Integration of verification tokens with portable computing devices

US 8,602,293 B2
Filed: 09/30/2011
Issued: 12/10/2013
Est. Priority Date: 05/15/2009
Status: Active Grant

First Claim

Patent Images

1. A verification token that obtains a device verification value for a transaction conducted using a portable consumer device, the verification token comprising:

a peripheral interface adapted to communicatively couple to a peripheral interface of a computer;

a reader adapted to read identification information from portable consumer devices;

a computer-readable medium;

a data processor electrically coupled to the peripheral interface of the verification token, the reader, and the computer-readable medium;

code embodied on the computer-readable medium that directs the data processor to receive identification information read from a portable consumer device by the reader for the transaction;

code embodied on the computer-readable medium that directs the data processor to communicate with a computer by way of the peripheral interface of the verification token;

code embodied on the computer-readable medium that directs the data processor to transmit at least a portion of the received identification information to an entity that can provide a verification value; and

code embodied on the computer-readable medium that directs the data processor to receive, after transmitting said identification information, the verification value from the entity, andwherein the verification token is configured to be located within a housing of the computer or a peripheral device electrically coupled to the computer; and

wherein the verification token further comprisescode embodied on the computer-readable medium that directs the data processor to locate a browser web page on the computer that has a form field for a verification value, and to enter the verification value received from the entity in the form field.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Apparatuses, methods, and systems pertaining to the verification of portable consumer devices are disclosed. In one implementation, a verification token is communicatively coupled to a computer by a USB connection so as to use the computer'"'"'s networking facilities. The verification token reads identification information from a user'"'"'s portable consumer device (e.g., credit card) and sends the information to a validation entry over a communications network using the computer'"'"'s networking facilities. The validation entity applies one or more validation tests to the information that it receives from the verification token. If a selected number of tests are passed, the validation entity sends a device verification value to the verification token, and optionally to a payment processing network. The verification token may enter the device verification value into a CVV field of a web page appearing on the computer'"'"'s display, or may display the value to the user using the computer'"'"'s display.

Citations

38 Claims

1. A verification token that obtains a device verification value for a transaction conducted using a portable consumer device, the verification token comprising:
- a peripheral interface adapted to communicatively couple to a peripheral interface of a computer;
  
  a reader adapted to read identification information from portable consumer devices;
  
  a computer-readable medium;
  
  a data processor electrically coupled to the peripheral interface of the verification token, the reader, and the computer-readable medium;
  
  code embodied on the computer-readable medium that directs the data processor to receive identification information read from a portable consumer device by the reader for the transaction;
  
  code embodied on the computer-readable medium that directs the data processor to communicate with a computer by way of the peripheral interface of the verification token;
  
  code embodied on the computer-readable medium that directs the data processor to transmit at least a portion of the received identification information to an entity that can provide a verification value; and
  
  code embodied on the computer-readable medium that directs the data processor to receive, after transmitting said identification information, the verification value from the entity, andwherein the verification token is configured to be located within a housing of the computer or a peripheral device electrically coupled to the computer; and
  
  wherein the verification token further comprisescode embodied on the computer-readable medium that directs the data processor to locate a browser web page on the computer that has a form field for a verification value, and to enter the verification value received from the entity in the form field.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The verification token of claim 1, wherein the peripheral interface of the verification token comprises a universal serial bus connector.
  - 3. The verification token of claim 1, wherein the identification information is encrypted and includes an account number of the portable consumer device and at least one of the following:
    - a digital fingerprint of a magnetic stripe of the portable consumer device, or a variable datum that varies each time the portable consumer device is read for its identification information.
  - 4. The verification token of claim 1, wherein the code that directs the data processor to communicate with the computer comprises code that directs the data processor to send a device driver to the computer and an instruction to install the device driver in the computer'"'"'s operating system, wherein the device driver enables the computer to recognize the verification token and communicate with the verification token.
  - 5. The verification token of claim 1 further comprising a serial number and an encryption key, and wherein the verification token transmits the serial number and a message encrypted by the encryption key to the entity, the serial number and the encryption key being uniquely assigned to the verification token.
  - 6. The verification token of claim 1, wherein the form field is a hidden field.
  - 7. The verification token of claim 1, further comprising:
    - code embodied on the computer-readable medium that directs the data processor to display the verification value received from the entity to the user on a display of the computer.
  - 8. The verification token of claim 1, wherein the code that directs the data processor to receive the verification value from the entity further directs the data processor to receive a dynamic account number from the entity.
  - 9. The verification token of claim 8, wherein the form field is a second form field, and wherein the verification token further comprises:
    - code embodied on the computer-readable medium that directs the data processor to fill a first form field with the dynamic account number.
  - 10. The verification token of claim 8, further comprising:
    - code embodied on the computer-readable medium that directs the data processor to display the dynamic account number and the verification value received from the entity to the user on a display device of the computer.
  - 11. The verification token of claim 1, wherein the code that directs the data processor to receive the verification value from the entity further directs the data processor to receive address information from the entity;
    - andwherein the verification token further comprises code embodied on the computer-readable medium that directs the data processor to fill in fields in the web page with respective portions of the address information received from the entity.
  - 12. The verification token of claim 1, further comprising the code that directs the data processor to obtain address information from the computer-readable medium;
    - andcode embodied on the computer-readable medium that directs the data processor to fill in fields in the web page with respective portions of the obtained address information.
  - 13. The verification token of claim 1, further comprising:
    - code embodied on the computer-readable medium that directs the data processor to prompt a user to enter a password on a keyboard of the computer, to read a password entered by the user, and to compare the entered password against a stored password embodied on the computer-readable medium; and
      
      code embodied on the computer-readable medium that directs the data processor to prevent identification information from at least being read or sent when the read password is not the same as the stored password.
  - 14. The verification token of claim 1, further comprising:
    - code embodied on the computer-readable medium that directs the data processor to establish a communications session with the entity that can provide a verification value; and
      
      code embodied on the computer-readable medium that directs the data processor to transmit the at least a portion of the received identification information using the established communications session.
  - 15. The verification token of claim 14, wherein the code that directs the data processor to establish the communications session with the entity comprises one or more function calls to an application program interface of a network services module of the computer, the one or more function calls providing a universal resource identifier of an entity and an instruction to establish a communications session with the entity, the universal resource identifier being stored in the computer-readable medium or read from the portable consumer device.
  - 16. The verification token of claim 15, wherein the communications session is established before the data processor reads device data from the reader.
  - 17. The verification token of claim 15, further comprising code that directs the data processor to select one of a number of universal resource identifiers stored in the token based on a bank number provided in the read identification information or embedded in the account number of the read identification information.
  - 18. The verification token of claim 1, further comprising code that directs the processor to encrypt the at least a portion of the identification information prior to transmitting it to the entity.
  - 19. The verification token of claim 1, wherein the verification value is a second verification value, and:
    - wherein the received identification information read by the card reader includes an account number and a first verification value provided by the portable consumer device;
      
      wherein the at least a portion of the received identification information transmitted from the verification token to the entity comprises the account number and the first verification value;
      
      wherein the verification token received by the verification token from the entity is the second verification value that is different from the first verification value; and
      
      wherein the second verification value is configured to be enterable in the field, the field being a card-verification value field.
  - 20. The method of claim 1 wherein the entity is a payment processing network, which is in communication with an issuer that issued the portable consumer device.

21. A device comprising:
- a housing;
  
  a first processor disposed within the housing;
  
  a first memory unit disposed within the housing;
  
  an input-output controller coupled to the first processor; and
  
  a verification token disposed within the housing and communicatively coupled to the input-output controller, the verification token comprising a second processor separate from the first processor, a second memory unit separate from the first memory unit, and a reader coupled to the second processor, the reader configured to obtain information from a portable consumer device, the verification token receiving identification information from the portable consumer device by way of the reader, transmitting at least a portion of the received identification information to an entity that can provide a verification value by way of the first processor, and receiving the verification value from the entity by way of the first processor.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 22. The device according to claim 21, further comprising a display screen disposed at a surface of the housing, and wherein the verification token is located under the display screen.
  - 23. The device according to claim 21, further comprising a mouse touch pad disposed at a surface of the housing, and wherein the verification token is located under the mouse touch pad.
  - 24. The device according to claim 21, further comprising a keyboard disposed at a surface of the housing, the keyboard having a plurality of keys, and wherein the verification token is located under one or more keys of the keyboard.
  - 25. The device according to claim 21, wherein the verification token is located behind a solid surface portion of the housing, without a keyboard, display screen, or mouse touch pad disposed between said solid surface portion and the verification token.
  - 26. The device according to claim 21, wherein the verification token comprises an antenna adapted to at least receive wireless signals from the portable consumer device.
  - 27. The device according to claim 26, further comprising a display screen disposed at a surface of the housing, and wherein the antenna of the verification token is located under the display screen.
  - 28. The device according to claim 26, further comprising a mouse touch pad disposed at a surface of the housing, and wherein the antenna of the verification token is located under the mouse touch pad.
  - 29. The device according to claim 26, further comprising a keyboard disposed at a surface of the housing, the keyboard having a plurality of keys, and wherein the antenna of the verification token is located under one or more keys of the keyboard.
  - 30. The device according to claim 26, wherein the antenna of the verification token is located behind a solid surface portion of the housing, without a keyboard, display screen, or mouse touch pad disposed between said solid surface portion and the verification token.
  - 31. The device according to claim 26, wherein the device further comprises a substrate disposed within the housing, the substrate comprising at least one layer of conductive traces and at least one layer of electrically insulating material, and wherein at least a portion of the antenna of the verification token comprises one or more traces of the substrate.
  - 32. The device according to claim 31, wherein the substrate comprises a flexible keyboard interconnect substrate.
  - 33. The device according to claim 21, wherein the verification token is communicatively coupled to the input-output controller through a USB hub.
  - 34. The device according to claim 21, wherein the verification token disposed is communicatively coupled to the input-output controller through a wireless transceiver.

35. A computer peripheral device comprising:
- a housing;
  
  a controller configured to control a computer monitor, a computer keyboard, or a computer mouse, the controller being disposed in the housing; and
  
  a verification token disposed in the housing and having a reader, the verification token receiving identification information from a portable consumer device by way of the reader, transmitting at least a portion of the received identification information to an entity that can provide a verification value, and receiving the verification value from the entity,wherein the computer peripheral device is the computer monitor, the computer keyboard, or the computer mouse.
- View Dependent Claims (36, 37, 38)
- - 36. The computer peripheral device of claim 35, further comprising:
    - a communications hub disposed within the housing; and
      
      wherein the verification token communicates with the communications hub using communication packets.
  - 37. The computer peripheral device of claim 35, further comprising:
    - a USB hub disposed within the housing, the USB hub having a upstream port, a first downstream port, and a second downstream port; and
      
      wherein the verification token is electrically coupled to the first downstream port of the USB hub, and wherein the controller is electrically coupled to the second downstream port of the USB hub.
  - 38. The computer peripheral device of claim 35, wherein the verification token comprises a wireless transceiver.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Hammad, Ayman
Primary Examiner(s)
Lee, Michael G
Assistant Examiner(s)
CHEDEKEL, TABITHA F

Application Number

US13/250,981
Publication Number

US 20120018511A1
Time in Patent Office

802 Days
Field of Search

235/375, 235/379, 235/380, 235/435, 235/454, 235/455, 235/382, 235/383, 705/37, 705/38, 705/39, 705/40, 705/41, 705/42, 705/43, 705/44
US Class Current

235/375
CPC Class Codes

G06F 21/31   User authentication

G06Q 20/12   specially adapted for elect...

G06Q 20/385   using an alias or single-us...

G06Q 20/4018   using the card verification...

G07F 7/0873   Details of the card reader

G07F 7/0893   the card reader reading the...

G07F 7/122   Online card verification

Integration of verification tokens with portable computing devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

38 Claims

Specification

Solutions

Use Cases

Quick Links

Integration of verification tokens with portable computing devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

38 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links