CA2256468A1 - Method for authenticating credit transactions to prevent fraudulent charges - Google Patents
Method for authenticating credit transactions to prevent fraudulent charges Download PDFInfo
- Publication number
- CA2256468A1 CA2256468A1 CA002256468A CA2256468A CA2256468A1 CA 2256468 A1 CA2256468 A1 CA 2256468A1 CA 002256468 A CA002256468 A CA 002256468A CA 2256468 A CA2256468 A CA 2256468A CA 2256468 A1 CA2256468 A1 CA 2256468A1
- Authority
- CA
- Canada
- Prior art keywords
- personal identification
- identification number
- user
- validation
- credit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/22—Payment schemes or models
- G06Q20/26—Debit schemes, e.g. "pay now"
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/403—Solvency checks
- G06Q20/4037—Remote solvency checks
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1025—Identification of user by a PIN code
Abstract
A dynamic authentication process having multiple tiers of validation. A first tier of validation (104) authenticates the credit transaction based upon static personal identification numbers. If this first tier of validation is satisfied (106), a threshold determination is made as to whether a secondary tier of validation is required (110). These thresholds are defined by either the service provider or the card holder to address the additional costs of a second tier of validation.
Description
CA 022~6468 1998-11-2~
Method For ~llth~n~;c?~tin~ Credit Tr~n.~ctions to Prevent Fraudulent Charges Background of the Invention F'~eld of the Invention S The present invention relates generally to methods for v~li(lating transactions, and more specifically the present invention is directed toward a dynamic method for credit authentication.
R~lnted Art Credit card, calling card, and bank card fraud cost businesses (and consumers) millions of dollars annually. Current security mech~nicm~ are not fail-safe, and protection mech~ni~m~ for consumers and businesses require improvement to stem these fraud-related losses.
Today, the validation of credit transactions is ineffective to deter persons intent on commi~tinE fraud. For example, anyone with a credit card number and expiration date can charge to the account when ordering by phone or by computer dial-up. This problem is further exacerbated by the ease with which credit card llumbels can be obtained. One need simply sift through the trash fordiscarded ~ ,-e~ ec~ ls, and carbons to obtain valid credit card numbers.
Calling card transactions exhibit similar problems. For example, calling card numbers are routinely "surfed" at airports by people watching over the shoulders of card users as they key in the calling card number. Thereafter, the calling card number is distributed and l~mpalll fraud results.
CA 022~6468 1998-11-2~
One conventional method for col,.h;.~ g fraud has been the provision of static personal itl~ntifir~tion llulllbel~ (PINs). Typically, these PINs are defined by the user to reflect personal i~ lation (e.g., birth date, anniversary date, etc.). While the personalization of these PINs aids the user in remembering S these numbers, it also aids a person in guessing the PINs. This security risk increases when users define the same PINs for multiple cards.
Summary of the Inven~ion The present invention saticfies the above mentioned needs by providing a validation method that uses variable pelsonal i~l~ntifir~tion llull~b~l~ (PINs).
These variable PINs are gencl~ted by a user-held device that changes the displayed l~ul~lb~r periodically (e.g., every 60 seconds). At the validation site or a third party site, a system can generate reference PINs that change in the same manner as the PINs displayed on the user-held device. The ~q~ ition of the variable PIN is therefore useless to a potentially fra~ llPnt user beyond the brief period of time that the variable PIN is displayed on the user-held device.
Although these user-held devices can reduce potential fraud in every card transaction, the implelllellL~Lion of this new technology comes with a variety of costs (e.g., imple~ n, a-lmini~rative, educational, convenience, etc.). The aggregal~ combination of these costs could outweigh the int~n~e~l benefits sought to be achieved. Accordingly, the present invention identifies a dynamic validation process that a~th~nti~tes credit transactions on multiple tiers. In a ple~lled embodiment, the dynamic validation process includes two tiers.
CA 022~6468 1998-11-2~
In the first tier of the validation process, the system validates the proposed credit l~i ns~clion based upon a static seql)Pnce of PINs. Specifically, after receiving a PIN from a user, the system dP~ s whether the received PIN m~tch~s a pre~lefin~d PIN stored in a d~t~h~e. If no match is identified, an invalidation result can be returned. If a match is identified, the system de~llllines whether the credit transaction requires a second tier of validation.
The n~cessity of a second tier of validation could be proll~ted by numerous threshold criteria or conditions. Exarnples of threshold criteria include transaction amount, credit limit, frequency of use, or the like.
Examples of conditions include changes in purchasing patters (e.g., change in shipping address), geographical limitations, or the like. The class of conditions can also include any boolean combination of two or more thresholds or conditions. These threshold or conditions can be set by the service provider or customized individually by the card holder. In either case, suitable scenarios can be defined where the expense of a second tier of validation is j--cti~led.
If no threshold criteria are eYreede~l or no conditions are ~ticfted, the transaction is au~lelllicatecl based solely upon the first tier of the validation process. However, if any one of a set of predefined thresholds are e~rreeded or any one of a set of predefined conditions are met for the card holder's account,the second tier of validation is invoked. In this second tier of validation, theuser is plolll~ed for a variable PIN generated by a user-held device. This variable PIN is compared to a synchronously generated variable PIN. The system that synchronously generates a variable PIN can reside at the validation site or at a separate site conn~cted by a network. If a match occurs, the dynamic validation process authenticates the credit tran~action.
. . ~
CA 022~6468 1998-11-2~
Brief Description of the Figures The foregoing and other ~al-lr~s and advantages of the invention will be appale.l~ from the following, more particular description of a plefelled embodiment of the invention, as illustrated in the accompanying drawings. In S the drawings, like rerel~.lce numbers in-lir~te identical or functionally similar elem~ntc. Additionally, the left-most digit of a reference number identifies thedrawing in which the ref~lence llu~nbe~ first appears.
Figure 1 illustrates a preferred embodiment of a dynamic validation process.
Figure 2 illustrates a block diagram of a col.. pulel useful for implelllenling elements of the present invention.
Detnile~l Description of the Preferred Embodiments Optimal solutions that address the e~pan-ling fraud problem require consideration of multiple factors. Generally, this analysis must determine the m~gnit~ e of the problem sought to be addressed relative to the cost of the proposed solution. Costs associated with any solution include the technical costs of the fraud prevention m~çh~ , the ~llmini.ctrative costs of implementing the new system, the costs of e~hlc~tin~ the public on using the new system, etc. Clearly, if the costs of the proposed solution outweigh the anticipated benefits, the implementation of the proposed solution may not be justified.
' T
CA 022~6468 1998-11-2~
In the context of calling cards, credit cards, and bank cards, fraudulent Ll~ ns have varying exposures (or costs). For example, fraud on a calling card based upon a plurality of originations of international calls may incur hundreds or thov~nfls of dollars in fr~udlllent charges over a period of time.
S Credit cards, on the other hand, are generally perceived as more critical than calling cards and can potentially incur thousands of dollars of liability based on a single tr~n~action. This exposure level depends upon the credit limit of the credit card. Finally, fr~ llllent use of bank cards can place hundreds or thousands of dollars at risk depending upon the account balance and any predefined withdrawal limits. One can readily appreciate that these ~ ar,lion-based services provide corporations and individuals with varying exposures to fraud.
Addlessing these exposures to fraud begins through the recognition of potential flaws in each transaction alltllrntir~tion As noted above, ~uth~ntir~tion is based upon the verification of a static sequenre of idellLirying numbers. For example, a credit card tr~n.~ction can be verified by the expiration date, a calling card transaction can be verified by the calling card number, and a bank card can be verified by a predefined PIN. In each of these cases, once the static sequenre of identifying numbers is discovered or acquired, fraud can immr~ ly co------r~re. This fr~udule~t activity collLi~ es until the account is deactivated.
To prevent this filn~ t~l flaw in conventional ~ ir~ ion ~y~L~,llls, the present invention uses a variable sequence of identifying numbers (or variable PIN). As compared to a static predefined PIN, the variable PIN is generated by a user-held device as part of a seq~enre of randomly generated numbers. This variable PIN is displayed on the user-held device and changes periodically (e.g., every 60 seconds). At either the validation site or a third CA 022~6468 1998-11-2~
party site, a ",~t-'hi1)g variable PIN is ~yllc~ollously ge~ aled. Authentication proceeds upon the comparison of the variable PIN supplied by the card holder and the synchronously gell~,ated variable PIN available at the validation site.
An examp1e of this ~utl~Pntir~tion device is the SecurID Card produced by Security Dynamics, Cambridge, MA.
As one can appreciate, the use of a variable PIN pr~ s numerous fraudulent activities. Specifically, since the variable PIN is valid for only a short period of time (e.g., 60 seconds), actual possession of the user-held device that generates the variable PIN is required for fraud to commence. For example, consider the case of calling card fraud. If a variable PIN replaces at least part of the calling card llu-llber, a person that steals the number (e.g.,peering over your shoulder) can use it only for a brief period of time, typically under a minute. Effectively, this class of fraud is elimin~te~l altogether.
Similar effects on credit card and bank card fraud also results.
Generally, the re~luilelll~lll of actual possession of the user-held device deters most in.~t~nres of "casual" fraud. In this context, "casual" fraud refersto those situations where no crimes are commit~--cl directly against the card holder. In other words, barring theft of the user-held device, fraud cannot commrnr,e. Even if this is an option for a potentially fra~ 1e~t user, theft of a card holder's wallet may not be enough. In other embo~limPnt~, the user-held device may be in compact form such as a key fob. In this case, the potentially fraudulent user would have to steal a wallet and the key fob. At this increased level of fraud activity, the costs of increased personal security clearly outweigh the intended benerlls.
Further with respect to a cost-benefit analysis, the costs of use of the variable PIN itself requires consideration. In this new application of variable CA 022~6468 1998-11-2~
WO 97/458~6 PCT/US97/09406 PIN technology, the costs of the user-held variable PIN device, the costs of updating existing validation systems, the costs of e(l~r~ting the card holders, etc. must be considered. After the ag~,~gat~ sum of these costs are det~ ed, the variable PIN technology may not be justified for particular applications.
S More specifically, some uses within a particular service class (i.e., calling card, credit card, or bank card), may not justify the use of the technology.
A similar cost-benefit analysis will also be pelrollmed by the card holder. Potential considerations include the costs of purchasing the device, thecosts of carrying the additional device, the costs of using the device, etc. Both the costs of carrying the device and the costs of using the device are largely one of convenience. Card holders may therefore reject the use of a valuable technology because of the perceived inconvenience relative to the expected benefit.
In light of these considerations, the present invention contemplates a dynamic validation process that is sensitive to the needs of both the corporations providing the card services and the individuals who use those card services. In this dynamic validation process, the variable PIN technology is autom~tir~lly invoked as a second tier of validation based upon the satisfaction of predefinedconditions. Numerous possible alternatives in specifying predefined conditions exist. The following illustrations are merely exemplary and do not represelll an exhaustive list of possible uses.
Consider first the perspective of a card provider. In many inct~nre card providers will assume the liability hlculled for fraudulent charges.
Accordingly, the card provider has a direct financial benefit in elimin~ting fraudulent usages. However, these r~ ri~l benefits are directly proportional to the level of fraud which can range from hundreds to thousands of dollars.
.... . . . . . . . . .. . . . .
CA 022~6468 1998-11-2~
In considering a cost-benefit analysis, card providers can more easily justify the elimin~tion of the higher levels of fraud first. These higher levels of frauds can be characterized by various indicia associated with any particular transaction.
For e~ Jlc, prevention of a fr~l~d~ nt transaction for an amount above a given threshold (e.g., $500) can be more easily justified as compared to prevention of a fraudulent transaction of $30. As an alternative to L~rgeLillg values of individual transactions, the card provider may also want to target transactions on specific cards. For example, the card provider can require a second tier of validation (i.e., variable PIN) only for transactions on credit cards having a credit limit over a predefined threshold (e.g., $5,000). This example could result from a possibility that fraudulent activity is focused primarily upon gold cards. Clearly, the card provider could specify a combination of threshold criteria (e.g., credit limit over $5,000 and transaction over $1,000). Instead of confining the monitoring to a single transaction, the card provider could even track historical card usage. For example, if the average charge is under $100, a string of $300 charges could trigger the second tier of validation.
Additionally, a card provider may wish to target transactions that are more likely to be fraudulent or pl~ rely fraudulent. For example, the card provider can autom~tic~lly initiate a second tier of validation if a transaction that exceeds a credit limit has been ~LLt;n~d. In another example, the card provider can autom~tic~lly initiate a second tier of validation if a transaction associated with a card that has been previously i(lentifi~d as lost but not yet deactivated. In this scenario, an access to a database could identify the status of a field in a database record associated with that card.
CA 022~6468 1998-11-2~
In considering the perspectives of a card holder, further modifications to the validation process can result. For example, the card holder can determine whether the service is desired at all. If the card holder is liable for all fr~d~ nt uses, the use of variable PIN technology becomes a form of insurance. Some users may justify the additional service based on spending levels while other users may not. The system could therefore dele~ i"e, based upon a field in a d~t~h~e record associated with that card, whether the second tier of validation has been selecte~l by the card holder.
The card holder can further control the dyn~mic~lly defined validation process by specifying an arbitrary set of conditions. These conditions can be based upon a co~"bh~alion of convenience and potential liability. For example, the card holder can specify that only transactions over $100 would initiate the second tier of validation. In this case, the card holder may assume that the majority of his transactions will be below that threshold thereby eli,~ AI;,-g the nPcessity of dealing with the second tier of validation.
In the context of bank cards, the card holder could specify a geographical condition. For example, the cardholder could specify that the second tier of validation should be initi~tPd only if an ATM m~rhin~ outside a predefin~d set of ATM m~~hin~s is used. All uses within the predefined set of ATM m~chinPs would bypass the second tier of validation, thereby ellh~ncil~g the convenience of use. Thus, if the bank card is stolen with knowledge of the static PIN, the fr~d--lent user would be precluded from using the card at locations outside of the predefinPd set.
Further with respect to convenience, the card holder could specify that the second tier of validation should be invoked periodically. For example, the second tier of validation could be autom~ti~lly invoked on every fifth ~ ., .
CA 022~6468 1998-11-2~
transaction. In this ~--a~ er, only a limited number of fraudulent uses could occur before a variable PIN must be provided. If the fr~ nt user cannot provide the variable PIN on that predefined periodic tMnsaction, all subsequent transactions would similarly require the second tier of validation. This S mechanism would effectively end the fra~ len~ use on that card.
In addition to the prevention of fraudulent activity, the variable PIN
could also be used to aull~elllicate special tr~n~artions. For example, if a predefined ATM limit is $200 but the user needs $500, the variable PIN could be used to override the previously defined limit.
As one can readily appleciate, numerous other examples exist.
Moreover, any boolean combination of conditions could be used to specify when the second tier of validation is invoked. This dynamic validation process is described by the flow chart of Figure 1.
In Figure 1, the two-tiered validation process begins in step 102 where the system receives a card l~u~ber from a card holder. Next, in step 104, the system ~u~ s the card holder for a static predefmed PIN. In the context of calling cards, the static predefined PIN may exist as a part of the card number itself that is provided to the system. After the static PIN is received, the system determines in step 106 whether the static PIN matches the PIN stored in a d~t~b~e for that account number. If the PINs do not match, the proposed transaction is inv~ tr~l in step 108. Alternatively, the card holder could be given additional ch~nres to provide a correct PIN.
If the system det~ nilles in step 106 that the PINs do match, the initial validation phase is satisfied. This initial validation phase represents the minim~l requ~ s for ~lltllrntir~ting the transaction. As noted above, these CA 022~6468 1998-11-2~
minim~l requilen~ are often unsatisfactory. Accordingly, the present invention contemplates the use of a second tier of validation. The invocation of this second tier is based upon a variety of considerations exemplified by those ~ c~-csed above. Signif1r~ntly, the criteria for invoking additional validation can be based on service provider and/or card holder definitions. Thisdefinition process enables the dynamic validation process to be customized based upon any parameter or parameters relating to a particular transaction or sequence of transactions. These general use considerations can include any predefined generic class of thresholds or conditions.
If one or more thresholds are exceeded (or conditions met) as identified by the determination in step 110, the system then pro~ s the card holder for a variable PIN in step 112. In various embodiments, the card holder is autom~tic~lly prompted by a voice response unit (VRU) for computer ordering or calling card use, by an automated teller m~rhin~ (ATM) for ATM
withdrawals, by a computer program when con~lucting monetary transactions over a co,l,~ er network (e.g, Internet), etc. In each case, a number can be easily entered on all current authentication devices (e.g., phone key pad, computer key board, etc.) that require input of a transaction amount.
Upon receipt, the system d~lelll~les whether the received variable PIN
m~tch.os a synchronously generated PIN produced at the validation site or a third party site. If it is determined in step 114 that the variable PINs do not match, the transaction is inv~ t~d in step 116 Alternatively, the card holder could be given additional ch~n~es to provide a correct variable PIN. Generally, the invalidation of the transaction in step 116 could also be accomp~nied by action that labels that particular card as being pre~ull.l"ively fraudulent. This labeling is accomplished through the update of a tl~t~h~e record associated withthat particular card. After being labeled as plesu.~ /ely fra~ lent, each .. .. . . .. . . .
CA 022~6468 1998-11-2~
successive transaction that is based on that card will require the second tier of validation. If the card holder is in the immP~ e vicinity, the card could also be con~l~c~t~d.
Finally, if the system dete~ es in step 114 that the second tier of S validation is satisfied, the transaction is allth~ntir~t~l in step 118.
Alternatively, if the system detel,llines in step 110 that the first tier of validation is satisfied and the second tier of validation is not required, the system will also validate the transaction. This latter case represents the dynamic nature of the validation process that can be customized based upon the general considerations described above with respect to the cost-benefit analysis.
As also noted above, these considerations can be viewed from the perspective of either the service provider or the card holder.
In one embodiment, the invention is directed to a computer system operating as fiiccllssed herein. An exemplary collllJuLel system 202 is shown inFIG. 2. The computer system 202 includes one or more processors, such as processor 204. The processor 204 is connected to a comm~1nir~tion bus 206.
The coll,~ el system 202 also includes a main memory 208, preferably random access memory (RAM), and a secondary lll~llloly 210. The secondary memory 210 includes, for example, a hard disk drive 212 and/or a removable storage drive 214, r~,esellting a floppy disk drive, a m~gn~tir tape drive, a compact disk drive, etc. The removable storage drive 214 reads from and/or writes to a removable storage unit 218 in a well known manner.
Removable storage unit 218, also called a program storage device or a computer program product, represents a floppy disk, magnetic tape, compact disk, etc. As will be appreciated, the removable storage unit 218 includes a _........ . . T
CA 022~6468 l998-ll-2~
co~ utel usable storage m.or~ m having stored therein computer software and/or data.
Col~ uler programs (also called co~ uL~,r control logic) are stored in main memory and/or the secondary memory 210. Such Culll~uLer programs, when exec~t~d, enable the colllpuLel system 202 to pelr~llll the features of thepresent invention as clicc~ssed herein. In particular, the conl~uL~r programs, when exec ltPCi, enable the processor 204 to perform the features of the presentinvention. Accordingly, such c~,lnl,uLer programs repleselll controllers of the conll,uler system 202.
In another embo~limtqn~, the invention is directed to a colllpul~l program product comprising a cc,lllL,ulel readable mPf~ m having control logic (com~vuLer software) stored therein. The control logic, when executed by the processor 204, causes the processor 204 to perform the functions of the invention as described herein.
In another embo-lim~t, the invention is implem~ont~-~l primarily in hardware using, for exarnple, a hardware state m~ in~. Impl~--r~ ion of the hardware state m~rllin~ so as to perform the functions described herein will be apparel-L to persons skilled in the relevant art(s).
While the invention has been particularly shown and described with leferel~ce to plefelled embodiments thereof, it will be understood by those skilled in the relevant art that various changes in form and details may be madetherein without departing from the spirit and scope of the invention.
Method For ~llth~n~;c?~tin~ Credit Tr~n.~ctions to Prevent Fraudulent Charges Background of the Invention F'~eld of the Invention S The present invention relates generally to methods for v~li(lating transactions, and more specifically the present invention is directed toward a dynamic method for credit authentication.
R~lnted Art Credit card, calling card, and bank card fraud cost businesses (and consumers) millions of dollars annually. Current security mech~nicm~ are not fail-safe, and protection mech~ni~m~ for consumers and businesses require improvement to stem these fraud-related losses.
Today, the validation of credit transactions is ineffective to deter persons intent on commi~tinE fraud. For example, anyone with a credit card number and expiration date can charge to the account when ordering by phone or by computer dial-up. This problem is further exacerbated by the ease with which credit card llumbels can be obtained. One need simply sift through the trash fordiscarded ~ ,-e~ ec~ ls, and carbons to obtain valid credit card numbers.
Calling card transactions exhibit similar problems. For example, calling card numbers are routinely "surfed" at airports by people watching over the shoulders of card users as they key in the calling card number. Thereafter, the calling card number is distributed and l~mpalll fraud results.
CA 022~6468 1998-11-2~
One conventional method for col,.h;.~ g fraud has been the provision of static personal itl~ntifir~tion llulllbel~ (PINs). Typically, these PINs are defined by the user to reflect personal i~ lation (e.g., birth date, anniversary date, etc.). While the personalization of these PINs aids the user in remembering S these numbers, it also aids a person in guessing the PINs. This security risk increases when users define the same PINs for multiple cards.
Summary of the Inven~ion The present invention saticfies the above mentioned needs by providing a validation method that uses variable pelsonal i~l~ntifir~tion llull~b~l~ (PINs).
These variable PINs are gencl~ted by a user-held device that changes the displayed l~ul~lb~r periodically (e.g., every 60 seconds). At the validation site or a third party site, a system can generate reference PINs that change in the same manner as the PINs displayed on the user-held device. The ~q~ ition of the variable PIN is therefore useless to a potentially fra~ llPnt user beyond the brief period of time that the variable PIN is displayed on the user-held device.
Although these user-held devices can reduce potential fraud in every card transaction, the implelllellL~Lion of this new technology comes with a variety of costs (e.g., imple~ n, a-lmini~rative, educational, convenience, etc.). The aggregal~ combination of these costs could outweigh the int~n~e~l benefits sought to be achieved. Accordingly, the present invention identifies a dynamic validation process that a~th~nti~tes credit transactions on multiple tiers. In a ple~lled embodiment, the dynamic validation process includes two tiers.
CA 022~6468 1998-11-2~
In the first tier of the validation process, the system validates the proposed credit l~i ns~clion based upon a static seql)Pnce of PINs. Specifically, after receiving a PIN from a user, the system dP~ s whether the received PIN m~tch~s a pre~lefin~d PIN stored in a d~t~h~e. If no match is identified, an invalidation result can be returned. If a match is identified, the system de~llllines whether the credit transaction requires a second tier of validation.
The n~cessity of a second tier of validation could be proll~ted by numerous threshold criteria or conditions. Exarnples of threshold criteria include transaction amount, credit limit, frequency of use, or the like.
Examples of conditions include changes in purchasing patters (e.g., change in shipping address), geographical limitations, or the like. The class of conditions can also include any boolean combination of two or more thresholds or conditions. These threshold or conditions can be set by the service provider or customized individually by the card holder. In either case, suitable scenarios can be defined where the expense of a second tier of validation is j--cti~led.
If no threshold criteria are eYreede~l or no conditions are ~ticfted, the transaction is au~lelllicatecl based solely upon the first tier of the validation process. However, if any one of a set of predefined thresholds are e~rreeded or any one of a set of predefined conditions are met for the card holder's account,the second tier of validation is invoked. In this second tier of validation, theuser is plolll~ed for a variable PIN generated by a user-held device. This variable PIN is compared to a synchronously generated variable PIN. The system that synchronously generates a variable PIN can reside at the validation site or at a separate site conn~cted by a network. If a match occurs, the dynamic validation process authenticates the credit tran~action.
. . ~
CA 022~6468 1998-11-2~
Brief Description of the Figures The foregoing and other ~al-lr~s and advantages of the invention will be appale.l~ from the following, more particular description of a plefelled embodiment of the invention, as illustrated in the accompanying drawings. In S the drawings, like rerel~.lce numbers in-lir~te identical or functionally similar elem~ntc. Additionally, the left-most digit of a reference number identifies thedrawing in which the ref~lence llu~nbe~ first appears.
Figure 1 illustrates a preferred embodiment of a dynamic validation process.
Figure 2 illustrates a block diagram of a col.. pulel useful for implelllenling elements of the present invention.
Detnile~l Description of the Preferred Embodiments Optimal solutions that address the e~pan-ling fraud problem require consideration of multiple factors. Generally, this analysis must determine the m~gnit~ e of the problem sought to be addressed relative to the cost of the proposed solution. Costs associated with any solution include the technical costs of the fraud prevention m~çh~ , the ~llmini.ctrative costs of implementing the new system, the costs of e~hlc~tin~ the public on using the new system, etc. Clearly, if the costs of the proposed solution outweigh the anticipated benefits, the implementation of the proposed solution may not be justified.
' T
CA 022~6468 1998-11-2~
In the context of calling cards, credit cards, and bank cards, fraudulent Ll~ ns have varying exposures (or costs). For example, fraud on a calling card based upon a plurality of originations of international calls may incur hundreds or thov~nfls of dollars in fr~udlllent charges over a period of time.
S Credit cards, on the other hand, are generally perceived as more critical than calling cards and can potentially incur thousands of dollars of liability based on a single tr~n~action. This exposure level depends upon the credit limit of the credit card. Finally, fr~ llllent use of bank cards can place hundreds or thousands of dollars at risk depending upon the account balance and any predefined withdrawal limits. One can readily appreciate that these ~ ar,lion-based services provide corporations and individuals with varying exposures to fraud.
Addlessing these exposures to fraud begins through the recognition of potential flaws in each transaction alltllrntir~tion As noted above, ~uth~ntir~tion is based upon the verification of a static sequenre of idellLirying numbers. For example, a credit card tr~n.~ction can be verified by the expiration date, a calling card transaction can be verified by the calling card number, and a bank card can be verified by a predefined PIN. In each of these cases, once the static sequenre of identifying numbers is discovered or acquired, fraud can immr~ ly co------r~re. This fr~udule~t activity collLi~ es until the account is deactivated.
To prevent this filn~ t~l flaw in conventional ~ ir~ ion ~y~L~,llls, the present invention uses a variable sequence of identifying numbers (or variable PIN). As compared to a static predefined PIN, the variable PIN is generated by a user-held device as part of a seq~enre of randomly generated numbers. This variable PIN is displayed on the user-held device and changes periodically (e.g., every 60 seconds). At either the validation site or a third CA 022~6468 1998-11-2~
party site, a ",~t-'hi1)g variable PIN is ~yllc~ollously ge~ aled. Authentication proceeds upon the comparison of the variable PIN supplied by the card holder and the synchronously gell~,ated variable PIN available at the validation site.
An examp1e of this ~utl~Pntir~tion device is the SecurID Card produced by Security Dynamics, Cambridge, MA.
As one can appreciate, the use of a variable PIN pr~ s numerous fraudulent activities. Specifically, since the variable PIN is valid for only a short period of time (e.g., 60 seconds), actual possession of the user-held device that generates the variable PIN is required for fraud to commence. For example, consider the case of calling card fraud. If a variable PIN replaces at least part of the calling card llu-llber, a person that steals the number (e.g.,peering over your shoulder) can use it only for a brief period of time, typically under a minute. Effectively, this class of fraud is elimin~te~l altogether.
Similar effects on credit card and bank card fraud also results.
Generally, the re~luilelll~lll of actual possession of the user-held device deters most in.~t~nres of "casual" fraud. In this context, "casual" fraud refersto those situations where no crimes are commit~--cl directly against the card holder. In other words, barring theft of the user-held device, fraud cannot commrnr,e. Even if this is an option for a potentially fra~ 1e~t user, theft of a card holder's wallet may not be enough. In other embo~limPnt~, the user-held device may be in compact form such as a key fob. In this case, the potentially fraudulent user would have to steal a wallet and the key fob. At this increased level of fraud activity, the costs of increased personal security clearly outweigh the intended benerlls.
Further with respect to a cost-benefit analysis, the costs of use of the variable PIN itself requires consideration. In this new application of variable CA 022~6468 1998-11-2~
WO 97/458~6 PCT/US97/09406 PIN technology, the costs of the user-held variable PIN device, the costs of updating existing validation systems, the costs of e(l~r~ting the card holders, etc. must be considered. After the ag~,~gat~ sum of these costs are det~ ed, the variable PIN technology may not be justified for particular applications.
S More specifically, some uses within a particular service class (i.e., calling card, credit card, or bank card), may not justify the use of the technology.
A similar cost-benefit analysis will also be pelrollmed by the card holder. Potential considerations include the costs of purchasing the device, thecosts of carrying the additional device, the costs of using the device, etc. Both the costs of carrying the device and the costs of using the device are largely one of convenience. Card holders may therefore reject the use of a valuable technology because of the perceived inconvenience relative to the expected benefit.
In light of these considerations, the present invention contemplates a dynamic validation process that is sensitive to the needs of both the corporations providing the card services and the individuals who use those card services. In this dynamic validation process, the variable PIN technology is autom~tir~lly invoked as a second tier of validation based upon the satisfaction of predefinedconditions. Numerous possible alternatives in specifying predefined conditions exist. The following illustrations are merely exemplary and do not represelll an exhaustive list of possible uses.
Consider first the perspective of a card provider. In many inct~nre card providers will assume the liability hlculled for fraudulent charges.
Accordingly, the card provider has a direct financial benefit in elimin~ting fraudulent usages. However, these r~ ri~l benefits are directly proportional to the level of fraud which can range from hundreds to thousands of dollars.
.... . . . . . . . . .. . . . .
CA 022~6468 1998-11-2~
In considering a cost-benefit analysis, card providers can more easily justify the elimin~tion of the higher levels of fraud first. These higher levels of frauds can be characterized by various indicia associated with any particular transaction.
For e~ Jlc, prevention of a fr~l~d~ nt transaction for an amount above a given threshold (e.g., $500) can be more easily justified as compared to prevention of a fraudulent transaction of $30. As an alternative to L~rgeLillg values of individual transactions, the card provider may also want to target transactions on specific cards. For example, the card provider can require a second tier of validation (i.e., variable PIN) only for transactions on credit cards having a credit limit over a predefined threshold (e.g., $5,000). This example could result from a possibility that fraudulent activity is focused primarily upon gold cards. Clearly, the card provider could specify a combination of threshold criteria (e.g., credit limit over $5,000 and transaction over $1,000). Instead of confining the monitoring to a single transaction, the card provider could even track historical card usage. For example, if the average charge is under $100, a string of $300 charges could trigger the second tier of validation.
Additionally, a card provider may wish to target transactions that are more likely to be fraudulent or pl~ rely fraudulent. For example, the card provider can autom~tic~lly initiate a second tier of validation if a transaction that exceeds a credit limit has been ~LLt;n~d. In another example, the card provider can autom~tic~lly initiate a second tier of validation if a transaction associated with a card that has been previously i(lentifi~d as lost but not yet deactivated. In this scenario, an access to a database could identify the status of a field in a database record associated with that card.
CA 022~6468 1998-11-2~
In considering the perspectives of a card holder, further modifications to the validation process can result. For example, the card holder can determine whether the service is desired at all. If the card holder is liable for all fr~d~ nt uses, the use of variable PIN technology becomes a form of insurance. Some users may justify the additional service based on spending levels while other users may not. The system could therefore dele~ i"e, based upon a field in a d~t~h~e record associated with that card, whether the second tier of validation has been selecte~l by the card holder.
The card holder can further control the dyn~mic~lly defined validation process by specifying an arbitrary set of conditions. These conditions can be based upon a co~"bh~alion of convenience and potential liability. For example, the card holder can specify that only transactions over $100 would initiate the second tier of validation. In this case, the card holder may assume that the majority of his transactions will be below that threshold thereby eli,~ AI;,-g the nPcessity of dealing with the second tier of validation.
In the context of bank cards, the card holder could specify a geographical condition. For example, the cardholder could specify that the second tier of validation should be initi~tPd only if an ATM m~rhin~ outside a predefin~d set of ATM m~~hin~s is used. All uses within the predefined set of ATM m~chinPs would bypass the second tier of validation, thereby ellh~ncil~g the convenience of use. Thus, if the bank card is stolen with knowledge of the static PIN, the fr~d--lent user would be precluded from using the card at locations outside of the predefinPd set.
Further with respect to convenience, the card holder could specify that the second tier of validation should be invoked periodically. For example, the second tier of validation could be autom~ti~lly invoked on every fifth ~ ., .
CA 022~6468 1998-11-2~
transaction. In this ~--a~ er, only a limited number of fraudulent uses could occur before a variable PIN must be provided. If the fr~ nt user cannot provide the variable PIN on that predefined periodic tMnsaction, all subsequent transactions would similarly require the second tier of validation. This S mechanism would effectively end the fra~ len~ use on that card.
In addition to the prevention of fraudulent activity, the variable PIN
could also be used to aull~elllicate special tr~n~artions. For example, if a predefined ATM limit is $200 but the user needs $500, the variable PIN could be used to override the previously defined limit.
As one can readily appleciate, numerous other examples exist.
Moreover, any boolean combination of conditions could be used to specify when the second tier of validation is invoked. This dynamic validation process is described by the flow chart of Figure 1.
In Figure 1, the two-tiered validation process begins in step 102 where the system receives a card l~u~ber from a card holder. Next, in step 104, the system ~u~ s the card holder for a static predefmed PIN. In the context of calling cards, the static predefined PIN may exist as a part of the card number itself that is provided to the system. After the static PIN is received, the system determines in step 106 whether the static PIN matches the PIN stored in a d~t~b~e for that account number. If the PINs do not match, the proposed transaction is inv~ tr~l in step 108. Alternatively, the card holder could be given additional ch~nres to provide a correct PIN.
If the system det~ nilles in step 106 that the PINs do match, the initial validation phase is satisfied. This initial validation phase represents the minim~l requ~ s for ~lltllrntir~ting the transaction. As noted above, these CA 022~6468 1998-11-2~
minim~l requilen~ are often unsatisfactory. Accordingly, the present invention contemplates the use of a second tier of validation. The invocation of this second tier is based upon a variety of considerations exemplified by those ~ c~-csed above. Signif1r~ntly, the criteria for invoking additional validation can be based on service provider and/or card holder definitions. Thisdefinition process enables the dynamic validation process to be customized based upon any parameter or parameters relating to a particular transaction or sequence of transactions. These general use considerations can include any predefined generic class of thresholds or conditions.
If one or more thresholds are exceeded (or conditions met) as identified by the determination in step 110, the system then pro~ s the card holder for a variable PIN in step 112. In various embodiments, the card holder is autom~tic~lly prompted by a voice response unit (VRU) for computer ordering or calling card use, by an automated teller m~rhin~ (ATM) for ATM
withdrawals, by a computer program when con~lucting monetary transactions over a co,l,~ er network (e.g, Internet), etc. In each case, a number can be easily entered on all current authentication devices (e.g., phone key pad, computer key board, etc.) that require input of a transaction amount.
Upon receipt, the system d~lelll~les whether the received variable PIN
m~tch.os a synchronously generated PIN produced at the validation site or a third party site. If it is determined in step 114 that the variable PINs do not match, the transaction is inv~ t~d in step 116 Alternatively, the card holder could be given additional ch~n~es to provide a correct variable PIN. Generally, the invalidation of the transaction in step 116 could also be accomp~nied by action that labels that particular card as being pre~ull.l"ively fraudulent. This labeling is accomplished through the update of a tl~t~h~e record associated withthat particular card. After being labeled as plesu.~ /ely fra~ lent, each .. .. . . .. . . .
CA 022~6468 1998-11-2~
successive transaction that is based on that card will require the second tier of validation. If the card holder is in the immP~ e vicinity, the card could also be con~l~c~t~d.
Finally, if the system dete~ es in step 114 that the second tier of S validation is satisfied, the transaction is allth~ntir~t~l in step 118.
Alternatively, if the system detel,llines in step 110 that the first tier of validation is satisfied and the second tier of validation is not required, the system will also validate the transaction. This latter case represents the dynamic nature of the validation process that can be customized based upon the general considerations described above with respect to the cost-benefit analysis.
As also noted above, these considerations can be viewed from the perspective of either the service provider or the card holder.
In one embodiment, the invention is directed to a computer system operating as fiiccllssed herein. An exemplary collllJuLel system 202 is shown inFIG. 2. The computer system 202 includes one or more processors, such as processor 204. The processor 204 is connected to a comm~1nir~tion bus 206.
The coll,~ el system 202 also includes a main memory 208, preferably random access memory (RAM), and a secondary lll~llloly 210. The secondary memory 210 includes, for example, a hard disk drive 212 and/or a removable storage drive 214, r~,esellting a floppy disk drive, a m~gn~tir tape drive, a compact disk drive, etc. The removable storage drive 214 reads from and/or writes to a removable storage unit 218 in a well known manner.
Removable storage unit 218, also called a program storage device or a computer program product, represents a floppy disk, magnetic tape, compact disk, etc. As will be appreciated, the removable storage unit 218 includes a _........ . . T
CA 022~6468 l998-ll-2~
co~ utel usable storage m.or~ m having stored therein computer software and/or data.
Col~ uler programs (also called co~ uL~,r control logic) are stored in main memory and/or the secondary memory 210. Such Culll~uLer programs, when exec~t~d, enable the colllpuLel system 202 to pelr~llll the features of thepresent invention as clicc~ssed herein. In particular, the conl~uL~r programs, when exec ltPCi, enable the processor 204 to perform the features of the presentinvention. Accordingly, such c~,lnl,uLer programs repleselll controllers of the conll,uler system 202.
In another embo~limtqn~, the invention is directed to a colllpul~l program product comprising a cc,lllL,ulel readable mPf~ m having control logic (com~vuLer software) stored therein. The control logic, when executed by the processor 204, causes the processor 204 to perform the functions of the invention as described herein.
In another embo-lim~t, the invention is implem~ont~-~l primarily in hardware using, for exarnple, a hardware state m~ in~. Impl~--r~ ion of the hardware state m~rllin~ so as to perform the functions described herein will be apparel-L to persons skilled in the relevant art(s).
While the invention has been particularly shown and described with leferel~ce to plefelled embodiments thereof, it will be understood by those skilled in the relevant art that various changes in form and details may be madetherein without departing from the spirit and scope of the invention.
Claims (21)
1. A dynamic validation method for authenticating credit transactions, the method comprising the steps of:
(1) receiving an account number for a credit transaction from a user;
(2) prompting said user for a personal identification number;
(3) receiving a personal identification number from said user;
(4) determining whether said received personal identification number matches a predefined personal identification number stored in a database;
(5) if said step (4) identifies a match, determining whether the credit transaction requires a secondary validation by said user, wherein said determination includes a comparison of one or more parameters of the credit transaction to at least one predefined threshold or condition;
(6) if said step (5) determines that said secondary validation is required, prompting said user for a first variable personal identification number;
(7) receiving said first variable personal identification number from said user; and (8) authenticating the credit transaction if said first variable personal identification number matches a second variable personal identification number that is synchronously produced by a service provider.
(1) receiving an account number for a credit transaction from a user;
(2) prompting said user for a personal identification number;
(3) receiving a personal identification number from said user;
(4) determining whether said received personal identification number matches a predefined personal identification number stored in a database;
(5) if said step (4) identifies a match, determining whether the credit transaction requires a secondary validation by said user, wherein said determination includes a comparison of one or more parameters of the credit transaction to at least one predefined threshold or condition;
(6) if said step (5) determines that said secondary validation is required, prompting said user for a first variable personal identification number;
(7) receiving said first variable personal identification number from said user; and (8) authenticating the credit transaction if said first variable personal identification number matches a second variable personal identification number that is synchronously produced by a service provider.
2. The method of claim 1, wherein said step (5) comprises the step of defining by a service provider said predefined threshold or condition.
3. The method of claim 1, wherein said step (5) comprises the step of defining by a user said predefined threshold or condition.
4. The method of claim 1, wherein said step (5) comprises the step of determining if a dollar value of the credit transaction exceeds a threshold dollar value.
5. The method of claim 1, wherein said step (5) comprises the step of determining if a credit limit has been exceeded.
6. The method of claim 1, wherein said step (5) comprises the step of determining if a credit card has a credit limit over a specified amount.
7. The method of claim 1, wherein said step (5) comprises the step of determining if a database record associated with said account number indicates that said secondary validation is required.
8. The method of claim 1, wherein said step (5) comprises the step of determining if a periodic use threshold has been exceeded.
9. The method of claim 1, wherein said step (5) comprises the step of determining if a geographical restriction has been violated.
10. The method of claim 1, wherein said step (5) comprises the step of determining if a significant change in purchasing pattern has occurred.
11. A dynamic validation system for authenticating credit transactions, comprising:
a variable personal identification number authentication system that is capable of generating variable personal identification number synchronously with the changes in a variable personal identification number displayed on a user-held device;
a first tier validation system that receives a first static personal identification number from a user and compares said first static personal identification number with a second static personal identification number storedin a database; and a second tier validation system that receives a first variable personal identification number from said user and compares said first variable personal identification number with a second variable personal identification number thatis generated by said variable personal identification number authentication system, wherein said second tier validation system is activated based upon a comparison of one or more parameters of a credit transaction to at least one predefined threshold or condition.
a variable personal identification number authentication system that is capable of generating variable personal identification number synchronously with the changes in a variable personal identification number displayed on a user-held device;
a first tier validation system that receives a first static personal identification number from a user and compares said first static personal identification number with a second static personal identification number storedin a database; and a second tier validation system that receives a first variable personal identification number from said user and compares said first variable personal identification number with a second variable personal identification number thatis generated by said variable personal identification number authentication system, wherein said second tier validation system is activated based upon a comparison of one or more parameters of a credit transaction to at least one predefined threshold or condition.
12. The system of claim 11, wherein said predefined threshold is defined by a service provider.
13. The system of claim 11, wherein said predefined threshold is defined by said user.
14. The system of claim 11, wherein said second tier validation system determines if a dollar value of the credit transaction exceeds a threshold dollar value.
15. The system of claim 11, wherein said second tier validation system determines if a credit limit has been exceeded.
16. The system of claim 11, wherein said second tier validation system determines if a credit card has a credit limit over a specified amount.
17. The system of claim 11, wherein said second tier validation system determines if a database record associated with said account number indicates that said secondary validation is required.
18. The system of claim 11, wherein said second tier validation system determines if a periodic use threshold has been exceeded.
19. The system of claim 11, wherein said second tier validation system determines if a geographical restriction has been violated.
20. The system of claim 11, wherein said second tier validation system determines if a significant change in purchasing pattern has occurred.
21. A computer program product, comprising:
a computer usable medium having computer readable program code means embodied in said medium that provides a dynamic validation system for the authentication of credit transactions, said computer readable program code means comprising:
first computer readable program code means for causing a computer to generate variable personal identification numbers synchronously with the changes in a variable personal identification number displayed on a user-held device;
second computer readable program code means for causing a computer to compare first static personal identification number received from a user and a second static personal identification number stored in a database; and third computer readable program code means for causing a computer to compare a first variable personal identification number received from said user and a second variable personal identification number that is generated by said first computer readable program code means, wherein said third computer readable program code means is activated based upon a comparison of one or more parameters of a credit transaction to at least one predefined threshold or condition.
a computer usable medium having computer readable program code means embodied in said medium that provides a dynamic validation system for the authentication of credit transactions, said computer readable program code means comprising:
first computer readable program code means for causing a computer to generate variable personal identification numbers synchronously with the changes in a variable personal identification number displayed on a user-held device;
second computer readable program code means for causing a computer to compare first static personal identification number received from a user and a second static personal identification number stored in a database; and third computer readable program code means for causing a computer to compare a first variable personal identification number received from said user and a second variable personal identification number that is generated by said first computer readable program code means, wherein said third computer readable program code means is activated based upon a comparison of one or more parameters of a credit transaction to at least one predefined threshold or condition.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US08/655,501 US5988497A (en) | 1996-05-30 | 1996-05-30 | Method for authenticating credit transactions to prevent fraudulent charges |
US08/655,501 | 1996-05-30 | ||
PCT/US1997/009406 WO1997045806A1 (en) | 1996-05-30 | 1997-05-30 | Method for authenticating credit transactions to prevent fraudulent charges |
Publications (1)
Publication Number | Publication Date |
---|---|
CA2256468A1 true CA2256468A1 (en) | 1997-12-04 |
Family
ID=24629146
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002256468A Abandoned CA2256468A1 (en) | 1996-05-30 | 1997-05-30 | Method for authenticating credit transactions to prevent fraudulent charges |
Country Status (7)
Country | Link |
---|---|
US (1) | US5988497A (en) |
EP (1) | EP0953180B1 (en) |
JP (1) | JP2000515273A (en) |
AU (1) | AU3151597A (en) |
CA (1) | CA2256468A1 (en) |
DE (1) | DE69730864T2 (en) |
WO (1) | WO1997045806A1 (en) |
Families Citing this family (119)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7096003B2 (en) * | 1996-08-08 | 2006-08-22 | Raymond Anthony Joao | Transaction security apparatus |
US7096192B1 (en) | 1997-07-28 | 2006-08-22 | Cybersource Corporation | Method and system for detecting fraud in a credit card transaction over a computer network |
US7403922B1 (en) | 1997-07-28 | 2008-07-22 | Cybersource Corporation | Method and apparatus for evaluating fraud risk in an electronic commerce transaction |
US6466780B1 (en) | 1997-09-03 | 2002-10-15 | Interlok Technologies, Llc | Method and apparatus for securing digital communications |
WO2001009806A1 (en) | 1999-08-02 | 2001-02-08 | E-Mark Systems Inc. | Electronic settlement system, settlement device, and terminal |
US8600869B1 (en) * | 1999-08-31 | 2013-12-03 | Capital One Financial Corporation | System and method for assigning a line of credit to a credit card account |
US7953671B2 (en) * | 1999-08-31 | 2011-05-31 | American Express Travel Related Services Company, Inc. | Methods and apparatus for conducting electronic transactions |
US7505941B2 (en) * | 1999-08-31 | 2009-03-17 | American Express Travel Related Services Company, Inc. | Methods and apparatus for conducting electronic transactions using biometrics |
US7343351B1 (en) | 1999-08-31 | 2008-03-11 | American Express Travel Related Services Company, Inc. | Methods and apparatus for conducting electronic transactions |
US7889052B2 (en) | 2001-07-10 | 2011-02-15 | Xatra Fund Mx, Llc | Authorizing payment subsequent to RF transactions |
US7239226B2 (en) | 2001-07-10 | 2007-07-03 | American Express Travel Related Services Company, Inc. | System and method for payment using radio frequency identification in contact and contactless transactions |
US9430769B2 (en) | 1999-10-01 | 2016-08-30 | Cardinalcommerce Corporation | Secure and efficient payment processing system |
US7742967B1 (en) * | 1999-10-01 | 2010-06-22 | Cardinalcommerce Corporation | Secure and efficient payment processing system |
US6404871B1 (en) | 1999-12-16 | 2002-06-11 | Mci Worldcom, Inc. | Termination number screening |
US6404865B1 (en) * | 1999-12-17 | 2002-06-11 | Worldcom, Inc. | Domestic to country call intercept process (CIP) |
US6396915B1 (en) | 1999-12-17 | 2002-05-28 | Worldcom, Inc. | Country to domestic call intercept process (CIP) |
US6335971B1 (en) | 1999-12-17 | 2002-01-01 | Mci Worldcom, Inc. | Country to country call intercept process |
US7172112B2 (en) | 2000-01-21 | 2007-02-06 | American Express Travel Related Services Company, Inc. | Public/private dual card system and method |
DE10008280C1 (en) * | 2000-02-23 | 2001-06-13 | Wire Card Ag | Cash-free transaction method has supplier and customer data handled via coordination device out of sphere of influence of either supplier or customer for providing fraud protection |
US7140036B2 (en) | 2000-03-06 | 2006-11-21 | Cardinalcommerce Corporation | Centralized identity authentication for electronic communication networks |
US20020013904A1 (en) * | 2000-06-19 | 2002-01-31 | Gardner Richard Mervyn | Remote authentication for secure system access and payment systems |
US7523067B1 (en) * | 2000-08-02 | 2009-04-21 | Softbankbb Corporation | Electronic settlement system, settlement apparatus, and terminal |
US6850495B1 (en) * | 2000-08-31 | 2005-02-01 | Verizon Communications Inc. | Methods, apparatus and data structures for segmenting customers using at least a portion of a layer 2 address header or bits in the place of a layer 2 address header |
US8087064B1 (en) * | 2000-08-31 | 2011-12-27 | Verizon Communications Inc. | Security extensions using at least a portion of layer 2 information or bits in the place of layer 2 information |
US7315554B2 (en) | 2000-08-31 | 2008-01-01 | Verizon Communications Inc. | Simple peering in a transport network employing novel edge devices |
US7392388B2 (en) * | 2000-09-07 | 2008-06-24 | Swivel Secure Limited | Systems and methods for identity verification for secure transactions |
WO2002047040A2 (en) * | 2000-12-09 | 2002-06-13 | International Business Machines Corporation | Aging of electronic payment units |
BR8100120U (en) * | 2001-01-29 | 2002-10-15 | Clovis Golfetto | Secure identification system in banking, financial and electronic information systems |
US6783065B2 (en) | 2001-03-12 | 2004-08-31 | First Data Corporation | Purchasing card transaction risk model |
US7725427B2 (en) | 2001-05-25 | 2010-05-25 | Fred Bishop | Recurrent billing maintenance with radio frequency payment devices |
US7865427B2 (en) | 2001-05-30 | 2011-01-04 | Cybersource Corporation | Method and apparatus for evaluating fraud risk in an electronic commerce transaction |
US6931110B2 (en) * | 2001-06-14 | 2005-08-16 | International Business Machines Corporation | System and method for implementing calling card security and secured calling card |
US7735725B1 (en) | 2001-07-10 | 2010-06-15 | Fred Bishop | Processing an RF transaction using a routing number |
US7360689B2 (en) * | 2001-07-10 | 2008-04-22 | American Express Travel Related Services Company, Inc. | Method and system for proffering multiple biometrics for use with a FOB |
US8548927B2 (en) | 2001-07-10 | 2013-10-01 | Xatra Fund Mx, Llc | Biometric registration for facilitating an RF transaction |
US8001054B1 (en) | 2001-07-10 | 2011-08-16 | American Express Travel Related Services Company, Inc. | System and method for generating an unpredictable number using a seeded algorithm |
US7705732B2 (en) | 2001-07-10 | 2010-04-27 | Fred Bishop | Authenticating an RF transaction using a transaction counter |
US20040236699A1 (en) | 2001-07-10 | 2004-11-25 | American Express Travel Related Services Company, Inc. | Method and system for hand geometry recognition biometrics on a fob |
US20040232222A1 (en) * | 2001-07-10 | 2004-11-25 | American Express Travel Related Services Company, Inc. | Method and system for signature recognition biometrics on a fob |
US7119659B2 (en) | 2001-07-10 | 2006-10-10 | American Express Travel Related Services Company, Inc. | Systems and methods for providing a RF transaction device for use in a private label transaction |
US8294552B2 (en) * | 2001-07-10 | 2012-10-23 | Xatra Fund Mx, Llc | Facial scan biometrics on a payment device |
US9024719B1 (en) | 2001-07-10 | 2015-05-05 | Xatra Fund Mx, Llc | RF transaction system and method for storing user personal data |
US20040238621A1 (en) * | 2001-07-10 | 2004-12-02 | American Express Travel Related Services Company, Inc. | Method and system for fingerprint biometrics on a fob |
US7493288B2 (en) | 2001-07-10 | 2009-02-17 | Xatra Fund Mx, Llc | RF payment via a mobile device |
US7746215B1 (en) * | 2001-07-10 | 2010-06-29 | Fred Bishop | RF transactions using a wireless reader grid |
US7668750B2 (en) | 2001-07-10 | 2010-02-23 | David S Bonalle | Securing RF transactions using a transactions counter |
US9454752B2 (en) | 2001-07-10 | 2016-09-27 | Chartoleaux Kg Limited Liability Company | Reload protocol at a transaction processing entity |
US20040232221A1 (en) * | 2001-07-10 | 2004-11-25 | American Express Travel Related Services Company, Inc. | Method and system for voice recognition biometrics on a fob |
US7303120B2 (en) * | 2001-07-10 | 2007-12-04 | American Express Travel Related Services Company, Inc. | System for biometric security using a FOB |
US9031880B2 (en) | 2001-07-10 | 2015-05-12 | Iii Holdings 1, Llc | Systems and methods for non-traditional payment using biometric data |
US8284025B2 (en) | 2001-07-10 | 2012-10-09 | Xatra Fund Mx, Llc | Method and system for auditory recognition biometrics on a FOB |
US7249112B2 (en) | 2002-07-09 | 2007-07-24 | American Express Travel Related Services Company, Inc. | System and method for assigning a funding source for a radio frequency identification device |
WO2003017049A2 (en) * | 2001-08-15 | 2003-02-27 | Shea Writer | Methods for verifying cardholder authenticity and for creating billing address database |
US7103576B2 (en) * | 2001-09-21 | 2006-09-05 | First Usa Bank, Na | System for providing cardless payment |
DE60207980T2 (en) * | 2002-03-25 | 2006-08-10 | Tds Todos Data System Ab | System and method for user authentication in a digital communication system |
US7708189B1 (en) | 2002-05-17 | 2010-05-04 | Cipriano Joseph J | Identification verification system and method |
CA2492715C (en) * | 2002-06-12 | 2016-12-06 | Cardinalcommerce Corporation | Universal merchant platform for payment authentication |
US7693783B2 (en) | 2002-06-12 | 2010-04-06 | Cardinalcommerce Corporation | Universal merchant platform for payment authentication |
US8645266B2 (en) * | 2002-06-12 | 2014-02-04 | Cardinalcommerce Corporation | Universal merchant platform for payment authentication |
US6805287B2 (en) | 2002-09-12 | 2004-10-19 | American Express Travel Related Services Company, Inc. | System and method for converting a stored value card to a credit card |
JP2006522507A (en) * | 2003-04-01 | 2006-09-28 | エントロピック・テクノロジーズ・プロプライエタリー・リミテッド | Secure communication system and secure communication method |
US7740168B2 (en) * | 2003-08-18 | 2010-06-22 | Visa U.S.A. Inc. | Method and system for generating a dynamic verification value |
US7761374B2 (en) | 2003-08-18 | 2010-07-20 | Visa International Service Association | Method and system for generating a dynamic verification value |
WO2005055162A1 (en) * | 2003-11-26 | 2005-06-16 | Splat Thief, Incorporated | User self-authentication system and method for remote credit card verification |
WO2005062215A1 (en) * | 2003-12-12 | 2005-07-07 | Ho Keung Tse | Apparatus for financial account information management and method therefor |
US20060000896A1 (en) * | 2004-07-01 | 2006-01-05 | American Express Travel Related Services Company, Inc. | Method and system for voice recognition biometrics on a smartcard |
US7363504B2 (en) | 2004-07-01 | 2008-04-22 | American Express Travel Related Services Company, Inc. | Method and system for keystroke scan recognition biometrics on a smartcard |
US20060000897A1 (en) * | 2004-07-01 | 2006-01-05 | American Express Travel Related Services Company, Inc. | Method and system for signature recognition biometrics on a smartcard |
US7325724B2 (en) | 2004-07-01 | 2008-02-05 | American Express Travel Related Services Company, Inc. | Method for registering a biometric for use with a smartcard |
US7341181B2 (en) | 2004-07-01 | 2008-03-11 | American Express Travel Related Services Company, Inc. | Method for biometric security using a smartcard |
US7318550B2 (en) | 2004-07-01 | 2008-01-15 | American Express Travel Related Services Company, Inc. | Biometric safeguard method for use with a smartcard |
US7314165B2 (en) | 2004-07-01 | 2008-01-01 | American Express Travel Related Services Company, Inc. | Method and system for smellprint recognition biometrics on a smartcard |
US7314164B2 (en) | 2004-07-01 | 2008-01-01 | American Express Travel Related Services Company, Inc. | System for biometric security using a smartcard |
US7860318B2 (en) | 2004-11-09 | 2010-12-28 | Intelli-Check, Inc | System and method for comparing documents |
WO2006053191A2 (en) * | 2004-11-10 | 2006-05-18 | Mastercard International Incorporated | Method and system for performing a transaction using a dynamic authorization code |
US8049594B1 (en) | 2004-11-30 | 2011-11-01 | Xatra Fund Mx, Llc | Enhanced RFID instrument security |
US8104675B2 (en) * | 2005-04-04 | 2012-01-31 | American Express Travel Related Services Company, Inc. | Systems and methods for risk triggering values |
US7398918B1 (en) * | 2005-04-04 | 2008-07-15 | American Express Travel Related Services Company, Inc. | Systems and method for risk triggering values |
US7328841B1 (en) * | 2005-07-15 | 2008-02-12 | Transecure Solutions Corporation | Method and system for transaction authorization |
US9911124B2 (en) | 2005-07-22 | 2018-03-06 | Gtj Ventures, Llc | Transaction security apparatus and method |
US9235841B2 (en) | 2005-07-22 | 2016-01-12 | Gtj Ventures, Llc | Transaction security apparatus and method |
US9245270B2 (en) | 2005-07-22 | 2016-01-26 | Gtj Ventures, Llc | Transaction security apparatus and method |
US8762263B2 (en) * | 2005-09-06 | 2014-06-24 | Visa U.S.A. Inc. | System and method for secured account numbers in proximity devices |
US7818264B2 (en) | 2006-06-19 | 2010-10-19 | Visa U.S.A. Inc. | Track data encryption |
US9065643B2 (en) | 2006-04-05 | 2015-06-23 | Visa U.S.A. Inc. | System and method for account identifier obfuscation |
US8121956B2 (en) | 2007-06-25 | 2012-02-21 | Visa U.S.A. Inc. | Cardless challenge systems and methods |
US7739169B2 (en) * | 2007-06-25 | 2010-06-15 | Visa U.S.A. Inc. | Restricting access to compromised account information |
NZ563415A (en) * | 2007-11-14 | 2009-07-31 | Bank Of New Zealand | User authentication system and method |
US8762210B2 (en) | 2008-06-03 | 2014-06-24 | Cardinalcommerce Corporation | Alternative payment implementation for electronic retailers |
US10157375B2 (en) | 2008-06-03 | 2018-12-18 | Cardinalcommerce Corporation | Alternative payment implementation for electronic retailers |
US8478692B2 (en) | 2008-06-26 | 2013-07-02 | Visa International Service Association | Systems and methods for geographic location notifications of payment transactions |
US9542687B2 (en) | 2008-06-26 | 2017-01-10 | Visa International Service Association | Systems and methods for visual representation of offers |
KR20100009952A (en) * | 2008-07-21 | 2010-01-29 | 삼성에스디아이 주식회사 | Method for driving plasma display panel, and plasma display apparatus adopting the method |
RU2011116158A (en) | 2008-09-25 | 2012-10-27 | Виза Интернэшнл Сервис Ассосиэйшн (Us) | METHOD AND SYSTEM FOR SORTING WARNING MESSAGES AND OFFERS ON MOBILE DEVICE |
CA2742963A1 (en) | 2008-11-06 | 2010-05-14 | Visa International Service Association | Online challenge-response |
JP2011039153A (en) * | 2009-08-07 | 2011-02-24 | Sanyo Electric Co Ltd | Image display apparatus |
US9928485B2 (en) | 2011-09-07 | 2018-03-27 | Elwha Llc | Computational systems and methods for regulating information flow during interactions |
US9195848B2 (en) | 2011-09-07 | 2015-11-24 | Elwha, Llc | Computational systems and methods for anonymized storage of double-encrypted data |
US10523618B2 (en) | 2011-09-07 | 2019-12-31 | Elwha Llc | Computational systems and methods for identifying a communications partner |
US10606989B2 (en) | 2011-09-07 | 2020-03-31 | Elwha Llc | Computational systems and methods for verifying personal information during transactions |
US9747561B2 (en) | 2011-09-07 | 2017-08-29 | Elwha Llc | Computational systems and methods for linking users of devices |
US9432190B2 (en) | 2011-09-07 | 2016-08-30 | Elwha Llc | Computational systems and methods for double-encrypting data for subsequent anonymous storage |
US10546295B2 (en) | 2011-09-07 | 2020-01-28 | Elwha Llc | Computational systems and methods for regulating information flow during interactions |
US9167099B2 (en) | 2011-09-07 | 2015-10-20 | Elwha Llc | Computational systems and methods for identifying a communications partner |
US20130060852A1 (en) * | 2011-09-07 | 2013-03-07 | Elwha LLC, a limited liability company of the State of Delaware | Computational systems and methods for regulating information flow during interactions |
US10546306B2 (en) | 2011-09-07 | 2020-01-28 | Elwha Llc | Computational systems and methods for regulating information flow during interactions |
US9141977B2 (en) | 2011-09-07 | 2015-09-22 | Elwha Llc | Computational systems and methods for disambiguating search terms corresponding to network members |
US9690853B2 (en) | 2011-09-07 | 2017-06-27 | Elwha Llc | Computational systems and methods for regulating information flow during interactions |
US9491146B2 (en) | 2011-09-07 | 2016-11-08 | Elwha Llc | Computational systems and methods for encrypting data for anonymous storage |
US20130239173A1 (en) * | 2012-03-12 | 2013-09-12 | Stephen T. Dispensa | Computer program and method for administering secure transactions using secondary authentication |
US20140258119A1 (en) * | 2013-03-06 | 2014-09-11 | Laure Canis | Fraud Decision Processing System and Method |
EP3114829B1 (en) * | 2014-03-07 | 2020-05-27 | Dialogtech Inc. | Phone fraud deterrence system for use with toll free and other fee generating numbers |
US20150302411A1 (en) * | 2014-04-22 | 2015-10-22 | Bank Of America Corporation | Proximity to a location as a form of authentication |
US10373409B2 (en) | 2014-10-31 | 2019-08-06 | Intellicheck, Inc. | Identification scan in compliance with jurisdictional or other rules |
US10037528B2 (en) | 2015-01-14 | 2018-07-31 | Tactilis Sdn Bhd | Biometric device utilizing finger sequence for authentication |
US10395227B2 (en) | 2015-01-14 | 2019-08-27 | Tactilis Pte. Limited | System and method for reconciling electronic transaction records for enhanced security |
US9607189B2 (en) | 2015-01-14 | 2017-03-28 | Tactilis Sdn Bhd | Smart card system comprising a card and a carrier |
US11816672B1 (en) * | 2015-09-22 | 2023-11-14 | Wells Fargo Bank, N.A. | Flexible authentication |
GB2567081A (en) | 2016-07-15 | 2019-04-03 | Cardinalcommerce Coorporation | Authentication to authorization bridge using enriched messages |
Family Cites Families (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4885778A (en) * | 1984-11-30 | 1989-12-05 | Weiss Kenneth P | Method and apparatus for synchronizing generation of separate, free running, time dependent equipment |
US5168520A (en) * | 1984-11-30 | 1992-12-01 | Security Dynamics Technologies, Inc. | Method and apparatus for personal identification |
US4720860A (en) * | 1984-11-30 | 1988-01-19 | Security Dynamics Technologies, Inc. | Method and apparatus for positively identifying an individual |
US4812628A (en) * | 1985-05-02 | 1989-03-14 | Visa International Service Association | Transaction system with off-line risk assessment |
EP0232058B1 (en) * | 1986-01-21 | 1994-03-16 | Fujitsu Limited | Automatic transaction machine |
US5109408A (en) * | 1989-11-30 | 1992-04-28 | At&T Bell Laboratories | Arrangement for intentionally blocking telephone calls to predefined destination numbers but allowing such blocking to be selectively overridden |
US5130519A (en) * | 1990-01-16 | 1992-07-14 | George Bush | Portable pin card |
US5177342A (en) * | 1990-11-09 | 1993-01-05 | Visa International Service Association | Transaction approval system |
US5345380A (en) * | 1990-12-18 | 1994-09-06 | Bell Communications Research, Inc. | System and processes specifying customized customer telecommunication services using a graphical interface |
US5239583A (en) * | 1991-04-10 | 1993-08-24 | Parrillo Larry A | Method and apparatus for improved security using access codes |
US5251259A (en) * | 1992-08-20 | 1993-10-05 | Mosley Ernest D | Personal identification system |
US5345595A (en) * | 1992-11-12 | 1994-09-06 | Coral Systems, Inc. | Apparatus and method for detecting fraudulent telecommunication activity |
US5317636A (en) * | 1992-12-09 | 1994-05-31 | Arris, Inc. | Method and apparatus for securing credit card transactions |
US5311594A (en) * | 1993-03-26 | 1994-05-10 | At&T Bell Laboratories | Fraud protection for card transactions |
SE9400102L (en) * | 1994-01-17 | 1995-07-28 | Lotta Sjoeblom | Authorization verification procedure |
US5627355A (en) * | 1994-07-13 | 1997-05-06 | Rahman; Sam | Transaction device, equipment and method for protecting account numbers and their associated personal identification numbers |
US5513250A (en) * | 1994-10-13 | 1996-04-30 | Bell Atlantic Network Services, Inc. | Telephone based credit card protection |
US5530235A (en) * | 1995-02-16 | 1996-06-25 | Xerox Corporation | Interactive contents revealing storage device |
US5583864A (en) * | 1995-03-28 | 1996-12-10 | Bell Atlantic Network Services, Inc. | Level 1 gateway for video dial tone networks |
US5617470A (en) * | 1995-06-02 | 1997-04-01 | Depasquale; George B. | Apparatus and method for preventing unauthorized access to a system |
-
1996
- 1996-05-30 US US08/655,501 patent/US5988497A/en not_active Expired - Lifetime
-
1997
- 1997-05-30 EP EP97926846A patent/EP0953180B1/en not_active Expired - Lifetime
- 1997-05-30 AU AU31515/97A patent/AU3151597A/en not_active Abandoned
- 1997-05-30 JP JP09543022A patent/JP2000515273A/en not_active Ceased
- 1997-05-30 DE DE69730864T patent/DE69730864T2/en not_active Expired - Lifetime
- 1997-05-30 CA CA002256468A patent/CA2256468A1/en not_active Abandoned
- 1997-05-30 WO PCT/US1997/009406 patent/WO1997045806A1/en active IP Right Grant
Also Published As
Publication number | Publication date |
---|---|
AU3151597A (en) | 1998-01-05 |
WO1997045806A1 (en) | 1997-12-04 |
DE69730864T2 (en) | 2006-02-23 |
DE69730864D1 (en) | 2004-10-28 |
US5988497A (en) | 1999-11-23 |
EP0953180A1 (en) | 1999-11-03 |
EP0953180B1 (en) | 2004-09-22 |
JP2000515273A (en) | 2000-11-14 |
EP0953180A4 (en) | 2002-04-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2256468A1 (en) | Method for authenticating credit transactions to prevent fraudulent charges | |
US6108642A (en) | Device for selectively blocking remote purchase requests | |
US6985887B1 (en) | Apparatus and method for authenticated multi-user personal information database | |
US7657460B2 (en) | Device for selectively blocking remote purchase requests | |
EP0823701B1 (en) | Data network with voice verification means | |
US7707108B2 (en) | Detection of unauthorized account transactions | |
US6422462B1 (en) | Apparatus and methods for improved credit cards and credit card transactions | |
US8626652B2 (en) | Method for electronic transaction settlement | |
US5949045A (en) | Micro-dynamic simulation of electronic cash transactions | |
US20100030689A1 (en) | Transaction authentication system and method | |
US20020099648A1 (en) | Method of reducing fraud in credit card and other E-business | |
US20020169720A1 (en) | Method for cardholder to place use restrictions on credit card at will | |
JPH08339407A (en) | System for approval and warning of transaction | |
US20050004871A1 (en) | Contingent Interception and Information Replacement for Transactions Conducted over Networks | |
JPH07254035A (en) | Execution system of transaction with multifunctional card with built-in electronic purse | |
US20050027667A1 (en) | Method and system for determining whether a situation meets predetermined criteria upon occurrence of an event | |
WO2001052205A1 (en) | A processing method and apparatus | |
US7328841B1 (en) | Method and system for transaction authorization | |
GB2383497A (en) | Transaction verification using a mobile telephone network | |
WO2005022302A2 (en) | Checking account personal identification method | |
KR20010091537A (en) | Intelligent Illegal Credit Transaction Protection Method | |
CA2408181C (en) | Apparatus and method for assuring the integrity of a multi-user personal information database | |
JP2001243391A (en) | Credit card settlement system | |
JP6689917B2 (en) | Personal authentication method at financial institutions | |
US20050256803A1 (en) | Financial transaction verification |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
FZDE | Discontinued | ||
FZDE | Discontinued |
Effective date: 20060530 |