News Column

Patent Issued for Mobile Payer Authentication

February 12, 2014

By a News Reporter-Staff News Editor at Journal of Engineering -- A patent by the inventor Lee, Timothy Mu-Chu ( San Jose, CA ), filed on August 10, 2009 , was published online on January 28, 2014 , according to news reporting originating from Alexandria, Virginia , by VerticalNews correspondents. Patent number 8639600 is assigned to Visa U.S.A. Inc. ( San Francisco, CA ). The following quote was obtained by the news editors from the background information supplied by the inventors: "During a transaction using a transaction card, such as a credit card, a debit card, a stored value card, a bank card, a loyalty card, a smart card and/or the like, it is important to verify a cardholder's ownership of an account to avoid a variety of problems, such as unauthorized use. Cardholder authentication is the process of verifying that the account is owned by the cardholder. For example, cardholder authentication during a 'card present' transaction is performed when a merchant's representative verifies that the signature on a transaction card matches the cardholder's signature on a receipt. "Technological improvements have allowed businesses and individuals to engage in transactions in a plurality of environments. For example, cardholders can engage in traditional 'in person' transactions, transactions via the internet, transactions over the telephone and transactions through mail systems. In many cases, cardholders desire the convenience of performing transactions without having to directly visit a service provider. In doing so, the cardholder may seek to eliminate transportation time and reduce the hassle associated with, for example, shopping in a retail environment or waiting in line at a bank by performing these transactions from the privacy of their own home. "'Card Not Present' ('CNP') transaction volumes are increasing at least in part because of such convenience provided to cardholders and the extra sales provided to merchants. However, as CNP transaction volume increase, fraudulent transactions and the monetary losses due to such transactions are increasing as well. "FIG. 1 depicts a system diagram for a conventional transaction processing system according to the prior art. As shown in FIG. 1, a transaction processing system is logically divided into an issuer domain 110, an interoperability domain 120 and an acquirer domain 130. The issuer domain 110 includes a consumer 112 and an access control server 114 ('ACS'). The interoperability domain 120 includes a directory server 122 ('DS'). The acquirer domain 130 includes a merchant purchase interface 132 ('MPI') and an acquirer bank 134. The lines represent data transfers performed between the connected entities. Such data transfers are described more fully below in reference to FIG. 2. "FIG. 2 depicts a conventional CNP transaction flow according to the prior art. As shown in FIG. 2, a consumer adds items to a shopping cart and finalizes 205 a transaction. The MPI 132 sends 210 an enrollment verification request to a DS 122 to verify enrollment of the consumer 112 in the authentication service. If the consumer 112 is enrolled in the authentication service, the DS 122 forwards 215 the enrollment verification request to the ACS 114. The ACS 114 responds 220 to the DS 122 with an enrollment verification response indicating whether authentication is available for the consumer's card. The DS 122 then forwards 225 the enrollment verification response to the MPI 132. If the consumer is participating in the authentication service, the DS 122 creates and sends 230 a response to the MPI 132. "If card authentication is available, the MPI 132 sends 235 a request for payer authentication to the ACS 114 via the consumer's internet browser 112. The ACS 114 receives 240 the payer authentication request. The ACS 114 then displays 245 a window to the consumer displaying payment details such as, for instance, a merchant name, merchant location, total cost, purchase date and card number. The window also prompts the cardholder for the cardholder's authentication information, such as a password, personal identification number, or chip cryptogram. After the consumer enters submits the authentication information, the ACS 114 validates 250 the consumer's authentication information. If the consumer's authentication information is valid, the ACS 114 generates and sends 255 a payer authentication response to the MPI 132 in response to the payer authentication request, thereby authenticating the consumer 112. The ACS 114 may digitally signs the payer authentication request. The MPI 132 then receives 260 the payer authentication response and validates 265 the response signature if the response signature was signed by the ACS 114. The MPI 132 then commences 270 an authorization exchange with its acquirer 134. "When the consumer is using an internet enabled cellular telephone, the above-referenced and method may be inadequate. Thus, there is a need for solutions to the inadequacies" In addition to the background information obtained for this patent, VerticalNews journalists also obtained the inventor's summary information for this patent: "An address of a computing device is received. The address is used to access display attributes of a display on the computing device. An authentication request is formatted using the obtained display attributes and is sent to computing device. In response to the, authentication information for an account holder is received from the computing device. A validation attempt is performed on the received authentication information for the account holder. If the received authentication information for the account holder was successfully validated, the authentication response is transmitted for delivery to a merchant with whom the account holder is conducting a transaction with the merchant upon an account of the account holder by use of the computing device. In another implementation, the foregoing computing device is a cellular telephone having address is its telephone number, where the cellular telephone is enable to conduct the transaction as an e-commerce transaction with a web site of the merchant over the internet." URL and more information on this patent, see: Lee, Timothy Mu-Chu . Mobile Payer Authentication. U.S. Patent Number 8639600, filed August 10, 2009 , and published online on January 28, 2014 . Patent URL: http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&p=22&u=%2Fnetahtml%2FPTO%2Fsearch-bool.html&r=1083&f=G&l=50&co1=AND&d=PTXT&s1=20140128.PD.&OS=ISD/20140128&RS=ISD/20140128 Keywords for this news article include: Legal Issues, Visa U.S.A. Inc. Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC


For more stories on investments and markets, please see HispanicBusiness' Finance Channel



Source: Journal of Engineering


Story Tools