Dual layer authentication for electronic payment request in online transactions
First Claim
1. A method for additional authorization of an electronic payment request, during a main authorization process of the electronic payment request for an online purchase by means of a browser, the browser running on a data processing system including proximity based transceiver means, the payment request being made with a payment card configured with details of at least one device in the possession of at least one owner of the card, the method comprising:
- a computer configuring the payment card with information associated with the at least one device wherein the information includes one of one or more uniform resource locator addresses for which additional authorization is not required, a price threshold requiring the additional authorization, and a type of object threshold requiring the additional authorization;
the computer suspending the main authorization process;
the computer, by the proximity based transceiver means, detecting the proximity of at least one portable device with whose details the payment card is configured, wherein the proximity based transceiver means includes a Bluetooth device and wherein a browser plug-in in the browser searches for the at least one portable device in a range asking for a Bluetooth code to allow handshaking between the at least one portable device and the data processing system;
the computer, upon detection of the at least one portable device in the range, establishing a communication session between the data processing system and the detected portable device;
the computer requesting a first code from the detected portable device;
the computer comparing the first code with a predetermined second code; and
the computer resuming the main authorization process in the event the first code substantially matches the second code.
2 Assignments
0 Petitions
Accused Products
Abstract
Increasing the security of online payment requests by introducing a dual-layer authentication system for accessing the funds and/or credit through payment cards is described. An additional check regarding the identity of a card user to be included within a traditional security protocols for these cards, wherein the additional check is based on an authentication channel which is external to the user'"'"'s card. A device owned by the legitimate card owner certifies that the user of the card at any given instant is the legitimate owner of the card and not someone else. To process this additional information, a connection by means of a proximity based device is established.
37 Citations
6 Claims
-
1. A method for additional authorization of an electronic payment request, during a main authorization process of the electronic payment request for an online purchase by means of a browser, the browser running on a data processing system including proximity based transceiver means, the payment request being made with a payment card configured with details of at least one device in the possession of at least one owner of the card, the method comprising:
-
a computer configuring the payment card with information associated with the at least one device wherein the information includes one of one or more uniform resource locator addresses for which additional authorization is not required, a price threshold requiring the additional authorization, and a type of object threshold requiring the additional authorization; the computer suspending the main authorization process; the computer, by the proximity based transceiver means, detecting the proximity of at least one portable device with whose details the payment card is configured, wherein the proximity based transceiver means includes a Bluetooth device and wherein a browser plug-in in the browser searches for the at least one portable device in a range asking for a Bluetooth code to allow handshaking between the at least one portable device and the data processing system; the computer, upon detection of the at least one portable device in the range, establishing a communication session between the data processing system and the detected portable device; the computer requesting a first code from the detected portable device; the computer comparing the first code with a predetermined second code; and the computer resuming the main authorization process in the event the first code substantially matches the second code. - View Dependent Claims (2)
-
-
3. A computer program product for additional authorization of an electronic payment request, during a main authorization process of the electronic payment request for an online purchase by means of a browser, the browser running on a data processing system including proximity based transceiver means, the payment request being made with a payment card configured with details of at least one portable device in the possession of at least one owner of the card, the computer program product comprising:
-
one or more non-transitory computer readable storage devices; computer program instructions stored on the one or more non-transitory computer readable storage devices for configuring the payment card with information associated with the at least one device wherein the information includes one of one or more uniform resource locator addresses for which additional authorization is not required, a price threshold requiring the additional authorization, and a type of object threshold requiring the additional authorization; computer program instructions stored on the one or more non-transitory computer readable storage devices for suspending the main authorization process; computer program instructions stored on the one or more non-transitory computer readable storage devices for detecting, by the proximity based transceiver means, the proximity of at least one portable device with whose details the payment card is configured, wherein the proximity based transceiver means includes a Bluetooth device and wherein a browser plug-in in the browser searches for the at least one portable device in a range asking for a Bluetooth code to allow handshaking between the at least one portable device and the data processing system; computer program instructions stored on the one or more non-transitory computer readable storage devices for, upon detection of the at least one portable device in the range, establishing a communication session between the data processing system and the detected portable device; computer program instructions stored on the one or more non-transitory computer readable storage devices for requesting a first code from the detected portable device; computer program instructions stored on the one or more non-transitory computer readable storage devices for comparing the first code with a predetermined second code; and computer program instructions stored on the one or more non-transitory computer readable storage devices for resuming the main authorization process in the event the first code substantially matches the second code. - View Dependent Claims (4)
-
-
5. A system for authenticating an electronic payment request, for additional authorization of an electronic payment request during a main authorization process of the electronic payment request for an online purchase, the payment request being made with a payment card configured with details of at least one portable device in the possession of at least one owner of the card, the system comprising:
-
one or more processors, one or more computer readable memories, and one or more computer readable storage devices; computer program instructions stored on the one or more non-transitory computer readable storage devices for execution by at least one processor via at least one computer readable memory for configuring the payment card with information associated with the at least one device wherein the information includes one of one or more uniform resource locator addresses for which additional authorization is not required, a price threshold requiring the additional authorization, and a type of object threshold requiring the additional authorization; computer program instructions stored on at least one computer readable storage device for execution by at least one processor via at least one computer readable memory for performing, on a browser, online shopping activities, wherein the main authorization process is suspended; computer program instructions stored on at least one computer readable storage device for execution by at least one processor via at least one computer readable memory for detecting, by a proximity based transceiver, the proximity of at least one portable device with whose details the payment card is configured, wherein the proximity based transceiver includes a Bluetooth device and wherein a browser plug-in in the browser searches for the at least one portable device in a range asking for a Bluetooth code to allow handshaking between the at least one portable device and the data processing system; computer program instructions stored on at least one computer readable storage device for execution by at least one processor via at least one computer readable memory for establishing, by a communication system, a communication session between the data processing system and the detected portable device, upon detection of at least one portable device; and computer program instructions stored on at least one computer readable storage device for execution by at least one processor via at least one computer readable memory for requesting a first code from the detected portable device, comparing the first code with a predetermined second code and resuming the main authorization process in the event the first code substantially matches the second code. - View Dependent Claims (6)
-
Specification