Dynamic alteration of track data
First Claim
1. A computer-implemented method to use discretionary data fields to secure transactions, comprising:
- storing, by one or more computing devices, a payment account identifier that identifies a payment account associated with an account of a user that is issued by a payment processing system, the payment account identifier identifying the payment account and being arranged in a plurality of fields and comprising a discretionary data field;
receiving, by the one or more computing devices, a payment request in a communication from a merchant computing system, the payment request comprising a request for payment account information for a payment account to use to fund a payment transaction;
at a time after receiving the payment request, notifying, by the one or more computing devices, the payment processing system that a transaction is pending, the notifying being in a separate communication from the communication with the merchant computing system;
receiving, by the one or more computing devices, an authentication challenge from the payment processing system, the authentication challenge being communicated from the payment processing system upon receipt of the notification;
obtaining, by the one or more computing devices, the payment account identifier and a challenge response to the authentication challenge;
embedding, by the one or more computing devices, the challenge response in the discretionary data field associated with the payment account identifier; and
communicating, by the one or more computing devices, the payment account identifier including the discretionary data field having embedded therein the challenge response to the merchant computing system to be communicated from the merchant computing system to the payment processing system to authorize the payment transaction based on a match between the challenge response and a challenge response stored on the payment processing system.
2 Assignments
0 Petitions
Accused Products
Abstract
Using discretionary data fields to secure transactions comprises a payment system employing a server configured to associate a payment account of a user with a user computing device, the payment account comprising a payment account identifier that identifies the payment account, and establish a authentication challenge and an corresponding challenge response. The payment system receives a first payment authorization request originating from a merchant computing system comprising the payment account identifier, data associated with the payment account identifier, and a request to fund a transaction using the payment account, wherein the data associated with the payment account identifier comprises a challenge response provided by the user computing device located in a discretionary data field. The payment system compares the provided challenge response with the corresponding challenge response, and approves the transaction based on whether the provided challenge response and the corresponding challenge response match.
224 Citations
18 Claims
-
1. A computer-implemented method to use discretionary data fields to secure transactions, comprising:
-
storing, by one or more computing devices, a payment account identifier that identifies a payment account associated with an account of a user that is issued by a payment processing system, the payment account identifier identifying the payment account and being arranged in a plurality of fields and comprising a discretionary data field; receiving, by the one or more computing devices, a payment request in a communication from a merchant computing system, the payment request comprising a request for payment account information for a payment account to use to fund a payment transaction; at a time after receiving the payment request, notifying, by the one or more computing devices, the payment processing system that a transaction is pending, the notifying being in a separate communication from the communication with the merchant computing system; receiving, by the one or more computing devices, an authentication challenge from the payment processing system, the authentication challenge being communicated from the payment processing system upon receipt of the notification; obtaining, by the one or more computing devices, the payment account identifier and a challenge response to the authentication challenge; embedding, by the one or more computing devices, the challenge response in the discretionary data field associated with the payment account identifier; and communicating, by the one or more computing devices, the payment account identifier including the discretionary data field having embedded therein the challenge response to the merchant computing system to be communicated from the merchant computing system to the payment processing system to authorize the payment transaction based on a match between the challenge response and a challenge response stored on the payment processing system. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product, comprising:
a non-transitory computer-readable storage device having computer-executable program instructions embodied thereon that when executed by a computer cause the computer to use discretionary data fields to secure transactions, the computer-executable program instructions comprising; computer-executable program instructions to associate a payment account identifier that identifies a payment account associated with a user computing device, the payment account comprising a payment account identifier that identifies the payment account, the payment account identifier being arranged in a plurality of fields and comprising a discretionary data field; computer-executable program instructions to receive a communication from the user computing device that a transaction is being initiated; computer-executable program instructions to communicate an authentication challenge and a corresponding challenge response to the user computing device upon receiving the communication from the user computing device that the transaction is being initiated; computer-executable program instructions to receive a first payment authorization request originating from a merchant computing system, the first payment authorization request comprising the payment account identifier including the discretionary data field having embedded therein the challenge response and a request to fund a transaction using the payment account;
computer-executable program instructions to compare the received challenge response with the corresponding challenge response; andcomputer-executable program instructions to reply to the merchant computing system with a responsive authorization state, wherein the responsive authorization state is determined based on the determination whether the provided challenge response and the corresponding challenge response match. - View Dependent Claims (9, 10, 11, 12, 13)
-
14. A system to select payment accounts to use discretionary data fields to secure transactions, comprising:
-
a storage resource; and a processor communicatively coupled to the storage resource, wherein the processor executes application code instructions that are stored in the storage resource to cause the system to; associate a payment account identifier that identifies a payment account associated with a user computing device, the payment account comprising a payment account identifier that identifies the payment account, the payment account identifier being arranged in a plurality of fields and comprising a discretionary data field; receive a communication from the user computing device that a transaction is being initiated; communicate an authentication challenge and a corresponding challenge response to the user computing device upon receiving the communication from the user computing device that the transaction is being initiated; receive a first payment authorization request originating from a merchant computing system, the first payment authorization request comprising the payment account identifier including the discretionary data field having embedded therein the challenge response and a request to fund a transaction using the payment account; compare the received challenge response with the corresponding challenge response; and reply to the merchant computing system with a responsive authorization state, wherein the responsive authorization state is determined based on the determination whether the provided challenge response and the corresponding challenge response match. - View Dependent Claims (15, 16, 17, 18)
-
Specification