SECURE SYNCHRONIZATION OF PAYMENT ACCOUNTS TO THIRD-PARTY APPLICATIONS OR WEBSITES
First Claim
1. A method of authorizing a payment transaction among a consumer, a merchant, and a registered consumer device by a transaction server, the method comprising:
- transmitting, by a merchant system to the transaction server over a first communication channel, a transaction-authorization request containing a consumer identifier but not including secure information of the consumer;
subsequent to the communication from the merchant system and without initiation by the consumer, transmitting the transaction authorization request to the registered consumer device over a second communication channel different from the first communication channel; and
upon receiving over the second communication channel a transaction authorization, which does not include secure consumer information, granted by the consumer via the registered device, transmitting the transaction authorization to the merchant system over the first communication channel.
17 Assignments
0 Petitions
Accused Products
Abstract
A two-factor approach for authenticating payment transactions between a third-party application and a consumer is facilitated by a transaction server via a consumer'"'"'s mobile device. A first communication channel (e.g., the Internet) is used to request authorization, and a second independent communication channel is used for identity verification and authorization. The second channel is typically the user'"'"'s mobile phone or other wireless communication device. In this way, authorization is de-linked from, but “synchronized” with, the communication channel used to purchase goods or services.
75 Citations
15 Claims
-
1. A method of authorizing a payment transaction among a consumer, a merchant, and a registered consumer device by a transaction server, the method comprising:
-
transmitting, by a merchant system to the transaction server over a first communication channel, a transaction-authorization request containing a consumer identifier but not including secure information of the consumer; subsequent to the communication from the merchant system and without initiation by the consumer, transmitting the transaction authorization request to the registered consumer device over a second communication channel different from the first communication channel; and upon receiving over the second communication channel a transaction authorization, which does not include secure consumer information, granted by the consumer via the registered device, transmitting the transaction authorization to the merchant system over the first communication channel. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A transaction server for authorizing a payment transaction among a consumer, a merchant, and a registered consumer device, the server comprising:
-
a first interface for communicating over a first communication channel for receiving, from a merchant server, a transaction authorization request containing a consumer identifier, the consumer identifier not including secure information of the consumer; a second interface for communicating over a second communication channel different from the first communication channel; and a processor configured to (i) identify the consumer based on the consumer identifier and without using secure information of the consumer, (ii) transmit the transaction authorization request to the registered consumer device over the second communication channel via the second interface without initiation by the consumer, and (iii) transmit the transaction authorization to the merchant system over the first communication channel via the first interface upon receiving, over the second communication channel via the second interface, a transaction authorization, which does not include secure consumer information, granted by the consumer via the registered consumer device. - View Dependent Claims (12, 13, 14, 15)
-
Specification