US2013198077A1PendingUtilityA1
Seeding challenges for payment transactions
Est. expiryJun 25, 2027(~1 yrs left)· nominal 20-yr term from priority
G06Q 20/40G06Q 40/12G06Q 20/04G06Q 20/385G06Q 40/00G06Q 20/403G06Q 20/10G06Q 40/02G06Q 20/382
67
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
Systems, methods, and apparatus are provided for authenticating a consumer using challenge questions. A response to a challenge question is verified via seeding the challenge question, receiving response, and deductively determining the answer. The verified response and challenge question may then be used to authenticate a consumer as part of an authorization process.
Claims
exact text as granted — not AI-modified1 .- 14 . (canceled)
15 . A method comprising:
receiving, from an entity, a challenge message for a consumer for a first time; providing, to the entity, a first challenge response that is responsive to the challenge message; repeating receiving the challenge message and providing a subsequent challenge response during each of one or more processes for authorizing a respective transaction initiated by the consumer in order to provide a verified answer to the challenge message; receiving, from the entity, the challenge message during a process for authorizing another transaction, wherein the challenge message is in response to an authorization request message that is associated with the consumer conducting the another transaction with a portable consumer device and that is sent to an issuer associated with the portable consumer device; and providing, to the entity, another challenge response suitable for determining an authorization response message that indicates whether or not the another transaction is authorized, wherein the another transaction is more likely to be authorized if the another challenge response is similar to the verified answer.
16 . The method of claim 15 wherein the entity is the issuer.
17 . The method of claim 15 , further comprising:
during the process for authorizing the another transaction, providing, by the consumer to the entity, one or more additional challenge responses that are respectively responsive to one or more other challenge messages, wherein the transaction is more likely to be authorized if the additional challenge responses are respectively similar to previously provided challenge responses responsive to the other challenge messages.
18 . The method of claim 15 , wherein a confidence score is associated with the challenge message, and wherein the confidence score is a measure of a likelihood that when the another challenge response is dissimilar from the verified answer that the another transaction will not be authorized.
19 . The method of claim 18 wherein the confidence score increases when the another response is similar to the verified answer.
20 . The method of claim 15 , further comprising:
when the another challenge response is dissimilar from the verified answer, repeating receiving the challenge message and providing a subsequent challenge response during each of one or more processes for authorizing a respective transaction initiated by the consumer in order to provide a re-verified answer to the challenge message.
21 . A computer program product comprising a computer readable medium encoded with a plurality of instructions for controlling a computing system to perform an operation for facilitating a consumer in an authorization process for a transaction requested by the consumer, the operation comprising the steps of:
receiving, from an entity, a challenge message for a consumer for a first time; providing, from the consumer to the entity, a first challenge response that is responsive to the challenge message; repeating receiving the challenge message and providing a subsequent challenge response during each of one or more processes for authorizing a respective transaction initiated by the consumer in order to provide a verified answer to the challenge message; receiving, from the entity, the challenge message during a process for authorizing another transaction, wherein the challenge message is in response to an authorization request message that is associated with the consumer conducting the another transaction with a portable consumer device and that is sent to an issuer associated with the portable consumer device; providing, to the entity, another challenge response suitable for determining an authorization response message that indicates whether or not the another transaction is authorized, wherein the another transaction is more likely to be authorized if the another challenge response is similar to the verified answer.
22 . A phone comprising a computer readable medium encoded with a plurality of instructions for controlling a computing system of the phone to perform an operation for facilitating a consumer in an authorization process for a transaction requested by the consumer, the operation comprising the steps of:
receiving, at the phone being used by a consumer, a challenge message from an entity for a first time; providing, to the entity using the phone, a first challenge response that is responsive to the challenge message; repeating receiving the challenge message at the phone and providing a subsequent challenge response using the phone during each of one or more processes for authorizing a respective transaction initiated by the consumer in order to provide a verified answer to the challenge message; receiving, at the phone from the entity, the challenge message for the consumer during a process for authorizing another transaction, wherein the challenge message is in response to an authorization request message that is associated with the consumer conducting the another transaction with a portable consumer device and that is sent to an issuer associated with the portable consumer device; and providing, to the entity using the phone, another challenge response suitable for determining an authorization response message that indicates whether or not the another transaction is authorized, wherein the another transaction is more likely to be authorized if the another challenge response is similar to the verified answer.
23 . A method of using a phone to facilitate an authorization process, the method comprising:
receiving, at a phone being used by a consumer, a challenge message from an entity for a first time; providing, to the entity using the phone, a first challenge response that is responsive to the challenge message; repeating receiving the challenge message and providing a subsequent challenge response during each of one or more processes for authorizing a respective transaction initiated by the consumer in order to provide a verified answer to the challenge message; receiving, from the entity, the challenge message during a process for authorizing another transaction, wherein the challenge message is in response to an authorization request message that is associated with the consumer conducting the another transaction with a portable consumer device and that is sent to an issuer associated with the portable consumer device; and providing, to the entity, another challenge response suitable for determining an authorization response message that indicates whether or not the another transaction is authorized, wherein the another transaction is more likely to be authorized if the another challenge response is similar to the verified answer.
24 . The method of claim 15 , wherein none of the subsequent challenge responses are used in a determination of whether the consumer is authorized to make any of the respective transactions.
25 . The method of claim 15 , wherein the entity compares the another challenge response to the verified answer, wherein the entity calculates a contribution to a risk score based on the comparison, and wherein the risk score is used to determine whether or not to authorize the another transaction.
26 . The method of claim 15 , wherein the first challenge response is provided during a process of authorizing a transaction requested by the consumer.
27 . The method of claim 15 , wherein the entity infers respective verified answers to one or more other challenge messages, and wherein the entity may use the other challenge messages, their respective verified answers, and respective challenge responses in the determination of the another transaction.
28 . The method of claim 15 , wherein the entity infers the verified answer to the challenge message by determining a consistency value for the provided subsequent challenge responses, comparing the consistency value to a threshold value, and verifying the answer when a threshold criteria has been achieved.
29 . The method of claim 28 , wherein the consistency value is a number of consecutive responses that have been similar, wherein the threshold value is an integer N, and wherein the threshold criteria is whether the consistency value is at least one of greater than N or greater than or equal to N.
30 . The method of claim 28 , wherein the entity infers the verified answer based also on one or more other criteria.
31 . The method of claim 30 , wherein the other criteria includes a number of billing cycles that the consumer has had a portable consumer device without suspect activity.
32 . The method of claim 15 , wherein the entity resets a process of inferring the verified answer when the another challenge response is different than the verified answer.
33 . The method of claim 30 , wherein the other criteria further includes whether any of the respective other transactions have been reversed.
34 . The method of claim 30 , wherein the other criteria further includes a location of the consumer when the subsequent challenge responses were provided.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.