METHOD FOR AUTHENTICATING TRANSACTIONS
First Claim
1. A method for authenticating and authorizing a transaction involving a terminal provider of a product or a service and a mobile application of a user mobile device wherein:
- during a registration process of the mobile application to a server;
operating the server to generates a set of transaction unpredictable numbers,operating the server to send said generated set of transaction unpredictable numbers to the mobile application,during the authentication and authorization of the transaction;
operating the mobile application to select a stored unused transaction unpredictable number, said selected unused transaction unpredictable number allowing to identify said transaction,operating the mobile application to elaborate a transaction authorization request message from the selected transaction unpredictable number,operating the mobile application to encode the authorization request into a simplex communication data,operating the terminal provider to receive and decode the simplex communication data,operating the terminal provider to send to the server, the decoded simplex communication data for authentication and authorization of the transaction,operating the server to verify a match of a transaction unpredictable number between the content of the decoded transaction authorization request message and the server transaction unpredictable number database,if the verification is successful, operating the server to add the matched transaction unpredictable number to the authorization request message,operating the server to send the transaction authorization request to an issuer,operating the server to receives from the issuer receiving the transaction authorization result indicating whether or not said transaction is authenticated and authorized,operating the server to forward the transaction authorization result to the terminal provider.
3 Assignments
0 Petitions
Accused Products
Abstract
The present invention generally relates to systems and methods for authenticating transactions through a simplex communication. To allow trusting the transaction with a payment by an image code such QR code, the invention proposes means to authenticate said transaction. For that, when the mobile payment application is loaded into preferably a secure element of the user mobile device a registration process is enabled. During this registration process on a server, an account of the user is created and a set of unpredictable numbers in quantity N is generated. This set of unpredictable numbers is transmitted to the mobile payment application for storage. The payment application uses the stored set of transaction unpredictable numbers for next N times transactions performed by the mobile payment application for transaction cryptogram calculation. The same transaction unpredictable number is recovered in the server side during the transaction authorization process.
16 Citations
20 Claims
-
1. A method for authenticating and authorizing a transaction involving a terminal provider of a product or a service and a mobile application of a user mobile device wherein:
-
during a registration process of the mobile application to a server; operating the server to generates a set of transaction unpredictable numbers, operating the server to send said generated set of transaction unpredictable numbers to the mobile application, during the authentication and authorization of the transaction; operating the mobile application to select a stored unused transaction unpredictable number, said selected unused transaction unpredictable number allowing to identify said transaction, operating the mobile application to elaborate a transaction authorization request message from the selected transaction unpredictable number, operating the mobile application to encode the authorization request into a simplex communication data, operating the terminal provider to receive and decode the simplex communication data, operating the terminal provider to send to the server, the decoded simplex communication data for authentication and authorization of the transaction, operating the server to verify a match of a transaction unpredictable number between the content of the decoded transaction authorization request message and the server transaction unpredictable number database, if the verification is successful, operating the server to add the matched transaction unpredictable number to the authorization request message, operating the server to send the transaction authorization request to an issuer, operating the server to receives from the issuer receiving the transaction authorization result indicating whether or not said transaction is authenticated and authorized, operating the server to forward the transaction authorization result to the terminal provider. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification