Proxy server-based network site account management
US-9282098-B1 · Mar 8, 2016 · US
Account provisioning authentication
US9613377B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9613377-B2 |
| Application number | US-201414216537-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 17, 2014 |
| Priority date | Mar 15, 2013 |
| Publication date | Apr 4, 2017 |
| Grant date | Apr 4, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Embodiments of the present invention are directed to methods, systems, and apparatuses for providing a secure authentication scheme for authenticating users and accounts on behalf of a service provider server computer offering services to a user. Upon determining, by the secure authentication scheme, that the user and/or account identifier associated with the user is authenticate, the service provider server computer may be provided with assurance that the user is authenticate and thereafter provide a service requested by the user.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: receiving, at an access control server computer via a directory server, a service provider request message from a service provider server computer comprising an account identifier; determining, by the access control server computer, that the account identifier is enrolled in an authentication program; in response to determining that the account identifier is enrolled in the authentication program, transmitting an authentication request message requesting authentication data, to a mobile communication device used by a user associated with the account identifier; receiving an authentication response message from the mobile communication device comprising the requested authentication data; determining that the requested authentication data in the authentication response message matches authentication data stored in a database; and initiating an action relating to the mobile communication device and the account identifier when the requested authentication data in the authentication response message matches the authentication data stored in the database, wherein the action comprises: requesting a trusted service manager system to provision the account identifier on to the mobile communication device. 2. The method of claim 1 wherein the service provider request message is a verify enrollment request message. 3. The method of claim 2 wherein the service provider server computer is a wallet provider server computer, and wherein the verify enrollment request message is generated by the wallet provider server computer. 4. The method of claim 1 wherein the access control server computer is an issuer access control server operated by an issuer of the account identifier, and wherein the account identifier is a credit or debit card number. 5. An access control server computer comprising: a processor; and a non-transitory computer readable medium coupled to the processor, the non-transitory computer readable medium comprising code, executable by the processor for implementing a method comprising: a service provider request message from a service provider server computer comprising an account identifier; determining that the account identifier is enrolled in an authentication program; in response to determining that the account identifier is enrolled in the authentication program, transmitting an authentication request message requesting authentication data, to a mobile communication device used by a user associated with the account identifier; receiving an authentication response message from the mobile communication device comprising the requested authentication data; determining that the requested authentication data in the authentication response message matches authentication data stored in a database; and initiating an action relating to the mobile communication device and the account identifier when the requested authentication data in the authentication response message matches the authentication data stored in the database, wherein the action comprises: requesting a trusted service manager system to provision the account identifier on to the mobile communication device. 6. The access control server computer of claim 5 wherein the service provider request message is a verify enrollment request message. 7. The access control server computer of claim 6 wherein the service provider server computer is a wallet provider server computer, and wherein the verify enrollment request message is generated by the wallet provider server computer. 8. A system comprising: the access control server computer of claim 5 ; and the service provider server computer in communication with the access control server computer. 9. A method comprising: receiving, at a directory server, a service provider request message comprising an account identifier from a service provider server computer; determining, by the directory server, an access control server computer associated with the account identifier; transmitting the service provider request message to the access control server computer; receiving, by the directory server, a service provider response message from the access control server computer; and transmitting the service provider response message to the service provider server computer, wherein the service provider server computer or the access control server computer initiates an action relating to the account identifier and a mobile communication device used by a user associated with the account identifier when the access control server determines that requested authentication data in an authentication response message matches authentication data stored in a database, the action comprising: requesting a trusted service manager system to provision the account identifier on to the mobile communication device. 10. The method of claim 9 wherein the service provider request message is a verify enrollment request message. 11. The method of claim 9 further comprising: determining a risk score associated with the service provider request message and providing the risk score to the access control server computer in the service provider request message. 12. The method of claim 9 wherein the service provider server computer is a wallet provider server computer. 13. A computer comprising: a processor; and a non-transitory computer readable medium coupled to the processor, the non-transitory computer readable medium comprising code, executable by the processor for implementing a method comprising: receiving a service provider request message comprising an account identifier from a service provider server computer; determining an access control server computer associated with the account identifier; transmitting the service provider request message to the access control server computer; receiving, by the directory server, a service provider response message from the access control server computer; and transmitting the service provider response message to the service provider server computer, wherein the service provider server computer or the access control server computer initiates an action relating to the account identifier and a mobile communication device used by a user associated with the account identifier when the access control server determines that requested authentication data in an authentication response message matches authentication data stored in a database, the action comprising, the action comprising: requesting a trusted service manager system to provision the account identifier on to the mobile communication device. 14. The computer of claim 13 wherein the service provider request message is a verify enrollment request message. 15. The computer of claim 13 further comprising: determining a risk score associated with the service provider request message and providing the risk score to the access control server computer in the service provider request message. 16. A system comprising: the computer of claim 13 ; the access control server computer in communication with the computer; and the service provider server computer in communication with the access control server computer.
Assignees
Inventors
Classifications
- G06Q40/02Primary
Banking, e.g. interest calculation or account maintenance (credit or loans G06Q40/03) · CPC title
using mutual authentication without cards, e.g. challenge-response · CPC title
Verifying personal identification numbers [PIN] · CPC title
using two different networks, one for transaction and one for security confirmation · CPC title
using secure elements embedded in M-devices · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9613377B2 cover?
- Embodiments of the present invention are directed to methods, systems, and apparatuses for providing a secure authentication scheme for authenticating users and accounts on behalf of a service provider server computer offering services to a user. Upon determining, by the secure authentication scheme, that the user and/or account identifier associated with the user is authenticate, the service p…
- Who is the assignee on this patent?
- Visa Int Service Ass
- What technology area does this patent fall under?
- Primary CPC classification G06Q40/02. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Apr 04 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).