Automated payment card fraud detection and location
First Claim
1. A method for preventing payment card fraud, the method comprising:
- loading individual table values with a sequence of next valid values to crypto-tables within payment cards during manufacturing and before distribution to users;
issuing to users a payment card that thereafter internally fetches next valid values in a sequence from said crypto-table a dynamic portion of a new account number on as part of the data readable on a magnetic stripe automatically and without user intervention each time such is used in a merchant transaction;
connecting a merchant card reader or ATM to read said magnetic stripe on said payment card, and to report said new account number when a user initiates a merchant transaction;
analyzing a report from said merchant card reader to determine if said new account number includes an expected next valid value in said crypto-table that was loaded in that particular payment card during manufacturing and before distribution its user;
logging a merchant identification data associated with each said report from said merchant card reader into a database; and
deciding whether to authorize said merchant transaction based on previous data logged into said database related to previous merchant transactions for said particular payment card.
3 Assignments
0 Petitions
Accused Products
Abstract
A payment card fraud detection business model comprises an internal virtual account number generator and a user display for Card-Not-Present transactions. Card-Present transactions with merchant card readers are enabled by a magnetic array internally associated with the card'"'"'s magnetic stripe. The internal virtual account number generator is able to reprogram some of the magnetic bits encoded in the magnetic stripe to reflect the latest virtual account number. The internal virtual account number generator produces a sequence of virtual numbers that can be predicted and approved by the issuing bank. Once a number is used, such is discarded and put on an exclusion list or reserved for a specific merchant until the expiration date. A server for the issuing bank logs the merchant locations associated with each use or attempted use, and provides real-time detection of fraudulent attempts to use a virtual account number on the exclusion list. Law enforcement efforts can then be directed in a timely and useful way not only where the fraud occurs but also at its origination.
430 Citations
11 Claims
-
1. A method for preventing payment card fraud, the method comprising:
-
loading individual table values with a sequence of next valid values to crypto-tables within payment cards during manufacturing and before distribution to users; issuing to users a payment card that thereafter internally fetches next valid values in a sequence from said crypto-table a dynamic portion of a new account number on as part of the data readable on a magnetic stripe automatically and without user intervention each time such is used in a merchant transaction; connecting a merchant card reader or ATM to read said magnetic stripe on said payment card, and to report said new account number when a user initiates a merchant transaction; analyzing a report from said merchant card reader to determine if said new account number includes an expected next valid value in said crypto-table that was loaded in that particular payment card during manufacturing and before distribution its user; logging a merchant identification data associated with each said report from said merchant card reader into a database; and deciding whether to authorize said merchant transaction based on previous data logged into said database related to previous merchant transactions for said particular payment card. - View Dependent Claims (2, 3, 4)
-
-
5. A method for preventing payment card fraud, the method comprising:
-
issuing to users a payment card able to internally generate a new account number on a magnetic stripe each time such is to be used; connecting a merchant card reader or ATM to read said magnetic stripe on said payment card, and to report said new account number when a user initiates a merchant transaction; analyzing a report from said merchant card reader to determine if said new account number is valid or an attempt at fraud as evidenced by a second attempt to use the same account number in a different subsequent transaction; logging into a database a merchant identification data associated with each said report from said merchant card reader; deciding whether to authorize said merchant transaction based on a validity criteria associated with said new account number; activating a timer on each said payment card after a card transaction, and causing a next transaction number to be skipped resetting a new count when such timer times-out; and preventing copies of magstripe data from being accepted in a decision making process to authorize the transactions after a fixed period of time.
-
-
6. A payment card system, comprising:
-
a payment card with a magnetic stripe with a data track and means to communicate data track information to a payment processing server through a magnetic device to a merchant or ATM magnetic card reader; a sequence of next valid values permanently disposed in crypto-tables within said payment cards; a microcontroller included in said payment card to internally fetch a sequence of next valid values said crypto-table to include as a dynamic portion of a new account number for automatic presentation on said magnetic stripe and without user intervention each time the payment card is used in a merchant transaction; a payment processing server configured to analyze a report from said merchant card reader to determine if said new account number includes an expected next valid value in said crypto-table that was loaded in that particular payment card during manufacturing and before distribution its user; a database of merchant identification data associated with each said report from said magnetic card reader; and a program for deciding whether to authorize said merchant transaction based on a validity criteria associated with said new account number; wherein, the user is not provided an input to make choices or selections into their payment card, and the payment card itself does not employ a card number generator algorithm to calculate said new account number. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A business model for reducing credit card fraud, comprising:
-
before distributing a plurality of payment cards, and during their manufacture, cryptographically generating a series of unique values from user account access numbers and storing them as sets in corresponding private crypto-tables disposed in each of said plurality of credit cards; deploying said plurality of credit cards in the retail community that each can modify its own magnetic stripe with values obtained from said private crypto-tables to result in a complete magnetically recorded transaction number that can only be authorized by a payment server once; using a fraud detection program on said payment server that can compute from said user account access numbers a next set of unique values that would have been validly stored in each of said crypto-tables; and connecting a report service to the fraud detection program to detect and announce the merchant location of a skimming event and attempt at fraud.
-
Specification