US2016125406A1PendingUtilityA1

Time-varying security code for enabling authorizations and other uses of financial accounts

57
Assignee: ROSKIND JAMES APriority: Feb 26, 2005Filed: Jan 8, 2016Published: May 5, 2016
Est. expiryFeb 26, 2025(expired)· nominal 20-yr term from priority
Inventors:James Roskind
G06F 21/34G06Q 20/385G07F 7/1083G07F 7/1025G06Q 20/341G07F 7/1008G06Q 20/40H04L 63/083G06Q 20/4018
57
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A portable device is provided that carries account data. The account data may include a security code having a value that is time-varying. The value of the security code may be programmatically varied based on at least one of an algorithm or event. Authorization and use of the account may be sought from an authorization agent using the account data provided on the portable device.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A method for authorizing use of an account by a user, the method performed by an authorization agent and comprising:
 receiving, from a portable device, information corresponding to the user and a value of a time-varying security code at a first time, the security code having a time-based value which is programmatically varied based on at least one of an algorithm or an event;   independently determining, at the authorization agent, a current value of the security code at a current time;   determining that the time-based value of the security code at the first time does not match the current value of the security code, but matches a second value of the security code at a second time different than the first time, the second value being different than the current value; and   when a difference between the second time and the current time is less than a threshold, transmitting a communication to the portable device requesting the user to re-input the time-based value of the security code without authorizing the user.   
     
     
         2 . The method of  claim 1 , wherein the algorithm comprises a seed parameter and an algorithm for determining the time-based value of the security code using the seed parameter. 
     
     
         3 . The method of  claim 2 , further comprising:
 receiving, at the authorization agent, information corresponding to the user and a re-entered time-based value of the security code;   determining that the re-entered time-based value matches the current value; and   authorizing the user.   
     
     
         4 . The method of  claim 3 , further comprising communicating, to the portable device, after authorizing the user, a new value for the seed parameter. 
     
     
         5 . The method of  claim 1 , wherein the event is (i) detection of a threshold number of user access requests or (ii) an aggregate user spending limit. 
     
     
         6 . The method of  claim 1 , further comprising generating a security event if the difference between the second time and the current time is greater than the threshold. 
     
     
         7 . The method of  claim 1 , further comprising declining a user-requested transaction if the difference between the second time and the current time is greater than the threshold. 
     
     
         8 . The method of  claim 1 , wherein the time-based value of the security code is programmatically varied in response to detection of an event, the event corresponding to a predetermined plurality of times authorization and use of the account is sought. 
     
     
         9 . A system comprising an authorization agent to authorize use of an account of a user when authorization and use of the account is sought, the authorization agent to:
 receive, from a user terminal, information corresponding to the user and a value of a time-varying security code at a first time, the security code having a time-based value which is programmatically varied using a seed parameter and an algorithm;   independently determine a current value of the security code at a current time based on the seed parameter and the algorithm;   determine that the time-based value of the security code does not match the current value of the security code, but matches a second value of the security code at a second time different than the first time, the second value being different than the current value; and   if a difference between the second time and the current time is less than a threshold, transmit a communication to the user terminal requesting the user to re-input the time-based value of the security code without authorizing the user.   
     
     
         10 . The system of  claim 9 , wherein the authorization agent is further to:
 receive, at the authorization agent, information corresponding to the user and a re-entered time-based value of the security code;   determine that the re-entered time-based value matches the current value; and   authorize the user.   
     
     
         11 . The system of  claim 10 , wherein the authorization agent is further to communicate, to the user terminal, after authorizing the user, a new value for the seed parameter. 
     
     
         12 . The system of  claim 9 , wherein the authorization agent is further to generate a security event if the difference between the second time and the current time is greater than the threshold. 
     
     
         13 . The system of  claim 9 , wherein the authorization agent is further to decline a user-requested transaction if the difference between the second time and the current time is greater than the threshold. 
     
     
         14 . The system of  claim 9 , wherein the time-based value of the security code is programmatically varied in response to detection of an event, the event corresponding to a predetermined plurality of times authorization and use of the account is sought. 
     
     
         15 . A non-transient computer-readable storage medium storing instructions that, when executed by a computer system, causes the computer system to authorize use of an account by a user by performing operations comprising:
 receiving, from a portable device, user account information and a time-based value of a security code at a first time, the time-based value of the security code being generated based on a seed parameter and an algorithm;   independently determining a current value of the security code at a current time based on the seed parameter and the algorithm;   determining that the time-based value of the security code does not match the current value of the security code, but matches a second value of the security code at a second time different than the first time, the second value being different than the current value; and   if a difference between the second time and the current time is less than a threshold, transmitting a communication to the portable device requesting the user to re-input the time-based value of the security code without authorizing the user.   
     
     
         16 . The non-transient computer-readable storage medium of  claim 15 , wherein the instructions execute to cause the computer system to perform operations further comprising:
 receiving, from the portable device, the user account information and a re-entered time-based value of the security code;   determining that the re-entered time-based value matches the current value; and   authorizing the user.   
     
     
         17 . The non-transient computer-readable storage medium of  claim 16 , wherein the instructions execute to cause the computer system to perform operations further comprising:
 communicating, to the portable device, after authorizing the user, a new value for the seed parameter.   
     
     
         18 . The non-transient computer-readable storage medium of  claim 15 , wherein the instructions execute to cause the computer system to perform operations further comprising:
 generating a security event if the difference between the second time and the current time is greater than the threshold.   
     
     
         19 . The non-transient computer-readable storage medium of  claim 15 , wherein the instructions execute to cause the computer system to perform operations further comprising:
 declining a user-requested transaction if the difference between the second time and the current time is greater than the threshold.   
     
     
         20 . The non-transient computer-readable storage medium of  claim 15 , wherein the time-based value of the security code is programmatically varied in response to detection of an event, the event corresponding to a predetermined plurality of times user authorization is sought.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.