Managing attempts to initiate authentication of electronic commerce card transactions

US 20050102234A1
Filed: 11/06/2003
Published: 05/12/2005
Est. Priority Date: 11/06/2003
Status: Active Grant

First Claim

Patent Images

1. An electronic commerce card authentication system comprising:

a directory server adapted to;

receive a verification request message from a merchant system, wherein the verification request message requests an indication of whether a card account is capable of being authenticated;

determine whether the card account is capable of being authenticated; and

communicate a verification response message with the merchant system in response to a determination that the card account is not capable of being authenticated, wherein the verification response message instructs the merchant system to submit an authentication request.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

To encourage widespread implementation of an electronic commerce card authentication system by the numerous different card issuers and merchants, the card association assigns liability for fraudulent transaction based upon a party'"'"'s compliance with the authentication system. To enable this feature, an embodiment of the card processing system includes the ability to track and record attempts by merchants to initiate authentications, even in circumstances where the card issuer does not support authentication or can not authenticate the card information its receives. A directory server determines whether a card account is capable of being authenticated. If the card issuer cannot authenticate the card account, the directory server instructs the merchant system to attempt authentication with an alternate access control server. The alternate access control server is adapted to communicate an authentication response message with the merchant system indicating that the merchant system attempted an authentication.

94 Citations

View as Search Results

20 Claims

1. An electronic commerce card authentication system comprising:
- a directory server adapted to;
  
  receive a verification request message from a merchant system, wherein the verification request message requests an indication of whether a card account is capable of being authenticated;
  
  determine whether the card account is capable of being authenticated; and
  
  communicate a verification response message with the merchant system in response to a determination that the card account is not capable of being authenticated, wherein the verification response message instructs the merchant system to submit an authentication request.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The electronic commerce card authentication system of claim 1, wherein the directory server is adapted to determine whether the card account is capable of being authenticated by identifying a card issuer associated with the card account.
  - 3. The electronic commerce card authentication system of claim 2, wherein the verification request message includes at least a portion of a card number associated with the card account, and wherein the directory server is adapted to compare the portion of the card number with a range of card numbers associated with the card issuer.
  - 4. The electronic commerce card authentication system of claim 1, further comprising:
    - an access control server adapted to receive an authentication request message from the merchant system and to communicate an authentication response message with the merchant system, wherein the authentication response message includes an indication that the merchant system attempted an authentication.
  - 5. The electronic commerce card authentication system of claim 4, wherein the verification response message indicates the location of the access control server.
  - 6. The electronic commerce card authentication system of claim 4, wherein the access control server is further adapted to validate the authentication request message.
  - 7. The electronic commerce card authentication system of claim 4, wherein the access control server is further adapted to communicate a copy of the authentication response message with an authentication history server to be archived.
  - 8. The electronic commerce card authentication system of claim 2, wherein the directory server is further adapted to communicate the verification request message with an access control server associated with the card issuer associated with the card account;
    - and to communicate a verification response message with the merchant system in response to a determination that the access control server is inoperable, wherein the verification response message instructs the merchant system to submit an authentication request.
  - 9. The electronic commerce card authentication system of claim 2, further comprising an access control server adapted to:
    - receive the verification request message from the directory server;
      
      determine whether the card account is capable of being authenticated;
      
      communicate a verification response message with the merchant system in response to a determination that the card account cannot be authenticated, wherein the verification response message includes an indication that an authentication should be attempted with a different access control server; and
      
      communicate a verification response message with the merchant system in response to a determination that the card account can be authenticated, wherein the verification response message includes an indication that an authentication should be attempted with the access control server.
  - 10. The electronic commerce card authentication system of claim 4, further comprising an electronic commerce card association adapted to assign liability for a potentially fraudulent transaction to a card issuer in response to the authentication response message, wherein the authentication response message includes an indication that the merchant system attempted an authentication.

11. A method of initiating an authentication of an electronic commerce card, the method comprising:
- receiving a verification request message from a merchant system, wherein the message requests an indication of whether a card account is capable of being authenticated;
  
  determining whether the card account is capable of being authenticated; and
  
  communicating a verification response message with the merchant system in response to a determination that the card account is not capable of being authenticated, wherein the verification response message instructs the merchant system to submit an authentication request.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The method of claim 11, wherein determining includes identifying a card issuer associated with the card account.
  - 13. The method of claim 12, wherein the verification request message includes at least a portion of a card number associated with the card account, and wherein determining further includes comparing the portion of the card number with a range of card numbers associated with the card issuer.
  - 14. The method of claim 11, further comprising:
    - receiving an authentication request message from the merchant system; and
      
      communicating an authentication response message with the merchant system, wherein the authentication response message includes an indication that the merchant system attempted an authentication.
  - 15. The method of claim 14, wherein the verification response message indicates the location of the access control server.
  - 16. The method of claim 14, further including validating the authentication request message.
  - 17. The method of claim 14, further including communicating a copy of the authentication response message with an authentication history server to be archived.
  - 18. The method of claim 12, further including communicating the verification request message with an access control server associated with the card issuer associated with the card account;
    - and communicating a verification response message with the merchant system in response to a determination that the access control server is inoperable, wherein the verification response message instructs the merchant system to submit an authentication request.
  - 19. The method of claim 12, further comprising:
    - receiving, by an access control server, the verification request message from a directory server;
      
      determining, by the access control server, whether the card account is capable of being authenticated;
      
      communicating, by the access control server, a verification response message with the merchant system in response to a determination that the card account can not be authenticated, wherein the verification response message instructs the merchant system to submit an authentication request to a different access control server; and
      
      communicating, by the access control server, a verification response message with the merchant system in response to a determination that the card account can be authenticated, wherein the verification response message includes an indication that an authentication should be attempted with the access control server.
  - 20. The method of claim 14, further comprising assigning liability for a potentially fraudulent transaction to a card issuer in response to the authentication response message, wherein the authentication response message includes an indication that the merchant system attempted an authentication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa USA, Inc. (Visa, Inc.)
Original Assignee
Visa USA, Inc. (Visa, Inc.)
Inventors
Devine, Sue

Granted Patent

US 7,039,611 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/44
CPC Class Codes

G06Q 20/3674   involving authentication

G06Q 20/40   Authorisation, e.g. identif...

G06Q 30/02   Marketing; Price estimation...

G06Q 30/06   Buying, selling or leasing ...

Managing attempts to initiate authentication of electronic commerce card transactions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

94 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Managing attempts to initiate authentication of electronic commerce card transactions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

94 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links