Cardless challenge systems and methods
First Claim
1. A method for authorizing a transaction between a consumer and a merchant, the method comprising:
- receiving, at a server of a non-merchant entity, a consumer message directly from an access device used by the consumer, wherein the consumer message includes account information of an account of the consumer to be used for the transaction;
determining whether to send a challenge question to the consumer based on information collected from and about the access device;
providing, to a merchant server from the non-merchant server, code that is incorporated into an application page that is sent from the merchant to the consumer before the non-merchant server receives the consumer message, wherein the code sends the information about the access device to the non-merchant server;
subsequent to receiving the consumer message, sending, to the consumer from the non-merchant server, a challenge question;
receiving, at the non-merchant server from the consumer, a challenge answer to the challenge question; and
sending, to the merchant server from the non-merchant server, a funding message.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods, and apparatus for handling and/or authorizing payment requests by a consumer for a transaction are provided. Challenge questions may be presented from the non-merchant to the consumer after receiving the payment information, thereby allowing a judicious determination of when to ask such challenge questions and allowing complex and probative questions. The time limit for such challenge questions may advantageously be unconstrained, while still preserving security. Also, a risk analysis may be started prior to the consumer submitting payment information, thus allowing an efficient and complex risk analysis. Information about an access device used by the consumer may be obtained at the non-merchant from the access device with code sent to the access device from the merchant, and the device information may be used in the risk analysis.
397 Citations
25 Claims
-
1. A method for authorizing a transaction between a consumer and a merchant, the method comprising:
-
receiving, at a server of a non-merchant entity, a consumer message directly from an access device used by the consumer, wherein the consumer message includes account information of an account of the consumer to be used for the transaction; determining whether to send a challenge question to the consumer based on information collected from and about the access device; providing, to a merchant server from the non-merchant server, code that is incorporated into an application page that is sent from the merchant to the consumer before the non-merchant server receives the consumer message, wherein the code sends the information about the access device to the non-merchant server; subsequent to receiving the consumer message, sending, to the consumer from the non-merchant server, a challenge question; receiving, at the non-merchant server from the consumer, a challenge answer to the challenge question; and sending, to the merchant server from the non-merchant server, a funding message. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
2. A system for authorizing a transaction between a consumer and a merchant, the system comprising:
-
a server having an external interface that receives a consumer message directly from an access device used by the consumer, wherein the consumer message includes account information of an account of the consumer to be used for the transaction, and wherein the server is associated with a non-merchant entity; one or more processors; and one or more memory devices containing instructions that when executed by the one or more processors direct the one or more processors to; determine whether to send a challenge question to the consumer based on information collected from and about the access device; provide, to a merchant server from the non-merchant server, code that is incorporated into an application page that is sent from the merchant to the consumer before the non-merchant server receives the consumer message, wherein the code sends the information about the access device to the non-merchant server; send, to the consumer from the non-merchant server, a challenge question, wherein the challenge question is sent subsequent to receiving the consumer message at the non-merchant server; receive, at the non-merchant server from the consumer, a challenge answer to the challenge question; and send, to the merchant server from the non-merchant server, a funding message.
-
-
13. A system for authorizing a transaction between a consumer and a merchant, the system comprising:
-
a server having an external interface that receives a consumer message directly from an access device used by the consumer, wherein the consumer message includes account information of an account of the consumer to be used for the transaction, and wherein the server is associated with a non-merchant entity; one or more processors; and one or more memory devices containing instructions that when executed by the one or more processors direct the one or more processors to; send, to the consumer from the non-merchant server, a challenge question, wherein the challenge question is sent subsequent to receiving the consumer message at the non-merchant server; determine whether to send a challenge question to the consumer based on information collected from and about the access device; receive, at the non-merchant server from the consumer, a challenge answer to the challenge question; and send, to a merchant server from the non-merchant server, a funding message.
-
-
14. A computer program product comprising a non-transitory computer readable medium storing a plurality of instructions that when executed by one or more processors direct the one or more processors to perform an operation for authorizing a transaction between a consumer and a merchant, the instructions comprising:
-
receiving, at a server of a non-merchant entity, a consumer message directly from an access device used by the consumer, wherein the consumer message includes account information of an account of the consumer to be used for the transaction; determining whether to send a challenge question to the consumer based on information collected from and about the access device; providing, to a merchant server from the non-merchant server, code that is incorporated into an application page that is sent from the merchant to the consumer before the non-merchant server receives the consumer message, wherein the code sends the information about the access device to the non-merchant server; subsequent to receiving the consumer message, sending, to the consumer from the non-merchant server, a challenge question; receiving, at the non-merchant server from the consumer, a challenge answer to the challenge question; and sending, to the merchant server from the non-merchant server, a funding message. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
Specification