Real-time security verification for banking cards

US 8,632,002 B2
Filed: 07/08/2008
Issued: 01/21/2014
Est. Priority Date: 07/08/2008
Status: Active Grant

First Claim

Patent Images

1. A method for authorizing purchases made with a bank card, comprising:

receiving bank card data from a merchant, wherein the bank card data indicates that a purchase using the bank card is being attempted;

in response to receiving the bank card data;

prompting a mobile device associated with a person authorized to use the bank card to determine a distance from the mobile device to the bank card, wherein, in response to the prompt, the mobile device receives a wireless signal emitted from the bank card and estimates the distance between the mobile device and the bank card based on the wireless signal;

upon determining that the estimated distance is within a predefined distance, authorizing the purchase;

upon determining that the estimated distance is not within the predefined distance;

requesting at least one of a first and second security codes from the mobile device, wherein the mobile device is configured to transmit the first security code when the purchase is authorized, and transmit the second security code when the purchase is based on illegal activity, wherein both the first and second security codes are provided by the authorized person;

after requesting the at least one security code;

receiving a message from the mobile device that includes at least one of the first and second security codes;

upon determining that the message includes the first security code, authorizing the purchase; and

upon determining that the message includes the second security code, rejecting the purchase.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention provide a means for verifying that a person using a bank card at a point-of-sale merchant location is in fact a person authorized to use the bank card. In one embodiment of the invention, verification may involve communicating with the mobile device 103 associated with the person authorized to use the bank card. The person authorized to use the bank card may be required to send verification data to the bank card verification system via the mobile device to confirm a purchase. The bank card verification system may not authorize the purchase if the proper verification data is not received from the mobile device. In another embodiment, the bank card verification system may be configured to determine a proximity of the mobile device to the merchant point-of-sale location to verify the purchase.

43 Citations

View as Search Results

21 Claims

1. A method for authorizing purchases made with a bank card, comprising:
- receiving bank card data from a merchant, wherein the bank card data indicates that a purchase using the bank card is being attempted;
  
  in response to receiving the bank card data;
  
  prompting a mobile device associated with a person authorized to use the bank card to determine a distance from the mobile device to the bank card, wherein, in response to the prompt, the mobile device receives a wireless signal emitted from the bank card and estimates the distance between the mobile device and the bank card based on the wireless signal;
  
  upon determining that the estimated distance is within a predefined distance, authorizing the purchase;
  
  upon determining that the estimated distance is not within the predefined distance;
  
  requesting at least one of a first and second security codes from the mobile device, wherein the mobile device is configured to transmit the first security code when the purchase is authorized, and transmit the second security code when the purchase is based on illegal activity, wherein both the first and second security codes are provided by the authorized person;
  
  after requesting the at least one security code;
  
  receiving a message from the mobile device that includes at least one of the first and second security codes;
  
  upon determining that the message includes the first security code, authorizing the purchase; and
  
  upon determining that the message includes the second security code, rejecting the purchase.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the mobile device is a cellular phone.
  - 3. The method of claim 2, wherein requesting the at least one security code from the cellular phone comprises placing a call to the cellular phone and prompting a user of the cellular phone for the at least one security code.
  - 4. The method of claim 2, wherein requesting the at least one security code from the cellular phone comprises sending a text message to the cellular phone and prompting a user of the cellular phone to send a text message comprising the at least one security code.
  - 5. The method of claim 1, wherein the mobile device is a laptop computer and requesting the at least one security code comprises sending one of an instant message and an email to the laptop computer.
  - 6. The method of claim 1, wherein determining whether the message comprises a valid security code comprises comparing the at least one security code in the message to a predefined security code.
  - 7. The method of claim 1, wherein the mobile device comprises a Radio Frequency Identification (RFID) wireless receiver for receiving the wireless signal emitted from the bank card, wherein the bank card comprises a wireless identification key configured to emit the wireless signal.

8. A computer readable storage medium comprising a program product which, when executed by a processor, is configured to perform an operation for authorizing purchases made with a bank card, comprising:
- receiving bank card data from a merchant, wherein the bank card data indicates that a purchase using the bank card is being attempted;
  
  in response to receiving the bank card data;
  
  prompting a mobile device associated with a person authorized to use the bank card to determine a distance from the mobile device to the bank card, wherein, in response to the prompt, the mobile device receives a wireless signal emitted from the bank card and estimates the distance between the mobile device and the bank card based on the wireless signal;
  
  upon determining that the estimated distance is within a predefined distance, authorizing the purchase;
  
  upon determining that the estimated distance is not within the predefined distance;
  
  requesting at least one of a first and second security codes from a mobile device associated with a person authorized to use the bank card, wherein the mobile device is configured to transmit the first security code when the purchase is authorized, and transmit the second security code when the purchase is based on illegal activity, wherein both the first and second security codes are provided by the authorized person;
  
  after requesting the at least one security code;
  
  receiving a message from the mobile device that includes at least one of the first and second security codes;
  
  upon determining that the message includes the first security code, authorizing the purchase; and
  
  upon determining that the message includes the second security code, rejecting the purchase.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer readable storage medium of claim 8, wherein the mobile device is a cellular phone.
  - 10. The computer readable storage medium of claim 9, wherein requesting the at least one security code from the cellular phone comprises placing a call to the cellular phone and prompting a user of the cellular phone for the at least one security code.
  - 11. The computer readable storage medium of claim 9, wherein requesting the at least one security code from the cellular phone comprises sending a text message to the cellular phone and prompting a user of the cellular phone to send a text message comprising the at least one security code.
  - 12. The computer readable storage medium of claim 8, wherein the mobile device is a laptop computer and requesting the at least one security code comprises sending one of an instant message and an email to the laptop computer.
  - 13. The computer readable storage medium of claim 8, wherein determining whether the message comprises a valid security code comprises comparing the at least one security code in the message to a predefined security code.
  - 14. The computer readable storage medium of claim 8, wherein the mobile device comprises a RFID wireless receiver for receiving the wireless signal emitted from the bank card, wherein the bank card comprises a wireless identification key configured to emit the wireless signal.

15. A system, comprising at least one merchant computer, at least one server, and at least one mobile device associated with a person authorized to use a bank card, wherein the merchant computer is configured to send bank card data to the server, the bank card data indicating that a purchase using the bank card is being attempted, and wherein the server, in response to receiving the bank card data, is configured to:
- prompt the mobile device to determine a distance from the mobile device to the bank card, wherein, in response to the prompt, the mobile device receives a wireless signal emitted from the bank card and estimates the distance between the mobile device and the bank card based on the wireless signal;
  
  upon determining that the estimated distance is within a predefined distance, authorize the purchase;
  
  upon determining that the estimated distance is not within the predefined distance;
  
  request at least one of a first and second security codes from the mobile device, wherein the mobile device is configured to transmit the first security code when the purchase is authorized, and transmit the second security code when the purchase is based on illegal activity, wherein both the first and second security codes are provided by the authorized person;
  
  after requesting the at least one security code;
  
  receive a message from the mobile device that includes at least one of the first and second security codes;
  
  upon determining that the message includes the first security code, authorize the purchase; and
  
  upon determining that the message includes the second security code, reject the purchase.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The system of claim 15, wherein the mobile device is a cellular phone.
  - 17. The system of claim 16, wherein the server is configured to request the at least one security code from the cellular phone by placing a call to the cellular phone and prompting a user of the cellular phone for the at least one security code.
  - 18. The system of claim 16, wherein the server is configured to request the at least one security code from the cellular phone by sending a text message to the cellular phone and prompting a user of the cellular phone to send a text message comprising the at least one security code.
  - 19. The system of claim 15, wherein the mobile device is a laptop computer and wherein the server is configured to request the at least one security code by sending one of an instant message and an email to the laptop computer.
  - 20. The system of claim 15, wherein the server is configured to determine whether the message comprises a valid security code by comparing the at least one security code in the message to a predefined security code stored in the server.
  - 21. The system of claim 15, wherein the mobile device comprises a RFID wireless receiver for receiving the wireless signal emitted from the bank card, wherein the bank card comprises a wireless identification key configured to emit the wireless signal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Boutcher, David C., Harney, Raymond K., Munroe, Steven J., Scheel, Jeffrey J.
Primary Examiner(s)
Le, Thien M
Assistant Examiner(s)
STANFORD, CHRISTOPHER J

Application Number

US12/168,970
Publication Number

US 20100006642A1
Time in Patent Office

2,023 Days
Field of Search

235/380
US Class Current

235/380
CPC Class Codes

G06F 21/40   by quorum, i.e. whereby two...

G06F 2221/2111   Location-sensitive, e.g. ge...

G06F 2221/2149   Restricted operating enviro...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/4014   Identity check for transact...

G07F 7/1008   Active credit-cards provide...

Real-time security verification for banking cards

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

43 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Real-time security verification for banking cards

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

43 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links