System and method for authorization of transactions
First Claim
1. A system for an Internet-based transaction authorization service using Short Message Service (SMS) text messages for secure communication between multiple parties, comprising:
- means for registering users equipped with Internet-enabled mobile devices to establish at least two codes, including one code for authenticating communications from a particular user to the transaction authorization service and another code for authenticating communications from the transaction authorization service to the particular user;
means for establishing a payment account for the particular user;
means for receiving, via an SMS communications channel, an SMS message to initiate a payment transaction from the particular user'"'"'s payment account to another account;
means for contacting the particular user via a different communications channel than the SMS communications channel on which the SMS message is received to confirm authorization for the payment transaction, wherein contacting the particular user via the different communications channel comprises supplying the code for authenticating communications from the transaction authorization service to the particular user;
means for receiving a reply to said contacting from the particular user including the code for authenticating communications from the particular user to the transaction authorization service;
means for authorizing, by the transaction authorization service, the payment transaction based on said reply from the particular user; and
means for performing the payment transaction if authorized.
1 Assignment
0 Petitions
Accused Products
Abstract
System and method for authorizing transactions, such as payments or money transfers. A transaction authorization mechanism may be provided through which a transaction initiated via a first communications channel may be authorized through a second, separate communications channel or mechanism. A source entity may initiate a transaction to a target entity via a first communications channel to a transaction authorization service. The transaction authorization service may confirm the transaction with the source entity via a second communications channel. Various embodiments may use different communications channels, for example conventional telephone systems, mobile/cellular phone systems, and text messaging systems as the first or second communications channels. After the transaction has been authorized via the second communications channel, the transaction authorization service and/or the source entity may contact the target entity to inform the target entity of the transaction. The target entity may then complete the transaction.
122 Citations
75 Claims
-
1. A system for an Internet-based transaction authorization service using Short Message Service (SMS) text messages for secure communication between multiple parties, comprising:
-
means for registering users equipped with Internet-enabled mobile devices to establish at least two codes, including one code for authenticating communications from a particular user to the transaction authorization service and another code for authenticating communications from the transaction authorization service to the particular user; means for establishing a payment account for the particular user; means for receiving, via an SMS communications channel, an SMS message to initiate a payment transaction from the particular user'"'"'s payment account to another account; means for contacting the particular user via a different communications channel than the SMS communications channel on which the SMS message is received to confirm authorization for the payment transaction, wherein contacting the particular user via the different communications channel comprises supplying the code for authenticating communications from the transaction authorization service to the particular user; means for receiving a reply to said contacting from the particular user including the code for authenticating communications from the particular user to the transaction authorization service; means for authorizing, by the transaction authorization service, the payment transaction based on said reply from the particular user; and means for performing the payment transaction if authorized.
-
-
2. A method, comprising:
-
receiving, at a transaction authorization service, an initiation of a transaction between a source entity and a target entity via a first communications channel, wherein the initiation of a transaction is received from either the source entity or the target entity, wherein the source entity and the target entity are different and distinct entities, wherein the transaction authorization service is operated by another entity that is different and distinct from the source entity and the target entity; sending a request for authorization of the transaction from the transaction authorization service to a communications device of the source entity, wherein said sending comprises sending the request for authorization via a second communications channel, wherein the second communications channel is not the first communication channel, wherein the request for authorization includes a security phrase prearranged between the source entity and the transaction authorization service, wherein the security phrase indicates to the source entity that the request for authorization is an authentic message from the transaction authorization service; receiving, at the transaction authorization service, a response to the request for authorization from the source entity, wherein the response includes information for authorizing the transaction; and the transaction authorization service authorizing the transaction based on the information for authorizing the transaction included in the response from the source entity. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A system, comprising:
-
a processor; and a memory comprising program instructions, wherein the program instructions are executable by the processor to implement a transaction authorization service configured to; receive an initiation of a transaction between a source entity and a target entity via a first communications channel, wherein the initiation of a transaction is received from either the source entity or the target entity, wherein the source entity and the target entity are different and distinct entities, wherein the transaction authorization service is operated by another entity that is different and distinct from the source entity and the target entity; send a request for authorization of the transaction from the transaction authorization service to a communications device associated with the source entity via a second communications channel, wherein the second communications channel is not the first communications channel, wherein the request for authorization includes a security phrase prearranged between the source entity and the transaction authorization service, wherein the security phrase indicates to the source entity that the request for authorization is an authentic message from the transaction authorization service; receive a response to the request for authorization from the source entity, wherein the response includes information for authorizing the transaction; and authorize the transaction based on the information for authorizing the transaction included in the response from the source entity. - View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55)
-
-
56. A non-transitory computer-accessible storage medium comprising program instructions, wherein the program instructions are configured to implement a transaction authorization service configured to:
-
receive an initiation of a transaction between a source entity and a target entity via a first communications channel, wherein the initiation of a transaction is received from either the source entity or the target entity, wherein the source entity and the target entity are different and distinct entities, wherein the transaction authorization service is operated by another entity that is different and distinct from the source entity and the target entity; send a request for authorization of the transaction from the transaction authorization service to a communications device associated with the source entity via a second communications channel, wherein the second communications channel is not the first communications channel, wherein the request for authorization includes a security phrase prearranged between the source entity and the transaction authorization service, wherein the security phrase indicates to the source entity that the request for authorization is an authentic message from the transaction authorization service; receive a response to the request for authorization from the source entity, wherein the response includes information for authorizing the transaction; and authorize the transaction based on the information for authorizing the transaction included in the response from the source entity. - View Dependent Claims (57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75)
-
Specification