Methods and systems for payments assurance
Abstract
A remote payments assurance system includes a Proxy Service Manager Server, an Authentication Service Manager Server computer, an Acquirer Financial Institution (FI) Server computer, a payment network, and an Issuer financial institution server computer. A storage device of the Proxy Service Manager Server computer stores instructions which causes a processor to receive a consumer authentication request from a merchant device obtained during a card not present (CNP) transaction, transmit the consumer authentication request to the Authentication Service Manager Server computer, establish a secure communications channel between the Proxy Service Manager Server computer and the Authentication Service Manager Server computer, and transmit the consumer authentication request via the secure communications channel to the Authentication Service Manager Server computer. Next, the processor receives a non-repudiable one-time accountholder authentication value (“AAV”) token, transmits a payment authorization request to the Acquirer FI Server computer, receives a payment authorization message, and transmits a payment authorization message to the merchant device to complete the CNP purchase transaction.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A remote payments assurance system, comprising:
a Proxy Service Manager Server computer comprising a Proxy Service Manager Server processor operably connected to a storage device; an Authentication Service Manager Server computer operably connected to the Proxy Service Manager Server computer; an Acquirer Financial Institution (FI) Server computer operably connected to the Proxy Service Manager Server computer; a payment network operably connected to the Acquirer Financial Institution Server computer; and an Issuer financial institution server computer operably connected to the payment network; wherein the storage device of the Proxy Service Manager Server computer stores instructions configured to cause the Proxy Service Manager Server processor to:
receive a consumer authentication request from a merchant device, the consumer authentication request including consumer information obtained by the merchant device from a consumer mobile device operated by a consumer during a card not present (CNP) transaction;
transmit the consumer authentication request to the Authentication Service Manager Server computer;
establish a secure communications channel between the Proxy Service Manager Server computer and the Authentication Service Manager Server computer;
transmit the consumer authentication request comprising the consumer information via the secure communications channel to the Authentication Service Manager Server computer associated with the consumer;
receive a non-repudiable one-time accountholder authentication value (“AAV”) token generated by the Authentication Service Manager Server computer;
generate a payment authorization request that includes the AAV token in a Universal Card Authentication Field;
transmit the payment authorization request to the Acquirer FI Server computer;
receive a payment authorization message signifying that the Issuer FI validated the AAV token; and
transmit the payment authorization message to the merchant device to complete the CNP purchase transaction.
2 . The system of claim 1 , wherein the consumer authentication request received by the Proxy Service Manager Server computer comprises one of an alias or a surrogate factor, and wherein the storage device of the Proxy Service Manager Server computer stores further instructions, prior to the instructions for establishing a secure communications channel, configured to cause the Proxy Service Manager Server processor to transmit the alias or surrogate factor to the Authentication Service Manager computer.
3 . The system of claim 1 , further comprising, prior to the instructions for receiving a payment authorization message, instructions configured for causing the Proxy Service Manager Server processor to:
receive a payment authorization denied message; and transmit the payment authorization denied message to a merchant device.
4 . The system of claim 1 , further comprising, prior to the instructions for receiving the AAV token, instructions configured to cause the Proxy Service Manager Server processor to:
receive an authentication failed message from the Authentication Service Manager Server computer; and transmit a cardholder authentication failure message to a merchant device.
5 . A non-transitory computer readable medium storing instructions for authenticating a consumer and authorizing a card not present (CNP) transaction by causing a Proxy Service Manager Server computer to:
receive a consumer authentication request from a merchant device, the consumer authentication request including consumer information obtained by the merchant device from a consumer mobile device operated by a consumer during a card not present (CNP) transaction; transmit the consumer authentication request to the Authentication Service Manager Server computer; establish a secure communications channel between the Proxy Service Manager Server computer and the Authentication Service Manager Server computer; transmit the consumer authentication request comprising the consumer information via the secure communications channel to the Authentication Service Manager Server computer associated with the consumer; receive a non-repudiable one-time accountholder authentication value (“AAV”) token generated by the Authentication Service Manager Server computer; generate a payment authorization request that includes the AAV token in a Universal Card Authentication Field; transmit the payment authorization request to the Acquirer FI Server computer; receive a payment authorization message signifying that the Issuer FI validated the AAV token; and transmit the payment authorization message to the merchant device to complete the CNP purchase transaction.
6 . The non-transitory computer readable medium of claim 5 , wherein the consumer authentication request comprises one of an alias or a surrogate factor, and wherein the instructions for transmitting the consumer authentication request further comprises instructions configured to transmit the alias or surrogate factor to the Authentication Service Manager computer.
7 . The non-transitory computer readable medium of claim 5 , further comprising, prior to the instructions for receiving a payment authorization message, instructions configured for causing the Proxy Service Manager Server computer to:
receive a payment authorization denied message; and transmit the payment authorization denied message to a merchant device.
8 . The non-transitory computer readable medium of claim 5 , further comprising, prior to the instructions for receiving the AAV token, instructions configured to cause the Proxy Service Manager Server computer to:
receive an authentication failed message from the Authentication Service Manager Server computer; and transmit a cardholder authentication failure message to a merchant device.
9 . A remote payments assurance system, comprising:
a Proxy Service Manager Server computer comprising a Proxy Service Manager Server processor operably connected to a storage device; an Authentication Service Manager Server computer operably connected to the Proxy Service Manager Server computer; an Acquirer Financial Institution (FI) Server computer operably connected to the Proxy Service Manager Server computer; a payment network operably connected to the Acquirer Financial Institution Server computer; and an Issuer financial institution server computer operably connected to the payment network; wherein the storage device of the Proxy Service Manager Server computer stores instructions configured to cause the Proxy Service Manager Server processor to:
receive, from a merchant device, a consumer authentication request comprising a consumer identifier and a pre-authorization token-having an expiration date, the merchant device communicating with a consumer mobile device when a consumer initiates a card not present (CNP) transaction;
determine that the expiration date of the pre-authorization token is valid;
establish a secure communications channel between the Proxy Service Manager Server computer and the Authentication Service Manager Server computer;
transmit the consumer authentication request via the secure communications channel to the Authentication Service Manager Server computer associated with the consumer;
receive a non-repudiable, one-time accountholder authentication value (“AAV”) token from the Authentication Service Manager Server computer;
generate a payment authorization request that includes the AAV token in a Universal Card Authentication Field;
transmit the payment authorization request to an Acquirer financial institution (FI) Server computer;
receive a payment authorization message signifying that the Issuer FI validated the AAV token; and
transmit the payment authorization message to the merchant device to complete the CNP purchase transaction.
10 . The system of claim 9 , wherein the storage device of the Proxy Service Manager Server computer stores further instructions, prior to the instructions for receiving the AAV token, configured to cause the Proxy Service Manager Server processor to:
receive an authentication failure message; and transmit the authentication failure message to the merchant device.
11 . The system of claim 9 , wherein the storage device of the Proxy Service Manager Server computer stores further instructions, subsequent to transmitting the payment authorization request, configured to cause the Proxy Service Manager Server processor to:
receive a payment authorization denied message; and transmit the payment authorization denied message to a merchant device.
12 . The system of claim 9 , wherein the instructions for transmitting the payment authorization request to an Acquirer FI Server computer further comprises instructions configured to cause the Proxy Service Manager Server processor to transmit merchant identification information.
13 . The system of claim 12 , wherein the storage device of the Proxy Service Manager Server computer stores further instructions, subsequent to the instructions for transmitting the payment authorization request to an Acquirer FI Server computer, instructions configured to cause the Proxy Service Manager Server processor to receive a payment authorization denied message based on the merchant identification information.
14 . A non-transitory computer readable medium storing instructions for authenticating a consumer and authorizing a card not present (CNP) transaction by causing a Proxy Service Manager Server computer to:
receive, from a merchant device, a consumer authentication request comprising a consumer identifier and a pre-authorization token-having an expiration date, the merchant device communicating with a consumer mobile device when a consumer initiates a card not present (CNP) transaction; determine that the expiration date of the pre-authorization token is valid; establish a secure communications channel between the Proxy Service Manager Server computer and the Authentication Service Manager Server computer; transmit the consumer authentication request via the secure communications channel to the Authentication Service Manager Server computer associated with the consumer; receive a non-repudiable, one-time accountholder authentication value (“AAV”) token from the Authentication Service Manager Server computer; generate a payment authorization request that includes the AAV token in a Universal Card Authentication Field; transmit the payment authorization request to an Acquirer financial institution (FI) Server computer; receive a payment authorization message signifying that the Issuer FI validated the AAV token; and transmit the payment authorization message to the merchant device to complete the CNP purchase transaction.
15 . The non-transitory computer readable medium of claim 14 , storing further instructions, prior to the instructions for receiving the AAV token, configured to cause the Proxy Service Manager Server computer to:
receive an authentication failure message; and transmit the authentication failure message to the merchant device.
16 . The non-transitory computer readable medium of claim 14 , storing further instructions, subsequent to transmitting the payment authorization request, configured to cause the Proxy Service Manager Server computer to:
receive a payment authorization denied message; and transmit the payment authorization denied message to a merchant device.
17 . The non-transitory computer readable medium of claim 14 , wherein the instructions for transmitting the payment authorization request to an Acquirer FI Server computer further comprises instructions configured to cause the Proxy Service Manager Server computer to transmit merchant identification information.
18 . The non-transitory computer readable medium of claim 17 , storing further instructions, subsequent to the instructions for transmitting the payment authorization request to an Acquirer FI Server computer, instructions configured to cause the Proxy Service Manager Server computer to receive a payment authorization denied message based on the merchant identification information.
19 . A remote payments assurance system, comprising:
a Proxy Service Manager Server computer; an Authentication Service Manager Server computer comprising an Authentication Service Manager Server processor operably connected to a storage device, the Authentication Service Manager Server computer operably connected to the Proxy Service Manager Server computer; an Acquirer Financial Institution (FI) Server computer in communication with the Proxy Service Manager Server computer; a payment network operably connected to the Acquirer FI Server computer; and an Issuer FI server computer operably connected to the payment network; wherein the storage device of the Authentication Service Manager Server computer stores instructions configured to cause the Authentication Service Manager Server processor to:
receive from the Proxy Service Manager computer having a relationship with an Acquirer FI, a consumer identifier;
retrieve, based on the consumer identifier, a MS-ISDN number from a database storing consumer mobile device data;
match the consumer identifier to data stored in a database;
transmit, by utilizing the MS-ISDN number, a challenge/response request to a consumer device;
receive a correct response to the challenge/response request from the consumer device;
generate a unique and non-repudiable AAV token; and
transmit the non-repudiable AAV token to a Proxy Service Manager Server computer.
20 . The system of claim 19 , further comprising, subsequent to the instructions for receiving the consumer identifier, instructions configured for causing the Proxy Service Manager Server processor to:
fail to match the consumer identifier to data stored in the database; and transmit an authentication failure message to the Proxy Service Manager Server computer.
21 . A non-transitory computer readable medium storing instructions for authenticating a consumer by causing an Authentication Service Manager Server computer to:
receive from the Proxy Service Manager computer having a relationship with an Acquirer FI, a consumer identifier; retrieve, based on the consumer identifier, a MS-ISDN number from a database storing consumer mobile device data; match the consumer identifier to data stored in a database; transmit, by utilizing the MS-ISDN number, a challenge/response request to a consumer device; receive a correct response to the challenge/response request from the consumer device; generate a unique and non-repudiable AAV token; and transmit the non-repudiable AAV token to a Proxy Service Manager Server computer.
22 . The non-transitory computer readable medium of claim 21 , storing further instructions, subsequent to the instructions for receiving the consumer identifier, instructions configured for causing the Authentication Service Manager Server computer to:
fail to match the consumer identifier to data stored in the database; and transmit an authentication failure message to the Proxy Service Manager Server computer.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.