Automated payment card fraud detection and location

US 7,543,739 B2
Filed: 04/14/2006
Issued: 06/09/2009
Est. Priority Date: 12/17/2003
Status: Active Grant

First Claim

Patent Images

1. A method for preventing payment card fraud, the method comprising:

loading individual table values with a sequence of next valid values to crypto-tables within payment cards during manufacturing and before distribution to users;

issuing to users a payment card that thereafter internally fetches next valid values in a sequence from said crypto-table a dynamic portion of a new account number on as part of the data readable on a magnetic stripe automatically and without user intervention each time such is used in a merchant transaction;

connecting a merchant card reader or ATM to read said magnetic stripe on said payment card, and to report said new account number when a user initiates a merchant transaction;

analyzing a report from said merchant card reader to determine if said new account number includes an expected next valid value in said crypto-table that was loaded in that particular payment card during manufacturing and before distribution its user;

logging a merchant identification data associated with each said report from said merchant card reader into a database; and

deciding whether to authorize said merchant transaction based on previous data logged into said database related to previous merchant transactions for said particular payment card.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A payment card fraud detection business model comprises an internal virtual account number generator and a user display for Card-Not-Present transactions. Card-Present transactions with merchant card readers are enabled by a magnetic array internally associated with the card'"'"'s magnetic stripe. The internal virtual account number generator is able to reprogram some of the magnetic bits encoded in the magnetic stripe to reflect the latest virtual account number. The internal virtual account number generator produces a sequence of virtual numbers that can be predicted and approved by the issuing bank. Once a number is used, such is discarded and put on an exclusion list or reserved for a specific merchant until the expiration date. A server for the issuing bank logs the merchant locations associated with each use or attempted use, and provides real-time detection of fraudulent attempts to use a virtual account number on the exclusion list. Law enforcement efforts can then be directed in a timely and useful way not only where the fraud occurs but also at its origination.

430 Citations

11 Claims

1. A method for preventing payment card fraud, the method comprising:
- loading individual table values with a sequence of next valid values to crypto-tables within payment cards during manufacturing and before distribution to users;
  
  issuing to users a payment card that thereafter internally fetches next valid values in a sequence from said crypto-table a dynamic portion of a new account number on as part of the data readable on a magnetic stripe automatically and without user intervention each time such is used in a merchant transaction;
  
  connecting a merchant card reader or ATM to read said magnetic stripe on said payment card, and to report said new account number when a user initiates a merchant transaction;
  
  analyzing a report from said merchant card reader to determine if said new account number includes an expected next valid value in said crypto-table that was loaded in that particular payment card during manufacturing and before distribution its user;
  
  logging a merchant identification data associated with each said report from said merchant card reader into a database; and
  
  deciding whether to authorize said merchant transaction based on previous data logged into said database related to previous merchant transactions for said particular payment card.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further comprising:
    - mining said database for evidence of fraudulent a ment card use that includes an attempt to initiate a subsequent merchant transaction with an account number that was already accepted for use in a previous merchant transaction; and
      
      reporting corresponding merchant identification data from said database for law enforcement efforts which identify said payment card and locations of said merchant card reader.
  - 3. The method of claim 1, further comprising:
    - mining said database for evidence of fraudulent payment card use that includes an attempt to initiate a subsequent merchant transaction with an account number that was already accepted for use in a previous merchant transaction; and
      
      not allowing said payment card be to initiate any further merchant transactions.
  - 4. The method of claim 1, further comprising:
    - mining said database for evidence of fraudulent payment card use that includes an attempt to initiate a subsequent merchant transaction with an account number that was already accepted for use in a previous merchant transaction; and
      
      disabling said payment card from being able to initiate any further merchant transactions or partially disabling payment card for new merchants only.

5. A method for preventing payment card fraud, the method comprising:
- issuing to users a payment card able to internally generate a new account number on a magnetic stripe each time such is to be used;
  
  connecting a merchant card reader or ATM to read said magnetic stripe on said payment card, and to report said new account number when a user initiates a merchant transaction;
  
  analyzing a report from said merchant card reader to determine if said new account number is valid or an attempt at fraud as evidenced by a second attempt to use the same account number in a different subsequent transaction;
  
  logging into a database a merchant identification data associated with each said report from said merchant card reader;
  
  deciding whether to authorize said merchant transaction based on a validity criteria associated with said new account number;
  
  activating a timer on each said payment card after a card transaction, and causing a next transaction number to be skipped resetting a new count when such timer times-out; and
  
  preventing copies of magstripe data from being accepted in a decision making process to authorize the transactions after a fixed period of time.

6. A payment card system, comprising:
- a payment card with a magnetic stripe with a data track and means to communicate data track information to a payment processing server through a magnetic device to a merchant or ATM magnetic card reader;
  
  a sequence of next valid values permanently disposed in crypto-tables within said payment cards;
  
  a microcontroller included in said payment card to internally fetch a sequence of next valid values said crypto-table to include as a dynamic portion of a new account number for automatic presentation on said magnetic stripe and without user intervention each time the payment card is used in a merchant transaction;
  
  a payment processing server configured to analyze a report from said merchant card reader to determine if said new account number includes an expected next valid value in said crypto-table that was loaded in that particular payment card during manufacturing and before distribution its user;
  
  a database of merchant identification data associated with each said report from said magnetic card reader; and
  
  a program for deciding whether to authorize said merchant transaction based on a validity criteria associated with said new account number;
  
  wherein, the user is not provided an input to make choices or selections into their payment card, and the payment card itself does not employ a card number generator algorithm to calculate said new account number.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The payment card system of claim 6, further comprising:
    - a merchant card reader for reading said magnetic stripe on said payment card, and for reporting said new account number when a user initiates a merchant transaction.
  - 8. The payment card system of claim 6, further comprising:
    - a device for mining said database for evidence of fraudulent payment card use that includes an attempt to initiate a subsequent merchant transaction with an account number that was already accepted for use in a previous merchant transaction; and
      
      a report data to enable law enforcement efforts in real-time which identify said payment card and locations of said merchant card reader.
  - 9. The payment card system of claim 6, further comprising:
    - means for mining said database for evidence of fraudulent payment card use that includes an attempt to initiate a subsequent merchant transaction with an account number that was already accepted for use in a previous merchant transaction; and
      
      means for disabling said payment card from being able to initiate any further merchant transactions.
  - 10. The payment card system of claim 6, further comprising:
    - a device for mining said database for evidence of fraudulent payment card use that includes an attempt to initiate a subsequent merchant transaction with an account number that was already accepted for use in a previous merchant transaction; and
      
      a report data providing for law enforcement efforts in real-time or batch that identify said payment card and locations of said merchant card reader, and that identify when and where a fraudulent transaction was originated.

11. A business model for reducing credit card fraud, comprising:
- before distributing a plurality of payment cards, and during their manufacture, cryptographically generating a series of unique values from user account access numbers and storing them as sets in corresponding private crypto-tables disposed in each of said plurality of credit cards;
  
  deploying said plurality of credit cards in the retail community that each can modify its own magnetic stripe with values obtained from said private crypto-tables to result in a complete magnetically recorded transaction number that can only be authorized by a payment server once;
  
  using a fraud detection program on said payment server that can compute from said user account access numbers a next set of unique values that would have been validly stored in each of said crypto-tables; and
  
  connecting a report service to the fraud detection program to detect and announce the merchant location of a skimming event and attempt at fraud.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fitbit, Inc. (Alphabet Inc.)
Original Assignee
Qsecure Inc.
Inventors
Chatelain, Daniel, Pariseau, David Kevin, Brown, Kerry D.
Primary Examiner(s)
Labaze; Edwyn

Application Number

US11/404,660
Publication Number

US 20060249574A1
Time in Patent Office

1,152 Days
Field of Search

235/380, 235/441, 235/451, 235/487, 235/492, 235/375
US Class Current

235/380
CPC Class Codes

G06K 19/06187   with magnetically detectabl...

G06K 19/06196   Constructional details

G06K 19/07   with integrated circuit chips

G06K 19/0723   the record carrier comprisi...

G06K 19/12   the marking being sensed by...

G06Q 20/12   specially adapted for elect...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/343   Cards including a counter

G06Q 20/354   Card activation or deactiva...

G06Q 20/3674   involving authentication

G06Q 20/4016   involving fraud or risk lev...

G06Q 20/403   Solvency checks

G07F 7/082   Features insuring the integ...

G07F 7/1008   Active credit-cards provide...

Automated payment card fraud detection and location

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

430 Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Automated payment card fraud detection and location

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

430 Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links