1515results about "Credit schemes" patented technology

Documents and other items can be delivered electronically from sender to recipient with a level of trustedness approaching or exceeding that provided by a personal document courier. A trusted electronic go-between can validate, witness and/or archive transactions while, in some cases, actively participating in or directing the transaction. Printed or imaged documents can be marked using handwritten signature images, seal images, electronic fingerprinting, watermarking, and/or steganography. Electronic commercial transactions and transmissions take place in a reliable, "trusted" virtual distribution environment that provides significant efficiency and cost savings benefits to users in addition to providing an extremely high degree of confidence and trustedness. The systems and techniques have many uses including but not limited to secure document delivery, execution of legal documents, and electronic data interchange (EDI).

A method for performing secure transactions, such as credit card purchases, using two or more non-secure networks (such as the Internet and the public telephone system) in such a way that security is insured. A person wishing to initiate a secure transaction sends a message over one of the non-secure networks to a computer. That computer automatically uses the second non-secure network to contact the person back to verify the transaction. The call-back mechanism employs a method to authenticate the identity or authority of the person initiating the transaction. No single wire-tapping or network snooping device sees the entire transaction. No single database contains the entire set of information.

A system and method for operating a reward points accumulation and redemption program wherein a user earns reward points from a plurality of independent reward points issuing entities, with each tracking the user's earned reward points in a user reward point account stored on a multi-function card (such as a frequent flyer account or a credit card loyalty account). The multi-function card is adapted to aggregate some or all of the user's earned reward points from the reward accounts and credit the aggregated points into a single reward exchange account on the multi-function card. The user may then select an item for purchase with the accumulated reward points from the multi-function card. The item is provided to the user in exchange for a subset or all of the reward points from the multi-function card.

A dynamic credit card is provided in which a secure credit card number (e.g., a secret/hidden credit card number) is encoded based on a timing signal (e.g., an internal counter) to provide a dynamic credit card number. This dynamic number may be displayed to a user via a display (e.g., so that online purchases can be made) or written onto a magnetic stripe such that the number may be processed by traditional credit card merchants (e.g., swiped). At a remote facility, the dynamic number may be decoded based on time (and/or a counter/key number/equation) or the facility may have the secure number and perform the same function as the dynamic credit card (e.g., encode using time data as a parameter to the encoding equation) and compare the resultant dynamic number to the dynamic number received. Thus, a dynamic credit card number may change continually or periodically (e.g., every sixty seconds) such that credit card numbers may not be copied by thieves and used at later times. A dynamic verification code may be utilized in addition to, or in lieu of, a dynamic credit card number.

A system and a corresponding method are described for providing a notification of a pending transaction request and obtaining an authorization from a cardholder. The system maintains a database of account records, each of the account records including a phone number of a mobile device assigned to receive authorization request messages for the respective account. When a transaction request is received, the system determines a phone number of a mobile device assigned to receive authorization request messages for the account requesting the transaction by searching the database. The system generates and transmits an authorization request message to the phone number of the mobile device assigned to the account requesting the transaction. In response to the authorization request message, a reply message is returned from the mobile device, which explicitly indicates if a user of the mobile device approves or denies the transaction.

Methods, systems and computer program products are provided for enabling payment of transit system fees using a financial transaction instrument. Entry is permitted onto a transit system by recognition of information included in an identification number stored on a financial transaction instrument. The identification number stored on the financial transaction instrument is associated with a transit system fee registered for each use of the transit system. A plurality of transit system fees associated with the same identification number from use of the financial transaction instrument is aggregated, and payment for the aggregated transit system fees is requested from a transaction account associated with the financial transaction instrument.

Counterfeit financial card fraud is detected based on the premise that the fraudulent activity will reflect itself in clustered groups of suspicious transactions. A system for detecting financial card fraud uses a computer database comprising financial card transaction data reported from a plurality of financial institutions. The transactions are scored by assigning weights to individual transactions to identify suspicious transactions. The geographic region where the transactions took place as well as the time of the transactions are recorded. An event building process then identifies cards involved in suspicious transactions in a same geographic region during a common time period to determine clustered groups of suspicious activity suggesting an organized counterfeit card operation which would otherwise be impossible for the individual financial institutions to detect.

A method and system for using a secured account number for processing proximity types of wireless financial transactions associated with portable consumer proximity devices is disclosed. In one embodiment, the method includes receiving a proximity type of wireless financial transaction request along with a secured account number from a portable proximity consumer device such as a contactless smart card, converting the secured account number to the user's real account number, and transmitting the financial transaction request along with the user's real account number to the issuer of the user's real account number for authorization and processing.

A financial transaction payment processor includes an account access request processor for receiving dynamic swipe data from a payment card through a merchant infrastructure. A fraud detection processor is connected to analyze a dynamic data obtained by the account access request processor that should agree with values pre-loaded in a Crypto-Table by a card manufacturer. A payment authorization processor is connected to receive a message from the fraud detection processor and to then forward a response to the merchant infrastructure.

A dynamic credit card is provided in which a secure credit card number (e.g., a secret/hidden credit card number) is encoded based on a timing signal (e.g., an internal counter) to provide a dynamic credit card number. This dynamic number may be displayed to a user via a display (e.g., so that online purchases can be made) or written onto a magnetic stripe such that the number may be processed by traditional credit card merchants (e.g., swiped). At a remote facility, the dynamic number may be decoded based on time (and/or a counter/key number/equation) or the facility may have the secure number and perform the same function as the dynamic credit card (e.g., encode using time data as a parameter to the encoding equation) and compare the resultant dynamic number to the dynamic number received. Thus, a dynamic credit card number may change continually or periodically (e.g., every sixty seconds) such that credit card numbers may not be copied by thieves and used at later times. A dynamic verification code may be utilized in addition to, or in lieu of, a dynamic credit card number.

A method is provided for conducting an electronic transaction with a payment account number having a certain amount of available funds, using a payment network and a “check site”. The method comprises the following steps: (a) generating a secret key associated with the payment account number; (b) using the secret key to generate a message authentication code (“MAC”) specific to the transaction; (c) generating an authorization request message including the message authentication code; (d) forwarding the authorization request message over the payment network to the check site for verifying the authenticity of the MAC; (e) verifying the message authentication code by the check site using the secret key; (f) responding to the authorization request message over the payment network based on the available funds and the transaction amount.

The invention comprises online methods, systems, and software for improving the processing of payments from financial accounts, particularly credit and debit card payments made from consumers to merchants in online transactions. The preferred embodiment of the invention involves inserting a trusted third party online service into the payment authorization process. The trusted third party authenticates the consumer and authorizes the proposed payment in a single integrated process conducted without the involvement of the merchant. The authentication of the consumer is accomplished over a persistent communication channel established with the consumer before a purchase is made. The authentication is done by verifying that the persistent channel is open when authorization is requested. Use of the third party services allows the consumer to avoid revealing his identity and credit card number to the merchant over a public network such as the Internet, while maintaining control of the transaction during the authorization process.

A secure method of conducting an electronic transaction over a public communications network is provided which utilizes a pseudo-expiration date in the expiration date field of an authorization request. One of the preferred methods comprises:

• • generating a per-card key associated with an account number;
  • generating a message authentication code using the per-card key;
  • converting the message authentication code into a pseudo expiration date;
  • generating an authorization request for the transaction, the request having an expiration date field containing the pseudo expiration date; and
  • verifying the message authentication code based on the pseudo expiration date.
  • Another embodiment of the invention includes a method of conducting an electronic transaction over a public communications network, with a payment account number having an associated pseudo account number, comprising:
  • (a) providing the pseudo account number with a control field indicating one of a plurality of key-generation processes to be used to generate an authentication key;
  • (b) generating an authentication key associated with the pseudo account number using one of the plurality of key-generation processes indicated in the control field of the pseudo account number;
  • (c) using the authentication key to generate a message authentication code specific to the transaction;
  • (d) generating an authorization request message including the message authentication code and the pseudo account number; and
  • (e) verifying the message authentication code using the indicated key-generation process and the authentication key.

A payment device is provided for use in transactions such as credit purchases at a retail store. The device includes a non-volatile memory containing a set of multiple identifiers that are associated with a customer account. The multiple identifiers are also known to an agency that provides the customer account. The device further includes a processor operable to select one identifier out of the set of multiple identifiers for use with any particular transaction involving the device and the customer account. This identifier is then conveyed from the device, typically via a store terminal, to the agency that maintains the account.

A universal authentication token is configured to securely acquire security credentials from other authentication tokens and/or devices. In this manner, a single universal authentication token can store the authentication credentials required to access a variety of resources, services and applications for a user. The universal authentication token includes a user interface, memory for storing a plurality of authentication records for a user, and a secure processor. The secure processor provides the required cryptographic operations to encrypt, decrypt, and/or authenticate data that is sent or received by universal token. For example, secure processor may be used to generate authentication data from seed information stored in memory.

A method for fraud detection leverages an existing financial institution's fraud classification functionality, which produces a first level detection, with a “user-centric” classification functionality, which produces a “second” or more fine-grained detection regarding a potentially fraudulent transaction. After passing through an existing (“institution-centric”) fraud detection technique, a transaction that has been identified as potentially fraudulent is then subject to further analysis and classification at the “user” level, as it is the user is presumed to be the best source of knowledge of the legitimate credit card use. Information about the transaction is shared with the consumer, preferably via one or more near real-time mechanisms, such as SMS, email, or the like. Based on the user's response (or lack thereof, as the case may be), one or more business rules in the institution's fraud detection system can then take an appropriate action (e.g., no action, reverse the transaction if complete, deny the transaction if in-progress, or the like).