US2013117138A1PendingUtilityA1

Metrics systems and methods for token transactions

45
Assignee: HAZEL PATRICK KPriority: Aug 16, 2007Filed: Nov 14, 2012Published: May 9, 2013
Est. expiryAug 16, 2027(~1.1 yrs left)· nominal 20-yr term from priority
G07F 7/1016G07F 7/1008G06Q 20/40G06Q 40/02G06Q 20/04G06Q 20/4016G07F 7/084G06Q 20/403G06Q 20/341G06Q 40/00G06Q 20/389G07G 3/003
45
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

Systems and methods for monitoring token access transactions are provided. In one embodiment, the invention provides receiving transaction records for a plurality of token transactions, wherein the transaction records include transaction information and infrastructure information; determining whether a reportable event has occurred based on the transaction information with the transaction records; and providing an alert representing the reportable event.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A method of evaluating point of sale transactions, comprising:
 receiving a transaction record for a point of sale transaction conducted with a payment token at a point of sale terminal, wherein the transaction record includes transaction information and physical infrastructure information, the transaction information comprising at least one of payment token information, transaction amount, and transaction date for the transaction, and the physical infrastructure information comprising information regarding an operating condition of the point of sale terminal used in the transaction;   a computing system evaluating the transaction information and physical infrastructure information received with the transaction record and determining whether a reportable event has occurred based on the operating condition of the point of sale terminal; and   providing an alert representing the reportable event if the computing system determines a reportable event has occurred based on the operating condition of the point of sale terminal.   
     
     
         2 . The method of  claim 1 , wherein the operating condition of the point of sale terminal comprises an encrypting status of the point of sale terminal, an encrypting status of a component at the point of sale terminal, a count of payment token read events at the point of sale terminal, or a count of payment tokens rejected at the point of sale terminal. 
     
     
         3 . The method of  claim 1 , wherein the physical infrastructure information comprises an identification of the point of sale terminal. 
     
     
         4 . The method of  claim 3 , wherein the identification of the point of sale terminal comprises a terminal ID. 
     
     
         5 . The method of  claim 3 , wherein the identification of the point of sale terminal comprises a serial number of the terminal. 
     
     
         6 . The method of  claim 1 , wherein the operating condition of the point of sale terminal comprises an information indicating whether the point of sale terminal has encrypted some or all of the transaction information in a given transaction. 
     
     
         7 . The method of  claim 6 , wherein the alert is sent to an acquiring bank of the merchant used in the given transaction, the alert indicating whether the terminal has encrypted some or all of the transaction information in the given transaction. 
     
     
         8 . The method of  claim 6 , wherein the alert is sent to a merchant identified with the point of sale terminal used in the transaction or to the issuing bank of the payment token used in the transaction, the alert indicating whether the terminal has encrypted some or all of the transaction information in the transaction. 
     
     
         9 . The method of  claim 1 , wherein the information regarding the operating condition of the point of sale terminal comprises information indicating whether the point of sale terminal has encrypted some or all of the transaction information in a group of transactions. 
     
     
         10 . The method of  claim 9 , wherein the alert is sent to a merchant identified with the point of sale terminal or to an issuing bank of a payment token used in one or more transactions in a group of transactions, the alert indicating whether the terminal has encrypted some or all of the transaction information in one or more transactions in the group of transactions. 
     
     
         11 . The method of  claim 1 , wherein the transaction records include authentication information identifying authenticity of the payment token used in the point of sale transaction. 
     
     
         12 . The method of  claim 11 , wherein the alert is sent to an acquiring bank of the merchant used in the transaction, informing the acquiring bank that a skimmed or otherwise unauthenticated token was presented for a transaction. 
     
     
         13 . The method of  claim 1 , wherein the alert comprises an email message generated and sent to a designated holder of the payment token used in the payment token transaction upon occurrence of the payment token transaction. 
     
     
         14 . The method of  claim 1 , further comprising receiving transaction records for a plurality of point of sale transactions, and wherein the transaction information comprises information used to determine whether a payment token is being used in multiple duplicate payment token transactions. 
     
     
         15 . The method of  claim 14 , wherein the transaction information includes a counter value. 
     
     
         16 . The method of  claim 15 , wherein the counter value is a value of a counter at the point of sale terminal at which the payment token is presented for the transaction, and wherein the counter is incremented upon execution of a predetermined quantity of transactions. 
     
     
         17 . The method of  claim 15 , wherein the counter value is used to encrypt at least a portion of the transaction data. 
     
     
         18 . The method of  claim 14 , wherein the alert is sent to an issuing bank of the payment token used in the multiple duplicate transactions. 
     
     
         19 . The method of  claim 14 , wherein the alert is sent to an authorized holder of the payment token used in the multiple duplicate transactions. 
     
     
         20 . The method of  claim 1 , wherein the transaction information comprises location information used to determine a location of a point of sale terminal used in the transaction. 
     
     
         21 . The method of  claim 20 , further comprising the step of comparing the location information with a predetermined location of the point of sale terminal to determine the validity of the transaction. 
     
     
         22 . The method of  claim 20 , further comprising the step of comparing the location information for a presented payment token with other transactions for the same payment token to identify possible fraudulent activity. 
     
     
         23 . The method of  claim 20 , further comprising the step of comparing the location information for a presented payment token with location and time-stamp information for other transactions for the same payment token to identify possible fraudulent activity. 
     
     
         24 . The method of  claim 1 , wherein the transaction information comprises time-stamp information. 
     
     
         25 . The method of  claim 1 , wherein the alert comprises data indicating whether the point of sale terminal is operating in an encrypting mode. 
     
     
         26 . The method of  claim 1 , wherein the alert comprises data indicating whether the point of sale terminal is operating in an authenticating mode. 
     
     
         27 . The method of  claim 1 , wherein the alert comprises a report indicating a quantity of replay attacks. 
     
     
         28 . The method of  claim 1 , wherein the alert comprises a report indicating a quantity of transactions on a compromised point of sale terminal. 
     
     
         29 . The method of  claim 1 , wherein the payment token comprises a magnetic stripe card, a smart card or other token. 
     
     
         30 . A server system for evaluating payment token transactions, comprising:
 a processor configured to execute a plurality of instructions;   a data storage device coupled to the processor and configured to store the plurality of instructions;   a first module configured to receive transaction records for a plurality of payment token transactions conducted at point of sale terminals, wherein the transaction records include transaction information and physical infrastructure information, the transaction information comprising at least one of token information, transaction amount, and transaction date for the transactions, and the physical infrastructure information comprising information regarding an operating condition of a given point of sale terminal used in a transaction;   a second module configured to evaluate the transaction information and physical infrastructure information received with the transaction records and to determine whether a reportable event has occurred based on the operating condition of the given point of sale terminal; and   a third module configured to provide an alert representing the reportable event if the computing system determines a reportable event has occurred based on the operating condition of the given point of sale terminal;   wherein the modules comprise hardware coupled to the processor or computer usable storage medium having computer program code stored thereon and configured to cause the processor to perform the recited function, or a combination thereof.   
     
     
         31 . The system of  claim 30 , wherein the operating condition of the given point of sale terminal comprises an encrypting status of the given point of sale terminal, an encrypting status of a component at the given point of sale terminal, a count of payment token swipes at the given point of sale terminal, or a count of payment tokens rejected at the given point of sale terminal. 
     
     
         32 . The system of  claim 27 , wherein for a given point of sale terminal, the physical information comprises an identification of the given point of sale terminal for a transaction. 
     
     
         33 . The system of  claim 32 , wherein the identification of the point of sale terminal comprises a terminal ID. 
     
     
         34 . The system of  claim 32 , wherein the identification of the point of sale terminal comprises a serial number of the terminal. 
     
     
         35 . The system of  claim 30 , wherein for a given point of sale terminal used in a transaction, the information regarding the operating condition of the given point of sale terminal comprises an information indicating whether the given point of sale terminal has encrypted some or all of the transaction information in a given transaction. 
     
     
         36 . The system of  claim 35 , wherein for a given point of sale terminal used in a transaction, the information regarding the operating condition of the given point of sale terminal comprises information indicating whether the given point of sale terminal has encrypted some or all of the transaction information in a group of transactions. 
     
     
         37 . The system of  claim 30 , wherein the transaction records include authentication information identifying authenticity of the payment token used in a payment token transaction. 
     
     
         38 . The system of  claim 35 , wherein the alert is sent to a merchant identified with the given point of sale terminal used in the given transaction or to the issuing bank of the payment token used in the given transaction, the alert indicating whether the terminal has encrypted some or all of the transaction information in the given transaction. 
     
     
         39 . The system of  claim 36 , wherein the alert is sent to a merchant identified with the given point of sale terminal used in the group of transactions or to the an issuing bank of a payment token used in one or more transactions in the group of transactions, the alert indicating whether the terminal has encrypted some or all of the transaction information in the given transaction. 
     
     
         40 . The system of  claim 30 , wherein the alert comprises an email message generated and sent to a designated holder of a payment token used in a payment token transaction upon occurrence of the payment token transaction. 
     
     
         41 . The system of  claim 30 , wherein the transaction information comprises information used to determine whether a payment token is being used in multiple duplicate payment token transactions. 
     
     
         42 . The system of  claim 41 , wherein the transaction information includes a counter value. 
     
     
         43 . The system of  claim 42 , wherein the counter value is a value of a counter at a point of sale terminal at which the payment token is presented for the transaction, and wherein the counter is incremented upon execution of a predetermined quantity of transactions. 
     
     
         44 . The system of  claim 43 , wherein the counter value is used to encrypt at least a portion of the transaction data. 
     
     
         45 . The system of  claim 41 , wherein the alert is sent to an issuing bank of the payment token used in the multiple duplicate transactions. 
     
     
         46 . The system of  claim 41 , wherein the alert is sent to an authorized holder of the payment token used in the multiple duplicate transactions. 
     
     
         47 . The system of  claim 30 , wherein the transaction information comprises location information used to determine a location of a terminal used in the transaction. 
     
     
         48 . The system of  claim 47 , wherein the location information is compared with a predetermined location of the terminal to determine the validity of the transaction. 
     
     
         49 . The system of  claim 47 , wherein the location information for a presented payment token is compared with other transactions for the same payment token to identify possible fraudulent activity. 
     
     
         50 . The system of  claim 47 , wherein the location information for a presented payment token is compared with location and time-stamp information for other transactions for the same payment token to identify possible fraudulent activity. 
     
     
         51 . The system of  claim 30 , wherein the transaction information comprises time-stamp information. 
     
     
         52 . The system of  claim 30 , wherein the alert comprises data indicating whether a given terminal is operating in an encrypting mode. 
     
     
         53 . The system of  claim 30 , wherein the alert comprises data indicating whether a given terminal is operating in an authenticating mode. 
     
     
         54 . The system of  claim 30 , wherein the alert comprises a report indicating a quantity of replay attacks. 
     
     
         55 . The system of  claim 30 , wherein the alert comprises a report indicating a quantity of transactions on a compromised terminal. 
     
     
         56 . The method of  claim 30 , wherein for a given point of sale terminal used in a transaction, the information regarding the operating condition of the given point of sale terminal comprises an encrypting status of the given point of sale terminal, and the alert is sent to an acquiring bank of the merchant used in the transaction, informing the acquiring bank of the encrypting status of the merchant's point of sale terminal. 
     
     
         57 . The method of  claim 38 , wherein the alert is sent to an acquiring bank of the merchant used in the transaction, informing the acquiring bank that a skimmed or otherwise unauthenticated token was presented for a transaction. 
     
     
         58 . The method of  claim 1 , wherein the payment token comprises a magnetic stripe card, a smart card or other token.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.