Mobile account authentication service
First Claim
1. A method by which a trusted party computer authenticates the identity of an account holder during a transaction between said account holder and a requesting party computer, said method comprising:
- establishing an online, Internet communication connection between said requesting party computer and an Internet-capable mobile device of said account holder in order to conduct said transaction;
creating a condensed authentication request message at said requesting party computer;
transmitting said condensed authentication request message to said trusted party computer via said mobile device of said account holder;
verifying the identity of said account holder by said trusted party computer using an identity-authenticating token received from said account holder;
creating a condensed authentication response message at said trusted party computer;
transmitting said condensed authentication response message to said requesting party computer via said mobile device of said account holder; and
validating, by said requesting party computer, that said condensed authentication response message indicates that the identity of said account holder is authenticated, whereby the identity of said account holder is authenticated by said trusted party computer for said requesting party computer.
2 Assignments
0 Petitions
Accused Products
Abstract
A payment authentication service authenticates the identity of a payer during online transactions. The authentication service allows a card issuer to verify a cardholder'"'"'s identity using a variety of authentication methods, such as with the use of tokens. Authenticating the identity of a cardholder during an online transaction involves querying an access control server to determine if a cardholder is enrolled in the payment authentication service, requesting a password from the cardholder, verifying the password, and notifying a merchant whether the cardholder'"'"'s authenticity has been verified. Systems for implementing the authentication service in which a cardholder uses a mobile device capable of transmitting messages via the Internet are described. Systems for implementing the authentication service in which a cardholder uses a mobile device capable of transmitting messages through voice and messaging channels is also described.
-
Citations
50 Claims
-
1. A method by which a trusted party computer authenticates the identity of an account holder during a transaction between said account holder and a requesting party computer, said method comprising:
-
establishing an online, Internet communication connection between said requesting party computer and an Internet-capable mobile device of said account holder in order to conduct said transaction; creating a condensed authentication request message at said requesting party computer; transmitting said condensed authentication request message to said trusted party computer via said mobile device of said account holder; verifying the identity of said account holder by said trusted party computer using an identity-authenticating token received from said account holder; creating a condensed authentication response message at said trusted party computer; transmitting said condensed authentication response message to said requesting party computer via said mobile device of said account holder; and validating, by said requesting party computer, that said condensed authentication response message indicates that the identity of said account holder is authenticated, whereby the identity of said account holder is authenticated by said trusted party computer for said requesting party computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. An account authentication system in which a trusted party authenticates the identity of an account holder with respect to an account during a transaction between said account holder and a requesting party, the system comprising:
-
an Internet-capable mobile device of said account holder; a requesting party server configured to communicate online over the Internet with said mobile device of said account holder in order to process said transaction, said requesting party server further configured to create a condensed authentication request message and to transmit said request message to said trusted party via said mobile device; an access control server controlled by said trusted party and configured to communicate over the Internet with said mobile device of said account holder, said access control server further configured to verify the identity of said account holder using an identity-authenticating token received from said account holder and to create a condensed authentication response message; and a requesting party software module configured to receive said condensed authentication response message via said mobile device and to validate that said response message indicates that the identity of said account holder is authenticated. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A method by which a trusted party computer authenticates the identity of an account holder during a transaction between said account holder and a requesting party computer, said method comprising:
-
conducting said transaction between a mobile telephone of said account holder and said requesting party computer over a first voice channel or by using a first two-way messaging service; sending an authentication request message from said requesting party computer to said trusted party computer over the Internet, said request message not being routed through said mobile telephone; establishing communication between said mobile telephone and said trusted party computer over a second voice channel or by using a second two-way messaging service; transmitting an authenticating token from said account holder to said trusted party computer over said second voice channel or by using said second messaging service; authenticating, by said trusted party computer, the identity of said account holder using said authenticating token; and sending an authentication response message from said trusted party computer to said requesting party computer over the Internet, said response message not being routed through said mobile telephone; and validating, by said requesting party computer, that said authentication response message indicates that the identity of said account holder is authenticated, whereby said trusted party computer authenticates the identity of said account holder for said requesting party computer. - View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
-
41. An account authentication system in which a trusted party authenticates the identity of an account holder during a transaction between said account holder and a requesting party, said system comprising:
-
a mobile telephone of said account holder; a requesting party server configured to communicate with said account holder in order to process said transaction, said requesting party server further configured to transmit an authentication request message over the Internet to said trusted party; a first voice channel or first messaging service used between said requesting party server and said mobile telephone of said account holder to process said transaction; an access control server controlled by said trusted party, said access control server further configured to send an authentication response message to said requesting party over the Internet; a second voice channel or second messaging service used between said mobile telephone of said account holder and said access control server; an authenticating token that is transmitted from said account holder to said access control server over said second voice channel or second messaging service, said authenticating token configured to be used by said access control server to authenticate the identity of said account holder; and a requesting party software module configured to validate that said authentication response message indicates that the identity of said account holder is authenticated. - View Dependent Claims (42, 43, 44, 45, 46, 47, 48, 49, 50)
-
Specification