with claim 2, further comprising:
    - registering the cardholder in the interchange computer system; and
      
      associating the predefined mobile telephone number with the cardholder in the interchange computer system.
  - 4. The method in accordance with claim 1, further comprising:
    - determining whether the one-time password is successfully delivered to the cardholder; and
      
      when the one-time password is not successfully delivered to the cardholder, providing a transmission failure notification to the cardholder.
  - 5. The method in accordance with claim 4, further comprising:
    - receiving a re-send request from the cardholder prompting the re-sending of the one-time password; and
      
      re-sending the one-time password to the cardholder via the second communication medium.
  - 6. The method in accordance with claim 1, further comprising transmitting transaction data to the cardholder via the second communication medium, the transaction data including data representing the financial transaction.
  - 7. The method in accordance with claim 6, wherein transmitting data includes transmitting at least one of a transaction number, a transaction amount, a merchant name, and a portion of an account number associated with the cardholder.
  - 8. The method in accordance with claim 1, further comprising, prior to receiving the purchase authentication request message:
    - receiving a verify enrollment request message including an account number associated with the cardholder from the merchant; and
      
      based at least in part on determining that the account number associated with the cardholder is included in a collection of account numbers enrolled in an authentication program, transmitting a positive verify enrollment response message to the merchant indicating that payer authentication is available for the cardholder.
  - 9. The method in accordance with claim 1, further comprising receiving a response from the cardholder via the second communication medium, wherein the positive authentication response message is transmitted based further on receiving the response from the cardholder via the second communication medium.
  - 10. The method in accordance with claim 1, wherein generating the one-time password comprises generating a sequence of random characters.

11. A system for authenticating an identity of a cardholder in a financial transaction initiated by the cardholder with a merchant computer system via a first communication medium, said system comprising:
- a memory device configured to store contact information associated with the cardholder;
  
  a communication interface configured to receive a purchase authentication request message from a merchant computer system;
  
  a processor coupled to said memory device and said communication interface, said processor programmed to;
  
  generate a one-time password for the financial transaction;
  
  provide the one-time password to the cardholder via a second communication medium different from the first communication medium using the contact information associated with the cardholder;
  
  prompt the cardholder to enter the one-time password;
  
  determine that the entered one-time password is equal to the generated one-time password; and
  
  transmit a positive purchase authentication response message to the merchant computer system indicating a successful authentication of the identity of the cardholder via said communication interface.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The system in accordance with claim 11, wherein said memory device is configured to store a mobile telephone number associated with the cardholder, and said processor is programmed to provide the one-time password to the cardholder by transmitting the one-time password to the mobile telephone number as a short message service (SMS) message.
  - 13. The system in accordance with claim 11, wherein said processor is further programmed to:
    - determine whether the one-time password is successfully delivered to the cardholder; and
      
      when the one-time password is not successfully delivered to the cardholder, provide a transmission failure notification to the cardholder via the communication interface.
  - 14. The system in accordance with claim 13, wherein said communication interface is configured to receive a re-send request from the cardholder prompting the re-sending of the one-time password, and said processor is further programmed to re-send the one-time password to the cardholder via the second communication medium based on the re-send request.
  - 15. The system in accordance with claim 11, wherein said processor is further programmed to transmit transaction data to the cardholder via the second communication medium, the transaction data representing the financial transaction.
  - 16. The system in accordance with claim 15, wherein said processor is further programmed to extract at least a portion of the transaction data from the purchase authentication request message.
  - 17. The system in accordance with claim 15, wherein said processor is programmed to transmit the transaction data at least in part by transmitting a transaction amount associated with the financial transaction.
  - 18. The system in accordance with claim 11, wherein:
    - said memory device is further configured to store a collection of account numbers enrolled in an authentication program;
      
      said communication interface is further configured to, prior to receiving the purchase authentication request message, receive a verify enrollment request message including an account number associated with the cardholder from the merchant computer system; and
      
      said processor is further programmed to, based at least in part on determining that the account number associated with the cardholder is included in the collection of account numbers, transmit a positive verify enrollment response message to the merchant computer system via said communication interface, the positive verify enrollment response message indicating that payer authentication is available for the financial transaction.
  - 19. The system in accordance with claim 11, wherein said memory device is further configured to store a predefined password associated with the cardholder, and said processor is further programmed to:
    - prompt the cardholder to enter the predefined password; and
      
      transmit the positive purchase authentication response message based further on determining that the entered predefined password is equal to the predefined password associated with the cardholder.

20. A computer-readable medium that includes computer executable instructions for authenticating an identity of a cardholder in a financial transaction initiated by the cardholder with a merchant via a first communication medium, said computer executable instructions configured to instruct a computer to:
- receive a purchase authentication request message from the merchant, the purchase authentication request message associated with the cardholder and the financial transaction;
  
  generate a one-time password for the financial transaction, the one-time password including a sequence of random characters;
  
  transmit the one-time password to the cardholder via a second communication medium different from the first communication medium;
  
  prompt the cardholder to enter the one-time password;
  
  determining that the entered one-time password is equal to the generated one-time password; and
  
  transmitting a positive purchase authentication response message to the merchant indicating a successful authentication of the identity of the cardholder.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Original Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Inventors
Telle, Todd N., Moskowitz, Sue Ellen

Granted Patent

US 8,527,417 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/44
CPC Class Codes

G06Q 20/385   using an alias or single-us...

G06Q 20/4014   Identity check for transact...

G06Q 20/425   using two different network...

METHODS AND SYSTEMS FOR AUTHENTICATING AN IDENTITY OF A PAYER IN A FINANCIAL TRANSACTION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

100 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHODS AND SYSTEMS FOR AUTHENTICATING AN IDENTITY OF A PAYER IN A FINANCIAL TRANSACTION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

100 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links