IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0613395
(2009-11-05)
|
등록번호 |
US-8533118
(2013-09-10)
|
발명자
/ 주소 |
- Weller, Kevin
- Steele, Kim
- Koganti, Krishna Prasad
- Faith, Patrick
|
출원인 / 주소 |
- Visa International Service Association
|
대리인 / 주소 |
Kilpatrick, Townsend & Stockton LLP
|
인용정보 |
피인용 횟수 :
63 인용 특허 :
88 |
초록
▼
Embodiments of the invention enable cardholders conducting an online transaction to be authenticated in real-time using a challenge-response application. The challenge-response application can be administered by an issuer or by a third party on-behalf-of an issuer. A challenge question can be presen
Embodiments of the invention enable cardholders conducting an online transaction to be authenticated in real-time using a challenge-response application. The challenge-response application can be administered by an issuer or by a third party on-behalf-of an issuer. A challenge question can be presented to the cardholder, and the cardholder's response can be verified. The challenge question presented can be selected based on an analysis of the risk of the transaction and potentially other factors. A variety of dynamic challenge questions can be used without the need for the cardholder to enroll into the program. Additionally, there are many flexible implementation options of the challenge-response application that can be adjusted based on factors such as the location of the merchant or the location of the consumer.
대표청구항
▼
1. A system for authenticating a consumer conducting a transaction with a merchant, the system comprising: a challenge-response server computer, the challenge-response server computer comprising modules capable of executing on the challenge-response server computer, the modules comprising: a risk an
1. A system for authenticating a consumer conducting a transaction with a merchant, the system comprising: a challenge-response server computer, the challenge-response server computer comprising modules capable of executing on the challenge-response server computer, the modules comprising: a risk analyzer module configured to obtain a risk score for the transaction; anda challenge optimizer module configured to: receive an enrollment request message sent by the merchant;identify whether authentication of the consumer is available;if authentication is available, identify a type of authentication available, wherein the type of authentication available includes at least one of a password-based authentication or a challenge-response authentication;send an enrollment response message to the merchant based on the type of authentication available;generate an authentication challenge using the risk score and compare a response received from the consumer to an expected response when challenge-response authentication of the consumer is available and the password-based authentication is not available; andnot generate an authentication challenge when challenge-response authentication of the consumer is not available. 2. The system of claim 1, further comprising: a password-based authentication system, wherein the password-based authentication system is configured to provide the password-based authentication of the consumer conducting the transaction when password-based authentication of the consumer is available. 3. The system of claim 1, wherein parameters of the challenge-response authentication provided by the challenge-response server are determined based on information about the transaction being conducted and on information on the account being used to conduct the transaction. 4. The system of claim 1, wherein the challenge-response server computer is configured to calculate the risk score. 5. The system of claim 1, wherein the challenge-response server authenticates the consumer substantially concurrently with a password recovery process for the password-based authentication system that occurs during the transaction. 6. The system of claim 1, wherein the challenge-response server computer comprises a device information module configured to obtain information on a device used by the consumer to conduct the transaction. 7. A computer implemented method of authenticating a consumer conducting a transaction with a merchant, the method comprising: a) receiving, from the merchant, an enrollment request message for consumer authentication at a server computer, the enrollment request message including information about the transaction being conducted and information on an account being used to conduct the transaction; determining, with the server computer, whether the account can be authenticated; if authentication is available, identifying a type of authentication available, wherein the type of authentication available includes at least one of a password-based authentication or a challenge-response authentication; and sending an enrollment response message based on the type of authentication available to the merchant if the account can be authenticated;b) determining a risk score for the transaction at the server computer;c) if the account can be authenticated, sending an authentication challenge to the consumer when the risk score exceeds a threshold, the authentication challenge comprising a question whose response is static, dynamic or semi-dynamic based on the type of authentication available;d) receiving a consumer response to the authentication challenge;e) comparing the consumer response to an expected response;f) authenticating the consumer conducting the transaction when the expected response and the consumer response are substantially the same; andg) sending an authentication response to the merchant, wherein the merchant processes the transaction if the authentication response indicates the consumer is authenticated. 8. The method of claim 7, wherein a)-f) are performed substantially concurrently with the password-based authentication of the consumer conducting the transaction. 9. The method of claim 8, wherein a)-f) are performed when the risk score is a medium risk score, and wherein no challenge is sent if the risk score is a low risk score and a transaction failure message is sent if the risk score is a high risk score. 10. The method of claim 7, wherein determining whether the account can be authenticated includes identifying whether authentication of the consumer is available with the password-based authentication, and wherein b)-f) are performed when the password-based authentication of the consumer conducting the transaction cannot take place. 11. The method of claim 7, wherein a)-f) are performed substantially concurrently with a password recovery process for the password-based authentication of the consumer conducting the transaction. 12. The method of claim 7, wherein a)-f) are performed instead of a password recovery process for the password-based authentication of the consumer conducting the transaction. 13. The method of claim 7, further comprising: sending the expected response to a consumer device, wherein the expected response sent to the consumer device is valid for only one transaction. 14. The method of claim 7, wherein the risk score is further based on querying an external risk assessment system. 15. The method of claim 7, wherein the authentication challenge is generated by a payment processing network. 16. The method of claim 7, further comprising: sending the risk score to a server computer associated with an issuer of the account being used to conduct the transaction; wherein the authentication challenge is generated by the server computer associated with the issuer and wherein the consumer response is received by the issuer. 17. A computer-readable medium comprising computer-executable code, executable by a processor, for performing the method of claim 7. 18. A server computer comprising a processor and the computer readable medium of claim 17 coupled to the processor. 19. The system of claim 1, wherein the challenge optimizer module is configured to generate the authentication challenge based on one or more previous transactions conducted by the consumer. 20. The system of claim 19, wherein the authentication challenge is based on a location of one or more previous transactions. 21. The system of claim 1, wherein the enrollment response message comprises a URL that is specific to the type of authentication available, and wherein the URL is associated with a website provided by a server computer. 22. A system for authenticating a consumer conducting a transaction with a merchant, the system comprising: a server computer, the server computer comprising modules capable of executing on the server computer, the modules comprising an authentication module configured to: receive an enrollment request message sent by the merchant;identify whether authentication of the consumer is available;if authentication is available, send an enrollment response message to the merchant for forwarding to the consumer, the enrollment response message comprising a URL associated with a web site provided by the server computer, wherein the URL is different based on a type of authentication available, wherein the type of authentication available includes at least one of a password-based authentication or a challenge-response authentication; andreceive a payer authentication request from the consumer at the server computer.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.