Transaction authorization service

US 8,447,700 B2
Filed: 10/10/2006
Issued: 05/21/2013
Est. Priority Date: 10/11/2005
Status: Active Grant

First Claim

Patent Images

1. A system for enabling payments by a user to a third party, comprising:

One or more processors; and

memory having stored thereon program instructions that when executed by the one or more processors cause the one or more processors to implement;

registering users with a service center to establish at least two codes for each user, wherein registering users with the service center comprises, for a particular user;

assigning, to the particular user, one code for authenticating communications from the particular user to the service center; and

for assigning, to the particular user, another code for authenticating communications from the service center to the particular user, wherein the code for authentication communications from the service center to the particular user is known only to the particular user and the service center;

establishing a payment account for the particular user;

receiving by the service center a message indicating initiation of a transaction between the particular user and a third party;

sending by the service center an authorization challenge to the particular user through a phone call requiring the particular user to enter the code for authenticating communications from the particular user to the service center, wherein the phone call includes the code for authenticating communications from the service center to the particular user to thus indicate to the particular user that the phone call is an authentic phone call from the service center;

for making payment to the third party from the payment account for the particular user once the transaction is authorized; and

sending a confirmation message to means for sending a confirmation message to the particular user and to the third party that indicates that the payment has been made.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

System and method for authorizing transactions, such as payments or money transfers. A source entity may initiate a transaction with a target entity via a first communications channel. In initiating the transaction, the source entity may indicate that the transaction is to be performed through a transaction authorization service. The target entity may send a transaction initiation message to the transaction authorization service. In response to receiving the transaction initiation message, the service may authorize the transaction with the source entity via a second communications channel. To authorize the transaction, the source entity may provide a PIN number or other identifier via the second communications channel. After receiving and validating the response from the source entity, the transaction authorization service may inform the target entity that the transaction is authorized. The target entity may then complete the transaction with the transaction authorization service and the source entity.

122 Citations

72 Claims

1. A system for enabling payments by a user to a third party, comprising:
- One or more processors; and
  
  memory having stored thereon program instructions that when executed by the one or more processors cause the one or more processors to implement;
  
  registering users with a service center to establish at least two codes for each user, wherein registering users with the service center comprises, for a particular user;
  
  assigning, to the particular user, one code for authenticating communications from the particular user to the service center; and
  
  for assigning, to the particular user, another code for authenticating communications from the service center to the particular user, wherein the code for authentication communications from the service center to the particular user is known only to the particular user and the service center;
  
  establishing a payment account for the particular user;
  
  receiving by the service center a message indicating initiation of a transaction between the particular user and a third party;
  
  sending by the service center an authorization challenge to the particular user through a phone call requiring the particular user to enter the code for authenticating communications from the particular user to the service center, wherein the phone call includes the code for authenticating communications from the service center to the particular user to thus indicate to the particular user that the phone call is an authentic phone call from the service center;
  
  for making payment to the third party from the payment account for the particular user once the transaction is authorized; and
  
  sending a confirmation message to means for sending a confirmation message to the particular user and to the third party that indicates that the payment has been made.

2. A method, comprising:
- performing, by a transaction authorization service implemented on one or more computers;
  
  registering a source entity with the transaction authorization service, wherein said registering the source entity comprises;
  
  associating an identifier with the source entity, wherein the identifier identifies the source entity to the transaction authorization service; and
  
  assigning a security phrase to the source entity, wherein the security phrase is known only to the source entity and the transaction authorization service;
  
  receiving a message from a target entity indicating initiation of a transaction between the source entity and the target entity;
  
  sending, in response to the message from the target entity, an authorization request message indicating a request for authorization of the transaction from the transaction authorization service to a communications device of the source entity via a communications channel, wherein the authorization request message includes the security phrase assigned to the source entity, wherein the security phrase in the authorization request message indicates to the source entity that the authorization request message is an authentic message from the transaction authorization service; and
  
  receiving a response message indicating a response to the request for authorization from the source entity, wherein the response message includes information authorizing the transaction and the identifier associated with the source entity.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 3. The method as recited in claim 2, further comprising sending an indication that the source entity has authorized the transaction from the transaction authorization service to the target entity.
  - 4. The method as recited in claim 2, further comprising completing the transaction between the source entity and the target entity, wherein said completing the transaction between the source entity and the target entity comprises transferring funds from an account of the source entity to an account of the target entity.
  - 5. The method as recited in claim 4, wherein the account of the source entity and the account of the target entity are with the transaction authorization service.
  - 6. The method as recited in claim 4, wherein at least one of the account of the source entity and the account of the target entity is with a financial institution separate from the transaction authorization service.
  - 7. The method as recited in claim 2, wherein the message from the target entity indicating the initiation of the transaction between the source entity and the target entity includes information identifying the source entity.
  - 8. The method as recited in claim 2, wherein the message from the target entity indicating the initiation of the transaction between the source entity and the target entity includes information identifying the target entity and a monetary amount to be transferred from the source entity to the target entity.
  - 9. The method as recited in claim 2, wherein the transaction is a transferal of funds from the source entity to the target entity.
  - 10. The method as recited in claim 9, wherein the transferal of funds from the source entity to the target entity is for the purchase of goods or services from the target entity.
  - 11. The method as recited in claim 2, wherein the information authorizing the transaction is the identifier associated with the source entity.
  - 12. The method as recited in claim 11, wherein the identifier is a personal identification number (PIN).
  - 13. The method as recited in claim 2, wherein said registering the source entity with the transaction authorization service creates an account for the source entity with the transaction authorization service.
  - 14. The method as recited in claim 2, wherein said associating an identifier with the source entity comprises the source entity specifying the identifier.
  - 15. The method as recited in claim 2, wherein said registering the source entity further comprises the source entity specifying a telephone number associated with the communications channel used in authorizing transactions.
  - 16. The method as recited in claim 2, wherein said assigning a security phrase to the source entity comprises the source entity specifying the security phrase.
  - 17. The method as recited in claim 2, wherein the communications device of the source entity is a cellular telephone.
  - 18. The method as recited in claim 2, wherein the communications channel is a voice communications channel.
  - 19. The method as recited in claim 2, wherein the communications channel is a cellular telephone communications channel.
  - 20. The method as recited in claim 2, wherein the communications channel is a text messaging communications channel.
  - 21. The method as recited in claim 2, wherein the transaction authorization service is implemented as a web service, and wherein the message from the target entity indicating the initiation of the transaction between the source entity and the target entity is received by the transaction authorization service in accordance with a web services interface.
  - 22. The method as recited in claim 21, wherein the communications channel via which the transaction authorization service sends the authorization request message to the source entity is a voice communications channel.
  - 23. The method as recited in claim 22, wherein the voice communications channel is a cellular telephone communications channel.
  - 24. The method as recited in claim 22, wherein the transaction between the source entity and the target entity is initiated by the source entity, and wherein the source entity initiates the transaction with the target entity via a text messaging communications channel.
  - 25. The method as recited in claim 21, wherein the source entity initiates the transaction with the target entity via a text messaging communications channel.
  - 26. The method as recited in claim 2, wherein the target entity is an e-commerce enterprise, wherein the transaction between the source entity and the e-commerce enterprise is initiated by the source entity selecting the transaction authorization service as a payment method for the purchase of goods or services offered by the e-commerce enterprise.
  - 27. The method as recited in claim 2, wherein the transaction between the source entity and the target entity is initiated by the source entity.
  - 28. The method as recited in claim 27, wherein the source entity initiates the transaction via a different communications channel than the communications channel used in authorizing the transaction.
  - 29. The method as recited in claim 2, wherein the transaction between the source entity and the target entity is initiated by the target entity.
  - 30. The method as recited in claim 2, wherein said response message indicating the response to the request for authorization is received by the transaction authorization service on the same communications channel via which said authorization request message was sent.

31. A system, comprising:
- a processor; and
  
  a memory comprising program instructions, wherein the program instructions are executable by the processor to implement a transaction authorization service to;
  
  register a source entity with the transaction authorization service, wherein, to register the source entity, the transaction authorization service is to;
  
  associate an identifier with the source entity, wherein the identifier identifies the source entity to the transaction authorization service; and
  
  assign a security phrase to the source entity, wherein the security phrase is known only to the source entity and the transaction authorization service;
  
  receive a message from a target entity indicating initiation of a transaction between the source entity and the target entity;
  
  in response to the message from the target entity, send an authorization request message indicating a request for authorization of the transaction to a communications device of the source entity via a communications channel, wherein the authorization request message includes the security phrase assigned to the source entity, wherein the security phrase in the authorization request message indicates to the source entity that the authorization request message is an authentic message from the transaction authorization service; and
  
  receive a response message indicating a response to the request for authorization from the source entity, wherein the response message includes information authorizing the transaction and the identifier associated with the source entity.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51)
- - 32. The system as recited in claim 31, wherein the transaction authorization service further sends an indication that the source entity has authorized the transaction to the target entity.
  - 33. The system as recited in claim 31, wherein the transaction authorization service further completes the transaction between the source entity and the target entity, wherein, to complete the transaction, the transaction authorization service further initiates the transfer of funds from an account of the source entity to an account of the target entity.
  - 34. The system as recited in claim 33, wherein the account of the source entity and the account of the target entity are with the transaction authorization service.
  - 35. The system as recited in claim 33, wherein at least one of the account of the source entity and the account of the target entity is with a financial institution separate from the transaction authorization service.
  - 36. The system as recited in claim 31, wherein the message from the target entity indicating the initiation of the transaction between the source entity and the target entity includes information identifying the source entity, information identifying the target entity, and a monetary amount to be transferred from the source entity to the target entity.
  - 37. The system as recited in claim 31, wherein the transaction is a transferal of funds from the source entity to the target entity.
  - 38. The system as recited in claim 37, wherein the transferal of funds from the source entity to the target entity is for the purchase of goods or services from the target entity.
  - 39. The system as recited in claim 31, wherein the information authorizing the transaction is the identifier associated with the source entity.
  - 40. The system as recited in claim 31, wherein, to register the source entity, the transaction authorization service further creates an account for the source entity with the transaction authorization service.
  - 41. The system as recited in claim 31, wherein, to register the source entity, the transaction authorization service further obtains a telephone number associated with the communications channel used in authorizing transactions.
  - 42. The system as recited in claim 31, wherein, to assign a security phrase to the source entity, the transaction authorization service further obtains the security phrase from the source entity.
  - 43. The system as recited in claim 31, wherein the communications channel is a voice communications channel.
  - 44. The system as recited in claim 31, wherein the communications channel is a cellular telephone communications channel, and wherein the communications device of the source entity is a cellular telephone.
  - 45. The system as recited in claim 31, wherein the communications channel is a text messaging communications channel.
  - 46. The system as recited in claim 31, wherein the transaction authorization service is implemented as a web service, and wherein the message from the target entity indicating the initiation of the transaction between the source entity and the target entity is received by the transaction authorization service in accordance with a web services interface.
  - 47. The system as recited in claim 46, wherein the communications channel via which the transaction authorization service sends the authorization request message to the source entity is a voice communications channel.
  - 48. The system as recited in claim 47, wherein the transaction between the source entity and the target entity is initiated by the source entity, and wherein the source entity initiates the transaction with the target entity via a text messaging communications channel.
  - 49. The system as recited in claim 31, wherein the target entity is an e-commerce enterprise, wherein the transaction between the source entity and the e-commerce enterprise is initiated by the source entity selecting the transaction authorization service as a payment method for the purchase of goods or services offered by the e-commerce enterprise.
  - 50. The system as recited in claim 31, wherein the transaction between the source entity and the target entity is initiated by the source entity, wherein the source entity initiates the transaction via a different communications channel than the communications channel used in authorizing the transaction.
  - 51. The system as recited in claim 31, wherein the transaction between the source entity and the target entity is initiated by the target entity.

52. A non-transitory computer-accessible storage medium comprising program instructions, wherein the program instructions are configured to implement a transaction authorization service configured to:
- register a source entity with the transaction authorization service, wherein, to register the source entity, the transaction authorization service is configured to;
  
  associate an identifier with the source entity, wherein the identifier identifies the source entity to the transaction authorization service; and
  
  assign a security phrase to the source entity, wherein the security phrase is known only to the source entity and the transaction authorization service;
  
  receive a message from a target entity indicating initiation of a transaction between the source entity and the target entity;
  
  in response to the message from the target entity, send an authorization request message indicating a request for authorization of the transaction to a communications device of the source entity via a communications channel, wherein the authorization request message includes the security phrase assigned to the source entity, wherein the security phrase in the authorization request message indicates to the source entity that the authorization request message is an authentic message from the transaction authorization service; and
  
  receive a response message indicating a response to the request for authorization from the source entity, wherein the response message includes information authorizing the transaction and the identifier associated with the source entity.
- View Dependent Claims (53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72)
- - 53. The non-transitory computer-accessible storage medium as recited in claim 52, wherein the transaction authorization service is further configured to send an indication that the source entity has authorized the transaction to the target entity.
  - 54. The non-transitory computer-accessible storage medium as recited in claim 52, wherein the transaction authorization service is further configured to complete the transaction between the source entity and the target entity, wherein, to complete the transaction, the transaction authorization service is further configured to initiate the transfer of funds from an account of the source entity to an account of the target entity.
  - 55. The non-transitory computer-accessible storage medium as recited in claim 54, wherein the account of the source entity and the account of the target entity are with the transaction authorization service.
  - 56. The non-transitory computer-accessible storage medium as recited in claim 54, wherein at least one of the account of the source entity and the account of the target entity is with a financial institution separate from the transaction authorization service.
  - 57. The non-transitory computer-accessible storage medium as recited in claim 52, wherein the message from the target entity indicating the initiation of the transaction between the source entity and the target entity includes information identifying the source entity.
  - 58. The non-transitory computer-accessible storage medium as recited in claim 52, wherein the message from the target entity indicating the initiation of the transaction between the source entity and the target entity includes information identifying the source entity, information identifying the target entity, and a monetary amount to be transferred from the source entity to the target entity.
  - 59. The non-transitory computer-accessible storage medium as recited in claim 52, wherein the transaction is a transferal of funds from the source entity to the target entity.
  - 60. The non-transitory computer-accessible storage medium as recited in claim 59, wherein the transferal of funds from the source entity to the target entity is for the purchase of goods or services from the target entity.
  - 61. The non-transitory computer-accessible storage medium as recited in claim 52, wherein the information authorizing the transaction is the identifier associated with the source entity.
  - 62. The non-transitory computer-accessible storage medium as recited in claim 52, wherein, to register the source entity, the transaction authorization service is configured to:
    - create an account for the source entity with the transaction authorization service; and
      
      obtain, from the source entity, a telephone number associated with the communications channel used in authorizing transactions.
  - 63. The non-transitory computer-accessible storage medium as recited in claim 52, wherein the security phrase is known only to the transaction authorization service and the source entity.
  - 64. The non-transitory computer-accessible storage medium as recited in claim 52, wherein the communications channel is a voice communications channel.
  - 65. The non-transitory computer-accessible storage medium as recited in claim 52, wherein the communications channel is a cellular telephone communications channel, and wherein the communications device of the source entity is a cellular telephone.
  - 66. The non-transitory computer-accessible storage medium as recited in claim 52, wherein the communications channel is a text messaging communications channel.
  - 67. The non-transitory computer-accessible storage medium as recited in claim 52, wherein the transaction authorization service is implemented as a web service, and wherein the message from the target entity indicating the initiation of the transaction between the source entity and the target entity is received by the transaction authorization service in accordance with the web services interface.
  - 68. The non-transitory computer-accessible storage medium as recited in claim 67, wherein the communications channel via which the transaction authorization service sends the authorization request message to the source entity is a voice communications channel.
  - 69. The non-transitory computer-accessible storage medium as recited in claim 68, wherein the transaction between the source entity and the target entity is initiated by the source entity, and wherein the source entity initiates the transaction with the target entity via a text messaging communications channel.
  - 70. The non-transitory computer-accessible storage medium as recited in claim 52, wherein the target entity is an e-commerce enterprise, wherein the transaction between the source entity and the e-commerce enterprise is initiated by the source entity selecting the transaction authorization service as a payment method for the purchase of goods or services offered by the e-commerce enterprise.
  - 71. The non-transitory computer-accessible storage medium as recited in claim 52, wherein the transaction between the source entity and the target entity is initiated by the source entity, wherein the source entity initiates the transaction via a different communications channel than the communications channel used in authorizing the transaction.
  - 72. The non-transitory computer-accessible storage medium as recited in claim 52, wherein the transaction between the source entity and the target entity is initiated by the target entity.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Yuen, Philip, Huang, Chih-Jen, Yuen, Gerald
Primary Examiner(s)
Shiferaw, Eleni
Assistant Examiner(s)
VU, PHY ANH TRAN

Application Number

US11/546,534
Publication Number

US 20070094150A1
Time in Patent Office

2,415 Days
Field of Search

713168-170
US Class Current

705/75
CPC Class Codes

G06Q 10/1095   Meeting or appointment

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/0855   involving a third party

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/401   Transaction verification

G06Q 20/4012   Verifying personal identifi...

H04W 4/14   Short messaging services, e...

Transaction authorization service

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

122 Citations

72 Claims

Specification

Solutions

Use Cases

Quick Links

Transaction authorization service

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

122 Citations

72 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links