Preventing an unauthorized card transaction

US 8,751,398 B2
Filed: 06/08/2012
Issued: 06/10/2014
Est. Priority Date: 07/24/2008
Status: Expired due to Fees

First Claim

Patent Images

1. A method of preventing an unauthorized card transaction, the method comprising the steps of:

a first computing system receiving an authorization record from a travel reservation system (TRS) executing on a second computing system, wherein the authorization record specifies a card, a cardholder to whom the card is issued, a travel itinerary associated with a trip to be taken by the cardholder, the trip including air travel and the travel itinerary including an airport of a connecting flight of the air travel, wherein the authorization record further specifies an authorized country and city of a destination of the trip, an authorized period of time, a rule indicating any usage of the card at the airport of the connecting flight is the unauthorized card transaction, and an indication that any usage of the card in the authorized country and city in the authorized period of time is granted, wherein the card is a credit card or a debit card, wherein the card is used by the cardholder for a purchase, via the TRS, of one or more geo-localized travel bookings that specify the travel itinerary, and wherein the travel itinerary specifies that in the trip the cardholder is scheduled to be in the authorized country and city for the authorized period of time;

in response to the step of receiving the authorization record, the first computing system updating a profile table included in a computer data storage unit by storing the authorization record in the profile table;

subsequent to the step of storing the authorization record, the first computing system receiving a request for an authorization of a card transaction that is initiated via a usage of the card at the airport of the connecting flight;

in response to the step of receiving the request for the authorization of the card transaction, the first computing system retrieving from the request an identifier of a retrieved location in which the card transaction is initiated and a retrieved date on which the card transaction is initiated;

the first computing system retrieving from the profile table one or more authorization records that include a respective one or more authorized geographic locations and a respective one or more authorized periods of time such that each authorized period of time in the respective one or more authorized periods of time includes the retrieved date, the retrieved one or more authorization records include the authorization record received from the TRS;

the first computing system determining the retrieved one or more authorization records include the rule indicating any usage of the card at the airport of the connecting flight is the unauthorized card transaction and determining the retrieved location in which the card transaction that is initiated is the airport of the connecting flight; and

the first computing system rejecting the card transaction as the unauthorized card transaction based on the retrieved location in which the card transaction that is initiated is the airport at which usage of the card is the unauthorized card transaction as indicated by the rule included in the retrieved one or more authorization records.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An approach for preventing unauthorized card transactions is presented. An authorization record including an authorized geographic location and an authorized period of time is received from a travel reservation system (TRS) and stored to dynamically update a profile table that stores other authorization records. The authorization record identifies an itinerary specified by travel booking(s) purchased via the TRS using a debit or credit card. The itinerary specifies that the cardholder is scheduled to be in the authorized geographic location for the authorized period of time. In response to receiving a request for an authorization of a card transaction, a location and date associated with the card transaction are retrieved from the request. The card transaction is rejected based on a determination that the retrieved location is not within authorized geographic locations included in the stored authorization records that have authorized time periods that include the retrieved date.

19 Citations

View as Search Results

17 Claims

1. A method of preventing an unauthorized card transaction, the method comprising the steps of:
- a first computing system receiving an authorization record from a travel reservation system (TRS) executing on a second computing system, wherein the authorization record specifies a card, a cardholder to whom the card is issued, a travel itinerary associated with a trip to be taken by the cardholder, the trip including air travel and the travel itinerary including an airport of a connecting flight of the air travel, wherein the authorization record further specifies an authorized country and city of a destination of the trip, an authorized period of time, a rule indicating any usage of the card at the airport of the connecting flight is the unauthorized card transaction, and an indication that any usage of the card in the authorized country and city in the authorized period of time is granted, wherein the card is a credit card or a debit card, wherein the card is used by the cardholder for a purchase, via the TRS, of one or more geo-localized travel bookings that specify the travel itinerary, and wherein the travel itinerary specifies that in the trip the cardholder is scheduled to be in the authorized country and city for the authorized period of time;
  
  in response to the step of receiving the authorization record, the first computing system updating a profile table included in a computer data storage unit by storing the authorization record in the profile table;
  
  subsequent to the step of storing the authorization record, the first computing system receiving a request for an authorization of a card transaction that is initiated via a usage of the card at the airport of the connecting flight;
  
  in response to the step of receiving the request for the authorization of the card transaction, the first computing system retrieving from the request an identifier of a retrieved location in which the card transaction is initiated and a retrieved date on which the card transaction is initiated;
  
  the first computing system retrieving from the profile table one or more authorization records that include a respective one or more authorized geographic locations and a respective one or more authorized periods of time such that each authorized period of time in the respective one or more authorized periods of time includes the retrieved date, the retrieved one or more authorization records include the authorization record received from the TRS;
  
  the first computing system determining the retrieved one or more authorization records include the rule indicating any usage of the card at the airport of the connecting flight is the unauthorized card transaction and determining the retrieved location in which the card transaction that is initiated is the airport of the connecting flight; and
  
  the first computing system rejecting the card transaction as the unauthorized card transaction based on the retrieved location in which the card transaction that is initiated is the airport at which usage of the card is the unauthorized card transaction as indicated by the rule included in the retrieved one or more authorization records.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising the steps of:
    - purchasing, prior to the step of receiving the authorization record and via the TRS, the one or more geo-localized travel bookings, wherein the step of purchasing includes using the card for a payment for the one or more geo-localized travel bookings,wherein the step of receiving the authorization record includes receiving a request for an addition of the authorization record to the profile table, wherein the request includes a set of profiling data and an authentication, and wherein the set of profiling data specifies the card, the cardholder, the authorized country and city of the destination, the travel itinerary, and the authorized period of time;
      
      from the request for the addition of the authorization record and subsequent to the step of receiving the request for the addition of the authorization record, the first computing system retrieving the set of profiling data and retrieving the authentication;
      
      subsequent to the step of retrieving the authentication, the first computing system verifying the authentication; and
      
      subsequent to the step of retrieving the set of profiling data, the first computing system validating the set of profiling data,wherein the step of storing the authorization record includes, subsequent to the step of validating the set of profiling data, adding the set of profiling data as the authentication record in the profile table.
  - 3. The method of claim 1, further comprising the steps of:
    - the first computing system receiving a request from the TRS for a cancellation of the travel itinerary;
      
      the first computing system retrieving from the request for the cancellation, and subsequent to the step of receiving the request for the cancellation, a set of profiling data and an authentication, wherein the set of profiling data includes an identifier of the card and an identification of the travel itinerary;
      
      the first computing system determining that the identifier of the card is included in the authentication record in the profile table;
      
      subsequent to the step of retrieving the authentication, the first computing system verifying the authentication; and
      
      subsequent to the step of verifying the authentication, the first computing system removing the authentication record from the profile table.
  - 4. The method of claim 1, further comprising the first computing system determining the retrieved date is within respective one or more extended periods of time specified by the one or more authorized periods of time extended by respective one or more timing tolerance values included in the one or more authorization records, wherein the step of retrieving the one or more authorization records from the profile table is based on the retrieved date being within the respective one or more extended periods of time.
  - 5. The method of claim 1, further comprising the steps of:
    - the first computing system receiving a notification of a change of an arrival or a departure of an airplane used in the travel itinerary;
      
      in real-time, the first computing system automatically updating the authorized period of time based on the change of the arrival or the departure of the airplane; and
      
      the first computing system determining the retrieved date is included in the automatically updated authorized period of time, wherein the step of retrieving the one or more authorization records is in part based on the retrieved date being included in the automatically updated authorized period of time.
  - 6. The method of claim 1, further comprising subsequent to the step of determining the retrieved one or more authorization records include the rule indicating any usage of the card at the airport of the connecting flight is the unauthorized card transaction and subsequent to the step of determining the retrieved location in which the card transaction is initiated is the airport of the connecting flight, the first computing system sending a notification for display on a display device, wherein the notification includes the retrieved location and the retrieved date.

7. A first computing system comprising:
- a central processing unit (CPU);
  
  a memory coupled to the CPU;
  
  a computer-readable, tangible storage device coupled to the CPU, the storage device containing instructions that when carried out by the CPU via the memory implement a method of preventing an unauthorized card transaction, the method comprising the steps of;
  
  the first computing system receiving an authorization record from a travel reservation system (TRS) executing on a second computing system, wherein the authorization record specifies a card, a cardholder to whom the card is issued, a travel itinerary associated with a trip to be taken by the cardholder, the trip including air travel and the travel itinerary including an airport of a connecting flight of the air travel, wherein the authorization record further specifies an authorized country and city of a destination of the trip, an authorized period of time, a rule indicating any usage of the card at the airport of the connecting flight is the unauthorized card transaction, and an indication that any usage of the card in the authorized country and city in the authorized period of time is granted, wherein the card is a credit card or a debit card, wherein the card is used by the cardholder for a purchase, via the TRS, of one or more geo-localized travel bookings that specify the travel itinerary, and wherein the travel itinerary specifies that in the trip the cardholder is scheduled to be in the authorized country and city for the authorized period of time;
  
  in response to the step of receiving the authorization record, the first computing system updating a profile table included in a computer data storage unit by storing the authorization record in the profile table;
  
  subsequent to the step of storing the authorization record, the first computing system receiving a request for an authorization of a card transaction that is initiated via a usage of the card at the airport of the connecting flight;
  
  in response to the step of receiving the request for the authorization of the card transaction, the first computing system retrieving from the request an identifier of a retrieved location in which the card transaction is initiated and a retrieved date on which the card transaction is initiated;
  
  the first computing system retrieving from the profile table one or more authorization records that include a respective one or more authorized geographic locations and a respective one or more authorized periods of time such that each authorized period of time in the respective one or more authorized periods of time includes the retrieved date, the retrieved one or more authorization records include the authorization record received from the TRS;
  
  the first computing system determining the retrieved one or more authorization records include the rule indicating any usage of the card at the airport of the connecting flight is the unauthorized card transaction and determining the retrieved location in which the card transaction that is initiated is the airport of the connecting flight; and
  
  the first computing system rejecting the card transaction as the unauthorized card transaction based on the retrieved location in which the card transaction that is initiated is the airport at which usage of the card is the unauthorized card transaction as indicated by the rule included in the retrieved on or more authorization records.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The first computing system of claim 7, wherein the method further comprises the steps of:
    - the first computing system receiving a request from the TRS for a cancellation of the travel itinerary;
      
      the first computing system retrieving from the request for the cancellation, and subsequent to the step of receiving the request for the cancellation, a set of profiling data and an authentication, wherein the set of profiling data includes an identifier of the card and an identification of the travel itinerary;
      
      the first computing system determining that the identifier of the card is included in the authentication record in the profile table;
      
      subsequent to the step of retrieving the authentication, the first computing system verifying the authentication; and
      
      subsequent to the step of verifying the authentication, the first computing system removing the authentication record from the profile table.
  - 9. The first computing system of claim 7, wherein the method further comprises the steps of:
    - the first computing system receiving a notification of a change of an arrival or a departure of an airplane used in the travel itinerary;
      
      in real-time, the first computing system automatically updating the authorized period of time based on the change of the arrival or the departure of the airplane; and
      
      the first computing system determining the retrieved date is included in the automatically updated authorized period of time, wherein the step of retrieving the one or more authorization records is in part based on the retrieved date being included in the automatically updated authorized period of time.
  - 10. The first computing system of claim 7, wherein the method further comprises the steps of:
    - purchasing, prior to the step of receiving the authorization record and via the TRS, the one or more geo-localized travel bookings, wherein the step of purchasing includes using the card for a payment for the one or more geo-localized travel bookings,wherein the step of receiving the authorization record includes receiving a request for an addition of the authorization record to the profile table, wherein the request includes a set of profiling data and an authentication, and wherein the set of profiling data specifies the card, the cardholder, the authorized country and city of the destination, the travel itinerary, and the authorized period of time;
      
      from the request for the addition of the authorization record and subsequent to the step of receiving the request for the addition of the authorization record, the first computing system retrieving the set of profiling data and retrieving the authentication;
      
      subsequent to the step of retrieving the authentication, the first computing system verifying the authentication; and
      
      subsequent to the step of retrieving the set of profiling data, the first computing system validating the set of profiling data,wherein the step of storing the authorization record includes, subsequent to the step of validating the set of profiling data, adding the set of profiling data as the authentication record in the profile table.
  - 11. The first computing system of claim 7, wherein the method further comprises the first computing system determining the retrieved date is within respective one or more extended periods of time specified by the one or more authorized periods of time extended by respective one or more timing tolerance values included in the one or more authorization records, wherein the step of retrieving the one or more authorization records from the profile table is based on the retrieved date being within the respective one or more extended periods of time.
  - 12. The first computing system of claim 7, wherein the method further comprises subsequent to the step of determining the retrieved one or more authorization records include the rule indicating any usage of the card at the airport of the connecting flight is the unauthorized card transaction and subsequent to the step of determining the retrieved location in which the card transaction is initiated is the airport of the connecting flight, the first computing system sending a notification for display on a display device, wherein the notification includes the retrieved location and the retrieved date.

13. A computer program product, comprising:
- a computer-readable, tangible storage device; and
  
  a computer-readable program code stored in the computer-readable, tangible storage device, the computer-readable program code containing instructions that when executed by a processor of a first computing system implement a method of preventing an unauthorized card transaction, the method comprising the steps of;
  
  the first computing system receiving an authorization record from a travel reservation system (TRS) executing on a second computing system, wherein the authorization record specifies a card, a cardholder to whom the card is issued, a travel itinerary associated with a trip to be taken by the cardholder, the trip including air travel and the travel itinerary including an airport of a connecting flight of the air travel, wherein the authorization record further specifies an authorized country and city of a destination of the trip, an authorized period of time, a rule indicating any usage of the card at the airport of the connecting flight is the unauthorized card transaction, and an indication that any usage of the card in the authorized country and city in the authorized period of time is granted, wherein the card is a credit card or a debit card, wherein the card is used by the cardholder for a purchase, via the TRS, of one or more geo-localized travel bookings that specify the travel itinerary, and wherein the travel itinerary specifies that in the trip the cardholder is scheduled to be in the authorized country and city for the authorized period of time;
  
  in response to the step of receiving the authorization record, the first computing system updating a profile table included in a computer data storage unit by storing the authorization record in the profile table;
  
  subsequent to the step of storing the authorization record, the first computing system receiving a request for an authorization of a card transaction that is initiated via a usage of the card at the airport of the connecting flight;
  
  in response to the step of receiving the request for the authorization of the card transaction, the first computing system retrieving from the request an identifier of a retrieved location in which the card transaction is initiated and a retrieved date on which the card transaction is initiated;
  
  the first computing system retrieving from the profile table one or more authorization records that include a respective one or more authorized geographic locations and a respective one or more authorized periods of time such that each authorized period of time in the respective one or more authorized periods of time includes the retrieved date, the retrieved one or more authorization records include the authorization record received from the TRS;
  
  the first computing system determining the retrieved one or more authorization records include the rule indicating any usage of the card at the airport of the connecting flight is the unauthorized card transaction and determining the retrieved location in which the card transaction that is initiated is the airport of the connecting flight; and
  
  the first computing system rejecting the card transaction as the unauthorized card transaction based on the retrieved location in which the card transaction that is initiated is the airport at which usage of the card is the unauthorized card transaction as indicated by the rule included in the retrieved one or more authorization records.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The program product of claim 13, wherein the method further comprises the steps of:
    - the first computing system receiving a request from the TRS for a cancellation of the travel itinerary;
      
      the first computing system retrieving from the request for the cancellation, and subsequent to the step of receiving the request for the cancellation, a set of profiling data and an authentication, wherein the set of profiling data includes an identifier of the card and an identification of the travel itinerary;
      
      the first computing system determining that the identifier of the card is included in the authentication record in the profile table;
      
      subsequent to the step of retrieving the authentication, the first computing system verifying the authentication; and
      
      subsequent to the step of verifying the authentication, the first computing system removing the authentication record from the profile table.
  - 15. The program product of claim 13, wherein the method further comprises the steps of:
    - purchasing, prior to the step of receiving the authorization record and via the TRS, the one or more geo-localized travel bookings, wherein the step of purchasing includes using the card for a payment for the one or more geo-localized travel bookings,wherein the step of receiving the authorization record includes receiving a request for an addition of the authorization record to the profile table, wherein the request includes a set of profiling data and an authentication, and wherein the set of profiling data specifies the card, the cardholder, the authorized country and city of the destination, the travel itinerary, and the authorized period of time;
      
      from the request for the addition of the authorization record and subsequent to the step of receiving the request for the addition of the authorization record, the first computing system retrieving the set of profiling data and retrieving the authentication;
      
      subsequent to the step of retrieving the authentication, the first computing system verifying the authentication; and
      
      subsequent to the step of retrieving the set of profiling data, the first computing system validating the set of profiling data,wherein the step of storing the authorization record includes, subsequent to the step of validating the set of profiling data, adding the set of profiling data as the authentication record in the profile table.
  - 16. The program product of claim 13, wherein the method further comprises the first computing system determining the retrieved date is within respective one or more extended periods of time specified by the one or more authorized periods of time extended by respective one or more timing tolerance values included in the one or more authorization records, wherein the step of retrieving the one or more authorization records from the profile table is based on the retrieved date being within the respective one or more extended periods of time.
  - 17. The program product of claim 13, wherein the method further comprises the steps of:
    - the first computing system receiving a notification of a change of an arrival or a departure of an airplane used in the travel itinerary;
      
      in real-time, the first computing system automatically updating the authorized period of time based on the change of the arrival or the departure of the airplane; and
      
      the first computing system determining the retrieved date is included in the automatically updated authorized period of time, wherein the step of retrieving the one or more authorization records is in part based on the retrieved date being included in the automatically updated authorized period of time.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kyndryl Incorporated
Original Assignee
International Business Machines Corporation
Inventors
Dispensa, Jean-Claude, Gregoire, Philippe, Picard, Dominique
Primary Examiner(s)
Maguire, Lindsay M.

Application Number

US13/491,645
Publication Number

US 20120245967A1
Time in Patent Office

732 Days
Field of Search

705/44
US Class Current

705/44
CPC Class Codes

G06Q 10/02   Reservations, e.g. for tick...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 40/00   Finance; Insurance; Tax str...

Preventing an unauthorized card transaction

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

19 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Preventing an unauthorized card transaction

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links