US2023122616A1PendingUtilityA1

Initiating direct session with bank access control server in a user verification process

Assignee: AGE CHECKED LTDPriority: Mar 16, 2017Filed: Aug 22, 2022Published: Apr 20, 2023
Est. expiryMar 16, 2037(~10.7 yrs left)· nominal 20-yr term from priority
G06Q 2220/00G06F 21/31G06F 21/6254G06Q 20/02G06F 2221/2133H04L 9/3213G06Q 20/40G06Q 20/3821G06Q 20/385H04L 63/0861G06Q 20/12G06Q 20/4014H04L 63/0807H04L 63/18H04L 63/0884G06Q 30/0607G06F 21/40G06F 21/45
54
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A computerized method for securely verifying age of users of remote devices interacting with provider resources includes receiving a request for age verification of the user; providing directly to the user device an interface for input of identifying data; receiving, from the user device, identifying data; providing, to a third party verification source, the identifying data; receiving, from the third party verification source, an indication of confirmation of the identifying data; determining, based on the received indication, whether a confidence level has been met; responsive to determining that a confidence level as been met, causing a token indicative of age verification to be generated; providing the token to the user device; providing a positive indication to the provider system, including identification of the token, and anonymizing user-identifiable data.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A computerized method for age verification of a user communicating from a remote device with a provider server, comprising:
 receiving, by a central server system, from the provider server, a request for age verification, the request including data indicative of a payment card, and data permitting direct communication with the remote device;   responsive to receipt of the request, requesting, by the central server system, verification from a payment card network corresponding to the payment card data;   receiving, by the central server system, from the payment card network data indicative of a Uniform Resource Locator (URL) of an access control system of an issuing bank corresponding to the payment card data;   initiating, by the central server system, a direct session between the remote device and the access control server to permit the access control server to request authentication data from the remote device;   receiving, by the central server system, a verification response from the access control server; and   providing, by the central server system, data indicative of approval or denial of age verification to the provider system.   
     
     
         2 . The method of  claim 1 , wherein the direct session is initiated via a display on a user interface of the remote device. 
     
     
         3 . The method of  claim 1 , further comprising identifying, by the central server system, a web resource for an issuing bank of the payment card. 
     
     
         4 . The method of  claim 3 , wherein the identifying is performed by a merchant plug-in module of the central server system comprising instructions which cause the central server system to identify the web resource for the issuing bank of the payment card. 
     
     
         5 . The method of  claim 1 , further comprising transmitting, by the central server system, verification data to the user via a separate channel. 
     
     
         6 . The method of  claim 5 , wherein the display on the user device displays a data entry field and an instruction to input a code, into the data entry field, corresponding to the verification data transmitted to the user. 
     
     
         7 . The method of  claim 6 , further comprising:
 receiving, by the central server system, the code input by the user; and   detecting, by the central server system, a match or mismatch between the verification data transmitted to the user via the separate channel and the code input by the user into the data entry field of the display on the user device;   wherein providing data indicative of approval or denial of age verification to the provider system comprises one of: providing approval of the age verification responsive to detection of a match between the verification data transmitted to the user via the separate channel and the code input by the user into the data entry field of the display on the user device, or providing denial of the age verification responsive to detection of a mismatch between the verification data transmitted to the user via the separate channel and the code input by the user into the data entry field of the display on the user device.   
     
     
         8 . The method of  claim 7 , further comprising:
 responsive to detection of a mismatch between the verification data transmitted to the user via the separate channel and the code input by the user into the data entry field of the display on the user device, renewing, by the central server system, the direct session to receive a subsequent attempt to input the code.   
     
     
         9 . The method of  claim 1 , wherein the data indicative of the payment card comprises data sufficient for the central server to obtain a URL for the access control server, and wherein initiating the direct session between the remote device and the access control server comprises redirecting a browser executing on the remote device to the URL of the access control server. 
     
     
         10 . The method of  claim 1 , further comprising:
 receiving, by the central computer system, from the provider system, data indicative of user identification, and wherein the data indicative of the payment card comprises at least a payment card number comprising a predetermined number of digits in sequence;   accessing, by the central computer system, data indicative of ranges of values for selected sub-sequences of digits, each of the ranges of values indicative of a range of values corresponding to ranges designated for issue of payment cards; and   applying, by the central computer system, the payment card number data to the data indicative of ranges of values, to determine whether or not the payment card data corresponds to one of the designated ranges;   wherein providing, by the central server system, data indicative of approval or denial of age verification to the provider system comprises performing one of the following steps:
 responsive to one of: determining, by the central computer system, that the payment card data does not correspond to any one of the designated ranges, or receiving a negative verification response from the access control server, returning an indication that age is not verified; and 
 responsive to one of: determining, by the central computer system, that the payment card data corresponds to one of the designated ranges, or receiving a positive verification response from the access control server, returning an indication that age is verified. 
   
     
     
         11 . The method of  claim 10 , wherein the accessing comprises accessing locally stored data indicative of valid ranges of sub-sequences. 
     
     
         12 . A computer system for verifying age of a user communicating from remote device with a provider server, comprising:
 a central system memory, storing processor-executable instructions; and   one or more central system computer processors in communication with the central system memory, the processor-executable instructions causing the one or more central system computer processors to:
 receive, from the provider server, a request for age verification, the request including data indicative of a payment card, and data permitting direct communication with the remote device; 
 responsive to receipt of the request, request verification from a payment card network corresponding to the payment card data; 
 receive from the payment card network data indicative of a URL of an access control system of an issuing bank corresponding to the payment card data; 
 initiate a direct session between the remote device and the access control server to permit the access control server to request authentication data from the remote device; 
 receive a verification response from the access control server; and 
 provide data indicative of approval or denial of age verification to the provider server. 
   
     
     
         13 . The system of  claim 12 , wherein the direct session is initiated via a display on a user interface of the remote device. 
     
     
         14 . The system of  claim 12 , wherein the data indicative of a payment card comprises one or more of a name, a card number, a billing address, and a card verification value (CVV) code. 
     
     
         15 . The system of  claim 12 , wherein the central server system is registered with a payment card interchange network. 
     
     
         16 . The system of  claim 12 , wherein the user interface comprises a browser on the remote device. 
     
     
         17 . The system of  claim 12 , wherein the instructions further cause the one or more computer processors to:
 identify a web resource for an issuing bank of the payment card.   
     
     
         18 . The system of  claim 12 , wherein, responsive to initiation of the direct session, a data entry field and an instruction to input a code into the data entry field corresponding to the verification data transmitted to the user are displayed on a user interface of the remote device; and
 wherein the instructions further cause the one or more computer processors to:
 transmit verification data to the user via a separate channel comprising one of a text message or an email message; 
 receive the code input by the user into the data entry field; and 
 detect a match or mismatch between the verification data transmitted to the user via the separate channel and the code input by the user into the data entry field of the pop up; 
   wherein providing data indicative of approval or denial of age verification to the provider system comprises: providing approval of the age verification responsive to detection of a match between the verification data transmitted to the user via the separate channel and the code input by the user into the data entry field of the pop up, or providing denial of the age verification responsive to detection of a mismatch between the verification data transmitted to the user via the separate channel and the code input by the user into the data entry field of the pop up.   
     
     
         19 . The system of  claim 12 , wherein the data indicative of the payment card comprises at least a payment card number comprising a predetermined number of digits in sequence; and
 wherein the instructions further cause the one or more computer processors to:
 receive from the provider system, data indicative of user identification, including at least a payment card number comprising a predetermined number of digits in sequence; 
 access data indicative of ranges of values for selected sub-sequences of digits, each of the ranges of values indicative of a range of values corresponding to ranges designated for issue of payment cards; and 
 apply the payment card number data to the data indicative of ranges of values, to determine whether or not the payment card data corresponds to one of the designated ranges; 
   wherein the instructions to provide data indicative of approval or denial of age verification to the provider server comprise instructions that cause the one or more computer processors to perform one of the following steps:
 responsive to one of: determining that the payment card data does not correspond to any one of the designated ranges, or receiving a negative verification response from the access control server, return an indication that age is not verified; and 
 responsive to one of: determining that the payment card data corresponds to one of the designated ranges, or receiving a positive verification response from the access control server, return an indication that age is verified. 
   
     
     
         20 . The system of  claim 19 , wherein the wherein the instructions to access data indicative of ranges of values for selected sub-sequences of digits comprises instruction to access locally stored data indicative of valid ranges of sub-sequences.

Join the waitlist — get patent alerts

Track US2023122616A1 — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.