AU2009100984B4 - A Method and System of Financial Instrument Authentication in a Communication Network - Google Patents

A Method and System of Financial Instrument Authentication in a Communication Network Download PDF

Info

Publication number
AU2009100984B4
AU2009100984B4 AU2009100984A AU2009100984A AU2009100984B4 AU 2009100984 B4 AU2009100984 B4 AU 2009100984B4 AU 2009100984 A AU2009100984 A AU 2009100984A AU 2009100984 A AU2009100984 A AU 2009100984A AU 2009100984 B4 AU2009100984 B4 AU 2009100984B4
Authority
AU
Australia
Prior art keywords
financial instrument
transaction
mobile communication
communication identifier
details
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
AU2009100984A
Other versions
AU2009100984A4 (en
Inventor
Gade Bharavi
Swamy SANJAY
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
MCHEK INDIA PAYMENT SYSTEM PVT Ltd
Original Assignee
MCHEK INDIA PAYMENT SYSTEM PVT
MCHEK INDIA PAYMENT SYSTEM PVT Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to IN2079MU2008 priority Critical
Priority to IN2079/MUM/2008 priority patent/IN2008MU02079A/en
Application filed by MCHEK INDIA PAYMENT SYSTEM PVT, MCHEK INDIA PAYMENT SYSTEM PVT Ltd filed Critical MCHEK INDIA PAYMENT SYSTEM PVT
Application granted granted Critical
Publication of AU2009100984A4 publication Critical patent/AU2009100984A4/en
Publication of AU2009100984B4 publication Critical patent/AU2009100984B4/en
Anticipated expiration legal-status Critical
Application status is Ceased legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61KPREPARATIONS FOR MEDICAL, DENTAL, OR TOILET PURPOSES
    • A61K36/00Medicinal preparations of undetermined constitution containing material from algae, lichens, fungi or plants, or derivatives thereof, e.g. traditional herbal medicines
    • A61K36/18Magnoliophyta (angiosperms)
    • A61K36/185Magnoliopsida (dicotyledons)
    • A61K36/53Lamiaceae or Labiatae (Mint family), e.g. thyme, rosemary or lavender
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61KPREPARATIONS FOR MEDICAL, DENTAL, OR TOILET PURPOSES
    • A61K36/00Medicinal preparations of undetermined constitution containing material from algae, lichens, fungi or plants, or derivatives thereof, e.g. traditional herbal medicines
    • A61K36/18Magnoliophyta (angiosperms)
    • A61K36/185Magnoliopsida (dicotyledons)
    • A61K36/55Linaceae (Flax family), e.g. Linum
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61KPREPARATIONS FOR MEDICAL, DENTAL, OR TOILET PURPOSES
    • A61K36/00Medicinal preparations of undetermined constitution containing material from algae, lichens, fungi or plants, or derivatives thereof, e.g. traditional herbal medicines
    • A61K36/18Magnoliophyta (angiosperms)
    • A61K36/185Magnoliopsida (dicotyledons)
    • A61K36/80Scrophulariaceae (Figwort family)
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61KPREPARATIONS FOR MEDICAL, DENTAL, OR TOILET PURPOSES
    • A61K36/00Medicinal preparations of undetermined constitution containing material from algae, lichens, fungi or plants, or derivatives thereof, e.g. traditional herbal medicines
    • A61K36/18Magnoliophyta (angiosperms)
    • A61K36/88Liliopsida (monocotyledons)
    • A61K36/906Zingiberaceae (Ginger family)
    • A61K36/9068Zingiber, e.g. garden ginger
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]

Description

P;\WPOOC5\KMH\2O09\SpeCflcton\lnnovdon Pt doc-28109/2009 A Method and System of Financial Instrument Authentication in a Communication Network This present disclosure relates to a system for processing financial transactions. More 5 specifically, the disclosure relates to authentication of ownership of a financial instrument over a communication network. Background In existing systems employed for the authorisation of financial transactions utilizing 10 credit cards and debit cards, it is difficult to acquire a firm guarantee that the person initiating the financial transaction is authentic and authorised to conclude the financial transaction. Currently the processes employed by financial institutions e.g., banks do little more than guarantee the availability of funds in the account in issue. It is a process that provides no more than authorisation of the financial transaction after ensuring that funds 15 are accessible to complete the financial transaction. However, these processes do not provide any means of authenticating the ownership of the financial instrument being used by the individual making the transaction. Instances of fraud and charge-backs in mobile-based transactions are a constant concern, and validation of the mobile number in this regard is also useful. Banks and other 20 financial institutions are still exploring the use of mobile commerce to allow their customers to not only access account information, but also make transactions, e.g. purchasing products and services, remitting money via mobile phones and other forms of mobile commerce. However, there exists security concerns of such transactions and particularly issues relating to ownership of the financial instruments used in such 25 transactions. This invention seeks to address some or all the above mentioned problems by providing an authentication method and process for the linking of a card or account to a mobile phone and authenticating the identity and ownership of that card or account by the user. In addition, the invention seeks to introduce a mechanism at least partly to automate 30 these processes rather than relying on existing manual verification and authentication processes.

P:\WPDOC5\KM H\2Ci9\5pecifications\lnnovaton Patentdo-2 6/09/200 -2 Brief Description of Drawings Examples of embodiments of the invention are illustrated by way of illustration and not limitation in the figures of the accompanying drawings, in which like references 5 indicate similar element and in which; Figure 1 is a block diagram illustrating a method for authentication of a financial transaction according to an embodiment of the invention; Figure 2 is a block diagram illustrating an alternative method for authenticating of a financial transaction in accordance to an embodiment of the invention; 10 Figure 3 is a schematic illustration of an authentication system in accordance with an embodiment of the invention; Summary The invention relates to a method of linking a financial instrument to a mobile 15 communication identifier at an authentication system comprising receiving at the authentication system from a user of the financial instrument details of the financial instrument along with details of the mobile communication identifier to which the financial instrument is to be linked; carrying out a financial transaction on the financial instrument for an amount and on receiving transaction authorization storing details of the authorized 20 transaction in a database of the authentication system; receiving transaction information from the user of the financial instrument, the transaction information obtained by the user from the provider of the financial instrument; comparing the transaction information received from the user with the transaction details stored in the database; and linking the financial instrument to the mobile communication identifier on the transaction information 25 received from the user matching the transaction information stored in the database. The invention also relates to a method of linking a financial instrument to a mobile communication identifier at an authentication system comprising receiving at the authentication system from a user of the financial instrument details of the financial instrument along with details of the mobile communication identifier to which the financial 30 instrument is to be linked; carrying out a financial transaction on the financial instrument at the bank for the authentication system for an amount; authorizing the transaction at the P \WPDOCS\KMH\209\Spedfkcations\lnnovadon Patet.doc-28/0l9 -3 bank for the provider of the financial instrument and on receiving transaction authorization storing details of the authorized transaction in a database of the authentication system; the authentication system transmitting to the bank for the provider of the financial instrument transaction information and details of the mobile communication identifier; authenticating 5 the mobile communication identifier at the bank for the provider of the financial instrument; and linking the financial instrument to the mobile communication identifier on receiving an authentication of the mobile communication identifier from the bank for the provider of the financial instrument and storing the mobile communication identifier as verified. 10 The invention also provides for an authentication system for linking a financial instrument to a mobile communication identifier comprising an interface for receiving from a user of the financial instrument details of the financial instrument along with details of the mobile communication identifier to which the financial instrument is to be linked; a switch for communicating with the provider of the financial instrument to authenticate the 15 transaction and to receive transaction authorization; an authentication processor for carrying out a financial transaction on the financial instrument for an amount through the switch; and a database for storing details of an authorized transaction for a user; wherein the interface is also configured to receive transaction information from the user of the financial instrument, the transaction information obtained by the user from the provider of 20 the financial instrument; and the authentication processor also configured to compare the transaction information received from the user with the transaction details stored in the database and to link the financial instrument to the mobile communication identifier on the transaction information received from the user matching the transaction information stored in the database. 25 Detailed Description For the purpose of promoting an understanding of the principles of the invention, reference will now be made to the embodiment illustrated in the drawings and specific language will be used to describe the same. It will nevertheless be understood that no 30 limitation of the scope of the invention is thereby intended, such alterations and further modifications in the illustrated system, and such further applications of the principles of P:\WPDOC5\tM H\2009\5petificatiom\lnnovation Patentdoc-28/0M9/20 -4 the invention as illustrated therein being contemplated as would normally occur to one skilled in the art to which the invention relates. It will be understood by those skilled in the art that the foregoing general description and the following detailed description are exemplary and explanatory of the invention and 5 are not intended to be restrictive thereof. Throughout the patent specification, a convention employed is that in the appended drawings, like numerals denote like components. Many of the functional units described in this specification have been labelled as modules, in order to more particularly emphasize their implementation independence. For example, a module may be implemented as a hardware circuit comprising custom very 10 large scale integration circuits or gate arrays, off-the-shelf semiconductors such as logic, chips, transistors, or the other discrete components. A module may also be implemented in programmable hardware devices such as field programmable gate arrays, programmable array logic, programmable logic devices or the like. Modules may also be implemented in software for execution by various types of 15 processors. An identified module of executable code may, for instance, comprise one or more physical or logical blocks of computer instructions which may, for instance, be organised as an object, procedure, or function. Nevertheless, the executables of an identified module need not be physically located together, but may comprise disparate instructions stored in different locations which, when joined together, comprise the module 20 and achieve the started purpose for the module. Indeed, a module of executable code could be a single instruction, or many instructions, and may even be distributed over several different code segments, among different programs, and across several memory devices. Similarly, operational data may be identified and illustrated herein within modules, and may be embodied in any suitable form 25 and organised within any suitable type of data structure. The operational data maybe collected as a single data set, or may be distributed over different locations including over different member disks, and may exist, at least partially, merely as electronic signals on a system or network. Reference throughout this specification to "one embodiment" "an embodiment" or 30 similar language means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, appearances of the phrase "in one embodiment", "in an embodiment" and P:\WPDOCS\KMH\2009\Speifications\nnovation Pat.tdoc-28/09/209 -5 similar language throughout this specification may, but do not necessarily, all refer to the same embodiment. In the context of this specification: an "authorisation code" is a code that is representative of a transaction and is often 5 essential to allow a transaction to be completed; The terms user, cardholder and account holder are used interchangeably in the context of the following description. A "cardholder" is a user in possession of a credit / debit / prepaid / stored value card linked to a financial account with a financial institution; whereas an "account holder" refers to a user with an account with a financial institution; 10 An authorization system is a third-party independent institution facilitating financial transactions over a communication network; an "acquiring bank" is the financial institution that processes payments for the products or services on behalf of a merchant; an "issuer bank" is a financial institution that provides the financial instrument to the 15 "cardholder" and authorizes payments on this financial instrument . In mobile commerce scenario, a financial instrument, such as credit or debit or prepaid or stored value card or a bank account, is linked to a mobile number which is subsequently used for transactions. A method and system of authenticating ownership of a financial instrument over a 20 communication network is discussed. The method provides for authenticating the ownership of a financial instrument such as a credit or debit or prepaid or stored value card or even a bank account and linking the same to a mobile communication identifier at a third party authentication system. On receiving a user request to link a financial instrument with a mobile communication identifier such as a mobile number, the authentication 25 system carries out a transaction on the financial instrument, details of which are accessible to the authenticated owner of the financial instrument. The user is required to provide details of this transaction to the authentication system in order to authenticate ownership. Once the ownership of the financial instrument is established, the same is linked to the mobile number of the user with a verified status, and the user may carry out subsequent 30 transactions on the mobile number using the authenticated financial instrument linked to it. It is preferred that the mobile communication identifier such as a mobile number or device number is pre-registered with the authentication system. The ownership of the P:\WPOOCS\KMH\2009\Speificatio\innovation Pstentdoc-28/09/209 -6 mobile communication identifier may be checked by way of physical checks or in the manner as described herein. The authentication system may be an independent institution facilitating transactions over a communication channel. The authentication system may be a Financial Institution, a 5 Biller, a service provider, etc. The authentication system may be linked with a bank, to authenticate and verify users and transactions on behalf of the bank. In accordance with an embodiment, a method of authenticating ownership of a card is illustrated in figure 1. A cardholder (as indicated by step 1) submits the financial instrument details such as the card number, date of expiry, card verification code and /or 10 card PIN and registers a financial instrument. This financial instrument is to be linked to a mobile communication identifier such as but not limited to a mobile phone number. The details of such a mobile communication device are also provided by the cardholder to the authentication system. The authentication system carries out a transaction on the financial instrument (as 15 indicated by step 2) and receives a transaction confirmation from the bank (as indicated by step 3). The cardholder is required to access details of this transaction from the bank (as indicated by step 4a) and submit the same to the authentication system (as indicated by step 5) in order to confirm ownership of the financial instrument. This transaction may be in the form of an authorisation request. 20 In accordance with an embodiment, the issuer bank sends the transaction details to the registered mobile phone number for that cardholder (as indicated by step 4b). The cardholder in turn submits or forwards these details to the authentication system (as indicated by step 5). As the authentication system does not submit the mobile phone number registered with it to the bank at the time of the transaction, while the bank sends 25 the transaction details to the registered mobile phone number, the submission of the transaction details by a cardholder validates the ownership of the financial instrument as well as the mobile phone number. The transaction carried out by the authentication system may be for a random or fixed amount. The transaction may also be a complete (i.e. settled) transaction where the 30 cardholder is charged or an incomplete (i.e. authorized but not settled) transaction where the transaction is held pending. In accordance with an embodiment, the transaction amount could be a small amount of Rs. 1 or Rs. 2 and should be enough to ensure infrastructure P:\WPDOC5\KMH\2009\SpecIicaton\tnnovation Patent.doc- 28/09/209 -7 recognition and acceptance of the individual authorizations but not so much as to unnecessarily, though temporarily, burden the account. In accordance with a further embodiment, one or more such authorization transactions may be carried out and the cardholder is required to submit details of such 5 transactions. Those skilled in the art will recognize that the total amount of such transactions may be any amount again so long as the account is not unnecessarily burdened. The purpose is to randomize the total amount of transactions so as to preclude a fraudulent cardholder from guessing at the verification information. The randomly selected amount of the 10 transaction, therefore serves as temporary identification code to permit electronic, near real-time verification of the cardholder as an authorized owner of the card. The cardholder may access the transaction details either by logging into the bank's website, calling the bank and authenticating himself or other conventional means. Alternatively, the bank may send a message to the registered mobile device of the 15 cardholder with the transaction details. The transaction details required for confirming ownership at the authentication system may include the transaction amount, the authorization code or any other transaction identifier. In the event of a fixed amount transaction, the authorization code or other transaction details may be used for verification. 20 In accordance with an embodiment, an authorization code is a secret key, such as an alphanumeric string that is used for authentication the cardholder. In accordance with an embodiment, the cardholder is required to submit the transaction details from the mobile phone number which he has also registered with the authentication system. As the cardholder has successfully obtained the transaction details 25 after due verification at the bank and has submitted details of the transaction to the authentication system, the ownership of the financial instrument is confirmed. In addition, if the cardholder submits the transaction details using the registered mobile communication identifier such as the mobile phone number, then the mobile phone number is also validated as belonging to the owner of the financial instrument. 30 The token transaction may be reversed after successful validation, if necessary. However, the token transaction may not need to be revered if it was only for authorization and no settlement information is sent.

P:\WPDOCS\KM\2009\Specifkations\tnnoation Patent.do-28/092009 -8 After successful validation of ownership of the financial instrument, the authentication system links the financial instrument to the mobile phone number, with a verified status and the cardholder may now carry out subsequent transactions using the mobile phone number. The authentication system acts as the financial gateway for a 5 mobile communication network and the cardholder is not required to independently submit his financial instrument details at each vendor. In accordance with an alternate embodiment, a method of authenticating ownership of a card is illustrated in Figure 2. A cardholder submits the financial instrument details such as the card number, date of expiry, card verification code and /or card PIN and 10 registers a financial instrument (as indicated by step 1). This financial instrument is to be linked to a mobile communication identifier such as but not limited to a mobile phone number. The authentication system carries out a random transaction on the financial instrument of the cardholder (as indicated by step 2). The cardholder's mobile number must be registered with the issuer bank. 15 The third-party bank referred to as the acquiring bank obtains the transaction request. In order to authorize the transaction, the acquiring bank in turn validates the transaction with the issuer bank, for card (as indicated by step 3). The Issuer Bank verifies the transaction and if successfully authorised, issues the transaction details to the acquiring bank (as indicated by step 4). On receiving a validation from the issuer bank, the acquiring 20 bank sends the transaction details to the authentication system (as indicated by step 5) and validates the transaction with the third-party. The authentication system on completing a transaction with the bank and on receiving transaction details from the acquiring bank, sends the transaction details to the issuing bank along with the mobile phone number that was registered with it by the 25 cardholder (as indicated by step 6). The issuing bank is requested to confirm both the transaction details and the mobile phone number for that cardholder. On receiving a successful validation for the mobile phone number from the issuing bank, the cardholder is validated at the authentication system, with a verified status (as indicated by step 7). The mobile phone is also validated and the authentication system may mark the phone as well 30 as the card as verified. Figure 3 illustrates an Authentication system 200 for authenticating ownership in accordance with an embodiment. The Authentication System 200 includes an Interface P;\WPDOCS\KMH\2009\Specfcadons\lnnvation Pat.nt doc-28/09/209 -9 600, an Authentication Processor 700, a Database 800 and a Switch 900. The database 800, Interface 600 and the switch 900 are controlled by the Authentication processor 700. The Authentication System 200 receives information from the user including details of the financial instrument along with details of the mobile communication identifier to 5 which the financial instrument is to be linked through the interface 600. The interface 600 may be configured by a web module to permit users to log on to the authentication system. Alternatively, the interface 600 may be configured to receive user information from a mobile device. The mobile device 100 is capable of communicating remotely over a communications network with the Authentication System 200 by means of an SMS, MMS, 10 mobile modules, etc. The interface 600 facilitates cross-platform communication between the authentication system and a mobile device. The Interface 600 may include a security protocol that performs security related and data integrity related checks on the communication between the Authentication System 200 and the mobile communication network 100. The security protocol may be SSL (Secure Socket Layer), TLS (Transport 15 Layer Security), PPP (Point-to-Point protocol) or any other protocol known in the art. The database 800 may hold user related details like mobile number, credit card details, CVV, expiry date of card, issuing bank details, etc. The database may also hold transaction information including authorized transactions for a user. The Authenticating processor 700 communicates with the database 800 to authenticate the cardholder and the 20 financial instrument. The switch 900 is an interface that assists the authentication system 200 to connect and exchange information with the Bank 300. The switch 900 helps the authentication system 200 to communicate with the bank 300 to authenticate a card and a financial transaction. The switch 900 may include a security protocol such as a Secure Socket Layer 25 (SSL) or Virtual Private Network (VPN) protocol to confidently and securely communicate with the bank. Authentication Processor 700 helps in registering the cardholder and carries out a random transaction on the cardholder's card/ account. The Authentication Processor 700 also authenticates and verifies the cardholder's ownership of the card/ account. The 30 Authentication Processor 700 controls the functioning of the authentication system 200 and communicates with the cardholder's mobile device 100 and the bank 300 with the help of the interface 600 and the switch 900 respectively.

9:\WPDOC5\KMH\2009\5peincations\novation P.ent. doc-28/09/2009 -10 The authentication processor is driven by an authentication module that is configured to execute a financial transaction on a financial instrument. The authentication module is also configured to store the transaction authorization status received from the bank of the provider of the financial instrument and store it in the database. The authentication module 5 is also configured to compare the transaction information received from the provider of the financial instrument with the transaction information received from the user. In accordance with a specific embodiment, a cardholder 100 submits the financial instrument details such as the card number, date of expiry, card verification code and /or card PIN to the authentication system 200. 10 This financial instrument is to be linked to the cardholder's mobile phone number. The details of such a mobile communication device are also provided by the cardholder to the authentication system. The interface 600 receives the registration request and performs data security related checks on the incoming data. The interface 600 forwards the registration request to the 15 Authentication Processor 700. The Authentication Processor 700 stores the registration details in the database 800 of the authentication system 200. The Authentication Processor 700 registers the cardholder and the authentication module carries out a transaction on the financial instrument. The transaction carried out may be for a random or fixed amount and the transaction amount could be a small amount 20 of Rs. 1 or Rs. 2. The Authentication Processor 700 sends an authentication request to the cardholder's bank 300 via a switch 800. The Switch 800 enables cross platform communication between the authentication system 200 and the cardholder's bank 300. In accordance with an embodiment, the Authentication Processor 700 may initially send the authentication request to a merchant's bank (acquiring bank), in the case where 25 the merchant's and the cardholder's bank (issuer's bank) is not same. The Authentication Processor 700 receives a transaction confirmation from the bank via the switch 800. The transaction confirmation may include an authorization code or transaction details sent by the bank 300. The cardholder 100 obtains the details of this transaction from the bank 300 and 30 submits the same to the authentication system 200 in order to confirm ownership of the P:\WPDOC\KMH\209\Specficatons\lnnovation Patent doc-2B/09/2 9 - 11 financial instrument. The cardholder may obtain the transaction details from the bank by logging on to his account or accessing his account by an interactive voice response system. The user may send an SMS containing the transaction details to the authentication system 200 to confirm of ownership of the card. The interface 600 checks the data integrity 5 of the SMS and forwards the SMS to the Authentication Processor 700 for execution. The Authentication Processor 700 checks the SMS sent by the user and matches with the details provided by the bank 300. If successfully matched, the bank verifies the ownership of the card. In accordance to an aspect, the Authentication Processor 700 of the third-party 10 system 200 does not submit the mobile phone number registered with it to the bank at the time of the conducting a transaction, while the bank sends the transaction details to the registered mobile phone number of the cardholder, the submission of the transaction details by the cardholder to the third-party system 200 validates the ownership of the financial instrument as well as the mobile phone number. 15 The mobile communication identifier is any device used for communication over a wireless communication network and includes a mobile phone, a smart phone, a Personal Digital Assistant (PDA) or a pager. Specific Embodiments: A method of linking a financial instrument to a mobile communication identifier at 20 an authentication system comprising receiving at the authentication system from a user of the financial instrument details of the financial instrument along with details of the mobile communication identifier to which the financial instrument is to be linked; carrying out a financial transaction on the financial instrument for an amount and on receiving transaction authorization storing details of the authorized transaction in a database of the 25 authentication system; receiving transaction information from the user of the financial instrument, the transaction information obtained by the user from the provider of the financial instrument; comparing the transaction information received from the user with the transaction details stored in the database; and linking the financial instrument to the mobile communication identifier on the transaction information received from the user 30 matching the transaction information stored in the database.

P:\WPDOC\KMH\2009\Specikations\lnnovationPtent. doc-209/200 -12 A method as described above wherein the mobile communication identifier is a mobile number or a mobile device number. A method as described wherein the mobile communication identifier is previously registered with the authentication system. 5 A method as described wherein the transaction amount is a random amount and wherein the transaction information received from the user is the transaction amount or an authorization code. A method wherein the transaction amount is a fixed amount and the transaction information received from the user is the transaction authorization code. 10 A method wherein the transaction information is received from a mobile device, comprising identifying the mobile communication identifier from which the transaction information is received and comparing the identified mobile communication identifier with the mobile communication identifier to which the financial instrument is to be linked. A method further comprising marking the mobile communication identifier to which 15 the financial instrument is to be linked as verified if the mobile communication identifier from which information is received is the same as the mobile communication identifier to which the financial instrument is to be linked. A method as described above wherein the user obtaining the transaction information from the provider of the financial instrument comprises the user authenticating himself at 20 the provider of the financial instrument to access a user account linked to the financial instrument. A method as described above wherein the user obtaining the transaction information from the provider of the financial instrument comprises the provider of the financial instrument transmitting transaction information to the registered mobile device of the user. 25 A method of linking a financial instrument to a mobile communication identifier at an authentication system comprising receiving at the authentication system from a user of the financial instrument details of the financial instrument along with details of the mobile communication identifier to which the financial instrument is to be linked; carrying out a P:\WP DOCS\KM H\2009\5pecifications\novation P nt.do-23/09/2 - 13 financial transaction on the financial instrument at the bank for the authentication system for an amount; authorizing the transaction at the bank for the provider of the financial instrument and on receiving transaction authorization storing details of the authorized transaction in a database of the authentication system; the authentication system 5 transmitting to the bank for the provider of the financial instrument transaction information and details of the mobile communication identifier; authenticating the mobile communication identifier at the bank for the provider of the financial instrument; and linking the financial instrument to the mobile communication identifier on receiving an authentication of the mobile communication identifier from the bank for the provider of the 10 financial instrument and storing the mobile communication identifier as verified. A method as described above wherein the mobile communication identifier is a mobile number and the mobile number is previously registered with the bank for the provider of the financial instrument. A method as described above further comprising receiving the transaction 15 information from the mobile communication identifier to which the financial instrument is to be linked. An authentication system for linking a financial instrument to a mobile communication identifier comprising an interface for receiving from a user of the financial instrument details of the financial instrument along with details of the mobile 20 communication identifier to which the financial instrument is to be linked; a switch for communicating with the provider of the financial instrument to authenticate the transaction and to receive transaction authorization; an authentication processor for carrying out a financial transaction on the financial instrument for an amount through the switch; and a database for storing details of an authorized transaction for a user; wherein the interface is 25 also configured to receive transaction information from the user of the financial instrument, the transaction information obtained by the user from the provider of the financial instrument; and the authentication processor also configured to compare the transaction information received from the user with the transaction details stored in the database and to link the financial instrument to the mobile communication identifier on the P:\WPDOCS\KMH\2009\Specifcations\lnnovation Patent.doc-28/09/2009 - 14 transaction information received from the user matching the transaction information stored in the database. A system as described above wherein the transaction information is received from a mobile device comprising the authentication processor configured to identify the mobile 5 communication identifier from which the transaction information is received and compare the identified mobile communication identifier with the mobile communication identifier to which the financial instrument is to be linked. While specific language has been used to describe the invention, any limitations arising on account of the same are not intended. As would be apparent to a person in the 10 art, various working modifications may be made to the system in order to implement the inventive concept as taught herein.

Claims (5)

1. A method of linking a financial instrument to a mobile communication identifier at an authentication system comprising: a. receiving at the authentication system from a user of the financial 5 instrument details of the financial instrument along with details of the mobile communication identifier to which the financial instrument is to be linked; b. carrying out a financial transaction on the financial instrument for an amount and on receiving transaction authorization storing details of the authorized transaction in a database of the authentication system; 10 c. receiving transaction information from the user of the financial instrument, the transaction information obtained by the user from the provider of the financial instrument; d. comparing the transaction information received from the user with the transaction details stored in the database; and 15 e. linking the financial instrument to the mobile communication identifier on the transaction information received from the user matching the transaction information stored in the database.
2. A method as claimed in claim I wherein the transaction information is received from 20 a mobile device, comprising identifying the mobile communication identifier from which the transaction information is received and comparing the identified mobile communication identifier with the mobile communication identifier to which the financial instrument is to be linked. 25
3. A method of linking a financial instrument to a mobile communication identifier at an authentication system comprising: P:\WPDOC5\KMH\209\Specifcatios\nnovation Patentdoc-28/09/2 9 - 16 a. receiving at the authentication system from a user of the financial instrument details of the financial instrument along with details of the mobile communication identifier to which the financial instrument is to be linked; b. carrying out a financial transaction on the financial instrument at the bank 5 for the authentication system for an amount; c. authorizing the transaction at the bank for the provider of the financial instrument and on receiving transaction authorization storing details of the authorized transaction in a database of the authentication system; d. the authentication system transmitting to the bank for the provider of the 10 financial instrument transaction information and details of the mobile communication identifier; e. authenticating the mobile communication identifier at the bank for the provider of the financial instrument; and f. linking the financial instrument to the mobile communication identifier on 15 receiving an authentication of the mobile communication identifier from the bank for the provider of the financial instrument and storing the mobile communication identifier as verified.
4. A method as claimed in any preceding claim comprising receiving the transaction 20 information from the mobile communication identifier to which the financial instrument is to be linked.
5. An authentication system for linking a financial instrument to a mobile communication identifier comprising: 25 a. an interface for receiving from a user of the financial instrument details of the financial instrument along with details of the mobile communication identifier to which the financial instrument is to be linked; P:\WPDOC5\KMH\2009\5pecifcations\lnnvation Patent. do-28/09/200 - 17 b. a switch for communicating with the provider of the financial instrument to authenticate the transaction and to receive transaction authorization; c. an authentication processor for carrying out a financial transaction on the financial instrument for an amount through the switch; and 5 d. a database for storing details of an authorized transaction for a user; wherein the interface is also configured to receive transaction information from the user of the financial instrument, the transaction information obtained by the user from the provider of the financial instrument; and the authentication processor also configured to compare the transaction information received from the user with the transaction details 10 stored in the database and to link the financial instrument to the mobile communication identifier on the transaction information received from the user matching the transaction information stored in the database.
AU2009100984A 2008-09-29 2009-09-28 A Method and System of Financial Instrument Authentication in a Communication Network Ceased AU2009100984B4 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
IN2079MU2008 2008-09-29
IN2079/MUM/2008 IN2008MU02079A (en) 2008-09-29 2008-09-29 A method and system of financial instrument authentication in a communication network

Publications (2)

Publication Number Publication Date
AU2009100984A4 AU2009100984A4 (en) 2009-11-05
AU2009100984B4 true AU2009100984B4 (en) 2009-12-03

Family

ID=41259280

Family Applications (1)

Application Number Title Priority Date Filing Date
AU2009100984A Ceased AU2009100984B4 (en) 2008-09-29 2009-09-28 A Method and System of Financial Instrument Authentication in a Communication Network

Country Status (2)

Country Link
AU (1) AU2009100984B4 (en)
WO (1) WO2010046911A2 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007072001A1 (en) * 2005-12-21 2007-06-28 Cronto Limited System and method for dynamic multifactor authentication
US20070178883A1 (en) * 2006-02-02 2007-08-02 Lucent Technologies Inc. Authentication and verification services for third party vendors using mobile devices
WO2007136277A1 (en) * 2006-05-18 2007-11-29 Fronde Anywhere Limited Authentication method for wireless transactions
WO2008037062A1 (en) * 2006-09-29 2008-04-03 Scammell, Dan A system and method for verifying a user's identity in electronic transactions
WO2008091191A1 (en) * 2007-01-26 2008-07-31 Smartrefill I Helsingborg Ab Method and system for securely executing a charge transaction

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7089214B2 (en) * 1998-04-27 2006-08-08 Esignx Corporation Method for utilizing a portable electronic authorization device to approve transactions between a user and an electronic transaction system
CA2531293A1 (en) * 2003-06-30 2005-01-06 Selvanathan Narainsamy Transaction verification system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007072001A1 (en) * 2005-12-21 2007-06-28 Cronto Limited System and method for dynamic multifactor authentication
US20070178883A1 (en) * 2006-02-02 2007-08-02 Lucent Technologies Inc. Authentication and verification services for third party vendors using mobile devices
WO2007136277A1 (en) * 2006-05-18 2007-11-29 Fronde Anywhere Limited Authentication method for wireless transactions
WO2008037062A1 (en) * 2006-09-29 2008-04-03 Scammell, Dan A system and method for verifying a user's identity in electronic transactions
WO2008091191A1 (en) * 2007-01-26 2008-07-31 Smartrefill I Helsingborg Ab Method and system for securely executing a charge transaction

Also Published As

Publication number Publication date
WO2010046911A3 (en) 2010-06-24
AU2009100984A4 (en) 2009-11-05
WO2010046911A2 (en) 2010-04-29

Similar Documents

Publication Publication Date Title
US8219495B2 (en) Method of using personal device with internal biometric in conducting transactions over a network
US8793192B2 (en) Device enrollment system and method
AU2007203383B2 (en) Online payer authentication service
US8127999B2 (en) Wireless mobile communicator for contactless payment on account read from removable card
EP1004099B1 (en) A portable information and transaction processing system and method utilizing biometric authorization and digital certificate security
US7711621B2 (en) Method and system for facilitating payment transactions using access devices
US10163100B2 (en) Location based authentication
AU2007319692B2 (en) Secure universal transaction system
ES2327111T3 (en) Authentication Service a mobile account.
KR100953232B1 (en) Electronic transaction methods therefor
US20040243514A1 (en) System and method for secure telephone and computer transactions using voice authentication
EP3098786A1 (en) Emv transactions in mobile terminals
US20040128256A1 (en) Remote location credit card transaction system with card present security system
US20070288392A1 (en) Secure Online Payment System And Online Payment Authentication Method
US7500606B2 (en) Method of settling signatureless payment of bank card sales slip in mobile terminal, and system therefor
US7808489B2 (en) System and method of secure touch screen input and display
US20070265984A1 (en) Financial transaction using mobile devices
US20020194128A1 (en) System and method for secure reverse payment
RU2556453C2 (en) System and method for authentication of transactions without car with help of mobile device
US6749114B2 (en) Universal authorization card system and method for using same
US20160042263A1 (en) Mobile device with scannable image including dynamic data
US20080249948A1 (en) Financial information input method using symmetrical key security algorithm and commercial transaction system for mobile communications
US8898762B2 (en) Payment transaction processing using out of band authentication
US20090104888A1 (en) Onetime Passwords For Mobile Wallets
US7594611B1 (en) Multi-account access card

Legal Events

Date Code Title Description
DA3 Amendments made section 104

Free format text: THE NATURE OF THE AMENDMENT IS: AMEND THE PRIORITY DETAILS TO CLAIM FROM IN 2079/MUM/2008 29.09.2008

FGI Letters patent sealed or granted (innovation patent)
FF Certified innovation patent
MK22 Patent ceased section 143a(d), or expired - non payment of renewal fee or expiry