Method and system for implementing a dynamic verification value
First Claim
Patent Images
1. A method comprising:
- receiving, at a server computer, a message including an account identifier for an account and a first verification value;
selecting a dynamic verification value process from a plurality of dynamic verification value processes using the account identifier, wherein the plurality of dynamic verification value processes use respectively different process-specific data elements unique to the dynamic verification value processes to produce verification values, wherein the selected dynamic verification value process uses at least one of a time-based element, a counter-based element, and a sequence-based element;
determining, by the server computer, a second verification value using the selected dynamic verification value process;
determining if the first verification value and the second verification value match or are within a predetermined range;
when the first verification value and the second verification value match or are within the predetermined range, approving an authentication; and
when the first verification value and the second verification value do not match and are not within the predetermined range, performing an action, including one or more of denying the authentication, requesting additional verification data, freezing the account, and generating a fraud alert message indicating fraudulent activity.
0 Assignments
0 Petitions
Accused Products
Abstract
A method is disclosed, which includes receiving a message including an account identifier and a first verification value. The method uses the account identifier to select a dynamic verification value process from at least two dynamic verification value processes. Then, using the selected dynamic verification value process, a second verification value is determined. Next, the method determines if the first verification value and the second verification value match or are within an expected range.
55 Citations
19 Claims
-
1. A method comprising:
-
receiving, at a server computer, a message including an account identifier for an account and a first verification value; selecting a dynamic verification value process from a plurality of dynamic verification value processes using the account identifier, wherein the plurality of dynamic verification value processes use respectively different process-specific data elements unique to the dynamic verification value processes to produce verification values, wherein the selected dynamic verification value process uses at least one of a time-based element, a counter-based element, and a sequence-based element; determining, by the server computer, a second verification value using the selected dynamic verification value process; determining if the first verification value and the second verification value match or are within a predetermined range; when the first verification value and the second verification value match or are within the predetermined range, approving an authentication; and when the first verification value and the second verification value do not match and are not within the predetermined range, performing an action, including one or more of denying the authentication, requesting additional verification data, freezing the account, and generating a fraud alert message indicating fraudulent activity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A server computer comprising a processor and a non-transitory computer readable medium coupled to the processor, the non-transitory computer readable medium comprising code executable by the processor for implementing a method comprising:
-
receiving a message including an account identifier and a first verification value; selecting a dynamic verification value process from a plurality of dynamic verification value processes using the account identifier, wherein the plurality of dynamic verification value processes use respectively different process-specific data elements unique to the dynamic verification value processes to produce verification values, wherein the selected dynamic verification value process uses at least one of a time-based element, a counter-based element, and a sequence-based element; determining a second verification value using the selected dynamic verification value process; determining if the first verification value and the second verification value match or are within a predetermined range; when the first verification value and the second verification value match or are within the predetermined range, approving an authentication; and when the first verification value and the second verification value do not match and are not within the predetermined range, performing an action, including one or more of denying the authentication, requesting additional verification data, freezing the account, and generating a fraud alert message indicating fraudulent activity.
-
-
10. A method comprising:
-
generating a message including an account identifier and a first verification value; and sending the message to a server computer, wherein the server computer is configured to; select a dynamic verification value process from a plurality of dynamic verification value processes using the account identifier, wherein the plurality of dynamic verification value processes use respectively different process-specific data elements unique to the dynamic verification value processes to produce verification values, wherein the selected dynamic verification value process uses at least one of a time-based element, a counter-based element, and a sequence-based element; determine a second verification value using the selected dynamic verification value process; determine if the first verification value and the second verification value match or are within a predetermined range; when the first verification value and the second verification value match or are within the predetermined range, approve an authentication; and when the first verification value and the second verification value do not match and are not within the predetermined range, perform an action, including one or more of denying the authentication, requesting additional verification data, freezing the account, and generating a fraud alert message indicating fraudulent activity. - View Dependent Claims (11, 12, 13, 14)
-
-
15. An electronic device comprising a processor and a non-transitory computer readable medium coupled to the processor, the non-transitory computer readable medium comprising code executable by the processor for implementing a method comprising:
-
generating a message including an account identifier and a first verification value; and sending the message to a server computer, wherein the server computer is configured to; select a dynamic verification value process from a plurality of dynamic verification value processes using the account identifier, wherein the plurality of dynamic verification value processes use respectively different process-specific data elements unique to the dynamic verification value processes to produce verification values, wherein the selected dynamic verification value process uses at least one of a time-based element, a counter-based element, and a sequence-based element; determine a second verification value using the selected dynamic verification value process; determine if the first verification value and the second verification value match or are within a predetermined range; when the first verification value and the second verification value match or are within the predetermined range, approve an authentication; and when the first verification value and the second verification value do not match and are not within the predetermined range, perform an action, including one or more of denying the authentication, requesting additional verification data, freezing the account, and generating a fraud alert message indicating fraudulent activity. - View Dependent Claims (16, 17, 18, 19)
-
Specification