Methods and systems for provisioning mobile devices with payment credentials
First Claim
1. A method, comprising:
- receiving, at a server computer, a first provisioning request from a first mobile device to provision a first payment credential associated with a first account of a first user to the first mobile device;
determining, by the server computer, a first risk level associated with the first provisioning request;
determining, by the server computer, that the first risk level is within a predetermined risk threshold range;
based on the first risk level being within the predetermined risk threshold range;
setting, by the server computer, a first token representing the first payment credential to an inactive state;
transmitting, by the server computer to the first mobile device, a first set of provisioning scripts and the first token in the inactive state;
executing, by the first mobile device, the first set of provisioning scripts;
storing, by the first mobile device, the first token and a protection flag associated with the first token in a memory of the first mobile device based on executing the first set of provisioning scripts, the protection flag representing the inactive state of the first token;
performing, by the server computer, an authentication process with the first user based on direct or indirect communication with the first mobile device;
determining, by the server computer, that the authentication process is successfully performed;
based on a successful performance of the authentication process, transmitting, by the server computer to the first mobile device, an activation script that, when executed on the first mobile device, modifies a status of the first token from the inactive state to an active state;
executing, by the first mobile device, the activation script;
disabling, by the first mobile device, the protection flag associated with the first token based on executing the activation script;
storing, by the first mobile device, the first token in the active state based on disabling the protection flag thereby configuring a first digital wallet application stored on the first mobile device with the first token;
transmitting, by the first mobile device, the first token in the active state to a first transacting entity during a first financial transaction with the first transacting entity;
receiving, at the server computer, a second provisioning request from a second mobile device to provision a second payment credential associated with a second account of a second user to the second mobile device;
determining, by the server computer, a second risk level associated with the second provisioning request;
determining, by the server computer, that the second risk level is below the predetermined risk threshold range;
based on the second risk level being below the predetermined risk threshold range;
setting, by the server computer, a second token representing the second payment credential to the active state without requiring the authentication process with the second user;
transmitting a second set of provisioning scripts and the second token in the active state to the second mobile device without requiring the authentication process with the second user;
executing, by the second mobile device, the second set of provisioning scripts on the second mobile device;
storing, by the second mobile device, the second token in the active state based on executing the second set of provisioning scripts and without requiring the authentication process with the second user, thereby configuring a second digital wallet application stored on the second mobile device with the second token, andtransmitting, by the second mobile device, the second token in the active state to a second transacting entity during a second financial transaction with the second transacting entity.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments are described that are directed to optimizing the provisioning of payment account credentials to mobile devices utilizing mobile wallets. In some embodiments, one of multiple provisioning schemes may be selectively chosen for payment account credential provisioning based upon a determined risk involved with a particular provisioning request. A low risk provisioning request leads to an immediate provisioning of a payment credential, whereas a provisioning request of high risk results in the provisioning request being denied. In some embodiments, medium risk provisioning requests will cause an additional user authentication to be performed before the payment account provisioning is finalized. The additional user authentication may occur using a separate communication channel than the channel in which the provisioning request was received.
551 Citations
12 Claims
-
1. A method, comprising:
-
receiving, at a server computer, a first provisioning request from a first mobile device to provision a first payment credential associated with a first account of a first user to the first mobile device; determining, by the server computer, a first risk level associated with the first provisioning request; determining, by the server computer, that the first risk level is within a predetermined risk threshold range; based on the first risk level being within the predetermined risk threshold range; setting, by the server computer, a first token representing the first payment credential to an inactive state; transmitting, by the server computer to the first mobile device, a first set of provisioning scripts and the first token in the inactive state; executing, by the first mobile device, the first set of provisioning scripts; storing, by the first mobile device, the first token and a protection flag associated with the first token in a memory of the first mobile device based on executing the first set of provisioning scripts, the protection flag representing the inactive state of the first token; performing, by the server computer, an authentication process with the first user based on direct or indirect communication with the first mobile device; determining, by the server computer, that the authentication process is successfully performed; based on a successful performance of the authentication process, transmitting, by the server computer to the first mobile device, an activation script that, when executed on the first mobile device, modifies a status of the first token from the inactive state to an active state; executing, by the first mobile device, the activation script; disabling, by the first mobile device, the protection flag associated with the first token based on executing the activation script; storing, by the first mobile device, the first token in the active state based on disabling the protection flag thereby configuring a first digital wallet application stored on the first mobile device with the first token; transmitting, by the first mobile device, the first token in the active state to a first transacting entity during a first financial transaction with the first transacting entity; receiving, at the server computer, a second provisioning request from a second mobile device to provision a second payment credential associated with a second account of a second user to the second mobile device; determining, by the server computer, a second risk level associated with the second provisioning request; determining, by the server computer, that the second risk level is below the predetermined risk threshold range; based on the second risk level being below the predetermined risk threshold range; setting, by the server computer, a second token representing the second payment credential to the active state without requiring the authentication process with the second user; transmitting a second set of provisioning scripts and the second token in the active state to the second mobile device without requiring the authentication process with the second user; executing, by the second mobile device, the second set of provisioning scripts on the second mobile device; storing, by the second mobile device, the second token in the active state based on executing the second set of provisioning scripts and without requiring the authentication process with the second user, thereby configuring a second digital wallet application stored on the second mobile device with the second token, and transmitting, by the second mobile device, the second token in the active state to a second transacting entity during a second financial transaction with the second transacting entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system, comprising:
-
a mobile device including one or more processors, and a first non-transitory computer readable storage medium communicatively coupled with the one or more processors of the mobile device; and a server computer including one or more processors, and a second non-transitory computer readable storage medium communicatively coupled with the one or more processors of the server computer and storing instructions which, when executed by the one or more processors of the server computer, cause the server computer to perform operations comprising; receiving a provisioning request from the mobile device to provision a payment credential associated with an account of a user to the mobile device; determining a risk level associated with the provisioning request; comparing the risk level to a predetermined risk threshold range; based on the risk level being within the predetermined risk threshold range; setting a token representing the payment credential to an inactive state; transmitting a set of provisioning scripts and the token in the inactive state to the mobile device; performing an authentication process with the user based on direct or indirect communication with the mobile device; determining that the authentication process is successfully performed; based on a successful performance of the authentication process, transmitting, to the mobile device, an activation script that, when executed on the mobile device, modifies a status of the token to an active state; the first non-transitory computer readable storage medium storing instructions which, when executed by the one or more processors of the mobile device, cause the mobile device to execute the activation script to provision the token in the active state on the mobile device thereby configuring a digital wallet application stored on the mobile device with first token; based on the risk level being below the predetermined risk threshold range; setting the token representing the payment credential to the active state without requiring the authentication process with the user; transmitting the set of provisioning scripts and the token in the active state to the mobile device without requiring the authentication process with the user when the risk level is below the predetermined risk threshold range; the first non-transitory computer readable storage medium storing instructions which, when executed by the one or more processors of the mobile device, cause the mobile device to; execute the set of provisioning scripts; based on the risk level being within the predetermined risk threshold range; store the token and a protection flag associated with the token in a memory of the mobile device based on executing the set of provisioning scripts, the protection flag representing the inactive state of the token; execute the activation script; disable the protection flag associated with the first token based on executing the activation script; store the token in the active state based on disabling the protection flag thereby configuring the digital wallet application stored on the mobile device with the token; based on the risk level being within the predetermined risk threshold range; store the token in the active state based on executing the set of provisioning scripts and without requiring the authentication process with the user, thereby configuring the digital wallet application stored on the mobile device with the token; transmit the token in the active state to a transacting entity during a financial transaction with the transacting entity. - View Dependent Claims (11, 12)
-
Specification