Secure credit/debit card authorization

US 5,485,510 A
Filed: 09/01/1994
Issued: 01/16/1996
Est. Priority Date: 09/29/1992
Status: Expired due to Term

First Claim

Patent Images

1. In a database system for authorizing a credit/debit card (CDC) expenditure, a method for authorizing credit/debit for a purchase of goods or services comprises:

receiving data in the database over a first telecommunications connection to the database from a CDC holder at a first location, the data identifying a specific CDC;

determining whether the CDC is authorized to incur an expenditure;

transmitting an authorization to incur the expenditure over a second telecommunications connection from the database to a vendor at a second location, wherein transmitting the authorization is responsive to a determination that the CDC is authorized to incur the expenditure and includes a limit of allowed expenditure generated by the database for a transaction; and

wherein the data identifying the CDC is not provided to the vendor.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This invention relates to methods for making a credit/debit card purchase without revealing the card number to the vendor of services or goods. The card holder is connected to a data base and provides the card number, plus holder identity verification, to the data base. The data base then verifies whether the card holder is authorized to incur the expense of the purchase, and, if so, provides an authorization indication or code to the vendor; the card number cannot be derived from the authorization information, thus helping to preserve the secrecy of the card number.

881 Citations

26 Claims

1. In a database system for authorizing a credit/debit card (CDC) expenditure, a method for authorizing credit/debit for a purchase of goods or services comprises:
- receiving data in the database over a first telecommunications connection to the database from a CDC holder at a first location, the data identifying a specific CDC;
  
  determining whether the CDC is authorized to incur an expenditure;
  
  transmitting an authorization to incur the expenditure over a second telecommunications connection from the database to a vendor at a second location, wherein transmitting the authorization is responsive to a determination that the CDC is authorized to incur the expenditure and includes a limit of allowed expenditure generated by the database for a transaction; and
  
  wherein the data identifying the CDC is not provided to the vendor.
- View Dependent Claims (2, 3, 4, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1 wherein the authorization comprises an authorization code for tracking a purchase transaction.
  - 3. The method of claims 1 or 2 wherein the data received in the database further comprises data for verifying the identity of the holder of the CDC.
  - 4. The method of claim 3 wherein the data from verifying the identity of the holder of the CDC comprises a personal identification number.
  - 6. The method of claims 1 or 2 further comprising:
    - establishing a voice connection to a voice recognition means for recognizing the identity of a caller; and
      
      using output of the voice recognition means to identify the holder of the CDC.
  - 7. The method of claim 2 wherein the authorization code comprises an identification of a vendor.
  - 8. The method of claim 2 wherein the authorization code includes date and/or time data.
  - 9. The method of claim 2 wherein the authorization code includes a time limitation for a transaction.
  - 10. The method of claim 2 wherein the authorization code comprises the name of the CDC holder.
  - 11. The method of claim 2 wherein the authorization code comprises an address of the CDC holder.
  - 12. The method of claim 1 or 2 wherein the identification of the CDC is not derivable from the authorization.

5. The method of claim 5 wherein the data for verifying the identity of the holder of the CDC comprises an automatic number identification of a caller station supplying the CDC identification.

13. In a database system for authorizing a credit/debit card (CDC) expenditure, a method for authorizing credit/debit for a purchase of goods or services comprises:
- receiving data in the database over a first telecommunications connection from a CDC holder at a first location, the data identifying a specific CDC;
  
  determining whether the CDC is authorized to incur an expenditure;
  
  transmitting an authorization from the database to incur the expenditure over a second telecommunications connection to a vendor at a second location, wherein transmitting the authorization is responsive to a determination that the CDC is authorized to incur the expenditure;
  
  establishing a third telecommunications connection between the vendor and the holder identified by the CDC for specifying goods and services to be purchased; and
  
  wherein the data identifying the CDC is not provided to the vendor.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 14. The method of claim 13 wherein the authorization comprises an authorization code for tracking a purchase transaction.
  - 15. The method of claims 13 or 14 wherein the data received in the database further comprises data for verifying the identity of the holder of the CDC.
  - 16. The method of claim 15 wherein the data from verifying the identity of the holder of the CDC comprises a personal identification number.
  - 17. The method of claim 15 wherein the data for verifying the identity of the holder of the CDC comprises an automatic number identification of a caller station supplying the CDC identification.
  - 18. The method of claims 13 or 14 further comprising:
    - establishing a voice connection to a voice recognition means for recognizing the identity of a caller; and
      
      using output of the voice recognition means to identify the holder of the CDC.
  - 19. The method of claim 14 wherein the authorization code comprises a limit of allowed expenditure for a transaction.
  - 20. The method of claim 14 wherein the authorization code comprises an identification of a vendor.
  - 21. The method of claim 14 wherein the authorization code includes date and/or time data.
  - 22. The method of claim 14 wherein the authorization code includes a time limitation for a transaction.
  - 23. The method of claim 14 wherein the authorization code comprises the name of the CDC holder.
  - 24. The method of claim 14 wherein the authorization code comprises an address of the CDC holder.
  - 25. The method of claim 13 or 14 wherein the identification of the CDC is not derivable from the authorization.
  - 26. The method of claim 2 or 14 wherein the CDC holder receives data comprising a portion of the authorization code, whereby the CDC holder can furnish an identification to the vendor without revealing the CDC number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citicorp Holdings Incorporated (Citigroup Incorporated)
Original Assignee
AT&T Corporation (AT&T, Inc.)
Inventors
Colbert, Raymond O.
Primary Examiner(s)
Chin, Stephen
Assistant Examiner(s)
Kim, Kevin

Application Number

US08/300,096
Time in Patent Office

502 Days
Field of Search

379/91, 379/145, 340/825.33, 340/825.34, 340/825.35
US Class Current

379/145
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/347   Passive cards

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 40/02   Banking, e.g. interest calc...

G07F 7/08   by coded identity card or c...

G07F 7/10   together with a coded signa...

G07F 7/1075   PIN is checked remotely

Secure credit/debit card authorization

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

881 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Secure credit/debit card authorization

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

881 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links