SECURE AUTHENTICATION SYSTEM AND METHOD
0 Assignments
0 Petitions
Accused Products
Abstract
Apparatuses, methods, and systems pertaining to the verification of portable consumer devices for 3-D Secure Systems are disclosed. In one implementation, a verification token is coupled to a computer by a USB connection so as to use the computer'"'"'s networking facilities. The verification token reads identification information from a user'"'"'s portable consumer device (e.g., credit card) and sends the information to a validation entry over a communications network using the computer'"'"'s networking facilities. The validation entity applies one or more validation tests to the information that it receives from the verification token. If a selected number of tests are passed, the validation entity sends a 3-D Secure datum to the verification token. The verification token may enter the 3-D Secure datum into a hidden field of a Purchase Authentication Page appearing on the computer'"'"'s display.
-
Citations
132 Claims
-
1-112. -112. (canceled)
-
113. A method comprising:
-
sending, by a control server, a Purchase Authentication Page to a computer over a communications network, the Purchase Authentication Page having a user response posting field to receive a response from a user to authenticate the user; receiving, by the control server, a returned Purchase Authentication Page from the computer over the communications network, the returned Purchase Authentication Page having a user response disposed in the user response posting field and a secure datum received from a verification token associated with the computer; comparing, by the control server, at least a portion of the received user response to a stored user response to make a first determination of whether a match exists; comparing, by the control server, the received secure datum to a stored secure datum to make a second determination of whether a match exists; and generating, by the control server, a Payer Authentication Response message based on at least the first and second determinations. - View Dependent Claims (114, 115, 116, 117, 118, 119)
-
-
120. A control server comprising:
-
a processor; and a computer readable medium, the computer readable medium comprising code, executable by the processor, for implementing a method comprising sending, by a control server, a Purchase Authentication Page to a computer over a communications network, the Purchase Authentication Page having a user response posting field to receive a response from a user to authenticate the user; receiving, by the control server, a returned Purchase Authentication Page from the computer over the communications network, the returned Purchase Authentication Page having a user response disposed in the user response posting field and a secure datum received from a verification token associated with the computer; comparing, by the control server, at least a portion of the received user response to a stored user response to make a first determination of whether a match exists, comparing, by the control server, the received secure datum to a stored secure datum to make a second determination of whether a match exists, and generating, by the control server, a Payer Authentication Response message based on at least the first and second determinations. - View Dependent Claims (121, 122, 123, 124, 125, 127, 128, 130, 131, 132)
-
-
126. A method comprising:
-
obtaining, by a control server, a risk assessment for a transaction; generating and sending, by the control server, a Purchase Authentication Page to a computer with page display parameters that causes the Purchase Authentication Page to not be visible or to not be fully visible on a display of the computer if the risk assessment is below a threshold value; and sending, by the control server, the Purchase Authentication Page to the computer with page display parameters that cause the Purchase Authentication Page to be visible on the display of the computer if the risk assessment is above the threshold value. - View Dependent Claims (129)
-
Specification