Conducting transactions with dynamic passwords
First Claim
1. A transaction processing system having increased security, the system comprising:
- one or more first processors;
first memory configured to be in communication with the one or more processors;
first computer-executable instructions that, when executed on the one or more processors, perform acts to securely process a transaction for an item without receiving sensitive information, the acts comprising;
receiving, over a network from a computing device and by the transaction processing system, first data comprising a request to conduct the transaction for the item, wherein the computing device comprises one or more second processors, a second memory, a presentation device, and second computer-executable instructions;
receiving second data comprising a first dynamic password and a transaction phrase token, wherein the transaction phrase token;
(i) comprises at least two grammatically correct words, each grammatically correct word separated by a space, (ii) is associated with one or more predefined rules specifying an item category or a transaction amount that is allowed when employing the transaction phrase token to conduct the transaction, and (iii) links to a payment instrument so that the transaction phrase token acts as a proxy for the payment instrument;
accessing a second dynamic password accessible by the transaction processing service;
accessing the one or more predefined rules associated with the transaction phrase token;
based at least partly on the second dynamic password and the one or more predefined rules, triggering the one or more first processors to perform one of;
approving the transaction based at least partly on;
(i) the first dynamic password matching the second dynamic password, and(ii) at least one of the amount of the transaction being at or below the transaction amount specified by a first predefined rule of the one or more predefined rules or the item category of the item matching the item category specified by a second predefined rule of the one or more predefined rules;
declining the transaction based at least in part on at least one of the first dynamic password not matching the second dynamic password, the amount of the transaction being above the transaction amount specified by the first predefined rule of the one or more predefined rules, or the item category of the item not matching the item category specified by the second predefined rule of the one or more predefined rules;
orimplementing one or more other authorization procedures based at least in part on at least one of the first dynamic password not matching the second dynamic password, the amount of the transaction being above the transaction amount specified by the first predefined rule of the one or more predefined rules, or the item category of the item not matching the item category specified by the second predefined rule of the one or more predefined rules.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for conducting transactions with one-time passwords are described herein. These techniques may include receiving a request to conduct a transaction, as well as a one-time password and an identifier linked with a payment instrument. The identifier may or may not identify the linked payment instrument. In both instances, a transaction processing service may compare the received one-time password with a one-time password stored at or accessible by the transaction processing service. If the passwords match, the service may approve the transaction. Otherwise, the service may decline the transaction or implement one or more additional authorization procedures.
190 Citations
33 Claims
-
1. A transaction processing system having increased security, the system comprising:
-
one or more first processors; first memory configured to be in communication with the one or more processors; first computer-executable instructions that, when executed on the one or more processors, perform acts to securely process a transaction for an item without receiving sensitive information, the acts comprising; receiving, over a network from a computing device and by the transaction processing system, first data comprising a request to conduct the transaction for the item, wherein the computing device comprises one or more second processors, a second memory, a presentation device, and second computer-executable instructions; receiving second data comprising a first dynamic password and a transaction phrase token, wherein the transaction phrase token;
(i) comprises at least two grammatically correct words, each grammatically correct word separated by a space, (ii) is associated with one or more predefined rules specifying an item category or a transaction amount that is allowed when employing the transaction phrase token to conduct the transaction, and (iii) links to a payment instrument so that the transaction phrase token acts as a proxy for the payment instrument;accessing a second dynamic password accessible by the transaction processing service; accessing the one or more predefined rules associated with the transaction phrase token; based at least partly on the second dynamic password and the one or more predefined rules, triggering the one or more first processors to perform one of; approving the transaction based at least partly on; (i) the first dynamic password matching the second dynamic password, and (ii) at least one of the amount of the transaction being at or below the transaction amount specified by a first predefined rule of the one or more predefined rules or the item category of the item matching the item category specified by a second predefined rule of the one or more predefined rules; declining the transaction based at least in part on at least one of the first dynamic password not matching the second dynamic password, the amount of the transaction being above the transaction amount specified by the first predefined rule of the one or more predefined rules, or the item category of the item not matching the item category specified by the second predefined rule of the one or more predefined rules;
orimplementing one or more other authorization procedures based at least in part on at least one of the first dynamic password not matching the second dynamic password, the amount of the transaction being above the transaction amount specified by the first predefined rule of the one or more predefined rules, or the item category of the item not matching the item category specified by the second predefined rule of the one or more predefined rules. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for securely processing a transaction without receiving sensitive information comprising:
-
receiving, from a computing device and by a transaction processing service, first data comprising a request to purchase an item; receiving, by the transaction processing service, second data comprising a dynamic password and an identifier associated with a payment instrument, wherein the identifier; comprises at least two grammatically correct words separated by a space, and is associated with one or more predefined rules specifying an item category or a transaction amount that is allowed when employing the identifier to conduct a transaction based on the request to purchase the item; accessing the one or more predefined rules associated with the identifier; based at least partly on the dynamic password, the identifier, and at least one of an amount of the transaction or an item category of the item, performing one of; processing, by the transaction processing service, the request to purchase the item; declining, by the transaction processing service, the request to purchase the item;
orimplementing, by the transaction processing service, one or more other authorization procedures. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 18)
-
-
17. One or more computing devices comprising:
-
one or more processors; and one or more computer-readable media storing computer-executable instructions that, when executed on the one or more processors, perform acts comprising; receiving, from a computing device and over a network, first data comprising a request to purchase an item; receiving, via a graphical user interface, second data comprising a dynamic password and an identifier linked with a payment instrument, wherein the identifier; comprises at least two grammatically correct words separated by a space, and is associated with one or more predefined rules specifying an item category or a transaction amount that is allowed when employing the identifier to conduct a transaction based on the request to purchase the item;
accessing the one or more predefined rules associated with the identifier;
based at least partly on the dynamic password, the identifier, and at least one of an amount of the transaction or an item category of the item, performing one of;
processing the request to purchase the item;
declining the request to purchase the item;
or implementing one or more other authorization procedures.
-
-
19. A method comprising:
-
receiving, from a computing device and by a transaction processing service, first data associated with a request to conduct a transaction for an item, wherein the request comprises an identifier that is linked with a payment instrument, the identifier being associated with one or more predefined rules specifying an item category or a transaction amount that is allowed when employing the identifier to conduct the transaction and comprising two grammatically correct words separated by a space; receiving second data associated with the dynamic password; accessing the one or more predefined rules associated with the identifier; and processing, by the transaction processing service, the requested transaction based at least in part on the identifier, at least one of the amount of the transaction or the item category of the item satisfying a predefined rule of the one or more predefined rules, and the dynamic password. - View Dependent Claims (20, 21)
-
-
22. One or more computing devices comprising:
-
one or more processors; and one or more computer-readable media storing computer-executable instructions that, when executed on the one or more processors, perform acts comprising; receiving, from a computing device, first data associated with a request to conduct a transaction for an item, wherein the request includes an identifier that is linked with a payment instrument, the identifier being associated with one or more predefined rules specifying an item category or a transaction amount that is allowed when employing the identifier to conduct the transaction and comprising two grammatically correct words separated by a space; receiving second data associated with a dynamic password; accessing at least one of an amount of the transaction or an item category of the item associated with a predefined rule of the one or more predefined rules associated with the identifier; and based at least in part on the identifier, a comparison between at least one of the amount of the transaction or the item category of the item with the one or more predefined rules, and the received dynamic password, performing one of; processing the request to conduct the transaction for the item; declining the request to conduct the transaction for the item;
orimplementing one or more other authorization procedures.
-
-
23. A system comprising:
-
one or more processors; memory; an identifier issuer, stored in the memory and executable on the one or more processors, to issue a transaction phrase token to a user, the transaction phrase token;
(i) comprising two grammatically correct words separated by a space, (ii) being associated with one or more predefined rules specifying an item category or a transaction amount that is allowed when employing the identifier to conduct transactions, and (iii) being linked with a payment instrument such that the transaction phrase token links to the payment instrument as a proxy for the payment instrument; anda transaction authorization engine, stored in the memory and executable on the one or more processors, to; receive, from a computing device, first data associated with a request from the user to conduct a transaction for an item; receive second data associated with a first dynamic password and the transaction phrase token; access third data associated with a second dynamic password associated with the transaction phrase token; and determine an approval decision associated with the transaction based at least in part on at least one of an amount of the transaction or an item category of the item complying with a predefined rule of the one or more predefined rules associated with the transaction phrase token. - View Dependent Claims (24, 25, 26, 27, 28)
-
-
29. A method comprising:
-
receiving, by a computing device, first data comprising a request to conduct a transaction for an item using an identifier as a proxy for a payment instrument, and a dynamic password, wherein the identifier is associated with one or more predefined rules specifying an item category or a transaction amount that is allowed when employing the identifier to conduct the requested transaction, wherein the identifier comprises two grammatically correct words separated by a space; accessing second data associated with at least one of an amount of the requested transaction or an item category of the item that is associated with a predefined rule of the one or more predefined rules associated with the identifier; and determine an approval decision associated with the requested transaction based at least in part on the identifier, at least one of the amount of the requested transaction or the item category of the item in relation to the predefined rule of the one or more predefined rules, and the dynamic password. - View Dependent Claims (30, 31, 32)
-
-
33. One or more non-transitory computer-readable media storing computer-executable instructions that, when executed on one or more processors, perform acts comprising:
-
receiving, at a transaction processing service and from a computing device, first data associated with a request to purchase an item offered in an item catalog; receiving second data associated with the a user-created reusable pass-phrase and a first dynamic password, wherein the user-created reusable pass-phrase;
(i) comprises at least two grammatically correct words separated by a space, (ii) is associated with one or more predefined rules specifying an item category or a transaction amount that is allowed when employing the pass-phrase to conduct a transaction based on the request to purchase the item, and (iii) links to a payment instrument so that the pass-phrase acts as a proxy for the payment instrument;accessing third data associated with a second dynamic password accessible by the transaction processing service; accessing fourth data associated with at least one of the one or more predefined rules associated with the pass-phrase; based at least partly on the second dynamic password and the one or more predefined rules, performing one of; transmitting an approval of the transaction based at least partly on;
(i) the first dynamic password matching the second dynamic password and (ii) at least one of the amount of the transaction being at or below the transaction amount specified by the one or more predefined rules or the item category of the item matching the item category specified by the one or more predefined rules;transmitting a rejection of the transaction based at least partly on-at least one of the following;
the first dynamic password not matching the second dynamic password, the amount of the transaction being above the transaction amount specified by the one or more predefined rules, or the item category of the item not matching the item category specified by the one or more predefined rules;
orimplementing one or more other authorization procedures based at least partly on at least one of the following;
the first dynamic password not matching the second dynamic password, the amount of the transaction being above the transaction amount specified by the one or more predefined rules, or the item category of the item not matching the item category specified by the one or more predefined rules.
-
Specification