Secure communication of payment information to merchants using a verification token
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06Q-020/40
G06F-021/34
G06F-021/42
G06Q-020/12
G06Q-020/20
G06Q-020/32
G06Q-020/38
G06Q-020/42
출원번호
US-0511034
(2014-10-09)
등록번호
US-9582801
(2017-02-28)
발명자
/ 주소
Hammad, Ayman
출원인 / 주소
Visa International Service Association
대리인 / 주소
Kilpatrick Townsend & Stockton LLP
인용정보
피인용 횟수 :
2인용 특허 :
236
초록
Disclosed are apparatuses, systems, and methods pertaining to the secure communication of payment information from portable consumer devices, such as credit cards, to online merchants using verification tokens.
대표청구항▼
1. A validation entity computer comprising a first data processor and a computer program product embodied on a tangible computer-readable medium coupled to the first data processor to implement a method comprising: directing the first data processor to receive identification information of a portabl
1. A validation entity computer comprising a first data processor and a computer program product embodied on a tangible computer-readable medium coupled to the first data processor to implement a method comprising: directing the first data processor to receive identification information of a portable consumer device read and sent by a verification token over a communications network with a second data processor in a user computer, the second data processor disposed between the verification token and the communications network, the verification token being coupled to the second data processor in the user computer by way of a peripheral interface of the user computerdirecting the first data processor to apply at least one validation test on a piece of information sent by the verification token, the validation test producing a result of pass or fail; anddirecting the first data processor to send, if the result of the at least one validation test is pass, data representative of at least a portion of the received identification information to a merchant computer. 2. The validation entity computer of claim 1, wherein the method further comprises directing the first data processor to receive a serial number of the verification token and a test message encrypted by the verification token with an encryption key; and wherein directing the first data processor to apply at least one validation test comprises directing the first data processor to access a database to obtain a key and one or more acceptable messages, and directing the first data processor to validate the encrypted test message using the encrypted test message, the obtained key, and the obtained one or more acceptable messages. 3. The validation entity computer of claim 1, wherein the method further comprises directing the first data processor to receive a serial number of the verification token; and directing the first data processor to have the received serial number compared with serial numbers stored in a database that stores serial numbers of suspicious tokens. 4. The validation entity computer of claim 1, wherein the method further comprises: directing the first data processor to receive one or more data messages having information specific to the user computer, the information being obtained by the verification token, anddirecting the first data processor to have the received information compared with information stored in a database that stores computer-specific information of suspicious computers for a match. 5. The validation entity computer of claim 1 wherein the received identification information is conveyed by way of a network packet passing through the communications network, and wherein directing the first data processor to apply at least one validation test comprises: directing first the direct processor to obtain a source IP address from the network packet; anddirecting first the data processor to have the obtained source IP address compared with suspect IP addresses stored in a database for a match. 6. The validation entity computer of claim 1, wherein the received identification information includes an account number of the portable consumer device and a digital fingerprint of a magnetic stripe of the portable consumer device; and wherein directing the first data processor to apply at least one validation test comprises instructions that direct the first data processor to obtain a valid digital fingerprint for the portable consumer device having the account number in the received identification information, and to compare the digital fingerprint in the received identification information to the valid digital fingerprint. 7. The validation entity computer of claim 1, wherein the received identification information includes an account number of the portable consumer device and a variable datum that varies each time the portable consumer device is read for its identification information; and wherein directing the first data processor to apply at least one validation test comprises instructions that direct the first data processor to obtain one or more acceptable datum values for the portable consumer device having the account number in the received identification information, and to compare the variable datum in the received identification information to the obtained one or more acceptable datum values for a match. 8. The validation entity computer of claim 1, wherein the received identification information includes an account number of the portable consumer device and a variable datum that varies each time the portable consumer device is read for its identification information; and wherein directing the first data processor to apply at least one validation test comprises instructions that direct the first data processor to send the account number and the variable datum to an issuing bank with a request for the bank to determine if the variable datum is valid, and instructions that direct the first data processor to receive the issuing bank's determination. 9. The validation entity computer of claim 1, wherein directing the first data processor to apply at least one validation test comprises instructions that direct the first data processor to apply at least two validation tests pertaining to the received identification information. 10. A method of communicating payment information to a merchant, the method comprising: receiving, at a server, identification information of a portable consumer device read and sent by a verification token over a communications network with a data processor in a user computer disposed between the verification token and a communications network, the verification token being coupled to the data processor in the user computer by way of a peripheral interface of the computer;selecting, by the server, a merchant to send data representative of at least a portion of the received identification information to; andsending, from the server, data representative of at least a portion of the received identification information to a merchant computer of the selected merchant. 11. The method of claim 10, wherein the identification information has an account number associated with a user, wherein selecting the merchant comprises identifying the selected merchant from a portion of the account number. 12. The method of claim 10, wherein the identification information has a personal account number that comprises a bank number and a user number, wherein selecting the merchant comprises extracting the bank number in the personal account number of the identification information and identifying the selected merchant from the extracted bank number. 13. The method of claim 10, wherein the identification information is received by the server in the form of a request that includes a merchant identifier, and wherein selecting the merchant comprises identifying the selected merchant from the received merchant identifier. 14. The method of claim 10, wherein the identification information is received by the server in the form of a request that includes a merchant identifier, and wherein selecting the merchant comprises selecting a single merchant for processing the request before the request is received. 15. The method of claim 10, further comprising: applying at least one validation test pertaining to the identification information received by the server before sending the data representative of at least the portion of the received identification information to the merchant computer of the selected merchant. 16. The method of claim 15, wherein applying at least one validation test comprises: receiving a serial number of the verification token; andcomparing the received serial number with serial numbers of suspicious tokens. 17. The method of claim 15, wherein applying at least one validation test comprises: receiving one or more data messages having information specific to the user computer, the information being obtained by the token, andcomparing the received information with computer-specific information of suspicious computers for a match. 18. The method of claim 15 wherein the identification information is conveyed by way of a network packet through the communications network, and wherein applying at least one validation comprises: obtaining a source IP address from the network packet; andcomparing the obtained source IP address with suspect IP addresses for a match. 19. The method of claim 10, wherein applying at least one validation test comprises: receiving a serial number of the verification token and a test message encrypted by the verification token by an encryption key;obtaining a key and one or more acceptable messages; andvalidating the encrypted test message using the encrypted test message, the obtained key, and the obtained one or more acceptable messages.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (236)
Wong, Jacob Y.; Anderson, Roy L., Anonymous electronic card for generating personal coupons useful in commercial and security transactions.
Asghari Kamrani,Nader; Asghari Kamrani,Kamran, Direct authentication and authorization system and method for trusted network of financial institutions.
Ziarno Witold A. (4519 S. St. Louis Ave. Chicago IL 60632), Display cursor controlling device for reading card information from an information bearing credit or debit card.
Mullen, Jeffrey David, Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card.
Mullen, Jeffrey David, Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card.
Mullen, Jeffrey David, Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card.
Franklin D. Chase ; Rosen Daniel ; Benaloh Josh ; Simon Daniel R., Electronic online commerce card with customer generated transaction proxy number for online transactions.
Bierbaum, Christopher J.; Cope, Warren B.; Katzer, Robin D.; Paczkowski, Lyle W., Electronic payment using a proxy account number stored in a secure element.
Stolfo,Salvotore J.; Yemini,Yechiam; Shaykin,Leonard P., Electronic purchase of goods over a communications network including physical delivery while securing private and personal information of the purchasing party.
Goldstein,Seth; Mahajan,Rajesh; Muppirala,Prakash; Quigley,Benjamin L.; Rawat,Jai; Subramanya,Venkatesh; Tran,Vincent, Intelligent method of order completion in an e-commerce environment based on availability of stored billing information.
Hirai Chiaki (Tokyo JPX) Kondo Hidefumi (Yamato JPX), Method and apparatus for completing a partially completed document in accordance with a blank form from data automatical.
Bajikar,Sundeep M.; Girard,Luke E.; Silvester,Kelan C.; McKeen,Francis X., Method and system and authenticating a user of a computer system that has a trusted platform module (TPM).
DeMello, Marco A.; Keely, Leroy B.; Byrum, Frank D.; Yaacovi, Yoram; Hughes, Kathryn E., Method and system for binding enhanced software features to a persona.
Talbert, Vincent W.; Keithly, Thomas H.; Hirschfeld, Daniel A.; Lavelle, Mark L., Method and system for completing a transaction between a customer and a merchant.
Fisher, Douglas; Dominguez, Benedicto H.; Lee, Timothy Mu-Chu, Method and system for performing two factor authentication in mail order and telephone order transactions.
Mutschler ; III Eugene Otto ; Stefaniak Joseph Peter, Method for dynamically embedding objects stored in a web server within HTML for display by a web browser.
Jonathan Shem-Ur IL; Anat Wolfson IL; Shaul Bar-Lev IL; Roni Sivan IL; Ehud Kaahtan IL, Method for preventing unauthorized use of credit cards in remote payments and an optional supplemental-code card for use therein.
Fung, Daniel Y.; Evans, Stephen C., Method, system and computer readable medium for web site account and e-commerce management from a central location.
Veteläinen,Altti Pekka Henrik, Methods, system, and computer readable medium for user data entry, at a terminal, for communication to a remote destination.
Khan,Mohammad; Kumar,Pradeep; Vijayshankar,Roshan; Liu,Ming Li; Narayanan,Narendra, Methods, systems and computer program products for over the air (OTA) provisioning of soft cards on devices with wireless communications capabilities.
Bhambri, Vikram; Walsh, Deirdre L.; Sausville, Paul C.; Biyani, Raj; Button, Thomas L.; Nolan, Sean; Warren, Susan; Hempey, Matthew D., Payment information security for multi-merchant purchasing environment for downloadable products.
Baker, David Preston; Marshall, III, Stanley N.; Hussein, Mohamed Reza; Hiller, Matthew Eric; Tung, Chin Pang; Mitchell, Andrew Robert, Secure storage of payment information on client devices.
Smith Robert Neal, Smart card authentication system comprising means for converting user identification and digital signature to pointing device position data and vice versa using lut.
Berardi, Michael J.; Bliman, Michal; Bonalle, David S.; Saunders, Peter D., System and method for encoding information in magnetic stripe format for use in radio frequency identification transactions.
Snapper,Erik J.; Jiggins,Julian P.; Shyam,Bharat; Partovi,Hadi; Berman,Eric R.; Freedman,Steven J.; Allard,James E.; Chang,Frank Z.; Proteau,Stephen P.; Jorgenson,Clint C., System and method for populating forms with previously used data values.
Chien, Emily; Sanchez, Trish; Saunders, Daniela; Wiseman, Jill; Balagopal, C R; Kinderknecht, Al; Parson, Jon W.; Preston, Ray, System and method for using loyalty rewards as currency.
Chien, Emily; Sanchez, Trish; Saunders, Daniela; Wiseman, Jill; Balagopal, C. R.; Kinderknecht, Al; Parson, Jon W.; Preston, Ray, System and method for using loyalty rewards as currency.
Chien, Emily; Sanchez, Trish; Saunders, Daniela; Wiseman, Jill; Balagopal, C. R.; Kinderknecht, Al; Parson, Jon W.; Preston, Ray, System and method for using loyalty rewards as currency.
Hughes Thomas S. (31310 Eagle Haven Cir. ; Ste. 100 Rancho Palos Verdes CA 90274) Molina Gustavo (24292 Rhona Dr. Laguna Niguel CA 92656), System for remote purchase payment transactions and remote bill payments.
Saunders, Peter D.; Leggatt, Lesley; Chuang, I-Hsin; Oh, John J., Systems, methods and computer program products for performing mass transit merchant transactions.
Hoffman Ned (Berkeley CA) Pare ; Jr. David F. (Berkeley CA) Lee Jonathan A. (Berkeley CA), Tokenless identification system for authorization of electronic transactions and electronic transmissions.
von Behren, Rob; Wall, Jonathan; Muehlberg, Alexej; Meyn, Hauke, Wallet application for interacting with a secure element application without a trusted server for authentication.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.