OVER THE AIR MANAGEMENT OF PAYMENT APPLICATION INSTALLED IN MOBILE DEVICE

US 20100198728A1
Filed: 09/21/2009
Published: 08/05/2010
Est. Priority Date: 09/22/2008
Status: Active Grant

First Claim

Patent Images

1. A mobile wireless device, comprising:

a processor;

a memory;

a payment application installed on the mobile wireless device; and

a set of instructions stored in the memory, which when executed by the processor implement a method toreceive access control data for the installed payment application over a wireless network; and

depending upon the access control data, enable the user to access a function of the payment application or prevent the user from accessing the function of the payment application.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, apparatus, and methods for managing a payment application installed on a mobile device, such as a mobile phone are provided. An Issuer of a payment device can remotely control the payment application by instructing a wireless network carrier or operator to transmit a message to the mobile phone, where the message contains an instruction to perform an operation related to the payment application. The Issuer can remotely reset a counter or a password associated with the payment application, lock or unlock a payment application, and set the access control data to a predetermined value, to prevent unauthorized use of the payment application in the situation in which the mobile phone is lost or stolen, or the Issuer desires to limit access to the payment application for other reasons, such as limiting its exposure to unauthorized uses of the payment device.

127 Citations

32 Claims

1. A mobile wireless device, comprising:
- a processor;
  
  a memory;
  
  a payment application installed on the mobile wireless device; and
  
  a set of instructions stored in the memory, which when executed by the processor implement a method toreceive access control data for the installed payment application over a wireless network; and
  
  depending upon the access control data, enable the user to access a function of the payment application or prevent the user from accessing the function of the payment application.
- View Dependent Claims (2, 3, 4)
- - 2. The mobile wireless device of claim 1, wherein the received access control data functions to prevent the user from accessing all of the functions of the payment application.
  - 3. The mobile wireless device of claim 1, wherein the access control data includes one or more of a setting for an access control indicator, an alphanumeric data string, or a value for one or more access control data elements.
  - 4. The mobile wireless device of claim 1, wherein the implemented method further comprises:
    - storing the received access control data in a memory location of the memory;
      
      receiving an input activating the installed payment application;
      
      accessing the memory location to determine a value of the access control data; and
      
      based on the value of the access control data, enable the user to access the function of the payment application or prevent the user from accessing the function of the payment application.

5. A method of controlling use of a payment application installed on a mobile device, the method comprising:
- receiving an instruction at an element of a wireless communications network, the instruction being to enable or disable user access to a function of the payment application;
  
  in response to receiving the instruction, generating data representing the instruction in a form capable of being transmitted to the mobile device; and
  
  transmitting the generated data over a wireless network for receipt by the mobile device.
- View Dependent Claims (6, 7, 8, 9)
- - 6. The method of claim 5, wherein the instruction to enable or disable user access to a function of the payment application is received from an Issuer of the user'"'"'s payment account or from a payment processor.
  - 7. The method of claim 5, wherein the generated data includes one or more of a setting for an access control indicator, an alphanumeric data string, or a value for one or more access control data elements.
  - 8. The method of claim 5, wherein the instruction functions to prevent the user from accessing all of the functions of the payment application.
  - 9. The method of claim 5, wherein the payment application is configured to enable payment transactions for one or more of a prepaid account, a credit account or a debit account.

10. A method of operating a mobile device, comprising:
- receiving data including payment application access control data over a wireless network;
  
  storing the payment application access control data in a data storage of the mobile device;
  
  receiving an input and in response to the input, activating the payment application installed on the mobile device;
  
  accessing the data storage; and
  
  processing the payment application access control data in the data storage to determine if a user of the mobile device is provided access to a function of the payment application.
- View Dependent Claims (11)
- - 11. The method of claim 10, wherein the payment application access control data is received as part of an electronic message, the electronic message being one or more of a short message system (SMS) message, an email message, or a control channel message.

12. A method for authenticating a user of a mobile communication device by the mobile communication device, the method comprising:
- receiving an input from the user, the input indicative of a password for access to a payment application resident on the mobile communication device, wherein the payment application allows a predetermined number of password entry attempts;
  
  verifying whether the password is correct;
  
  if the password is not correct, determining whether the predetermined number of password entry attempts has been reached; and
  
  in the event that the predetermined number of password entry attempts has been reached, preventing access to the payment application.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The method of claim 12, wherein in the event that the predetermined number of password entry attempts have been reached, sending a request to an issuer, to disable the payment application.
  - 14. The method of claim 13, further comprising:
    - receiving a lock script from the issuer; and
      
      executing the lock script to disable the payment application.
  - 15. The method of claim 12, wherein sending the request includes using an over-the-air communication channel to communicate the request to the Issuer.
  - 16. A computer-readable storage medium storing instructions, which when executed by a controller in a mobile communication device, causes the controller to perform a method of claim 12.
  - 17. The computer-readable storage medium of claim 16, wherein in the method, sending a request to an issuer includes sending the request as part of an electronic message, the electronic message being one or more of a short message system (SMS) message, an email message, or a control channel message.
  - 18. The computer-readable storage medium of claim 16, wherein the method further includes:
    - receiving a script from the issuer, the script including instructions for disabling the payment application; and
      
      processing the script to prevent access to the payment application.

19. A method for managing access to a payment application resident on a mobile device, by the mobile device, the method comprising:
- receiving an input indicative of a password, the password being configured to provide access to the payment application;
  
  receiving input indicative of number of attempts allowed to enter the password; and
  
  designating the received number of attempts as the maximum number of attempts allowed to access the payment application.

20. A method for resetting a password of a payment application resident on a mobile device, the method comprising, by the mobile device:
- determining that the password associated with the payment application is inoperative;
  
  sending a request to an issuer to reset the password associated with the payment application using an over-the-air communication channel;
  
  receiving, from the issuer, a script in response to the request; and
  
  executing the script to perform an operation specified by the script.
- View Dependent Claims (21)
- - 21. The method of claim 20, wherein, sending a request to an issuer includes sending the request to a mobile payment gateway, the mobile gateway forwarding the request to the issuer.

22. A method for resetting a password, by a payment authorization entity, the method comprising:
- receiving a request, from a mobile device, to reset a password associated with a payment application resident on the mobile phone, the request being sent using an over-the-air communication channel;
  
  analyzing the request to determine whether to reset the password;
  
  generating a script based on the determination; and
  
  sending the script to the mobile device.
- View Dependent Claims (23, 24, 25)
- - 23. The method of claim 22, wherein analyzing the request to determine whether to reset the password includes consulting one or more policies to determine whether to grant or deny the request.
  - 24. The method of claim 22, wherein sending the script to the mobile device includes:
    - sending the script to a mobile gateway, wherein the mobile gateway forwards the script to the mobile device using an over-the-air communication channel.
  - 25. The method of claim 24, wherein the over-the-air communication channel is a cellular phone network.

26. A method for managing a counter associated with a payment application resident on a mobile device, by the mobile device, the method comprising:
- determining whether the counter has reached a threshold value;
  
  sending a request to reset the counter, to a payment authorizing entity, if it is determined that the counter has reached the threshold value;
  
  receiving, from the payment authorizing entity, a script in response to the request; and
  
  executing the command to perform an operation specified in the script.
- View Dependent Claims (27, 28, 29, 30)
- - 27. The method of claim 26, wherein prior to determining whether the counter has reached a threshold value, receiving a request for conducting a transaction.
  - 28. The method of claim 27, wherein the transaction is an offline transaction.
  - 29. The method of claim 26, wherein the operation specified in script is to not reset the counter.
  - 30. The method of claim 26, wherein the threshold value is a combined maximum value for all offline transactions.

31. A method for managing a counter of a payment application resident on a mobile device, by a payment authorizing entity, the method comprising:
- receiving a request, from the payment application, to reset the counter;
  
  determining whether or not to reset the counter based at least in part on one or more policies and information about a user associated with the payment application;
  
  generating a command script based on the determination; and
  
  sending the command script to the payment application.
- View Dependent Claims (32)
- - 32. The method of claim 31, wherein sending the command script includes sending the command script to a mobile payment gateway prior to the command being forwarded to the payment application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Lindelsee, Mike, Wilson, David William, Brand, Olivier, Aabye, Christian, Mirizzi, Joseph J., Ngo, Hao, White, Lauren

Granted Patent

US 9,286,604 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/44
CPC Class Codes

G06Q 20/3227   using secure elements embed...

G06Q 20/325   using wireless networks

G06Q 20/326   Payment applications instal...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 20/4014   Identity check for transact...

G06Q 40/00   Finance; Insurance; Tax str...

H04L 63/102   Entity profiles

OVER THE AIR MANAGEMENT OF PAYMENT APPLICATION INSTALLED IN MOBILE DEVICE

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

127 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

OVER THE AIR MANAGEMENT OF PAYMENT APPLICATION INSTALLED IN MOBILE DEVICE

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

127 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links