Methods and systems for authentication for high-risk communications
US-12137102-B2 · Nov 5, 2024 · US
Selective authorization method and system
US11875313B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11875313-B2 |
| Application number | US-201916365359-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 26, 2019 |
| Priority date | Jun 13, 2011 |
| Publication date | Jan 16, 2024 |
| Grant date | Jan 16, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Embodiments of the invention generally relate to mobile payments. For example, an application running on a phone can verify a passcode of a consumer. An indication of whether the passcode was verified and a time associated with when the passcode was verified is then sent to a mobile gateway. Later, when a user conducts one or more transactions, a payment processing network can use the indication sent to the mobile gateway to determine whether a the one or more transactions were conducted within a time window, which can be used to authorize the one or more transactions.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: receiving, by a computer system from a mobile communication device, a time window specified by a user during which the user does not have to re-enter a passcode for each transaction after a payment application in the mobile communication device has verified the passcode of the user, the time window including a start time point and an end time point; receiving, by the computer system from the mobile communication device over a first network, a validation message from the mobile communication device that includes an indication that the payment application has verified the passcode of the user, an account identifier, and a timestamp when the passcode was entered into the mobile communication device; receiving, by the payment processing network, a first authorization request message comprising the account identifier from a first access device over a second network, after the first access device interacts with the mobile communication device during a first transaction; determining, by the payment processing network, whether the passcode has been validated for the mobile communication device by querying the computer system; in response to the query, determining, by the computer system, that the validation message associated with the mobile communication device has been received; determining, by the computer system, that the validation message includes an indicator indicating that the payment application on the mobile communication device has verified the passcode of the user; determining, by the computer system, that the first transaction is occurring within the time window after the timestamp; in response to determining that the first transaction is occurring within the time window after the timestamp, sending, by the computer system to the payment processing network, a response indicating that the passcode has been validated by the mobile communication device; updating, by the payment processing network, the first authorization request message with an indication that the passcode has been validated by the mobile communication device, based on the response from the computer system; forwarding by the payment processing network the updated first authorization request message to an issuer; receiving, by the payment processing network, a second authorization request message from a second access device, after the second access device interacts with the mobile communication device during a second transaction, and wherein the user did not re-enter the passcode into the payment application on the mobile communication device to conduct the second transaction; sending, by the payment processing network to the computer system, a request to verify that the second transaction occurs within the time window; determining, by the computer system, that the second transaction occurs within the time window; sending, by the computer system to payment processing network, a response indicating that the second transaction occurs within the time window; updating, by the payment processing network, the second authorization request message with an indication that the second transaction occurs within the time window authorized for the mobile communication device, based on the response indicating that the second transaction occurs within the time window from the computer system; and forwarding by the payment processing network the second authorization request message to the issuer. 2. The method of claim 1 , further comprising: receiving, by the computer system, a third authorization request message from a third access device, after the third access device interacts with the mobile communication device during a third transaction, and wherein the user did not re-enter the passcode into the payment application to conduct the third transaction; determining, by the computer system, that the third transaction does not occur within the time window; and denying, by the computer system, the third transaction. 3. The method of claim 1 , wherein the mobile communication device is a mobile phone with a first contactless element, and wherein the first access device comprises a second contactless element. 4. The method of claim 1 , wherein the first authorization request message is for a first credit or debit card transaction. 5. The method of claim 1 , wherein the first authorization request message is received via an acquirer computer. 6. The method of claim 1 , wherein the passcode of the user is a PIN. 7. The method of claim 1 , wherein the timestamp includes an absolute time. 8. The method of claim 1 , wherein the first authorization request message and the second authorization request message are ISO 8583 messages. 9. A system comprising: a computer system comprising one or more computer system processors and a computer system memory; and a payment processing network comprising one or more payment processing network processors and a payment processing network memory, configured the computer system and the payment processing network configured to implement a method, the method comprising: receiving, by the computer system from a mobile communication device, a time window specified by a user during which the user does not have to re-enter a passcode for each transaction after a payment application in the mobile communication device has verified the passcode of the user, the time window including a start time point and an end time point; receiving, by the computer system from the mobile communication device comprising the payment application over a first network, a validation message from the mobile communication device that includes an indication that the payment application has verified the passcode of the user, an account identifier, and a timestamp when the passcode was entered into the mobile communication device; receiving, by the payment processing network, a first authorization request message comprising the account identifier from a first access device over a second network, after the first access device interacts with the mobile communication device during a first transaction; determining, by the payment processing network, whether the passcode has been validated for the mobile communication device by querying the computer system; in response to the query, determining, by the computer system, that the validation message associated with the mobile communication device has been received; determining, by the computer system, that the validation message includes an indicator indicating that the payment application on the mobile communication device has verified the passcode of the user; determining, by the computer system, that the first transaction is occurring within the time window after the timestamp; in response to determining that the first transaction is occurring within the time window after the timestamp, sending, by the computer system to the payment processing network, a response indicating that the passcode has been validated by the mobile communication device; updating, by the payment processing network, the first authorization request message with an indication that the passcode has been validated by the mobile communication device, based on the response from the computer system; forwarding by the payment processing network the updated first authorization request message to an issuer; receiving, by the payment processing network, a second authorization request message from a second access device, after the second access device interacts with the mobile communication device during a second transaction, and wherein the user did not re-enter the passcode into the payment application on the mobile communication device to conduct the second transaction; sending, by the payment processing n
Assignees
Inventors
Classifications
- G06Q20/027Primary
involving a payment switch or gateway · CPC title
Realising banking transactions through M-devices · CPC title
Verifying personal identification numbers [PIN] · CPC title
Payment applications installed on the mobile devices · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11875313B2 cover?
- Embodiments of the invention generally relate to mobile payments. For example, an application running on a phone can verify a passcode of a consumer. An indication of whether the passcode was verified and a time associated with when the passcode was verified is then sent to a mobile gateway. Later, when a user conducts one or more transactions, a payment processing network can use the indicatio…
- Who is the assignee on this patent?
- Visa Int Service Ass
- What technology area does this patent fall under?
- Primary CPC classification G06Q20/027. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jan 16 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).