Payment transaction processing using out of band authentication
First Claim
1. A method comprising:
- receiving, by a mobile device storing a digital certificate, via a second communication channel, a request to approve a transaction, wherein the transaction is conducted by a consumer using a first communications channel, wherein an authentication request message is previously sent to the consumer by sending the authentication request to a first device coupled to the first communications channel, wherein data received from the first device is used to contact the consumer on the mobile device, and wherein the data that is used to contact the consumer on the mobile device is provided by the consumer; and
transmitting, by the mobile device via the second communications channel, a payment confirmation message approving or denying the transaction, the payment confirmation message including a digital signature authenticating the consumer.
0 Assignments
0 Petitions
Accused Products
Abstract
Systems, apparatuses, and methods for increasing the security of electronic payment transactions, such as eCommerce transactions conducted over the Internet. A transaction approval or authorization mechanism uses an out of band process to provide authentication or identification data that has previously been registered by a user and associated with the user'"'"'s payment device or account. The out of band authentication data may be provided in response to a message sent to a user'"'"'s mobile phone, where the message is generated in response to entering the user'"'"'s phone number into a form that is provided when the user engages in an electronic payment transaction using a desktop computer. The data may include a digital signature and associated digital certificate that is used to authenticate the user.
-
Citations
20 Claims
-
1. A method comprising:
-
receiving, by a mobile device storing a digital certificate, via a second communication channel, a request to approve a transaction, wherein the transaction is conducted by a consumer using a first communications channel, wherein an authentication request message is previously sent to the consumer by sending the authentication request to a first device coupled to the first communications channel, wherein data received from the first device is used to contact the consumer on the mobile device, and wherein the data that is used to contact the consumer on the mobile device is provided by the consumer; and transmitting, by the mobile device via the second communications channel, a payment confirmation message approving or denying the transaction, the payment confirmation message including a digital signature authenticating the consumer. - View Dependent Claims (2, 3, 4)
-
-
5. A transaction processor, comprising:
-
an electronic processor; a memory coupled to the electronic processor; and a set of instructions stored in the memory which, when executed by the electronic processor cause the transaction processor to send an authentication request message to a consumer by sending the authentication request to a first device coupled to a first communications channel; receive, from the first device, data that is used to contact the consumer on a second device storing a digital certificate, wherein the data that is used to contact the consumer on the second device is provided by the consumer; transmit a request to the consumer to approve a transaction by transmitting the request to approve the transaction to the second device over a second communications channel; and in response to the request sent to the consumer to approve the transaction, receive a payment confirmation message from the consumer generated by the second device and provided over the second communications channel, the payment confirmation message approving or denying the transaction and including a digital signature associated with the consumer. - View Dependent Claims (6, 7, 8, 9)
-
-
10. A method of processing a payment transaction, comprising:
-
sending an authentication request message to a consumer by sending the authentication request to a first device coupled to a first communications channel; receiving from the first device data that is used to contact the consumer on a second device storing a digital certificate, wherein the data that is used to contact the consumer on the second device is provided by the consumer; transmitting a request to the consumer to approve the transaction by transmitting the request to approve the transaction to the second device over a second communications channel; and in response to the request sent to the consumer to approve the transaction, receiving a payment confirmation message from the consumer generated by the second device and provided over the second communications channel, the payment confirmation message approving or denying the transaction and including a digital signature associated with the consumer. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method of processing a payment transaction, comprising:
-
sending an authentication request message to a consumer by sending the authentication request to a first device coupled to a first communications channel; receiving from the first device data that is used to contact the consumer on a second device storing a digital certificate; transmitting a request to the consumer to approve the transaction by transmitting the request to approve the transaction to the second device over a second communications channel; and in response to the request sent to the consumer to approve the transaction, receiving a payment confirmation message from the consumer generated by the second device and provided over the second communications channel, the payment confirmation message approving or denying the transaction and including a digital signature associated with the consumer, wherein a downloaded application on the second device is used to generate the digital signature corresponding to the digital certificate from the consumer'"'"'s second device or a digital certificate from a server. - View Dependent Claims (20)
-
Specification