US20200097959A1 - Payment transaction process employing dynamic account expiry and dynamic token verification code - Google Patents
Payment transaction process employing dynamic account expiry and dynamic token verification codeDownload PDFInfo
- Publication number
- US20200097959A1 US20200097959A1US16/138,234US201816138234AUS2020097959A1US 20200097959 A1US20200097959 A1US 20200097959A1US 201816138234 AUS201816138234 AUS 201816138234AUS 2020097959 A1US2020097959 A1US 2020097959A1
- Authority
- US
- United States
- Prior art keywords
- payment
- dynamic
- transaction
- token
- verification code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
- G06Q20/127—Shopping or accessing services according to a time-limitation
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/385—Payment protocols; Details thereof using an alias or single-use codes
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q2220/00—Business processing using cryptography
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Definitions
- FIG. 1is a block diagram that illustrates a conventional payment system 100 .
- the system 100includes a customer device 102 by which a user 103 accesses an e-commerce server 104 via the internet 105 .
- the customer device 102may be any type of computing device usable to allow access to the internet, and runs a browser program (not separately shown) to enable interaction between the customer device 102 and the various resources available via the internet.
- the customer device 102may be, for example, a personal computer, a laptop computer, a tablet computer or a mobile-browser-equipped smartphone or other mobile device.
- the e-commerce server 104is typically a server computer operated by or on behalf of a merchant to host an online store/shopping website and to allow virtual visits to the website from customer devices.
- the e-commerce server 104also operates to handle online-shopping transactions, typically funded by a payment system account owned by the user 103 .
- online shopping transactionthe user 103 operates the customer device 102 to select one or more items for purchase, then elects to enter a checkout phase of the transaction, in which information that identifies the user's payment system account is provided to or accessed by the e-commerce server 104 .
- a computer 108 operated by an acquireris also shown as part of the system 100 in FIG. 1 .
- the acquirermay be a financial institution that provides payment account acceptance services to the merchant that operates the e-commerce server 104 .
- the acquirer computer 108may operate to receive a transaction authorization request message (“authorization request”) for the online shopping transaction from the e-commerce server 104 .
- the acquirer computer 108may route the authorization request via a payment network 110 (sometimes also referred to as a “card network”) to the server computer 112 operated by the issuer of the payment account that was specified during the checkout phase of the online shopping transaction.
- a transaction authorization response message (“authorization response”) generated by the payment account issuer server computer 112may be routed back to the e-commerce server 104 via the payment network 110 and the acquirer computer 108 .
- BanknetOne well known example of a payment network is referred to as the “Banknet” system, and is operated by Mastercard International Incorporated, which is the assignee hereof.
- the payment account issuer server computer 112may be operated by or on behalf of a financial institution (“FI”) that issues payment accounts to individual users and/or other entities.
- FIfinancial institution
- the payment account issuer server computer 112may perform such functions as (a) receiving and responding to requests for authorization of payment account transactions to be charged to payment accounts issued by the FI; (b) engaging in payment transaction clearing operations; and (c) tracking and storing transactions and maintaining account records.
- a typical payment systemmay process many purchase transactions (including simultaneous transactions) and may include a considerable number of payment account issuers and their computers, a considerable number of acquirers and their computers, and numerous merchants and their e-commerce servers.
- the systemmay also include a very large number of payment account holders, who engage in online shopping transactions.
- a typical payment system like that shown in FIG. 1may also handle numerous face to face purchase transactions at the point of sale in retail stores and other establishments.
- the customermay present a payment card or other payment-enabled device (e.g., a payment-enabled mobile device) to a point of sale (POS) terminal.
- POSpoint of sale
- the POS terminalis operated by the merchant (or merchant's employee) to read payment account information from the card or device presented by the customer.
- An authorization requestmay originate from the POS terminal for routing to the account issuer, and the authorization response may be routed back to the POS terminal from the account issuer.
- the userenters the PAN (primary account number) for his/her payment card account during the checkout phase of interaction between the customer device and the e-commerce server.
- PANprimary account number
- the user's payment accountmay be represented by a payment token, which is a character string that serves as a replacement for the PAN during part of the transaction process.
- the payment tokenmay be dedicated for use only in e-commerce transactions with the merchant in question.
- the present inventorshave now recognized an opportunity to further enhance the security and convenience of e-commerce transactions.
- FIG. 1is a block diagram that illustrates a conventional payment system.
- FIG. 2is a block diagram that illustrates a payment system provided according to aspects of the present disclosure.
- FIG. 3is a block diagram that illustrates a computer system that may perform a role in the system of FIG. 2 .
- FIG. 4is a block diagram that illustrates another computer system that may perform a role in the system of FIG. 2 .
- FIG. 5is a simplified block diagram of a customer device that may perform a role in the system of FIG. 2 .
- FIG. 6is a flow chart that illustrates a process that may be performed in the system of FIG. 2 according to aspects of the present disclosure.
- the usermay request a transaction-specific set of payment credentials from a remote payment services computer.
- the payment services computermay look up a payment token that points to an account that the user has selected to use for the current transaction.
- the payment services computermay also engage in a cryptographic process or processes to generate dynamic expiry data and a dynamic token verification code.
- the payment service computermay send the payment token, the dynamic expiry data and the dynamic token verification code to the user as a set of transaction-specific payment credentials.
- the usermay in turn provide the set of payment credentials to the merchant for inclusion in an authorization request and downstream verification of the dynamic expiry data and the dynamic token verification code.
- the desirable security goalis met of effectively submitting a transaction-specific token that can be verified during payment system processing and that cannot be reused if intercepted by a wrongdoer.
- FIG. 2is a block diagram that illustrates a payment system 200 provided according to aspects of the present disclosure.
- a user 103is shown operating a customer device 202 , so as to interact with an e-commerce server 204 via the internet 105 .
- An acquirer 108provides the e-commerce server (merchant) 204 with access to a payment network 110 a .
- the systemalso includes an account issuer 112 , to which the merchant's authorization request is ultimately routed via the payment network 110 a .
- the system 200further includes a payment services computer 206 . Via in-app or internet communication 208 , the customer device 202 interacts with the payment services provider 206 to obtain a set of payment credentials, as described herein.
- the two dot-dash lines 210 linking the payment services computer 206 to the payment network 110 aare intended to imply the possibility or possibilities that (a) the payment services computer 206 is under common operation with the payment network 110 a ; and/or (b) the payment services computer is closely associated with, in frequent communication with, and/or at least partially overlaps with computing resources employed in operating the payment network 110 a.
- FIG. 2only shows components required for handling a single transaction.
- the system 200there may be numerous e-commerce servers, and customer devices, a large number of merchants' banks/acquirers and issuers, and potentially also a number of payment service computers.
- the system 200may also handle transactions at the point of sale, and so may include many items of POS equipment like those referred to above.
- the system 200may include a very large number of customer payment devices, such as cards, fobs, payment-enabled mobile devices, etc., for use in initiating transactions at the point of sale.
- FIG. 3is a block diagram that illustrates an embodiment of the payment services computer 206 shown in FIG. 2 .
- the payment services computer 206may, in its hardware aspects, resemble a typical server computer and/or mainframe computer, but may be controlled by software to cause it to function as described herein.
- the payment services computer 206may be constituted by commercially available server computer hardware and/or by cloud-based computing resources.
- the payment services computer 206may include a computer processor 300 operatively coupled to a communication device 301 , a storage device 304 , an input device 306 and an output device 308 .
- the communications device 301 , the storage device 304 , the input device 306 and the output device 308may all be in communication with the processor 300 .
- the computer processor 300may be constituted by one or more conventional processors. Processor 300 operates to execute processor-executable steps, contained in program instructions described below, so as to control the payment services computer 206 to provide desired functionality.
- Communication device 301may be used to facilitate communication with, for example, other devices (such as customer devices).
- communication device 301may comprise numerous communication ports (not separately shown), to allow the payment services computer 206 to communicate simultaneously with a large number of other devices, including communications as required to simultaneously handle numerous requests for payment credentials.
- Input device 306may comprise one or more of any type of peripheral device typically used to input data into a computer.
- the input device 306may include a keyboard and a mouse.
- Output device 308may comprise, for example, a display and/or a printer.
- Storage device 304may comprise any appropriate information storage device, including combinations of magnetic storage devices (e.g., hard disk drives), optical storage devices such as CDs and/or DVDs, and/or semiconductor memory devices such as Random Access Memory (RAM) devices and Read Only Memory (ROM) devices, as well as so-called flash memory. Any one or more of such information storage devices may be considered to be a computer-readable storage medium or a computer usable medium or a memory.
- magnetic storage devicese.g., hard disk drives
- optical storage devicessuch as CDs and/or DVDs
- semiconductor memory devicessuch as Random Access Memory (RAM) devices and Read Only Memory (ROM) devices, as well as so-called flash memory.
- RAMRandom Access Memory
- ROMRead Only Memory
- Storage device 304stores one or more programs for controlling processor 300 .
- the programscomprise program instructions (which may be referred to as computer readable program code means) that contain processor-executable process steps of the payment services computer 206 , executed by the processor 300 to cause the payment services computer 206 to function as described herein.
- the programs stored in the storage device 304may also include a software communications interface 310 that programs the processor 300 to facilitate communications between the payment services computer 206 and customer/user devices.
- the storage device 304may also store a payment credentials request handling application program 312 .
- the payment credentials request handling application program 312may program the processor 300 to enable the payment services computer 206 to handle numerous requests for payment credentials as described herein.
- the storage device 304may also store, and the payment services computer 206 may also execute, other programs, which are not shown.
- programsmay include a reporting application, which may respond to requests from system administrators for reports on the activities performed by the payment services computer 206 .
- the other programsmay also include, e.g., database management software, device drivers, etc.
- the storage device 304may also store one or more databases 314 required for operation of the payment services computer 206 .
- FIG. 4is a block diagram that illustrates an embodiment of a computer 401 that performs at least some functionality required for operation of the payment network 110 a .
- the computer 401will accordingly be referred to as the “payment network computer.”
- the payment network computer 401may resemble the above-described payment services computer 206 in terms of hardware architecture and/or constituent components. Accordingly, the payment network computer 401 may include a computer processor 400 operatively coupled to a communication device 402 , a storage device 404 , an input device 406 and an output device 408 .
- the communications device 402 , the storage device 404 , the input device 406 and the output device 408may all be in communication with the processor 400 .
- Processor 400operates to execute processor-executable steps, contained in program instructions described below, so as to control the payment network computer 401 to provide desired functionality.
- Storage device 404stores one or more programs for controlling processor 400 .
- the programscomprise program instructions (which may be referred to as computer readable program code means) that contain processor-executable process steps of the payment network computer 401 executed by the processor 400 to cause the payment network computer 401 to function as described herein.
- the programsmay include one or more conventional operating systems (not shown) that control the processor 400 so as to manage and coordinate activities and sharing of resources in the payment network computer 401 , and to serve as a host for application programs (described below) that run on the payment network computer 401 .
- the programs stored in the storage device 404may also include a software communications interface 410 to facilitate data communications between the payment network computer 401 and computers operated by transaction acquirer banks.
- the storage device 404may store a software communications interface 412 to facilitate data communications between the payment network computer 401 and computers operated by account issuer banks.
- the storage device 404may also store a transaction handling application program 414 .
- the transaction handling application program 414may program the processor 400 to enable the payment network computer 401 to handle numerous payment account system transactions including verification of payment credentials as described below.
- the storage device 404may store a transaction clearing application program 416 .
- the transaction clearing application program 416may program the processor 400 to enable the payment network computer 401 to handle clearing of payment account system transactions between issuer and acquirer banks.
- the storage device 404may also store, and the payment network computer 401 may also execute, other programs, which are not shown.
- programsmay include a reporting application, which may respond to requests from system administrators for reports on the activities performed by the payment network computer 401 .
- the other programsmay also include, e.g., database management software, device drivers, etc.
- the storage device 404may also store one or more databases 418 required for operation of the payment network computer 401 .
- FIG. 5is a simplified block diagram of an example of the customer device 202 shown in FIG. 2 .
- the customer device 202is illustrated as a mobile device such as a smartphone.
- the customer device 202may include a housing 503 . (In cases where the customer device 202 is a desktop computer, the customer device 202 may include several housings including the “tower” housing, the keyboard housing, etc.)
- the customer device 202further includes a processor/control circuit 506 , which is contained within the housing 503 . Also included in the customer device 202 is a storage/memory device or devices (reference numeral 508 ).
- the storage/memory devices 508are in communication with the processor/control circuit 506 and may contain program instructions to control the processor/control circuit 506 to manage and perform various functions of the customer device 202 .
- Programs/applications (or “apps”) that are stored in the storage/memory devices 508are represented at block 510 in FIG. 5 , and may be accessed to program the processor/control circuit 506 .
- a browser programis shown separately from the programs/apps 510 and is represented by block 511 .
- a payment app 512is depicted separately from the other programs/apps 510 Physical and/or software aspects of the device user interface, including input/output (I/O) devices, are represented at block 513 in FIG. 5 .
- the customer device 202may include communications components as represented by block 514 .
- the communications components 514allow the customer device 202 to engage in data communication with other devices.
- the communications components 514may support mobile communications functions that include voice and data communications via a mobile communications network (not shown).
- the data communication capabilities of the customer device 202may allow for online browsing sessions and interactions with webpages via the browser 512 and/or may support “in-app” communication sessions.
- FIG. 6is a flow chart that illustrates a process that may be performed in the payment system 200 according to aspects of the present disclosure.
- the user 103operates his/her customer device 202 /browser 512 to engage in an online shopping transaction via interaction between the browser 512 and the e-commerce server computer 204 ( FIG. 2 ). It is assumed that the user 103 selects one or more items for purchase in the transaction, and proceeds to the checkout phase (block 604 ) of the online shopping transaction.
- Step 606it is determined that the merchant/e-commerce server 204 supports a payment method, as described below in more detail, in which dynamic expiry data and a dynamic token verification code are coupled with a payment token to form a set of payment credentials. Step 606 may occur via an interaction between the mobile browser 511 ( FIG. 5 ) and the e-commerce server 204 .
- step 608 in FIG. 6it is determined that the payment app 512 ( FIG. 5 ) supports the payment method referred to above in connection with step 606 . This determination may occur via an interaction between the mobile browser 511 and the payment app.
- the payment appis assumed to be selected by the user from among a number of different payment mechanisms that may be supported by the merchant.
- the useris presented with an opportunity to select from among a number of different accounts belonging to the user, with the selection to indicate which account is to be used for the current transaction.
- the accounts available for selectionmay include a deposit account maintained at a bank and belonging to the user.
- Other account options available for selectionmay include credit card accounts, debit card accounts, prepaid card accounts, etc. It is further assumed at 612 that the user selects one of the available account options.
- the customer device 202via operation of the payment app 512 , may interact with the payment services computer 206 so as to transmit to the payment services computer 206 a request for payment credentials. It may be assumed that the payment services computer 206 receives the request for payment credentials.
- the request for payment credentialsmay include an indication of the account that the user selected at 612 .
- the payment services computer 206may look up a previously created payment token that has been associated ahead of time with the selected account.
- look upincludes the payment services computer 206 accessing a token database that it stores and/or communicating with a token service provider (not shown) to retrieve the result of a mapping between the selected account and a payment token previously assigned to represent the selected account.
- the payment services computer 206generates dynamic expiry data to be associated for the current transaction with the payment token looked up at 616 .
- the expiry datais “dynamic” in the sense that it is changed from transaction to transaction, rather than being fixed (for a period of a few years) as is the conventional expiration date generally associated with a PAN or payment token.
- the payment services computer 206generates a dynamic token verification code to be associated for the current transaction with the payment token looked up at 616 .
- the dynamic token verification codeis to take the place of a “fixed” code such as a CVC that is customarily associated with a PAN or payment token.
- the dynamic token verification codeis “dynamic” in the sense that it is changed from transaction to transaction, rather than being fixed (for a period of a few years) as is a conventional CVC associated with a PAN.
- the steps 618 and 620may be accomplished via one or more cryptographic processes performed by the payment services computer 206 .
- the payment token looked up at 616may be one of the inputs of the cryptographic process or processes.
- One or more items of transaction datai.e., data that indicates one or more attributes of the current transaction
- Examples of transaction datamay include transaction number, transaction amount and/or transaction date and/or time.
- the payment services computer 206may concatenate the payment token with one, two or more numeric items of transaction data and then may digitally sign the resulting numeric string with a secret cryptographic key.
- the resulting digital signatureis a second numeric string from which the dynamic expiry data and the dynamic token verification code may be derived.
- the first three digits of the second numeric stringmay be used as the dynamic token verification code.
- the next four or more digits of the second numeric stringmay be subjected to a transformation that produces a four-digit number that satisfies the constraints required to mimic a valid card expiration date.
- the resulting four-digit numbermay be employed as the dynamic expiry data.
- the payment services computer 206may transmit the payment token looked up at 616 , the dynamic expiry data generated at 618 and the dynamic token verification code generated at 620 to the customer device 202 as the requested set of payment credentials. It may be assumed that the result of step 622 is that the payment app 512 in the customer device 202 receives that set of payment credentials.
- the payment app 512may pass the payment credentials to the mobile browser 511 in the customer device 202 .
- the mobile browsermay control the customer device 202 to transmit the payment credentials to the e-commerce server 204 . It may be assumed that the e-commerce server 204 receives the payment credentials transmitted to it at 624 .
- the e-commerce server 202may assemble a transaction authorization request message (authorization request) in a standard format.
- the payment tokenmay be inserted in the payment account number field of the authorization request format.
- the dynamic expiry datamay be inserted in the card expiration date field of the authorization request format.
- the dynamic token verification codemay be inserted in the (for example) CVC field in the authorization request format.
- the authorization requestmay also include transaction data such as transaction amount and merchant i.d., including the one or more items of transaction data used by the payment services computer 206 to generate the dynamic expiry data and the dynamic token verification code.
- Block 630 in FIG. 6represents routing and processing of the authorization request. This may include routing the authorization request via the acquirer 108 to the payment network 110 a .
- the payment network computer 401may detokenize (or obtain detokenization of) the payment token, and also may verify the dynamic expiry data and the dynamic token verification code.
- the verification processingmay include duplicating the process by which the payment services computer 206 generated the dynamic expiry data and the dynamic token verification code using the payment token and transaction data as inputs.
- the payment network computer 401may route the authorization request to the account issuer 112 .
- the authorization requestmay contain one or more indications that the payment network computer 401 had verified the payment credentials.
- the transaction authorization response messagemay be generated by the account issuer 112 and routed to the merchant. It may be assumed for purposes of this discussion that the authorization request and the condition of the user's account satisfied the issuer's requirements for approving the transaction, and that the authorization response accordingly indicates approval of the requested transaction.
- the merchantmay send a message to the customer device 202 to indicate that payment processing for the transaction has been completed. Fulfillment of the transaction by the merchant may then proceed in due course.
- a highly secure mode of account identificationmay be incorporated in an e-commerce transaction.
- the desirable goal of what is in effect a transaction-specific set of payment credentialsis achieved in a manner that is convenient for the user.
- the payment token itselfmay be reused, the token itself would be of little value to a wrongdoer, if one should intercept it, because the payment token is used only in combination with transaction-specific dynamic expiry data and a dynamic token verification code.
- the latter two elements of the payment credentialsare transaction-specific and are changed for every transaction.
- transaction authorizationoccurs after the user has engaged in selection of an online purchase and has selected a bank account as the payment instrument.
- Authorization request processingproceeds from the merchant via the acquirer and the payment network to the account issuer. It will be understood that payment credentials were obtained by the user and provided to the merchant as described above in connection with FIG. 6 . As the authorization response is processed at the payment network, the dynamic elements of the payment credentials are verified. Fraud services may also be performed by the payment network, along with detokenization.
- an ACH (automated clearing house) processorassociated with the payment network may enrich the authorization request with payment instruction details (e.g., “from” the user's bank account and “to” the user's bank holding account) and converts the authorization request in ISO 8583 format to ISO 20022 format before sending the authorization request to the user's bank.
- payment instruction detailse.g., “from” the user's bank account and “to” the user's bank holding account
- the ACH processorconverts the authorization response from the user's bank from ISO 20022 to ISO 8583 before sending the authorization response back to the acquirer.
- the ACH processoralso matches the authorized and cleared transactions before sending them to the user's bank.
- the ACH processorsends payment instructions to the user's bank to debit the user's bank account and to credit the user's bank holding account.
- the ACH processorprovides clearing and reconciliation files to the user's bank to support clearing and reconciliation.
- a settlement account management system(not separately shown) sends the settlement advice to a payment network settlement bank (not shown) after reconciling authorization and clearing files.
- the user's banksettles with the payment network settlement bank, which then settles with the acquirer bank.
- the real time clearing modewill next be discussed.
- transaction authorizationoccurs after the user has engaged in selection of an online purchase and has selected a bank account as the payment instrument.
- Authorization request processingproceeds from the merchant via the acquirer and the payment network to the account issuer. It will be understood that payment credentials were obtained by the user and provided to the merchant as described above in connection with FIG. 6 .
- the authorization responseis processed at the payment network, the dynamic elements of the payment credentials are verified. Fraud services may also be performed by the payment network, along with detokenization.
- an ACH (automated clearing house) processorassociated with the payment network may enrich the authorization request with payment instruction details (e.g., “from” the user's bank account and “to” the user's bank holding account) and converts the authorization request in ISO 8583 format to ISO 20022 format before sending the authorization request to the user's bank.
- payment instruction detailse.g., “from” the user's bank account and “to” the user's bank holding account
- the ACH processorconverts the authorization response from the user's bank from ISO 20022 to ISO 8583 before sending the authorization response back to the acquirer.
- the ACH processoralso appends the merchant's bank account information to the payment request.
- the ACH processorsends the payment request to the user's bank to debit the user's bank account and credit the merchant bank account.
- the user's bankclears the transaction with a real-time payment bank (not shown), which in turn clears the transaction with the acquirer bank.
- the user's banksettles with the real-time payments bank, which settles with the acquirer bank.
- the term “computer”should be understood to encompass a single computer or two or more computers in communication with each other.
- processorshould be understood to encompass a single processor or two or more processors in communication with each other.
- memoryshould be understood to encompass a single memory or storage device or two or more memories or storage devices.
- the term “payment card system account”includes a credit card account or a deposit account that the account holder may access using a debit card.
- the terms “payment card system account” and “payment card account” and “payment system account” and “payment account”are used interchangeably herein.
- the term “payment card account number”includes a number that identifies a payment card system account or a number carried by a payment card, or a number that is used to route a transaction in a payment system that handles debit card and/or credit card transactions.
- the term “payment card”includes a credit card or a debit card.
- the term “payment card system”refers to a system for handling purchase transactions and related transactions.
- An example of such a systemis the one operated by Mastercard International Incorporated, the assignee of the present disclosure.
- the term “payment card system”may be limited to systems in which member financial institutions issue payment card accounts to individuals, businesses and/or other organizations.
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Engineering & Computer Science (AREA)
- General Business, Economics & Management (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Description
FIG. 1 is a block diagram that illustrates aconventional payment system 100.- The
system 100 includes acustomer device 102 by which auser 103 accesses ane-commerce server 104 via theinternet 105. Thecustomer device 102 may be any type of computing device usable to allow access to the internet, and runs a browser program (not separately shown) to enable interaction between thecustomer device 102 and the various resources available via the internet. Thecustomer device 102 may be, for example, a personal computer, a laptop computer, a tablet computer or a mobile-browser-equipped smartphone or other mobile device. Thee-commerce server 104 is typically a server computer operated by or on behalf of a merchant to host an online store/shopping website and to allow virtual visits to the website from customer devices. The e-commerceserver 104 also operates to handle online-shopping transactions, typically funded by a payment system account owned by theuser 103. In an online shopping transaction, theuser 103 operates thecustomer device 102 to select one or more items for purchase, then elects to enter a checkout phase of the transaction, in which information that identifies the user's payment system account is provided to or accessed by thee-commerce server 104. - A
computer 108 operated by an acquirer (acquiring financial institution) is also shown as part of thesystem 100 inFIG. 1 . The acquirer may be a financial institution that provides payment account acceptance services to the merchant that operates thee-commerce server 104. Theacquirer computer 108 may operate to receive a transaction authorization request message (“authorization request”) for the online shopping transaction from thee-commerce server 104. Theacquirer computer 108 may route the authorization request via a payment network110 (sometimes also referred to as a “card network”) to theserver computer 112 operated by the issuer of the payment account that was specified during the checkout phase of the online shopping transaction. A transaction authorization response message (“authorization response”) generated by the payment accountissuer server computer 112 may be routed back to thee-commerce server 104 via thepayment network 110 and theacquirer computer 108. - One well known example of a payment network is referred to as the “Banknet” system, and is operated by Mastercard International Incorporated, which is the assignee hereof.
- The payment account
issuer server computer 112 may be operated by or on behalf of a financial institution (“FI”) that issues payment accounts to individual users and/or other entities. For example, the payment accountissuer server computer 112 may perform such functions as (a) receiving and responding to requests for authorization of payment account transactions to be charged to payment accounts issued by the FI; (b) engaging in payment transaction clearing operations; and (c) tracking and storing transactions and maintaining account records. - The components of the
system 100 as depicted inFIG. 1 are only those that are needed for processing a single transaction. A typical payment system may process many purchase transactions (including simultaneous transactions) and may include a considerable number of payment account issuers and their computers, a considerable number of acquirers and their computers, and numerous merchants and their e-commerce servers. The system may also include a very large number of payment account holders, who engage in online shopping transactions. - As is well known to those who are skilled in the art, a typical payment system like that shown in
FIG. 1 may also handle numerous face to face purchase transactions at the point of sale in retail stores and other establishments. In a typical such transaction (not illustrated), the customer may present a payment card or other payment-enabled device (e.g., a payment-enabled mobile device) to a point of sale (POS) terminal. The POS terminal is operated by the merchant (or merchant's employee) to read payment account information from the card or device presented by the customer. An authorization request may originate from the POS terminal for routing to the account issuer, and the authorization response may be routed back to the POS terminal from the account issuer. - In some e-commerce transactions, the user enters the PAN (primary account number) for his/her payment card account during the checkout phase of interaction between the customer device and the e-commerce server. In other arrangements, there may be a “card-on-file” with the e-commerce server, so that the user does not have to enter his/her PAN. To enhance security, and help to protect the PAN from being intercepted by a wrongdoer, in a card-on-file arrangement the user's payment account may be represented by a payment token, which is a character string that serves as a replacement for the PAN during part of the transaction process. For example, the payment token may be dedicated for use only in e-commerce transactions with the merchant in question.
- The present inventors have now recognized an opportunity to further enhance the security and convenience of e-commerce transactions.
- Features and advantages of some embodiments of the present disclosure, and the manner in which the same are accomplished, will become more readily apparent upon consideration of the following detailed description of the disclosure taken in conjunction with the accompanying drawings, which illustrate preferred and exemplary embodiments and which are not necessarily drawn to scale, wherein:
FIG. 1 is a block diagram that illustrates a conventional payment system.FIG. 2 is a block diagram that illustrates a payment system provided according to aspects of the present disclosure.FIG. 3 is a block diagram that illustrates a computer system that may perform a role in the system ofFIG. 2 .FIG. 4 is a block diagram that illustrates another computer system that may perform a role in the system ofFIG. 2 .FIG. 5 is a simplified block diagram of a customer device that may perform a role in the system ofFIG. 2 .FIG. 6 is a flow chart that illustrates a process that may be performed in the system ofFIG. 2 according to aspects of the present disclosure.- In general, and for the purpose of introducing concepts of embodiments of the present disclosure, as part of an e-commerce transaction, the user may request a transaction-specific set of payment credentials from a remote payment services computer. In response to the request, the payment services computer may look up a payment token that points to an account that the user has selected to use for the current transaction. The payment services computer may also engage in a cryptographic process or processes to generate dynamic expiry data and a dynamic token verification code. The payment service computer may send the payment token, the dynamic expiry data and the dynamic token verification code to the user as a set of transaction-specific payment credentials. The user may in turn provide the set of payment credentials to the merchant for inclusion in an authorization request and downstream verification of the dynamic expiry data and the dynamic token verification code.
- With an arrangement of this kind, the desirable security goal is met of effectively submitting a transaction-specific token that can be verified during payment system processing and that cannot be reused if intercepted by a wrongdoer.
FIG. 2 is a block diagram that illustrates apayment system 200 provided according to aspects of the present disclosure.- As in the system of
FIG. 1 , auser 103 is shown operating acustomer device 202, so as to interact with ane-commerce server 204 via theinternet 105. Anacquirer 108 provides the e-commerce server (merchant)204 with access to apayment network 110a. The system also includes anaccount issuer 112, to which the merchant's authorization request is ultimately routed via thepayment network 110a. In accordance with aspects of the present disclosure, thesystem 200 further includes apayment services computer 206. Via in-app orinternet communication 208, thecustomer device 202 interacts with thepayment services provider 206 to obtain a set of payment credentials, as described herein. - The two dot-
dash lines 210 linking thepayment services computer 206 to thepayment network 110aare intended to imply the possibility or possibilities that (a) thepayment services computer 206 is under common operation with thepayment network 110a; and/or (b) the payment services computer is closely associated with, in frequent communication with, and/or at least partially overlaps with computing resources employed in operating thepayment network 110a. - As was the case with the system as depicted in
FIG. 1 ,FIG. 2 only shows components required for handling a single transaction. In a practical embodiment of thesystem 200, there may be numerous e-commerce servers, and customer devices, a large number of merchants' banks/acquirers and issuers, and potentially also a number of payment service computers. Thesystem 200 may also handle transactions at the point of sale, and so may include many items of POS equipment like those referred to above. Still further, thesystem 200 may include a very large number of customer payment devices, such as cards, fobs, payment-enabled mobile devices, etc., for use in initiating transactions at the point of sale. FIG. 3 is a block diagram that illustrates an embodiment of thepayment services computer 206 shown inFIG. 2 .- Referring now to
FIG. 3 , thepayment services computer 206 may, in its hardware aspects, resemble a typical server computer and/or mainframe computer, but may be controlled by software to cause it to function as described herein. For example, thepayment services computer 206 may be constituted by commercially available server computer hardware and/or by cloud-based computing resources. - The
payment services computer 206 may include acomputer processor 300 operatively coupled to acommunication device 301, astorage device 304, aninput device 306 and anoutput device 308. Thecommunications device 301, thestorage device 304, theinput device 306 and theoutput device 308 may all be in communication with theprocessor 300. - The
computer processor 300 may be constituted by one or more conventional processors.Processor 300 operates to execute processor-executable steps, contained in program instructions described below, so as to control thepayment services computer 206 to provide desired functionality. Communication device 301 may be used to facilitate communication with, for example, other devices (such as customer devices). For example,communication device 301 may comprise numerous communication ports (not separately shown), to allow thepayment services computer 206 to communicate simultaneously with a large number of other devices, including communications as required to simultaneously handle numerous requests for payment credentials.Input device 306 may comprise one or more of any type of peripheral device typically used to input data into a computer. For example, theinput device 306 may include a keyboard and a mouse.Output device 308 may comprise, for example, a display and/or a printer.Storage device 304 may comprise any appropriate information storage device, including combinations of magnetic storage devices (e.g., hard disk drives), optical storage devices such as CDs and/or DVDs, and/or semiconductor memory devices such as Random Access Memory (RAM) devices and Read Only Memory (ROM) devices, as well as so-called flash memory. Any one or more of such information storage devices may be considered to be a computer-readable storage medium or a computer usable medium or a memory.Storage device 304 stores one or more programs for controllingprocessor 300. The programs comprise program instructions (which may be referred to as computer readable program code means) that contain processor-executable process steps of thepayment services computer 206, executed by theprocessor 300 to cause thepayment services computer 206 to function as described herein.- The programs may include one or more conventional operating systems (not shown) that control the
processor 300 so as to manage and coordinate activities and sharing of resources in thepayment services computer 206, and to serve as a host for application programs (described below) that run on thepayment services computer 206. - The programs stored in the
storage device 304 may also include asoftware communications interface 310 that programs theprocessor 300 to facilitate communications between thepayment services computer 206 and customer/user devices. - The
storage device 304 may also store a payment credentials request handlingapplication program 312. The payment credentials request handlingapplication program 312 may program theprocessor 300 to enable thepayment services computer 206 to handle numerous requests for payment credentials as described herein. - The
storage device 304 may also store, and thepayment services computer 206 may also execute, other programs, which are not shown. For example, such programs may include a reporting application, which may respond to requests from system administrators for reports on the activities performed by thepayment services computer 206. The other programs may also include, e.g., database management software, device drivers, etc. - The
storage device 304 may also store one ormore databases 314 required for operation of thepayment services computer 206. FIG. 4 is a block diagram that illustrates an embodiment of acomputer 401 that performs at least some functionality required for operation of thepayment network 110a. Thecomputer 401 will accordingly be referred to as the “payment network computer.” Thepayment network computer 401 may resemble the above-describedpayment services computer 206 in terms of hardware architecture and/or constituent components. Accordingly, thepayment network computer 401 may include acomputer processor 400 operatively coupled to acommunication device 402, astorage device 404, aninput device 406 and anoutput device 408. Thecommunications device 402, thestorage device 404, theinput device 406 and theoutput device 408 may all be in communication with theprocessor 400.Processor 400 operates to execute processor-executable steps, contained in program instructions described below, so as to control thepayment network computer 401 to provide desired functionality.Storage device 404 stores one or more programs for controllingprocessor 400. The programs comprise program instructions (which may be referred to as computer readable program code means) that contain processor-executable process steps of thepayment network computer 401 executed by theprocessor 400 to cause thepayment network computer 401 to function as described herein.- The programs may include one or more conventional operating systems (not shown) that control the
processor 400 so as to manage and coordinate activities and sharing of resources in thepayment network computer 401, and to serve as a host for application programs (described below) that run on thepayment network computer 401. - The programs stored in the
storage device 404 may also include a software communications interface410 to facilitate data communications between thepayment network computer 401 and computers operated by transaction acquirer banks. In addition, thestorage device 404 may store a software communications interface412 to facilitate data communications between thepayment network computer 401 and computers operated by account issuer banks. - The
storage device 404 may also store a transaction handling application program414. The transaction handling application program414 may program theprocessor 400 to enable thepayment network computer 401 to handle numerous payment account system transactions including verification of payment credentials as described below. - Still further, the
storage device 404 may store a transactionclearing application program 416. The transactionclearing application program 416 may program theprocessor 400 to enable thepayment network computer 401 to handle clearing of payment account system transactions between issuer and acquirer banks. - The
storage device 404 may also store, and thepayment network computer 401 may also execute, other programs, which are not shown. For example, such programs may include a reporting application, which may respond to requests from system administrators for reports on the activities performed by thepayment network computer 401. The other programs may also include, e.g., database management software, device drivers, etc. - The
storage device 404 may also store one ormore databases 418 required for operation of thepayment network computer 401. FIG. 5 is a simplified block diagram of an example of thecustomer device 202 shown inFIG. 2 . In this example embodiment, thecustomer device 202 is illustrated as a mobile device such as a smartphone.- The
customer device 202 may include ahousing 503. (In cases where thecustomer device 202 is a desktop computer, thecustomer device 202 may include several housings including the “tower” housing, the keyboard housing, etc.) - The
customer device 202 further includes a processor/control circuit 506, which is contained within thehousing 503. Also included in thecustomer device 202 is a storage/memory device or devices (reference numeral508). The storage/memory devices 508 are in communication with the processor/control circuit 506 and may contain program instructions to control the processor/control circuit 506 to manage and perform various functions of thecustomer device 202. Programs/applications (or “apps”) that are stored in the storage/memory devices 508 are represented atblock 510 inFIG. 5 , and may be accessed to program the processor/control circuit 506. In view of its pertinence to the teachings of this disclosure, a browser program is shown separately from the programs/apps 510 and is represented byblock 511. In the same vein, apayment app 512 is depicted separately from the other programs/apps 510 Physical and/or software aspects of the device user interface, including input/output (I/O) devices, are represented atblock 513 inFIG. 5 . - As is typical for computing devices, the
customer device 202 may include communications components as represented byblock 514. Thecommunications components 514 allow thecustomer device 202 to engage in data communication with other devices. For example, thecommunications components 514 may support mobile communications functions that include voice and data communications via a mobile communications network (not shown). The data communication capabilities of thecustomer device 202 may allow for online browsing sessions and interactions with webpages via thebrowser 512 and/or may support “in-app” communication sessions. - From the foregoing discussion, it will be appreciated that the blocks depicted in
FIG. 5 as components of thecustomer device 202 may in effect overlap with each other, and/or there may be functional connections among the blocks which are not explicitly shown in the drawing. FIG. 6 is a flow chart that illustrates a process that may be performed in thepayment system 200 according to aspects of the present disclosure.- At602 in
FIG. 6 , theuser 103 operates his/hercustomer device 202/browser 512 to engage in an online shopping transaction via interaction between thebrowser 512 and the e-commerce server computer204 (FIG. 2 ). It is assumed that theuser 103 selects one or more items for purchase in the transaction, and proceeds to the checkout phase (block604) of the online shopping transaction. - At606 in
FIG. 6 , it is determined that the merchant/e-commerce server 204 supports a payment method, as described below in more detail, in which dynamic expiry data and a dynamic token verification code are coupled with a payment token to form a set of payment credentials. Step606 may occur via an interaction between the mobile browser511 (FIG. 5 ) and thee-commerce server 204. - At608 in
FIG. 6 , it is determined that the payment app512 (FIG. 5 ) supports the payment method referred to above in connection withstep 606. This determination may occur via an interaction between themobile browser 511 and the payment app. - At610, the payment app is assumed to be selected by the user from among a number of different payment mechanisms that may be supported by the merchant.
- At612, the user is presented with an opportunity to select from among a number of different accounts belonging to the user, with the selection to indicate which account is to be used for the current transaction. In some embodiments, the accounts available for selection may include a deposit account maintained at a bank and belonging to the user. Other account options available for selection may include credit card accounts, debit card accounts, prepaid card accounts, etc. It is further assumed at612 that the user selects one of the available account options.
- At614, the
customer device 202, via operation of thepayment app 512, may interact with thepayment services computer 206 so as to transmit to the payment services computer206 a request for payment credentials. It may be assumed that thepayment services computer 206 receives the request for payment credentials. The request for payment credentials may include an indication of the account that the user selected at612. - At616, the
payment services computer 206 may look up a previously created payment token that has been associated ahead of time with the selected account. As used herein and in the appended claims to “look up” includes thepayment services computer 206 accessing a token database that it stores and/or communicating with a token service provider (not shown) to retrieve the result of a mapping between the selected account and a payment token previously assigned to represent the selected account. - At618, the
payment services computer 206 generates dynamic expiry data to be associated for the current transaction with the payment token looked up at616. The expiry data is “dynamic” in the sense that it is changed from transaction to transaction, rather than being fixed (for a period of a few years) as is the conventional expiration date generally associated with a PAN or payment token. - At620, the
payment services computer 206 generates a dynamic token verification code to be associated for the current transaction with the payment token looked up at616. The dynamic token verification code is to take the place of a “fixed” code such as a CVC that is customarily associated with a PAN or payment token. The dynamic token verification code is “dynamic” in the sense that it is changed from transaction to transaction, rather than being fixed (for a period of a few years) as is a conventional CVC associated with a PAN. - In some embodiments, the
steps payment services computer 206. The payment token looked up at616 may be one of the inputs of the cryptographic process or processes. One or more items of transaction data (i.e., data that indicates one or more attributes of the current transaction) may also be an input or inputs of the cryptographic process. Examples of transaction data may include transaction number, transaction amount and/or transaction date and/or time. - According to one example cryptographic process for accomplishing
steps payment services computer 206 may concatenate the payment token with one, two or more numeric items of transaction data and then may digitally sign the resulting numeric string with a secret cryptographic key. The resulting digital signature is a second numeric string from which the dynamic expiry data and the dynamic token verification code may be derived. For example, the first three digits of the second numeric string may be used as the dynamic token verification code. The next four or more digits of the second numeric string may be subjected to a transformation that produces a four-digit number that satisfies the constraints required to mimic a valid card expiration date. The resulting four-digit number may be employed as the dynamic expiry data. Based on the above description, those who are skilled in the art will recognize that other cryptographic processes may alternatively be used to generate the dynamic expiry data and the dynamic token verification code, using the payment token and one or more items of transaction data as inputs. - Referring again to
FIG. 6 , at622, thepayment services computer 206 may transmit the payment token looked up at616, the dynamic expiry data generated at618 and the dynamic token verification code generated at620 to thecustomer device 202 as the requested set of payment credentials. It may be assumed that the result ofstep 622 is that thepayment app 512 in thecustomer device 202 receives that set of payment credentials. - At624, the
payment app 512 may pass the payment credentials to themobile browser 511 in thecustomer device 202. At626, the mobile browser may control thecustomer device 202 to transmit the payment credentials to thee-commerce server 204. It may be assumed that thee-commerce server 204 receives the payment credentials transmitted to it at624. - At628, the e-commerce server202 (i.e., the merchant) may assemble a transaction authorization request message (authorization request) in a standard format. The payment token may be inserted in the payment account number field of the authorization request format. The dynamic expiry data may be inserted in the card expiration date field of the authorization request format. The dynamic token verification code may be inserted in the (for example) CVC field in the authorization request format. The authorization request may also include transaction data such as transaction amount and merchant i.d., including the one or more items of transaction data used by the
payment services computer 206 to generate the dynamic expiry data and the dynamic token verification code. Block 630 inFIG. 6 represents routing and processing of the authorization request. This may include routing the authorization request via theacquirer 108 to thepayment network 110a. As part of the processing of the authorization request, thepayment network computer 401 may detokenize (or obtain detokenization of) the payment token, and also may verify the dynamic expiry data and the dynamic token verification code. The verification processing may include duplicating the process by which thepayment services computer 206 generated the dynamic expiry data and the dynamic token verification code using the payment token and transaction data as inputs.- With the PAN or other account number data produced by detokenization, the
payment network computer 401 may route the authorization request to theaccount issuer 112. As forwarded from thepayment network computer 401 to theaccount issuer 112, the authorization request may contain one or more indications that thepayment network computer 401 had verified the payment credentials. - At632, the transaction authorization response message may be generated by the
account issuer 112 and routed to the merchant. It may be assumed for purposes of this discussion that the authorization request and the condition of the user's account satisfied the issuer's requirements for approving the transaction, and that the authorization response accordingly indicates approval of the requested transaction. - At634, the merchant (e-commerce server204) may send a message to the
customer device 202 to indicate that payment processing for the transaction has been completed. Fulfillment of the transaction by the merchant may then proceed in due course. - With a payment process as described herein, a highly secure mode of account identification may be incorporated in an e-commerce transaction. The desirable goal of what is in effect a transaction-specific set of payment credentials is achieved in a manner that is convenient for the user. Although the payment token itself may be reused, the token itself would be of little value to a wrongdoer, if one should intercept it, because the payment token is used only in combination with transaction-specific dynamic expiry data and a dynamic token verification code. The latter two elements of the payment credentials are transaction-specific and are changed for every transaction. Because of the security provided by cryptographic processes, the notional wrongdoer would likely find it impossible to generate valid expiry data and a valid token verification code in order to re-use the token, assuming the same were to be intercepted. Consequently, there is reduced concern over any possible data security breach that might occur with respect to the merchant's systems.
- There will now be a further discussion of aspects of the process illustrated in
FIG. 6 , particularly in regard to transaction authorization and clearing. According to one clearing mode of operation, payment settlement occurs in real time. According to another clearing mode of operation, traditional payment system clearing processes take place. - The traditional clearing mode will be discussed first. In this mode, transaction authorization occurs after the user has engaged in selection of an online purchase and has selected a bank account as the payment instrument. Authorization request processing proceeds from the merchant via the acquirer and the payment network to the account issuer. It will be understood that payment credentials were obtained by the user and provided to the merchant as described above in connection with
FIG. 6 . As the authorization response is processed at the payment network, the dynamic elements of the payment credentials are verified. Fraud services may also be performed by the payment network, along with detokenization. - Assuming approval of the authorization request, an ACH (automated clearing house) processor (not separately shown) associated with the payment network may enrich the authorization request with payment instruction details (e.g., “from” the user's bank account and “to” the user's bank holding account) and converts the authorization request in ISO 8583 format to ISO 20022 format before sending the authorization request to the user's bank.
- The ACH processor converts the authorization response from the user's bank from ISO 20022 to ISO 8583 before sending the authorization response back to the acquirer. The ACH processor also matches the authorized and cleared transactions before sending them to the user's bank.
- The ACH processor sends payment instructions to the user's bank to debit the user's bank account and to credit the user's bank holding account. The ACH processor provides clearing and reconciliation files to the user's bank to support clearing and reconciliation. A settlement account management system (not separately shown) sends the settlement advice to a payment network settlement bank (not shown) after reconciling authorization and clearing files. The user's bank settles with the payment network settlement bank, which then settles with the acquirer bank.
- The real time clearing mode will next be discussed. In this mode, transaction authorization occurs after the user has engaged in selection of an online purchase and has selected a bank account as the payment instrument. Authorization request processing proceeds from the merchant via the acquirer and the payment network to the account issuer. It will be understood that payment credentials were obtained by the user and provided to the merchant as described above in connection with
FIG. 6 . As the authorization response is processed at the payment network, the dynamic elements of the payment credentials are verified. Fraud services may also be performed by the payment network, along with detokenization. - Assuming approval of the authorization request, an ACH (automated clearing house) processor (not separately shown) associated with the payment network may enrich the authorization request with payment instruction details (e.g., “from” the user's bank account and “to” the user's bank holding account) and converts the authorization request in ISO 8583 format to ISO 20022 format before sending the authorization request to the user's bank.
- The ACH processor converts the authorization response from the user's bank from ISO 20022 to ISO 8583 before sending the authorization response back to the acquirer. The ACH processor also appends the merchant's bank account information to the payment request.
- The ACH processor sends the payment request to the user's bank to debit the user's bank account and credit the merchant bank account. The user's bank clears the transaction with a real-time payment bank (not shown), which in turn clears the transaction with the acquirer bank. The user's bank settles with the real-time payments bank, which settles with the acquirer bank.
- As used herein and in the appended claims, the term “computer” should be understood to encompass a single computer or two or more computers in communication with each other.
- As used herein and in the appended claims, the term “processor” should be understood to encompass a single processor or two or more processors in communication with each other.
- As used herein and in the appended claims, the term “memory” should be understood to encompass a single memory or storage device or two or more memories or storage devices.
- The flow charts and descriptions thereof herein should not be understood to prescribe a fixed order of performing the method steps described therein. Rather the method steps may be performed in any order that is practicable, including simultaneous performance of at least some steps and/or omitting one or more steps.
- As used herein and in the appended claims, the term “payment card system account” includes a credit card account or a deposit account that the account holder may access using a debit card. The terms “payment card system account” and “payment card account” and “payment system account” and “payment account” are used interchangeably herein. The term “payment card account number” includes a number that identifies a payment card system account or a number carried by a payment card, or a number that is used to route a transaction in a payment system that handles debit card and/or credit card transactions. The term “payment card” includes a credit card or a debit card.
- As used herein and in the appended claims, the term “payment card system” refers to a system for handling purchase transactions and related transactions. An example of such a system is the one operated by Mastercard International Incorporated, the assignee of the present disclosure. In some embodiments, the term “payment card system” may be limited to systems in which member financial institutions issue payment card accounts to individuals, businesses and/or other organizations.
- Although the present disclosure has been set forth in connection with specific exemplary embodiments, it should be understood that various changes, substitutions, and alterations apparent to those skilled in the art can be made to the disclosed embodiments without departing from the spirit and scope of the disclosure as set forth in the appended claims.
Claims (20)
1. A method comprising:
receiving a request for payment credentials, the request indicating an account from which payment for a transaction is to be made;
looking up a payment token that corresponds to said account;
generating dynamic expiry data and a dynamic token verification code; and
responding to the request by transmitting the looked-up payment token, the generated dynamic expiry data and the generated dynamic token verification code.
2. The method ofclaim 1 , wherein said transmitted payment token, dynamic expiry data and dynamic token verification code collectively uniquely correspond to said transaction.
3. The method ofclaim 2 , wherein said generating step includes a cryptographic process that has the looked-up payment token as an input.
4. The method ofclaim 3 , wherein said cryptographic process has transaction data as another input, said transaction data corresponding to at least one attribute of said transaction.
5. The method ofclaim 1 , further comprising, after said responding step:
receiving a transaction authorization request message, the transaction authorization request message containing said payment token, said dynamic expiry data and said dynamic token verification code.
6. The method ofclaim 5 , further comprising, after receiving said transaction authorization request message:
verifying said dynamic expiry data and said dynamic token verification code.
7. The method ofclaim 1 , wherein the receiving, looking-up, generating and responding steps are performed by a payment services computer.
8. The method ofclaim 7 , wherein the payment services computer is operated by an operator of a payment account system.
9. The method ofclaim 1 , wherein the indicated account is a deposit account maintained at a bank.
10. A method comprising:
sending a request for payment credentials for a transaction; and
receiving the requested payment credentials, the received payment credentials including a payment token, dynamic expiry data and a dynamic token verification code;
wherein the payment token, the dynamic expiry data and the dynamic token verification code collectively uniquely correspond to said transaction.
11. The method ofclaim 10 , further comprising:
submitting the received payment credentials to a merchant associated with the transaction.
12. The method ofclaim 11 , wherein the sending, receiving and submitting steps are performed by a mobile device.
13. An apparatus comprising:
a processor; and
a memory in communication with the processor, the memory storing program instructions, the processor operative with the program instructions to perform functions as follows:
receiving a request for payment credentials, the request indicating an account from which payment for a transaction is to be made;
looking up a payment token that corresponds to said account;
generating dynamic expiry data and a dynamic token verification code; and
responding to the request by transmitting the looked-up payment token, the generated dynamic expiry data and the generated dynamic token verification code.
14. The apparatus ofclaim 13 , wherein said transmitted payment token, dynamic expiry data and dynamic token verification code collectively uniquely correspond to said transaction.
15. The apparatus ofclaim 14 , wherein said generating function includes a cryptographic process that has the looked-up payment token as an input.
16. The apparatus ofclaim 15 , wherein said cryptographic process has transaction data as another input, said transaction data corresponding to at least one attribute of said transaction.
17. The apparatus ofclaim 13 , wherein the processor is further operative, after performing said responding function, to receive a transaction authorization request message, the transaction authorization request message containing said payment token, said dynamic expiry data and said dynamic token verification code.
18. The apparatus ofclaim 17 , wherein the processor is further operative, after receiving said transaction authorization request message, to verify said dynamic expiry data and said dynamic token verification code.
19. The apparatus ofclaim 13 , wherein the processor and the memory are components of a payment services computer.
20. The apparatus ofclaim 13 , wherein the indicated account is a deposit account maintained at a bank.
Priority Applications (7)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US16/138,234US20200097959A1 (en) | 2018-09-21 | 2018-09-21 | Payment transaction process employing dynamic account expiry and dynamic token verification code |
| US17/276,995US12243049B2 (en) | 2018-09-21 | 2019-08-02 | Payment transaction process employing dynamic account expiry and dynamic token verification code |
| AU2019345229AAU2019345229B2 (en) | 2018-09-21 | 2019-08-02 | Payment transaction process employing dynamic account expiry and dynamic token verification code |
| EP19863132.7AEP3853798B1 (en) | 2018-09-21 | 2019-08-02 | Payment transaction process employing dynamic account expiry and dynamic token verification code |
| PCT/US2019/044864WO2020060676A1 (en) | 2018-09-21 | 2019-08-02 | Payment transaction process employing dynamic account expiry and dynamic token verification code |
| EP25199730.0AEP4633081A2 (en) | 2018-09-21 | 2019-08-02 | Payment transaction process employing dynamic account expiry and dynamic token verification code |
| US19/043,899US20250182099A1 (en) | 2018-09-21 | 2025-02-03 | Payment transaction process employing dynamic account expiry and dynamic token verification code |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US16/138,234US20200097959A1 (en) | 2018-09-21 | 2018-09-21 | Payment transaction process employing dynamic account expiry and dynamic token verification code |
Related Child Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US17/276,995ContinuationUS12243049B2 (en) | 2018-09-21 | 2019-08-02 | Payment transaction process employing dynamic account expiry and dynamic token verification code |
| PCT/US2019/044864ContinuationWO2020060676A1 (en) | 2018-09-21 | 2019-08-02 | Payment transaction process employing dynamic account expiry and dynamic token verification code |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| US20200097959A1true US20200097959A1 (en) | 2020-03-26 |
Family
ID=69884937
Family Applications (3)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US16/138,234AbandonedUS20200097959A1 (en) | 2018-09-21 | 2018-09-21 | Payment transaction process employing dynamic account expiry and dynamic token verification code |
| US17/276,995Active2040-02-17US12243049B2 (en) | 2018-09-21 | 2019-08-02 | Payment transaction process employing dynamic account expiry and dynamic token verification code |
| US19/043,899PendingUS20250182099A1 (en) | 2018-09-21 | 2025-02-03 | Payment transaction process employing dynamic account expiry and dynamic token verification code |
Family Applications After (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US17/276,995Active2040-02-17US12243049B2 (en) | 2018-09-21 | 2019-08-02 | Payment transaction process employing dynamic account expiry and dynamic token verification code |
| US19/043,899PendingUS20250182099A1 (en) | 2018-09-21 | 2025-02-03 | Payment transaction process employing dynamic account expiry and dynamic token verification code |
Country Status (4)
| Country | Link |
|---|---|
| US (3) | US20200097959A1 (en) |
| EP (2) | EP3853798B1 (en) |
| AU (1) | AU2019345229B2 (en) |
| WO (1) | WO2020060676A1 (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10902409B2 (en)* | 2016-07-13 | 2021-01-26 | Sung Won Lee | Method and system for card payment approval using mobile terminal of mobile card holder |
| EP4307611A1 (en)* | 2022-07-15 | 2024-01-17 | Mastercard International Incorporated | Data communication and cryptographic operations for secure wireless interactions |
| EP4307610A1 (en)* | 2022-07-15 | 2024-01-17 | Mastercard International Incorporated | Rapid secure wireless transaction |
| US20240144247A1 (en)* | 2022-10-26 | 2024-05-02 | Jpmorgan Chase Bank, N.A. | Systems and methods for integrated digital wallet payments |
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5671279A (en)* | 1995-11-13 | 1997-09-23 | Netscape Communications Corporation | Electronic commerce using a secure courier system |
| US20120150688A1 (en)* | 2003-03-21 | 2012-06-14 | Ebay Inc. | Payment service to efficiently enable electronic payment |
| US20140310182A1 (en)* | 2013-04-12 | 2014-10-16 | Mastercard International Incorporated | Systems and methods for outputting information on a display of a mobile device |
| US20150032626A1 (en)* | 2013-07-24 | 2015-01-29 | Matthew Dill | Systems and methods for interoperable network token processing |
| US20150254643A1 (en)* | 2014-03-04 | 2015-09-10 | Bank Of America Corporation | Customer token preferences interface |
| US20150254665A1 (en)* | 2014-03-04 | 2015-09-10 | Bank Of America Corporation | Authorizing a temporary token for a user |
| US20150262164A1 (en)* | 2014-03-13 | 2015-09-17 | Google Inc. | Cloud-based secure storage |
| US20170200165A1 (en)* | 2015-12-04 | 2017-07-13 | Prasanna Laxminarayanan | Unique code for token verification |
| US20170373852A1 (en)* | 2016-06-24 | 2017-12-28 | Michael CASSIN | Unique token authentication cryptogram |
| US20180006821A1 (en)* | 2015-02-17 | 2018-01-04 | Visa International Service Association | Token and cryptogram using transaction specific information |
| US20180075260A1 (en)* | 2016-09-13 | 2018-03-15 | Capital One Services, Llc | Systems and methods for generating and managing dynamic customized electronic tokens for electronic device interaction |
| US20180109508A1 (en)* | 2016-10-19 | 2018-04-19 | Index Systems, Inc. | Systems and methods for data management and the use of salts and keys in data encryption/decryption |
| US20190108511A1 (en)* | 2017-10-05 | 2019-04-11 | The Toronto-Dominion Bank | System and method of session key generation and exchange |
| US20190318355A1 (en)* | 2018-04-16 | 2019-10-17 | Visa International Service Association | Method and system for pre-authorizing a delivery transaction |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA2382696A1 (en)* | 2000-06-21 | 2001-12-27 | Edward J. Hogan | An improved method and system for conducting secure payments over a computer network |
| US8534564B2 (en) | 2009-05-15 | 2013-09-17 | Ayman Hammad | Integration of verification tokens with mobile communication devices |
| US9105027B2 (en) | 2009-05-15 | 2015-08-11 | Visa International Service Association | Verification of portable consumer device for secure services |
| US8602293B2 (en) | 2009-05-15 | 2013-12-10 | Visa International Service Association | Integration of verification tokens with portable computing devices |
| US10140598B2 (en)* | 2009-05-20 | 2018-11-27 | Visa International Service Association | Device including encrypted data for expiration date and verification value creation |
| JP2014137398A (en) | 2013-01-15 | 2014-07-28 | Sony Corp | Display device, display drive device, drive method, and electronic apparatus |
| US20160232525A1 (en)* | 2015-02-11 | 2016-08-11 | Mastercard International Incorporated | Online form fill for tokenized credentials |
| US10282726B2 (en)* | 2016-03-03 | 2019-05-07 | Visa International Service Association | Systems and methods for domain restriction with remote authentication |
| US10990967B2 (en) | 2016-07-19 | 2021-04-27 | Visa International Service Association | Method of distributing tokens and managing token relationships |
- 2018
- 2018-09-21USUS16/138,234patent/US20200097959A1/ennot_activeAbandoned
- 2019
- 2019-08-02USUS17/276,995patent/US12243049B2/enactiveActive
- 2019-08-02AUAU2019345229Apatent/AU2019345229B2/enactiveActive
- 2019-08-02EPEP19863132.7Apatent/EP3853798B1/enactiveActive
- 2019-08-02WOPCT/US2019/044864patent/WO2020060676A1/ennot_activeCeased
- 2019-08-02EPEP25199730.0Apatent/EP4633081A2/enactivePending
- 2025
- 2025-02-03USUS19/043,899patent/US20250182099A1/enactivePending
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5671279A (en)* | 1995-11-13 | 1997-09-23 | Netscape Communications Corporation | Electronic commerce using a secure courier system |
| US20120150688A1 (en)* | 2003-03-21 | 2012-06-14 | Ebay Inc. | Payment service to efficiently enable electronic payment |
| US20140310182A1 (en)* | 2013-04-12 | 2014-10-16 | Mastercard International Incorporated | Systems and methods for outputting information on a display of a mobile device |
| US20150032626A1 (en)* | 2013-07-24 | 2015-01-29 | Matthew Dill | Systems and methods for interoperable network token processing |
| US20150254643A1 (en)* | 2014-03-04 | 2015-09-10 | Bank Of America Corporation | Customer token preferences interface |
| US20150254665A1 (en)* | 2014-03-04 | 2015-09-10 | Bank Of America Corporation | Authorizing a temporary token for a user |
| US20150262164A1 (en)* | 2014-03-13 | 2015-09-17 | Google Inc. | Cloud-based secure storage |
| US20180006821A1 (en)* | 2015-02-17 | 2018-01-04 | Visa International Service Association | Token and cryptogram using transaction specific information |
| US20170200165A1 (en)* | 2015-12-04 | 2017-07-13 | Prasanna Laxminarayanan | Unique code for token verification |
| US20170373852A1 (en)* | 2016-06-24 | 2017-12-28 | Michael CASSIN | Unique token authentication cryptogram |
| US20180075260A1 (en)* | 2016-09-13 | 2018-03-15 | Capital One Services, Llc | Systems and methods for generating and managing dynamic customized electronic tokens for electronic device interaction |
| US20180109508A1 (en)* | 2016-10-19 | 2018-04-19 | Index Systems, Inc. | Systems and methods for data management and the use of salts and keys in data encryption/decryption |
| US20190108511A1 (en)* | 2017-10-05 | 2019-04-11 | The Toronto-Dominion Bank | System and method of session key generation and exchange |
| US20190318355A1 (en)* | 2018-04-16 | 2019-10-17 | Visa International Service Association | Method and system for pre-authorizing a delivery transaction |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10902409B2 (en)* | 2016-07-13 | 2021-01-26 | Sung Won Lee | Method and system for card payment approval using mobile terminal of mobile card holder |
| EP4307611A1 (en)* | 2022-07-15 | 2024-01-17 | Mastercard International Incorporated | Data communication and cryptographic operations for secure wireless interactions |
| EP4307610A1 (en)* | 2022-07-15 | 2024-01-17 | Mastercard International Incorporated | Rapid secure wireless transaction |
| US20240020694A1 (en)* | 2022-07-15 | 2024-01-18 | Mastercard International Incorporated | Rapid secure wireless transaction |
| EP4488910A3 (en)* | 2022-07-15 | 2025-01-15 | Mastercard International Incorporated | Contactless transaction |
| US20240144247A1 (en)* | 2022-10-26 | 2024-05-02 | Jpmorgan Chase Bank, N.A. | Systems and methods for integrated digital wallet payments |
| US12406252B2 (en)* | 2022-10-26 | 2025-09-02 | Jpmorgan Chase Bank, N.A. | Systems and methods for integrated digital wallet payments |
Also Published As
| Publication number | Publication date |
|---|---|
| US12243049B2 (en) | 2025-03-04 |
| WO2020060676A1 (en) | 2020-03-26 |
| AU2019345229A1 (en) | 2021-04-15 |
| US20220036347A1 (en) | 2022-02-03 |
| EP3853798A1 (en) | 2021-07-28 |
| AU2019345229B2 (en) | 2025-08-14 |
| EP3853798B1 (en) | 2025-09-24 |
| US20250182099A1 (en) | 2025-06-05 |
| EP4633081A2 (en) | 2025-10-15 |
| EP3853798A4 (en) | 2022-06-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12314923B2 (en) | System and method of tokenizing deposit account numbers for use at payment card acceptance point | |
| US20250182099A1 (en) | Payment transaction process employing dynamic account expiry and dynamic token verification code | |
| US12314946B2 (en) | Dynamic security code authorization verification service | |
| US20190012645A1 (en) | System and methods for accepting dual function payment credential | |
| WO2019125617A1 (en) | Payment systems and methods with card-on-file tokenization | |
| US20160140557A1 (en) | E-commerce based payment system with authentication of electronic invoices | |
| US20240029053A1 (en) | Provisioning of payment acceptance to payment account holders | |
| US20200302442A1 (en) | Systems and methods for tokenizing tokens in transactions | |
| US20160210608A1 (en) | Merchant interface for transaction-related services | |
| US20200118125A1 (en) | Token-based payment transaction authorized at payment gateway | |
| US20200097931A1 (en) | Payment transaction process employing invoice token |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AS | Assignment | Owner name:MASTERCARD INTERNATIONAL INCORPORATED, NEW YORK Free format text:ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:TRAN, YEN;MALHOTRA, SANDEEP;SABET, MOSTAFA HUSSEIN;AND OTHERS;SIGNING DATES FROM 20180909 TO 20180911;REEL/FRAME:046940/0403 | |
| STPP | Information on status: patent application and granting procedure in general | Free format text:FINAL REJECTION MAILED | |
| STPP | Information on status: patent application and granting procedure in general | Free format text:ADVISORY ACTION MAILED | |
| STCB | Information on status: application discontinuation | Free format text:ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |