BROWSER INTEGRATION WITH CRYPTOGRAM

US 20160301683A1
Filed: 04/08/2016
Published: 10/13/2016
Est. Priority Date: 04/10/2015
Status: Active Grant

First Claim

Patent Images

1. A method of performing a transaction comprising:

receiving, by a server computer, authentication credentials of a user;

identifying, by the server computer, that a website accessed by the user is token-aware, wherein the token-aware website is configured to accept a token cryptogram in data fields of a webpage of the website;

providing, by the server computer, a transaction data identifier to the website, wherein the transaction data identifier identifies underlying transaction data and is associated with the authentication credentials;

receiving, by the server computer, a confirmation that the transaction data identified by the transaction data identifier is approved by the user to complete a transaction;

transmitting, by the server computer, a token and a cryptogram request to a processing network, wherein the token is linked to the transaction data identified by the transaction data identifier;

receiving from the processing network, a token cryptogram based on the token; and

providing, by the server computer, tokenized credentials and the token cryptogram to the data fields of the webpage of the website.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This disclosure includes utilizing a token cryptogram with a browser to facilitate a transaction. A webpage of a website is configured to accept a token cryptogram in fields of the webpage. The webpage of the website may indicate that it is token-aware and is configured to accept the token cryptograms.

22 Citations

View as Search Results

20 Claims

1. A method of performing a transaction comprising:
- receiving, by a server computer, authentication credentials of a user;
  
  identifying, by the server computer, that a website accessed by the user is token-aware, wherein the token-aware website is configured to accept a token cryptogram in data fields of a webpage of the website;
  
  providing, by the server computer, a transaction data identifier to the website, wherein the transaction data identifier identifies underlying transaction data and is associated with the authentication credentials;
  
  receiving, by the server computer, a confirmation that the transaction data identified by the transaction data identifier is approved by the user to complete a transaction;
  
  transmitting, by the server computer, a token and a cryptogram request to a processing network, wherein the token is linked to the transaction data identified by the transaction data identifier;
  
  receiving from the processing network, a token cryptogram based on the token; and
  
  providing, by the server computer, tokenized credentials and the token cryptogram to the data fields of the webpage of the website.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 further comprising:
    - assigning, by the server computer, a unique identifier to the website, wherein the unique identifier is included in the cryptogram request; and
      
      providing the unique identifier to the data fields of the webpage, wherein the data fields are hidden fields not visible to the user viewing the website.
  - 3. The method of claim 1, wherein identifying that the website is token-aware includes analyzing an html (HyperText Markup Language) tag of the website.
  - 4. The method of claim 3, wherein the html tag also verifies a trusted identity of the website.
  - 5. The method of claim 1, wherein identifying that the website is token-aware includes transmitting a unique identifier associated with the website to a processing network to verify the unique identifier.
  - 6. The method of claim 1 wherein the tokenized credentials are provide to the data fields of the webpage only when the website is identified as token-aware.
  - 7. The method of claim 1, wherein the transaction data is the tokenized credentials.
  - 8. The method of claim 1, wherein the transaction data identifier is a last four digits of a Primary Account Number (PAN).

9. A computer comprising:
- processing logic;
  
  a network interface coupled to the processing logic; and
  
  a computer readable medium accessible to the processing logic, the computer readable medium comprising code, executable by the processor, for implementing a method comprising;
  
  receiving, by the computer, authentication credentials of a user;
  
  identifying, by the computer, that a website accessed by the user is token-aware, wherein the token-aware website is configured to accept a token cryptogram in data fields of a webpage of the website;
  
  providing, by the computer, a transaction data identifier to the website, wherein the transaction data identifier identifies underlying transaction data and is associated with the authentication credentials;
  
  receiving, by the computer, a confirmation that the transaction data identified by the transaction data identifier is approved by the user to complete a transaction;
  
  transmitting, by the computer, a token and a cryptogram request to a processing network, wherein the token is linked to the transaction data identified by the transaction data identifier;
  
  receiving from the processing network, a token cryptogram based on the token; and
  
  providing, by the computer, tokenized credentials and the token cryptogram to the data fields of the webpage of the website.

10. A method of performing a transaction comprising:
- receiving a transaction data identifier from a server computer, wherein the transaction data identifier is associated with authentication credentials verified by the server computer;
  
  providing a transaction completion interface of a website to a computing device, the transaction completion interface making the transaction data identifier viewable to a user of the transaction completion interface, wherein the transaction data identifier identifies underlying transaction data;
  
  receiving a confirmation from the user that the transaction data identified by the transaction data identifier is approved to complete a transaction;
  
  transmitting the confirmation to the server computer;
  
  providing an indication to the server computer that the website is token-aware, wherein the token-aware website is configured to accept a token cryptogram in data fields of a webpage of the website;
  
  receiving, from the server computer, tokenized credentials and a token cryptogram in the data fields of the webpage of the website; and
  
  transmitting an authorization request to an acquirer computer, wherein the authorization request includes the tokenized credentials, the token cryptogram, and a unique identifier of the website.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 11. The method of claim 10 further comprising:
    - receiving an authorization response from the acquirer computer, the authorization response either approving or declining the transaction.
  - 12. The method of claim 11 further comprising:
    - sending a transaction completion message to the computing device when the authorization response approves the transaction.
  - 13. The method of claim 10, wherein the token-aware indication includes an html (HyperText Markup Language) tag.
  - 14. The method of claim 13, wherein the token-aware indication also serves to verify the website as a trusted website.
  - 15. The method of claim 10, wherein the token-aware indication includes an Extended Validation Certificate.
  - 16. The method of claim 10 further comprising:
    - receiving the unique identifier from the server computer.
  - 17. The method of claim 16, wherein receiving the unique identifier includes receiving the unique identifier in one of the data fields of the webpage, and wherein the data fields are hidden fields that are not rendered for viewing by the user.
  - 18. The method of claim 10, wherein the transaction data identifier is a last four digits of a social security number.
  - 19. The method of claim 10, wherein the authentication credentials are associated with a browser publisher of a browser that the website is rendered in.

20. A computer comprising:
- processing logic;
  
  a network interface coupled to the processing logic; and
  
  a computer readable medium accessible to the processing logic, the computer readable medium comprising code, executable by the processor, for implementing a method comprising;
  
  receiving a transaction data identifier from a server computer, wherein the transaction data identifier is associated with authentication credentials verified by the server computer;
  
  providing a transaction completion interface of a website to a computing device, the transaction completion interface making the transaction data identifier viewable to a user of the transaction completion interface, wherein the transaction data identifier identifies underlying transaction data;
  
  receiving a confirmation from the user that the transaction data identified by the transaction data identifier is approved to complete a transaction;
  
  transmitting the confirmation to the server computer;
  
  providing an indication to the server computer that the website is token-aware, wherein the token-aware website is configured to accept a token cryptogram in data fields of a webpage of the website;
  
  receiving, from the server computer, tokenized credentials and a token cryptogram in the data fields of the webpage of the website; and
  
  transmitting an authorization request to an acquirer computer, wherein the authorization request includes the tokenized credentials, the token cryptogram, and a unique identifier of the website.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Prasanna Laxminarayanan
Inventors
Laxminarayanan, Prasanna, Sethuraman, Ramji

Granted Patent

US 10,333,921 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06Q 20/027   involving a payment switch ...

G06Q 20/0855   involving a third party

G06Q 20/38215   Use of certificates or encr...

G06Q 20/385   using an alias or single-us...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0823   using certificates cryptogr...

H04L 63/168   above the transport layer

H04L 67/02   based on web technology, e....

BROWSER INTEGRATION WITH CRYPTOGRAM

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

22 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

BROWSER INTEGRATION WITH CRYPTOGRAM

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links