Method and system for implementing a dynamic verification value

US 8,904,481 B2
Filed: 12/17/2012
Issued: 12/02/2014
Est. Priority Date: 08/20/2007
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a server computer, a message including an account identifier for an account and a first verification value;

selecting a dynamic verification value process from a plurality of dynamic verification value processes using the account identifier, wherein the plurality of dynamic verification value processes use respectively different process-specific data elements unique to the dynamic verification value processes to produce verification values, wherein the selected dynamic verification value process uses at least one of a time-based element, a counter-based element, and a sequence-based element;

determining, by the server computer, a second verification value using the selected dynamic verification value process;

determining if the first verification value and the second verification value match or are within a predetermined range;

when the first verification value and the second verification value match or are within the predetermined range, approving an authentication; and

when the first verification value and the second verification value do not match and are not within the predetermined range, performing an action, including one or more of denying the authentication, requesting additional verification data, freezing the account, and generating a fraud alert message indicating fraudulent activity.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is disclosed, which includes receiving a message including an account identifier and a first verification value. The method uses the account identifier to select a dynamic verification value process from at least two dynamic verification value processes. Then, using the selected dynamic verification value process, a second verification value is determined. Next, the method determines if the first verification value and the second verification value match or are within an expected range.

55 Citations

View as Search Results

19 Claims

1. A method comprising:
- receiving, at a server computer, a message including an account identifier for an account and a first verification value;
  
  selecting a dynamic verification value process from a plurality of dynamic verification value processes using the account identifier, wherein the plurality of dynamic verification value processes use respectively different process-specific data elements unique to the dynamic verification value processes to produce verification values, wherein the selected dynamic verification value process uses at least one of a time-based element, a counter-based element, and a sequence-based element;
  
  determining, by the server computer, a second verification value using the selected dynamic verification value process;
  
  determining if the first verification value and the second verification value match or are within a predetermined range;
  
  when the first verification value and the second verification value match or are within the predetermined range, approving an authentication; and
  
  when the first verification value and the second verification value do not match and are not within the predetermined range, performing an action, including one or more of denying the authentication, requesting additional verification data, freezing the account, and generating a fraud alert message indicating fraudulent activity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 wherein selecting the dynamic verification value process from the plurality of dynamic verification value processes using the account identifier comprises selecting a verification algorithm from a plurality of verification algorithms.
  - 3. The method of claim 1, wherein the message is an authorization request message generated for a transaction.
  - 4. The method of claim 1, wherein the fraud alert message is transmitted to an issuer associated with the account.
  - 5. The method of claim 1, wherein the fraud alert message is transmitted to a mobile device for a consumer associated with the account.
  - 6. The method of claim 1, wherein selecting the dynamic verification value process from the plurality of dynamic verification value processes includes selecting the dynamic verification value from at least three dynamic verification value processes including a first verification value process wherein the first verification value is generated after an interaction between an access device and a payment device, a second verification value process wherein the first verification value is generated in response to a time-based trigger, and a third verification value process wherein the first verification value is generated in response to consumer action without the access device.
  - 7. The method of claim 6, wherein the payment device is a card.
  - 8. The method of claim 6, wherein the payment device is authenticated if the first verification value and the second verification value or are within the predetermined range.

9. A server computer comprising a processor and a non-transitory computer readable medium coupled to the processor, the non-transitory computer readable medium comprising code executable by the processor for implementing a method comprising:
- receiving a message including an account identifier and a first verification value;
  
  selecting a dynamic verification value process from a plurality of dynamic verification value processes using the account identifier, wherein the plurality of dynamic verification value processes use respectively different process-specific data elements unique to the dynamic verification value processes to produce verification values, wherein the selected dynamic verification value process uses at least one of a time-based element, a counter-based element, and a sequence-based element;
  
  determining a second verification value using the selected dynamic verification value process;
  
  determining if the first verification value and the second verification value match or are within a predetermined range;
  
  when the first verification value and the second verification value match or are within the predetermined range, approving an authentication; and
  
  when the first verification value and the second verification value do not match and are not within the predetermined range, performing an action, including one or more of denying the authentication, requesting additional verification data, freezing the account, and generating a fraud alert message indicating fraudulent activity.

10. A method comprising:
- generating a message including an account identifier and a first verification value; and
  
  sending the message to a server computer, wherein the server computer is configured to;
  
  select a dynamic verification value process from a plurality of dynamic verification value processes using the account identifier, wherein the plurality of dynamic verification value processes use respectively different process-specific data elements unique to the dynamic verification value processes to produce verification values, wherein the selected dynamic verification value process uses at least one of a time-based element, a counter-based element, and a sequence-based element;
  
  determine a second verification value using the selected dynamic verification value process;
  
  determine if the first verification value and the second verification value match or are within a predetermined range;
  
  when the first verification value and the second verification value match or are within the predetermined range, approve an authentication; and
  
  when the first verification value and the second verification value do not match and are not within the predetermined range, perform an action, including one or more of denying the authentication, requesting additional verification data, freezing the account, and generating a fraud alert message indicating fraudulent activity.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The method of claim 10, wherein the server computer is further configured to select a verification algorithm from a plurality of verification algorithms.
  - 12. The method of claim 10, wherein the server computer is further configured to select the dynamic verification value process from at least three dynamic verification value processes including a first verification value process where the first verification value is generated after an interaction between an access device and a payment device, a second verification value process wherein the first verification value is generated in response to a time-based trigger, and a third verification value process where the first verification value is generated in response to consumer action without the access device.
  - 13. The method of claim 12, wherein the payment device is a card.
  - 14. The method of claim 12, wherein the payment device is authenticated if the first verification value and the second verification value match or are within the predetermined range.

15. An electronic device comprising a processor and a non-transitory computer readable medium coupled to the processor, the non-transitory computer readable medium comprising code executable by the processor for implementing a method comprising:
- generating a message including an account identifier and a first verification value; and
  
  sending the message to a server computer, wherein the server computer is configured to;
  
  select a dynamic verification value process from a plurality of dynamic verification value processes using the account identifier, wherein the plurality of dynamic verification value processes use respectively different process-specific data elements unique to the dynamic verification value processes to produce verification values, wherein the selected dynamic verification value process uses at least one of a time-based element, a counter-based element, and a sequence-based element;
  
  determine a second verification value using the selected dynamic verification value process;
  
  determine if the first verification value and the second verification value match or are within a predetermined range;
  
  when the first verification value and the second verification value match or are within the predetermined range, approve an authentication; and
  
  when the first verification value and the second verification value do not match and are not within the predetermined range, perform an action, including one or more of denying the authentication, requesting additional verification data, freezing the account, and generating a fraud alert message indicating fraudulent activity.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The electronic device of claim 15, wherein the electronic device is in the form of a card.
  - 17. The electronic device of claim 15, wherein the electronic device is an access device.
  - 18. The electronic device of claim 15, wherein the message is an authorization request message generated for a transaction.
  - 19. The electronic device of claim 15, wherein the server computer is further configured to select the dynamic verification value process from at least three dynamic verification value processes including a first verification value process where the first verification value is generated after an interaction between an access device and a payment device, a second verification value process wherein the first verification value is generated in response to a time-based trigger, and a third verification value process where the first verification value is generated in response to consumer action without the access device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa USA, Inc. (Visa, Inc.)
Original Assignee
Visa USA, Inc. (Visa, Inc.)
Inventors
Manessis, Thomas, Gerber, Gary
Primary Examiner(s)
ABYANEH, ALI S

Application Number

US13/717,098
Publication Number

US 20130218772A1
Time in Patent Office

715 Days
Field of Search

726/2, 726/9, 705/35, 705/39, 705/44, 705/75
US Class Current

726/2
CPC Class Codes

G06Q 20/04   Payment circuits

G06Q 20/18   involving self-service term...

G06Q 20/352   Contactless payments by cards

G06Q 20/3825   Use of electronic signatures

G06Q 20/385   using an alias or single-us...

G06Q 20/386   using messaging services or...

G06Q 20/4016   involving fraud or risk lev...

G06Q 20/4018   using the card verification...

G06Q 20/403   Solvency checks

Method and system for implementing a dynamic verification value

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

55 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for implementing a dynamic verification value

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

55 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links