Secure Key Management for Blockchain Transactions
US-2024420118-A1 · Dec 19, 2024 · US
Token based transaction authentication
US9582799B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9582799-B2 |
| Application number | US-201313860402-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 10, 2013 |
| Priority date | Jan 19, 2010 |
| Publication date | Feb 28, 2017 |
| Grant date | Feb 28, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A token based transaction authentication system is disclosed. Issuer, merchants, and a payment processing network generate unique tokens or keys to authenticate messages between themselves and to authenticate a sending entity or consumer as they are redirected between entities. The tokens are also used to identify the particular authentication thread a message or sending entity is associated with. The sending entity authentication occurs over a web-based channel or a mobile based channel.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: receiving, by a server computer, a consumer payment nickname from a client computer; receiving, by the server computer, a payment reference identifier from the client computer, wherein the payment reference identifier was previously generated by the server computer; analyzing, by the server computer, the received payment reference identifier; determining, by the server computer, that the received payment reference identifier matches the previously generated payment reference identifier to determine an authentication thread; analyzing, by the server computer, the consumer payment nickname; determining, by the server computer, an account identifier associated with the consumer payment nickname; determining, by the server computer, an authorization computer from the account identifier; generating, by the server computer, a message comprising the payment reference identifier and the account identifier; sending, by the server computer, the message comprising the payment reference identifier and the account identifier associated with the consumer payment nickname to the authorization computer; and receiving, from the authorization computer, the payment reference identifier and an authentication address, which is forwarded to the client computer and is used to authenticate a user that holds an account associated with the account identifier. 2. The method of claim 1 , wherein the authorization computer is an issuer computer, and wherein the method further comprises: receiving, by the server computer, a verify alias request from the client computer. 3. The method of claim 1 , wherein the method further comprises: receiving, by the server computer, a merchant key from the client computer; receiving, by the server computer, a verify alias request from the client computer; and providing, by the server computer, a verify alias response to the client computer. 4. The method of claim 1 wherein the client computer is a merchant computer. 5. The method of claim 1 wherein the receiving the consumer payment nickname and receiving the payment reference identifier occur in the same communication. 6. The method of claim 1 , wherein the payment reference identifier comprises a timestamp and is analyzed by the server computer each time the server computer receives the payment reference identifier. 7. A server computer comprising: a processor: and a computer readable medium coupled to the processor, the computer readable medium comprising code, executable by the processor to implement a method comprising receiving, by the server computer, a consumer payment nickname from a client computer, receiving, by the server computer, a payment reference identifier from the client computer, wherein the payment reference identifier was previously generated by the server computer; analyzing, by the server computer, the received payment reference identifier; determining, by the server computer, that the received payment reference identifier matches the previously generated payment reference identifier to determine an authentication thread; analyzing, by the server computer, the consumer payment nickname; determining, by the server computer, an account identifier associated with the consumer payment nickname; determining, by the server computer, an authorization computer from the account identifier; generating, by the server computer, a message comprising the payment reference identifier and the account identifier; sending, by the server computer, the message comprising the payment reference identifier and the account identifier associated with the consumer payment nickname to the authorization computer; and receiving, from the authorization computer, the payment reference identifier and an authentication address, which is forwarded to the client computer and is used to authenticate a user that holds an account associated with the account identifier. 8. The server computer of claim 7 wherein the method further comprises: receiving, by the server computer, a verify alias request from the client computer. 9. The server computer of claim 7 wherein the method further comprises: receiving, by the server computer, a verify alias request from the client computer; and providing, by the server computer, a verify alias response to the client computer. 10. The server computer of claim 7 wherein the client computer is a merchant computer. 11. A system comprising: a server computer comprising a processor and a computer readable medium coupled to the processor, the computer readable medium comprising code, executable by the processor to implement a method comprising receiving a consumer payment nickname from a client computer, receiving a payment reference identifier from the client computer, wherein the payment reference identifier was previously generated by the server computer, analyzing, by the server computer, the received payment reference identifier, determining, by the server computer, that the received payment reference identifier matches the previously generated payment reference identifier to determine an authentication thread; determining an account identifier associated with the consumer payment nickname, determining an authorization computer from the account identifier, generating a message comprising the payment reference identifier and the account identifier, sending the message comprising the payment reference identifier and the account identifier associated with the consumer payment nickname to the authorization computer, and receiving, from the authorization computer, the payment reference identifier and an authentication address, which is forwarded to the client computer and is used to authenticate a user that holds an account associated with the account identifier; and the client computer in communication with the server computer. 12. The system of claim 11 , further comprising: the authorization computer. 13. A method comprising: sending, by a sending entity computer, a consumer payment nickname to a merchant computer, wherein the merchant computer thereafter forwards a merchant key and a payment reference identifier to a payment processing network, and wherein the payment processing network forwards an initiate authentication request to an issuer and receives an initiate authentication response including the payment reference identifier and an issuer key from the issuer; receiving, by the sending entity computer, an authentication address for an authentication computer; sending, by the sending entity computer, a passcode to the authentication address of the authentication computer so that the authentication computer determines an authentication result; receiving from the authentication computer a message comprising the authentication result and a redirect command; and automatically redirecting, using the redirect command, the sending entity computer to the merchant computer; and generating and transmitting, by the sending entity computer, a message comprising the merchant key and the payment reference identifier to the merchant computer. 14. The method of claim 13 further comprising: receiving the consumer payment nickname and a passcode request by the sending entity computer. 15. The method of claim 13 wherein the sending entity computer is operated by a consumer. 16. The method of claim 13 further comprising: sending a consumer identity alias to the merchant computer; and receiving the consumer payment nickname. 17. The method of claim 13 , wherein the payment processing network
Assignees
Inventors
Classifications
- G06Q20/3829Primary
involving key management · CPC title
Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists · CPC title
- G06Q20/00Primary
Payment architectures, schemes or protocols (apparatus for performing or posting payment transactions G07F7/08, G07F19/00; electronic cash registers G07G1/12) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9582799B2 cover?
- A token based transaction authentication system is disclosed. Issuer, merchants, and a payment processing network generate unique tokens or keys to authenticate messages between themselves and to authenticate a sending entity or consumer as they are redirected between entities. The tokens are also used to identify the particular authentication thread a message or sending entity is associated wi…
- Who is the assignee on this patent?
- Visa Int Service Ass
- What technology area does this patent fall under?
- Primary CPC classification G06Q20/3829. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Feb 28 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).