Verification of portable consumer devices

US 9,715,681 B2
Filed: 05/14/2010
Issued: 07/25/2017
Est. Priority Date: 04/28/2009
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a server, a request for a device verification value for a portable consumer device associated with a user;

obtaining, by the server, from the received request, a unique identification code assigned to the user;

obtaining, by the server, an account record that contains the obtained unique identification code, the account record associating a consumer account of a portable consumer device with the obtained unique identification code, the consumer account having an account number associated with the consumer account that identifies the consumer account, the obtained unique identification code being different from the account number of the consumer account of the obtained account record;

obtaining, by the server, a datum indicative of a device verification value for the consumer account of the obtained account record, wherein the device verification value is valid for a predetermined amount of time or for a plurality of transactions;

sending, by the server, the obtained datum indicative of the device verification value to at least one of a phone number or network address of a personal communication device associated with the consumer account of the obtained account record;

receiving, by the server and from a computer, an authorization request including the device verification value, the authorization request requesting authorization for a transaction;

determining, by the server, that the device verification value in the authorization request is valid; and

transmitting, by the server, an authorization response to the computer indicating that the transaction is authorized after determining that the device verification value is valid.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention are directed to methods, systems, and computer program products pertaining to obtaining, providing, and using dynamic card verification values for portable consumer devices, such as credit cards and debit cards. An exemplary method comprises receiving, at a server, a request for a device verification value for a portable consumer device associated with a user; obtaining, at the server, a datum indicative of a device verification value for a portable consumer device; and sending, from the server, the datum to at least one of a phone number or network address of a personal communication device associated with the user.

703 Citations

24 Claims

1. A method comprising:
- receiving, at a server, a request for a device verification value for a portable consumer device associated with a user;
  
  obtaining, by the server, from the received request, a unique identification code assigned to the user;
  
  obtaining, by the server, an account record that contains the obtained unique identification code, the account record associating a consumer account of a portable consumer device with the obtained unique identification code, the consumer account having an account number associated with the consumer account that identifies the consumer account, the obtained unique identification code being different from the account number of the consumer account of the obtained account record;
  
  obtaining, by the server, a datum indicative of a device verification value for the consumer account of the obtained account record, wherein the device verification value is valid for a predetermined amount of time or for a plurality of transactions;
  
  sending, by the server, the obtained datum indicative of the device verification value to at least one of a phone number or network address of a personal communication device associated with the consumer account of the obtained account record;
  
  receiving, by the server and from a computer, an authorization request including the device verification value, the authorization request requesting authorization for a transaction;
  
  determining, by the server, that the device verification value in the authorization request is valid; and
  
  transmitting, by the server, an authorization response to the computer indicating that the transaction is authorized after determining that the device verification value is valid.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein the obtained account record associates a plurality of consumer accounts of portable consumer devices with the obtained unique identification code, and wherein the method further comprises selecting one of the consumer accounts from the obtained account record as the consumer account for which the datum is obtained.
  - 3. The method of claim 2, wherein the obtained account record stores one or more account numbers of one or more consumer accounts, each consumer account associated with a portable consumer device;
    - wherein the method further comprises;
      
      obtaining an incomplete account number from the received request; and
      
      wherein selecting the consumer account of the portable consumer device comprises comparing the obtained incomplete account number to the one or more account numbers stored in the obtained account record to find a match between the incomplete account number and a portion of one of the stored account numbers.
  - 4. The method of claim 2, wherein the obtained account record stores one or more code phrases of one or more consumer accounts, each consumer account corresponding to a portable consumer device;
    - wherein the method further comprises obtaining a code phrase from the received request; and
      
      wherein selecting a consumer account of the portable consumer device comprises comparing the obtained code phrase to the one or more code phrases stored in the obtained account record to find a match between the obtained code phrase and a stored code phrase.
  - 5. The method of claim 1, further comprising sending another datum indicative of the device verification value for the consumer account and an indication of the consumer account to an entity different from the personal communication device associated with the consumer account.
  - 6. The method of claim 1, wherein the consumer account is provided by an issuing bank, and wherein the method further comprises sending another datum indicative of the device verification value for the consumer account and an indication of the consumer account to the issuing bank.
  - 7. The method of claim 1, wherein transmitting the datum indicative of the device verification value further comprises transmitting an indication of a time period in which the device verification value can be used for a transaction.
  - 8. The method of claim 1, wherein the obtained account record comprises a data field that indicates a route by which the datum indicative of the device verification value is to be sent, and wherein the method further comprises accessing the data field to determine the phone number or network address to which to send the datum.
  - 9. The method of claim 1, further comprising comparing the consumer account against a database that tracks consumer accounts that have been used in fraudulent activities.
  - 10. The method of claim 1, further comprising sending an e- mail message to an e-mail address of the user notifying the user of one or more of the following occurrences:
    - a request for a device verification value, a sending of a device verification value, a denial of a request for a device verification value.
  - 11. The method of claim 1 further comprising:
    - determining an identity of an issuing bank computer from data in the authorization request;
      
      transmitting the authorization request to the issuing bank computer; and
      
      receiving the authorization response from the issuing bank computer.
  - 12. The method of claim 1 wherein the datum indicative of the device verification value indicates a methodology to generate the device verification value and is not itself the device verification value.

13. A server computer comprising a data processor, and a computer program product embodied on a computer-readable medium coupled to the data processor, the computer program product comprising:
- code that directs the data processor to receive a request for a device verification value for a portable consumer device associated with a user;
  
  code that directs the data processor to obtain, from the received request, a unique identification code assigned to the user;
  
  code that directs the data processor to obtain an account record that contains the obtained unique identification code, the account record associating a consumer account of a portable consumer device with the obtained unique identification code, the consumer account having an account number associated with the consumer account that identifies the consumer account, the obtained unique identification code being different from the account number of the consumer account of the obtained account record;
  
  code that directs the data processor to obtain a datum indicative of a device verification value for the consumer account of the obtained record, wherein the device verification value is valid for a predetermined amount of time or for a plurality of transactions;
  
  code that directs the data processor to send the obtained datum indicative of the device verification value to at least one of a phone number or network address of a personal communication device associated with the consumer account of the obtained account record;
  
  code that directs the data processor to receive from a computer, an authorization request including the device verification value, the authorization request requesting authorization for a transaction;
  
  code that directs the data processor to determine that the device verification value in the authorization request is valid; and
  
  code that directs the data processor to transmit an authorization response to the computer indicating that the transaction is authorized after determining that the device verification value is valid.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 14. The server computer of claim 13, wherein the obtained account record associates a plurality of consumer accounts of portable consumer devices with the obtained unique identification code, and wherein the product further comprises code that directs the data processor to select one of the consumer accounts from the obtained account record as the consumer account for which the datum is obtained.
  - 15. The server computer of claim 14, wherein the obtained account record stores one or more account numbers of one or more consumer accounts, each consumer account associated with a portable consumer device;
    - wherein the computer program product further comprises code that directs the data processor to obtain an incomplete account number from the received request; and
      
      wherein the code that directs the data processor to select a consumer account of the portable consumer device comprises code that directs the data processor to compare the obtained incomplete account number to the one or more account numbers stored in the obtained account record to find a match between the incomplete account number and a portion of one of the stored account numbers.
  - 16. The server computer of claim 14, wherein the obtained account record stores one or more code phrases of one or more consumer accounts, each consumer account associated with a portable consumer device;
    - wherein the computer program product further comprises code that directs the data processor to obtain a code phrase from the received request; and
      
      wherein the code that directs the data processor to select a consumer account of the portable consumer device comprises code that directs the data processor to compare the obtained code phrase to the one or more code phrases stored in the obtained account record to find a match between the obtained code phrase and a stored code phrase.
  - 17. The server computer of claim 13, wherein the computer program product further comprises code that directs the data processor to send another datum indicative of the device verification value for the consumer account and an indication of the consumer account to an entity different from the personal communication device associated with the consumer account.
  - 18. The server computer of claim 13, wherein the consumer account is provided by an issuing bank, and wherein the computer program product further comprises code that directs the data processor to send another datum indicative of the device verification value for the consumer account and an indication of the consumer account to the issuing bank.
  - 19. The server computer of claim 13, further comprising code that directs the data processor to send an indication of a time period in which the device verification value can be used for a transaction.
  - 20. The server computer of claim 13, wherein the obtained account record stores method data fields of consumer accounts indicating algorithms to be used to generate device verification values;
    - andwherein the code that directs the data processor to obtain the datum indicative of the device verification value for the consumer account comprises code that directs the data processor to obtain an indication of an algorithm from a method data field of the obtained account record and to execute the algorithm for which the indication was obtained.
  - 21. The server computer of claim 13, wherein the obtained account record stores data fields of consumer accounts data indicative of device verification values;
    - andwherein the code that directs the data processor to obtain the datum indicative of the device verification value for the consumer account comprises code that directs the data processor to obtain the datum indicative of the device verification value from a data field of the obtained account record.
  - 22. The server computer of claim 13, wherein the computer program product further comprises code that directs the data processor to obtain the datum indicative of the device verification value for the consumer account comprises code that directs the data processor to determine an identity of an issuing bank from the consumer account, to send an electronic message to the issuing bank to request the datum indicative of a device verification value, and to receive the datum indicative of a device verification value from the issuing bank.
  - 23. The server computer of claim 13 wherein the computer program product further comprisescode that directs the data processor to determine an identify of an issuing bank computer from data in the authorization request;
    - code that directs the data processor to transmit the authorization request to an issuing bank computer; and
      
      code that directs the data processor to receive the authorization response from the issuing bank computer.
  - 24. The server computer of claim 13 wherein the datum indicative of the device verification value indicates a methodology to generate the device verification value and is not itself the device verification value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Hammad, Ayman
Primary Examiner(s)
Zare, Scott
Assistant Examiner(s)
Danzig, Reva R

Application Number

US12/780,801
Publication Number

US 20100274692A1
Time in Patent Office

2,629 Days
Field of Search

705 30, 705 35, 705 36, 705 37, 705 38, 705 39, 705 40, 705 41, 705 42, 705 43, 705 44, 705 45, 235379, 235380, 235382, 235383
US Class Current
CPC Class Codes

G06Q 20/12   specially adapted for elect...

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/42   Confirmation, e.g. check or...

G06Q 20/425   using two different network...

G06Q 40/00   Finance; Insurance; Tax str...

G06Q 40/12   Accounting

Verification of portable consumer devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

703 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Verification of portable consumer devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

703 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links