Apparatus, system, and method of securing financial transactions using a mobile device
Abstract
A novel system and methodology for conducting financial and other transactions using a wireless device. Credentials may be selectively issued by issuers such as credit card companies, banks, and merchants to consumers permitting the specific consumer to conduct a transaction according to the authorization given as reflected by the credential or set of credentials. The preferred mechanism for controlling and distributing credentials according to the present invention is through one or more publicly accessible networks such as the Internet wherein the system design and operating characteristics are in conformance with the standards and other specific requirements of the chosen network or set of networks. Credentials are ultimately supplied to a handheld device such as a mobile telephone via a wireless network. The user holding the credential may then use the handheld device to conduct the authorized transaction or set of transactions via, for example, a short range wireless link with a point-of-sale terminal.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A system to secure a payment transaction using a mobile device, comprising:
a communications interface coupled to a payment network that is configured to receive transaction authorization requests originating from a merchant point-of-sale (POS) system, and to transmit an applicable transaction approval or decline response to the POS system through the same path; a database, stored on at least one storage device, configured to store a plurality of user accounts, such that each of the plurality of user accounts includes at least one unique account number, at least one financial payment account, a user's mobile device identification (ID) that identifies the user's mobile device, and a security code for approving a transaction; a wireless gateway connected to the Internet to send messages to the user's mobile device that is linked to a user account, and to prompt the user to enter a security code; and a processor configured to receive transaction authorization requests originating from the POS system via the communications interface, select one financial payment account based on the account number contained in the received transaction authorization request from the plurality of user accounts stored in the database, transmit a message to the user's mobile device to prompt the user to enter a security code, receive a response from the user's mobile device, confirm the security code against the user account, authorize the selected financial payment account, identify an approval or decline authorization response based on at least the state of the selected financial payment account and the authorization response associated with the selected financial payment account, and transmit a transaction approval or decline authorization response to the payment network and merchant point-of-sale system via the communications interface.
2 . The system of claim 1 , wherein the user's mobile device ID is a mobile phone number.
3 . The system of claim 1 , wherein the wireless gateway prompts the user to provide an input of at least one of a personal identification number (PIN), a fingerprint for fingerprint recognition, an iris for iris recognition, a voice for voice recognition, a facial image for facial recognition, and hand geometry as the security code.
4 . The system of claim 1 , wherein the account number is within a Bank Identification Number (BIN) range associated with at least one of a payment card issuer and the payment network.
5 . The system of claim 4 , wherein when the account number is within the BIN range, a transaction authorization is routable from the POS system, to an acquirer, to the applicable payment network, and to the system for approval.
6 . The system of claim 1 , wherein the financial payment account stored in the database is at least one of a credit account, a debit account, and a stored value account.
7 . The system of claim 1 , wherein the account number is further stored in a magnetic-stripe card, an encoded chip card, the user's mobile device, or a computer system.
8 . The system of claim 7 , wherein the account number is transmitted by one of the encoded magnetic-stripe card, the encoded chip card, a radio frequency (RF) interface of the user's mobile device, and the computer system to the POS system to initiate a payment authorization.
9 . The system of claim 1 , wherein upon receiving the transaction authorization request containing an account number, the processor transmits a message via the Internet to the user's mobile device to prompt the user to enter the security code.
10 . The system of claim 9 , wherein the message to the mobile device includes information of at least one of a name of a merchant having the POS system that originated the authorization request, a location of the merchant, a date and a time of the authorization request, a transaction amount being authorized, a transaction identification (ID), at least a portion of an account number, a credential type, an issuer name, and a phone number of the user's mobile device retrieved from the account.
11 . The system of claim 10 , wherein the credential type includes at least one of a credit account, a debit account, and a stored value account.
12 . The system of claim 1 , wherein an application on the user's mobile device, upon receiving the security code request, displays the information from the message on a display screen, and prompts the user to input the security code and submit it so it can be transmitted via a wireless network and the Internet to the processor for verification.
13 . The system of claim 12 , wherein, upon receipt of the security code and verification of it, the processor authorizes the transaction against the financial payment account.
14 . The system of claim 13 , wherein the processor responds back to the initial authorization request from the merchant POS with an approval or decline message.
15 . A payment transaction authorization apparatus, comprising:
a communications interface to receive transaction authorization requests, and to transmit an applicable transaction approval or decline response; at least one storage device to store a database having a plurality of user accounts, such that each of the plurality of user accounts includes at least one unique account number, at least one financial payment account, a user's mobile device identification (ID) that identifies the user's mobile device, and a security code for approving a transaction; and a processor configured to receive transaction authorization requests via the communications interface, select one of the at least one financial payment account based on the account number contained in the received transaction authorization request from the at least one financial payment account stored in the database, transmit a message to the user's mobile device to prompt the user to enter a security code, receive a response from the user's mobile device, confirm the security code against the user account, authorize the selected financial payment account, identify an approval or decline authorization response based on at least the state of the selected financial payment account and the authorization response associated with the selected financial payment account, and transmit a transaction approval or decline authorization response via the communications interface.
16 . The apparatus of claim 15 , further comprising:
a wireless gateway to prompt the user to provide an input of at least one of a personal identification number (PIN), a fingerprint for fingerprint recognition, an iris for iris recognition, a voice for voice recognition, a facial image for facial recognition, and hand geometry as the security code.
17 . The apparatus of claim 16 , wherein upon receiving the transaction authorization request containing an account number, the wireless gateway transmits a message via the Internet to the user's mobile device to prompt the user to enter the security code.
18 . The apparatus of claim 17 , wherein the message to the mobile device includes information of at least one of a name of a merchant having a point-of-sale system that originated the authorization request, a location of the merchant, a date and a time of the authorization request, a transaction amount being authorized, a transaction identification (ID), at least a portion of an account number, a credential type, an issuer name, and a phone number of the user's mobile device retrieved from the account.
19 . The apparatus of claim 18 , wherein the credential type includes at least one of a credit account, a debit account, and a stored value account.
20 . The apparatus of claim 15 , wherein the account number is within a Bank Identification Number (BIN) range associated with at least one of a payment card issuer and a payment network.
21 . The apparatus of claim 20 , wherein when the account number is within the BIN range, a transaction authorization is routable from a point-of-sale system, to an acquirer, to an applicable payment network, and to the system for approval.
22 . The apparatus of claim 15 , wherein the financial payment account stored in the database is at least one of a credit account, a debit account, and a stored value payment account.
23 . The apparatus of claim 15 , wherein the account number is further stored in a magnetic-stripe card, an encoded chip card, the user's mobile device, or a computer system.
24 . The apparatus of claim 15 , wherein, upon receipt of the security code and verification of it, the processor authorizes the transaction against the financial payment account.
25 . The apparatus of claim 24 , wherein the processor responds back to the initial authorization request with an approval or decline message.
26 . A method of securing a financial transaction processed over a payment network using a mobile device, the method comprising:
transmitting a transaction authorization request containing an amount of the transaction and an account number, from a merchant point-of-sale (POS) system to an applicable payment network and an issuer transaction processing system; receiving the transaction authorization request at the issuer transaction processing system via a communications interface; selecting, with the issuer transaction processing system, a user account based on the account number contained in the received transaction authorization request; initiating a message to a mobile device that is associated with the same user account within a database of the issuer transaction processing system, wherein the message prompts the user for at least one of a personal identification number (PIN), a fingerprint for fingerprint recognition, an iris for iris recognition, a voice for voice recognition, a facial image for facial recognition, and hand geometry to confirm the transaction on the user account; receiving the at least one of a personal identification number (PIN), a fingerprint for fingerprint recognition, an iris for iris recognition, a voice for voice recognition, a facial image for facial recognition, and hand geometry and verifying it against the user account in the database; initiating an authorization against a selected financial payment account associated with the user account and confirming an approval or decline authorization response within the issuer transaction processing system; generating an approval or decline authorization response based on at least a transaction authorization response associated with the financial payment account; and transmitting the generated transaction approval or decline authorization response from the issuer transaction processing system to the applicable payment network and the merchant POS.
27 . The method of claim 26 , further comprising:
transmitting a transaction approval or decline message to the mobile device after the transaction is completed.
28 . The method of claim 26 , wherein the account number is within a Bank Identification Number (BIN) range associated with at least one of a payment card issuer and the applicable payment network.
29 . The method of claim 28 , further comprising:
routing a transaction authorization from the POS system, to an acquirer, to the applicable payment network, and to the applicable issuer transaction processing system for approval when the account number is with the BIN range.
30 . The method of claim 26 , wherein the financial payment account of the user account stored in the database is at least one of a credit account, a debit account, and a stored value payment account.
31 . The method of claim 26 , further comprising:
storing the account number associated with the user account in a magnetic-stripe card, an encoded chip card, the mobile device, or a computer system.
32 . The method of claim 31 , further comprising:
transmitting the account number by one of the encoded magnetic-stripe card, the encoded chip card, a radio frequency (RF) interface of the mobile device, and the computer system to the POS system to initiate a payment authorization.
33 . The method of claim 26 , further comprising:
transmitting a message from the issuer transaction processing system via the Internet to the mobile device to prompt the user to enter the security code when the transaction authorization request containing an account number is received.
34 . The method of claim 33 , wherein the message to the mobile device includes information of at least one of a name of the merchant having the POS system that originated the authorization request, a location of the merchant, a date and a time of the authorization request, a transaction amount being authorized, a transaction identification (ID), at least a portion of an account number, a credential type, an issuer name, and a phone number of the mobile device retrieved from the account.
35 . The method of claim 34 , wherein the credential type includes at least one of a credit account, a debit account, and a stored value account.
36 . The method of claim 26 , further comprising:
displaying the message on a display screen of the mobile device; and prompting the user to input the security code and submit it so it can be transmitted via a wireless network and the Internet to the issuer transaction processing system for verification when an application on the mobile device receives the security code request.
37 . The method of claim 36 , further comprising:
authorizing the transaction against the financial payment account upon receipt of the security code and verification of it.
38 . The method of claim 37 , further comprising:
responding back to the initial authorization request from the merchant POS with an approval or decline message.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.