Method and system for conducting secure payments over a computer network
First Claim
1. A method of conducting a transaction using a payment account for payment over a payment network, the method comprising:
- (a) receiving by a service provider other than an issuer of the payment account a first authorization request for the authorization of the transaction using a first payment account number, wherein;
(i) the first payment account number has a service provider identification number that is associated with the service provider other than the issuer and is associated with a second payment account number that has an issuer identification number associated with the issuer, said second payment account number not being included in said first authorization request;
(ii) the first authorization request includes a first acquirer code associated with an acquirer; and
(iii) the first authorization request is routable through the payment network to the service provider based on said service provider identification number;
(b) responsive to the first authorization request, transmitting by the service provider a second authorization request for authorization of the transaction using the second payment account number, the second authorization request including a second acquirer code associated with the service provider and being routable through the payment network to the issuer based on said issuer identification number;
(c) receiving from the issuer a response to the second authorization request transmitted by the service provider, the response including the second acquirer code and being routable through the payment network based on that code; and
(d) transmitting from the service-provider to the acquirer a response to the first authorization request received by the service provider based on the response to the second authorization request received by the service-provider from the issuer, the response to the first authorization request including the first acquirer code and being routable through the payment network based on that code.
0 Assignments
0 Petitions
Accused Products
Abstract
A method is provided for conducting a financial transaction by a purchaser with a merchant having an acquirer bank, over a communications network. The method includes the steps of sending a first authorization request using a pseudo account number associated with a real account number to a service provider which forwards a second authorization request to the issuer using the real account number and preferably a pseudo acquirer code associated with the service provider such that the response to the second request is based on the real account number and sent back to the service provider who preferably forwards a response to the first request preferably to the “real” acquirer. A message authentication code is further provided which includes transaction data, and where the authorization request is formatted as a standard payment card track having one or more fields including a discretionary field in which the message authentication code is placed.
387 Citations
12 Claims
-
1. A method of conducting a transaction using a payment account for payment over a payment network, the method comprising:
-
(a) receiving by a service provider other than an issuer of the payment account a first authorization request for the authorization of the transaction using a first payment account number, wherein; (i) the first payment account number has a service provider identification number that is associated with the service provider other than the issuer and is associated with a second payment account number that has an issuer identification number associated with the issuer, said second payment account number not being included in said first authorization request; (ii) the first authorization request includes a first acquirer code associated with an acquirer; and (iii) the first authorization request is routable through the payment network to the service provider based on said service provider identification number; (b) responsive to the first authorization request, transmitting by the service provider a second authorization request for authorization of the transaction using the second payment account number, the second authorization request including a second acquirer code associated with the service provider and being routable through the payment network to the issuer based on said issuer identification number; (c) receiving from the issuer a response to the second authorization request transmitted by the service provider, the response including the second acquirer code and being routable through the payment network based on that code; and (d) transmitting from the service-provider to the acquirer a response to the first authorization request received by the service provider based on the response to the second authorization request received by the service-provider from the issuer, the response to the first authorization request including the first acquirer code and being routable through the payment network based on that code. - View Dependent Claims (2, 3, 4)
-
-
5. A method of conducting a transaction with a merchant over a communications network using a first payment account number that is associated with a second payment account number, the method comprising:
-
(a) generating a message authentication code based on one or more transaction details; (b) transmitting at least the first payment account number and the message authentication code to the merchant; (c) requesting by the merchant a first authorization request for payment of the transaction using the first payment account number, said second payment account number not being included in said first authorization request, the request being formatted as if payment were tendered at a point-of-sale terminal with a conventional magnetic-stripe payment card, the format having a track with at least a discretionary data field and said message authentication code being transmitted in said discretionary data field; (d) responsive to the authorization request for the first payment account number, requesting an authorization for payment of the transaction using the second payment account number; and (e) accepting or declining the authorization request for the first payment account number based on the response to the authorization request for the second payment account number and the message authentication code, wherein said first and second payment account numbers include respective service provider and issuer identification numbers, wherein a service provider other than the issuer receives said merchant'"'"'s request through a payment network based on said service provider identification number, and wherein said service provider generates said request for authorization of payment using the second payment account number and routes said request to said issuer through said network based on said issuer identification number. - View Dependent Claims (6, 7)
-
-
8. A method of conducting a transaction over a communications network, the method comprising:
-
issuing by an issuer having an issuer identification number a first payment account number to a user having a computer, said issuer identification number being associated with said first payment account number; providing a security module for generating a secret key unique to each first account number issued; generating a second account number associated with said first payment account number; providing a secure payment application by a service provider to said computer, said application comprising said second account number and said secret key; storing said secure payment application on said computer; selecting a merchant with whom to conduct said financial transaction, said merchant having an associated acquirer code; passing to said computer transaction data; computer generating a message authentication code based on said transaction data; transmitting track data in standard track image format to said merchant, said track data comprising said computer generated message authentication code and said second account number, wherein said computer generated message authentication code is directly positioned in the discretionary data field of the standard track image format; generating a first authorization request based on said data; transmitting said first request to said service provider; verifying said first request with said secret key; obtaining said first payment account number associated with said second account number; transmitting a second authorization request using said first payment account number to said issuer identification number associated with said first payment account number; and authorizing or rejecting said second request. - View Dependent Claims (9, 10, 11, 12)
-
Specification