Method for digital signature authentication of pin-less debit card account transactions
First Claim
1. A method for authenticating an electronic transaction between a consumer and a merchant without using a passcode or personal identification number (PIN), wherein the method occurs at the merchant and comprises:
- receiving account information associated with a debit card account at a merchant computer system from the consumer over the Internet, wherein the consumer accesses the Internet using a consumer'"'"'s computer, and the account information does not include a passcode or a personal identification number (PIN) for the debit card account;
confirming, at the merchant computer system, enrollment of the debit card account for digital signature authentication from a financial institution;
receiving, at the merchant computer system, consumer specific authentication parameters from the financial institution, wherein the consumer specific authentication parameters comprises an authentication scheme comprising a hosted or a local digital signature service;
sending transaction information from the merchant computer system over the Internet to the consumer'"'"'s computer for a digital signature;
sending the authentication scheme over the Internet from the merchant computer system to the consumer'"'"'s computer;
receiving, at the merchant computer system, a digital signature from the consumer'"'"'s computer over the Internet, wherein the digital signature does not include a passcode or personal identification number (PIN) for the debit card account, and the digital signature comprises encrypted portions of the transaction information;
sending, from the merchant computer system, the transaction information and the digital signature comprising encrypted portions of the transaction information to the financial institution;
receiving, at the merchant computer system, payment authorization from the financial institution; and
sending, from the merchant computer system, a receipt URL to the financial institution, the receipt URL later sent to the consumer by the financial institution.
8 Assignments
0 Petitions
Accused Products
Abstract
A systems and methods for authenticating a consumer with a transaction card using digital signatures according to one embodiment of the invention is disclosed. These systems and methods allow consumers to digitally sign transaction information with a private key. The private key may be used to digitally sign the transaction, for example, through a hosted or local system that protects the integrity of the private key. A financial institution may authenticate the consumer by decrypting the digital signature with a public key.
-
Citations
15 Claims
-
1. A method for authenticating an electronic transaction between a consumer and a merchant without using a passcode or personal identification number (PIN), wherein the method occurs at the merchant and comprises:
-
receiving account information associated with a debit card account at a merchant computer system from the consumer over the Internet, wherein the consumer accesses the Internet using a consumer'"'"'s computer, and the account information does not include a passcode or a personal identification number (PIN) for the debit card account; confirming, at the merchant computer system, enrollment of the debit card account for digital signature authentication from a financial institution; receiving, at the merchant computer system, consumer specific authentication parameters from the financial institution, wherein the consumer specific authentication parameters comprises an authentication scheme comprising a hosted or a local digital signature service; sending transaction information from the merchant computer system over the Internet to the consumer'"'"'s computer for a digital signature; sending the authentication scheme over the Internet from the merchant computer system to the consumer'"'"'s computer; receiving, at the merchant computer system, a digital signature from the consumer'"'"'s computer over the Internet, wherein the digital signature does not include a passcode or personal identification number (PIN) for the debit card account, and the digital signature comprises encrypted portions of the transaction information; sending, from the merchant computer system, the transaction information and the digital signature comprising encrypted portions of the transaction information to the financial institution; receiving, at the merchant computer system, payment authorization from the financial institution; and sending, from the merchant computer system, a receipt URL to the financial institution, the receipt URL later sent to the consumer by the financial institution. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
Specification