Method and system for secure mobile payment transactions
First Claim
Patent Images
1. A method for processing a secure mobile payment transaction conducted at a location operated by a merchant comprising the steps of:
- in association with a registration event that is completed prior to the secure payment transaction, receiving, at a web server of a secure payment service computing device from a consumer, an issuer primary account number (PAN), the issuer PAN stored in a settings database of the secure payment service computing device and associated with the consumer, the secure payment service computing device comprising;
a transaction gateway for receiving and processing payment transactions,the web server having a network interface for receiving and processing messages received from Internet sources in connection with the registration event,a messaging server having a network interface for communicating with a mobile device of the consumer, andthe settings database for storing settings from one or more of a merchant, an issuer, a payment network, a payment acquirer, and a gateway;
receiving at the web server of the secure payment service computing device from a consumer in connection with the registration event, one or more of a mobile PIN and one or more mobile device identifiers, the one or more of the mobile PIN and the one or more mobile device identifiers stored in the settings database of the secure payment computing device and associated with the issuer PAN;
in connection with a secure mobile payment transaction conducted after the registration event, receiving payment data at the transaction gateway of the secure payment service computing device, the payment data received from a computing device at the location operated by the merchant, the payment data comprising a mobile PAN which is associated with the issuer PAN;
analyzing the payment data with the transaction gateway of the secure payment service computing device to identify the payment data as comprising the mobile PAN;
upon identifying the payment data as comprising the mobile PAN, the secure payment service computing device;
communicating an approval request to a mobile device of the consumer, the mobile device associated with one of the one or more mobile device identifiers and operable to receive one or more of the mobile PIN and the a biometric factor of the consumer, the approval request transmitted using the messaging server of the secure payment computing device;
receiving an approval response in the form of a token from the mobile device of the consumer, the approval response received by the messaging server of the secure payment computing device, the token transmitted from the registered mobile device as an indication that the consumer has approved the payment transaction with one of the mobile PIN or the biometric factor of the consumer, the token transmitted in lieu of transmitting the one of the mobile PIN or the biometric factor;
after receiving the approval response from the consumer'"'"'s mobile device, the transaction gateway of the secure payment service computing device replacing the mobile PAN with the issuer PAN and transmitting the payment data and the issuer PAN to a payment network for processing; and
after transmitting the payment data and the issuer PAN to the payment network for processing, the secure payment service computing device transmitting a payment confirmation to the merchant.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for facilitating the widespread use of the PIN-Debit payment method for Internet “eCommerce” and mobile payments sales which requires little or no change for the cardholders, merchants, debit networks and card issuers based primarily on the introduction of a layer of middleware and wherein the Debit Networks and Issuing Banks may customize the implementation of the services based on individual strategy and cardholder preferences.
-
Citations
20 Claims
-
1. A method for processing a secure mobile payment transaction conducted at a location operated by a merchant comprising the steps of:
-
in association with a registration event that is completed prior to the secure payment transaction, receiving, at a web server of a secure payment service computing device from a consumer, an issuer primary account number (PAN), the issuer PAN stored in a settings database of the secure payment service computing device and associated with the consumer, the secure payment service computing device comprising; a transaction gateway for receiving and processing payment transactions, the web server having a network interface for receiving and processing messages received from Internet sources in connection with the registration event, a messaging server having a network interface for communicating with a mobile device of the consumer, and the settings database for storing settings from one or more of a merchant, an issuer, a payment network, a payment acquirer, and a gateway; receiving at the web server of the secure payment service computing device from a consumer in connection with the registration event, one or more of a mobile PIN and one or more mobile device identifiers, the one or more of the mobile PIN and the one or more mobile device identifiers stored in the settings database of the secure payment computing device and associated with the issuer PAN; in connection with a secure mobile payment transaction conducted after the registration event, receiving payment data at the transaction gateway of the secure payment service computing device, the payment data received from a computing device at the location operated by the merchant, the payment data comprising a mobile PAN which is associated with the issuer PAN; analyzing the payment data with the transaction gateway of the secure payment service computing device to identify the payment data as comprising the mobile PAN; upon identifying the payment data as comprising the mobile PAN, the secure payment service computing device; communicating an approval request to a mobile device of the consumer, the mobile device associated with one of the one or more mobile device identifiers and operable to receive one or more of the mobile PIN and the a biometric factor of the consumer, the approval request transmitted using the messaging server of the secure payment computing device; receiving an approval response in the form of a token from the mobile device of the consumer, the approval response received by the messaging server of the secure payment computing device, the token transmitted from the registered mobile device as an indication that the consumer has approved the payment transaction with one of the mobile PIN or the biometric factor of the consumer, the token transmitted in lieu of transmitting the one of the mobile PIN or the biometric factor; after receiving the approval response from the consumer'"'"'s mobile device, the transaction gateway of the secure payment service computing device replacing the mobile PAN with the issuer PAN and transmitting the payment data and the issuer PAN to a payment network for processing; and after transmitting the payment data and the issuer PAN to the payment network for processing, the secure payment service computing device transmitting a payment confirmation to the merchant. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for processing a secure payment transaction, the system comprising:
-
a rule database, the rule database comprising configuration settings whereby the configuration settings are used to determine the criteria to be used to authorize the secure payment transaction; a secure payment service computing device comprising; a transaction gateway for receiving and processing payment transactions, a web server having a network interface for receiving and processing messages received from Internet sources in connection with a registration event, a database server operable for controlling inquiries and updates to the rule database, a messaging server having a network interface for communicating with a mobile telephone of a consumer, and the secure payment service computing device in communication with the rule database and with one or more payment networks, the secure payment service computing device comprising computer-readable instructions that when executed by one or more processors are configured to; receive the configuration settings from one or more of the consumer, an issuer entity, a payment network, and a merchant, the configuration settings requiring a mobile approval for registered payment accounts, the configuration setting received by the web server of the secure payment computing device; store the configuration settings in the rule database and update the database server to reflect the stored configuration settings; receive, by the web server of the secure payment service computing device from the consumer in connection with a registration event that is completed prior to the secure payment transaction, a payment account identifier, the payment account identifier stored in the rule database and associated with the configuration settings; in connection with the secure payment transaction, which is initiated after the registration event, receive mobile payment data at the transaction gateway of the secure payment service computing device, the mobile payment data received from a point-of-sale device of the merchant, the mobile payment data comprising a mobile payment account identifier, the mobile payment account identifier transmitted from the mobile telephone of the consumer to the point-of-sale device using one of NFC or RFID; analyzing the mobile payment data with the secure payment service computing device to identify the mobile payment data as requiring a mobile approval; upon identifying the mobile payment data as requiring a mobile approval, the secure payment service computing device further configured to; communicate an approval request message to the mobile telephone of the consumer, the approval request message transmitted from the messaging server of the secure payment service computing device; receive at the messaging server an approval response message from the mobile telephone, the approval response message comprising a token; after receiving the approval response message from the consumer'"'"'s mobile telephone, substituting the consumer'"'"'s registered payment account identifier for the mobile account number, and transmitting the mobile payment data to the payment network for processing; and after receiving an approval response from the payment network, transmitting a payment confirmation to the merchant. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification