PAYMENT TRANSACTION PROCESSING USING OUT OF BAND AUTHENTICATION

US 20120271768A1
Filed: 07/02/2012
Published: 10/25/2012
Est. Priority Date: 11/14/2008
Status: Active Grant

First Claim

Patent Images

1-18. -18. (canceled)

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, apparatuses, and methods for increasing the security of electronic payment transactions, such as eCommerce transactions conducted over the Internet. A transaction approval or authorization mechanism uses an out of band process to provide authentication or identification data that has previously been registered by a user and associated with the user'"'"'s payment device or account. The out of band authentication data may be provided in response to a message sent to a user'"'"'s mobile phone, where the message is generated in response to entering the user'"'"'s phone number into a form that is provided when the user engages in an electronic payment transaction using a desktop computer. The data may include a digital signature and associated digital certificate that is used to authenticate the user.

Citations

37 Claims

1-18. -18. (canceled)

19. A method comprising:
- receiving, by the mobile device via a second communication channel, an authentication request message, wherein the authentication request message relates to a transaction conducted by a consumer using a first communications channel; and
  
  transmitting, by the mobile device via the second communications channel, an authentication response message approving or denying the transaction, the authentication response message including a digital certificate authenticating the consumer.
- View Dependent Claims (20, 21)
- - 20. The method of claim 19 wherein the mobile devices a mobile phone, and wherein the method further comprises:
    - downloading the digital certificate.
  - 21. The method of claim 19 wherein the first communications channel utilizes the Internet and the second communications channel comprises a cellular communications channel.

22. A mobile device comprising a processor, and a computer readable medium coupled to the processor, the computer readable medium comprising code, executable by the processor for implementing a method comprising:
- receiving, by the mobile device via a second communications channel, an authentication request message, wherein die authentication request message relates to a transaction conducted by a consumer using a first communications channel; and
  
  transmitting, by the mobile device via the second communications channel, an authentication response message approving or denying the transaction, the authentication response message including a digital certificate authenticating the consumer.
- View Dependent Claims (23, 24)
- - 23. The mobile device of claim 22 wherein the mobile device is a mobile phone, and wherein the method further comprises:
    - downloading the digital certificate.
  - 24. The mobile device of claim 22 wherein the first communications channel utilizes the Internet and the second communications channel comprises a cellular communications channel.

25. A transaction processor, comprising:
- an electronic processor;
  
  a memory coupled to the electronic processor; and
  
  a set of instructions stored in the memory which, when executed by the electronic processor cause the transaction processor toreceive a request to authorize a payment transaction, the payment transaction initiated by a consumer using a first device coupled to a first communications channel;
  
  process the received request to authorize the transaction to determine a payment account associated with the consumer;
  
  determine, based on the payment account, data that is used to contact the consumer on a second device;
  
  transmit a request to the consumer to approve the transaction by transmitting the request to the second device over a second communications channel; and
  
  in response to the request sent to the consumer to approve the transaction, receive a message from the consumer generated by the second device and provided over the second communications channel, the message approving or denying the transaction and including the digital certificate associated with the consumer.
- View Dependent Claims (26, 27, 28, 29, 30)
- - 26. The transaction processor of claim 25, wherein an application in the memory further enables the second device to securely communicate with a gateway server that couples the second communications channel to a different communications channel.
  - 27. The transaction processor of claim 25, wherein the data that is used to contact the consumer on the second device is a phone number associated with the second device.
  - 28. The transaction processor of claim 25, wherein the first device is a computing device coupled to the first communications channel.
  - 29. The transaction processor of claim 25, wherein the request to approve the transaction includes an address to which a response to the request should be directed.
  - 30. The transaction processor of claim 28, wherein the digital certificate corresponds to a digital certificate resident on the computing device.

31. A method of processing a payment transaction, comprising:
- receiving a request to authorize a payment transaction, the payment transaction initiated by a consumer using a first device coupled to a first communications channel;
  
  processing the received request to authorize the transaction to determine a payment account associated with the consumer;
  
  determining, based on the payment account, data that is used to contact the consumer on the second device;
  
  transmitting a request to the consumer to approve the transaction by transmitting the request to a second device over a second communications channel; and
  
  in response to the request sent to the consumer to approve the transaction, receiving a message from the consumer generated by the second device and provided over the second communications channel, the message approving or denying the transaction and including the digital certificate associated with the consumer.
- View Dependent Claims (32, 33, 34, 35, 36, 37)
- - 32. The method of claim 31, wherein the transaction approval message is a SMS message.
  - 33. The method of claim 31, wherein the transaction approval message is an email message.
  - 34. The method of claim 31, wherein the message from the consumer generated by the second device includes an address to which the response to the transaction approval message should be sent.
  - 35. The method of claim 31, wherein the method further comprises:
    - using a downloaded application on the mobile device to access the digital certificate from a server or from the consumer'"'"'s second device.
  - 36. The method of claim 31, wherein the first device is the consumer'"'"'s mobile phone.
  - 37. The method of claim 31, wherein the message approving or denying the transaction comprises authentication data, which is one or more of the consumer'"'"'s mobile phone number or a password associated with the consumer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Denis Kang
Original Assignee
Denis Kang
Inventors
Kang, Denis

Granted Patent

US 8,898,762 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/44
CPC Class Codes

G06Q 20/12   specially adapted for elect...

G06Q 20/326   Payment applications instal...

G06Q 20/38215   Use of certificates or encr...

G06Q 20/42   Confirmation, e.g. check or...

G06Q 20/425   using two different network...

G06Q 40/00   Finance; Insurance; Tax str...

PAYMENT TRANSACTION PROCESSING USING OUT OF BAND AUTHENTICATION

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

37 Claims

Specification

Solutions

Use Cases

Quick Links

PAYMENT TRANSACTION PROCESSING USING OUT OF BAND AUTHENTICATION

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

37 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links