CA3015041A1 - Biometric payment transaction without mobile or card - Google Patents
Biometric payment transaction without mobile or card Download PDFInfo
- Publication number
- CA3015041A1 CA3015041A1 CA3015041A CA3015041A CA3015041A1 CA 3015041 A1 CA3015041 A1 CA 3015041A1 CA 3015041 A CA3015041 A CA 3015041A CA 3015041 A CA3015041 A CA 3015041A CA 3015041 A1 CA3015041 A1 CA 3015041A1
- Authority
- CA
- Canada
- Prior art keywords
- biometric
- transaction
- payment
- information
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
- G06Q20/40145—Biometric identity checks
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Finance (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
A payment gateway/processor or system for POS/ATM/Vending Machine/any capable of device, which allows and process transactions using biometric data without use of mobile/cards/wallets by authorized biometric data. Financial institution while issuing accounts (by registering customer using biometric) also assigned virtual biometric account / credit cards and system may process a transaction with captured biometric information only to identify virtual account associated against stored biometric information comply with it. A Payment transaction does not require any physical payment card or any sort of current mode of transaction information. A payment gateway system will authorized the merchant payment from customer's account using stored biometric data while issued/registered from issuer financial institution. If it conflict against the stored biometric information, it may decline the transaction. The customer's biometric (all 10 finger-print) and palm (Left and Right) information or behavioral information stored in Bank / Financial Institute server / Cloud server.
Description
FIELD OF INVENTION
The scope of this invention; just using touch to pay This is Biometric Payment Solution for the modern edge and digital revolution in fintech industry. Today there are more solutions introduced for the digital payments and claiming the security in the different aspects. Most of them are mobile based solution. As mobile is become a part of everyone's life, more mobile solutions are introduced. However Biometric Payment Method (an innovation) is opening all new way to look at the payment solutions.
This solution gives an access to pay anything and everything on your fingertips. One can pay his / her grocery bill by touching biometric touch pad. No Card or Mobile or any other medium is required. All you need is your fingers.
This is most secure way to pay at shop, roam freely around without wallet or mobile. Without fear of identity theft or card stolen or lost. This innovation will give you a freedom to pay by using your fingers. No one else can pay without you or behalf of you; not even your wife.
While carrying cash, cards, mobile devices, or digital wallet are associated with payment methods for merchant transaction or ATM transaction while travelling, communicating under any purchases, transportation or outing, where expenses or small grocery purchases can be made using.
For security of such items while taking services to authorized the permission of securing account information are necessary regardless when far from home and find a convenient way, even to forget such item or steal. So fintech system will require at least one to initiate such kind of services to purchase and unable to use such.
In the example, A person driving car and stopped by; while his friend met, excited to see and move around nearby restaurant; while taking break and relaxing with friend, car has been locked by mistake as key inside, however realised while paying the bill. In such kind of scenario by touch to pay using biometric will be effective.
In another example, Husband are on the way to pick up his wife from airport very early in the morning, as it was unexpected plan to come back, as she has changed her plan.
While husband was unaware and got a call to pick up from airport; he drives the car, while he has noticed that gas/petrol is about to finish and drives his car on gas station/petrol or diesel pump. He realize that he does not carry anything, nor even mobile. Touch to pay is the option in such a scenario.
OBJECTIVE
The main purpose of this invention in fintech industry to secure customer and bank data while a payment transaction(even small grocery transaction) will be processing without carrying mobile, wallet, mobile wallet, any type of debit or credit cards account products based on biometric data.
It reduces the cost of issuing physical cards for financial institution or bank; and its biggest advantage.
BACKGROUND
With various embodiments' background of this invention, includes information that may be useful in understanding the present invention. It is not an admission that any of the information provided herein is prior art or relevant to the presently claimed invention, or that any publication specifically or implicitly referenced is prior art.
A payment gateway/processor for POS/ATMNending Machine/any capable of device, which allows and process transactions using biometric data without use of mobile/cards/wallets by authorized biometric data. Financial institution while issuing accounts (by registering customer using biometric) also assigned virtual biometric account / credit cards to process a transaction. A
Payment transaction does not require any physical payment card or any sort of current mode of transaction information. A payment gateway system will authorized the merchant payment from customer's account using stored biometric data while issued/registered from issuer financial institution. The customer's biometric (all 10 finger-print) and palm (Left and Right) information stored in Bank / Financial Institute server / Cloud server.
The payment switch will route payment transaction from captured biometric information (encrypted data) by using any capable of device to identify an account. This biometric data will be encrypted using security device and in sort of standard existing security biometric encryption algorithm. Routed message will be sent to card management server under the issuer bank /
financial institution using payment method and further interface to host banking or third-parties like VISA/MASTERCARD/AMEX/Diners/etc. Bank or issuer financial system will authorized the payment transaction using captured biometric information against account registered with biometric stored data. In the event of any unauthorized payment transaction against the verification of biometric data registered on issuer server while such discrepancy found against captured such encrypted information using device from transaction decrypted message information.
SUMMARY
A payment gateway processor using point of sale device to initiate the transaction by using biometric information with random generation of 2 or 3 finger combination or single finger scan data to identify the associated account stored against the bank issued Virtual PAN with biometric information without using credit or debit cards or mobile devices.
A payment transaction does not contained or required standard card information to complete the transaction; just by using biometric information. Gateway will expect to process the transaction using encrypted payment request message. Encrypted message / data will use the biometric captured data (using biometric devices) to approve the transaction against stored biometric data in the issuer server/cloud server.
A transaction can be identified using captured biometric information comparison and decline transaction if it differs. In different type of embodiments, the processor may transmit captured biometric data to identify accounts from encrypted message format. Received /
Captured biometric data using security devices (can be used any of exist encryption algorithm method) against stored biometric data in respect to Virtual PAN (primary account number). The Virtual PAN/ account may have domain restriction controls based on date and time of the transaction, an amount, or a merchant and device registered. The processor may receive a payment cryptogram including the transaction details with encrypted biometric data whereas same cryptogram message can be decrypted under same algorithm method (encrypted while captured)which can be used from current running payment transaction or biometric system. The device system may take input from on board instruction by customer/ merchant to further route the message for required message communication information using standard message protocol such as IS08583, IS020022 etc. along with captured biometric data to authenticate using 2 or 3 finger combination scan (random generation combination) or single finger scan to validate against the stored biometric data against same identification of finger print.
The biometric data can be captured under behavioral scan algorithm as issued while registered such account with issuer on various compatible technique. The payment invention system must register customer biometric 10 fingerprint scan characteristics using order with left and right hand as Li, L2, L3, IA, L5, R6, R7, R8, R9, R10 sequence and issue a virtual PAN for credit or debit mode which is digitally stored. Also palm (Left and Right) scan data to be registered and stored for same while conflict of message data to use second factor authentication. The validation data used to verify a payment message against the random 2 or 3 finger combination or single finger included with left and right finger numbering information in the message against the stored 10 finger biometric data accordance with same numbering left and right combination data received.
The payment system may use two-factor verification by palm (Left or Right) scan authentication or PIN/password which has been issued same in response to the stored biometric data while conflict of finger scans data.
The forgoing element and enhancement or feature of invention may be combined in various combinations without exclusivity, unless expressly indicated herein otherwise and under the security standard compliances like PCI-DSS, PA DSS etc. These elements and enhancements or features of invention as well as the operation of the disclosed embodiments will be under the criteria defined by national payment system under listed rules of each specified country. Also these elements and enhancements or features of invention as well as the operation of the disclosed embodiments will become more apparent as per the following description and attached charts and drawings.
The purpose of this invention to overcome the fees charging by bank to the merchant and customer: and direct credit of the goods purchase amount to the merchant's account. The biggest advantage of this invention for bank is to reduce the cost of generating/issuing physical cards and secured data.
BRIEF DESCRIPTION OF DRAWING
These subject and other features, aspects, and advantages of the present invention will become better understood when the following detailed description is read with reference to the accompanying drawings in which representation of characteristics like parts throughout the diagram, wherein:
FIG. 1 illustrates the identification of finger using Left and Right numbering as well as palm scan left or right. The identification number would be sent along with message for validating against the specific finger.
FIG. 2 illustrates a conventional electronic system which processes using biometric authentication of virtual PAN to complete transaction without use of card or mobile or digital wallet, with various embodiments of the invention;
FIG. 3 illustrates with block diagram of a complete payment gateway process to authenticate payment transaction using captured data using any capable of device such as ATM/POS/Vending machine without card or mobile or digital wallet and validate against stored biometric virtual PAN, with various embodiments of the invention; and FIG. 4 illustrates complete flow diagram of communication process based on biometrics, palm, biometric passcodes or PIN (personal identification number), with various embodiments of the invention.
FIG. 5 illustrates the characteristics of further identified and considered for future under such various embodiments represent as same.
DETAILED SPECIFICATION
The detailed specification herein is presented for purposes of illustration only and not to the any limitation. Thus, the detailed specification of various embodiments herein makes reference to the accompanying representation of drawings, flow diagrams and pictures, which show various embodiments by way of illustration. While these various embodiments are described with sufficient detail to enable those technical skilled in the art to practice the disclosure, it should be understood that other embodiments may be realized and that logical and mechanical changes may be made without outstating from the spirit and scope of the disclosure.
For e.g, the steps recited in any of the method or process specification may be executed in any order and are not limited to the order presented. Moreover, any of the functions or steps may be outsourced to or performed by one or more third parties. Furthermore, any reference to singular includes plural embodiments, and any reference to more than one component may include a singular embodiment.
The stored biometric information may be used by a virtual account system to identify and/or authenticate a person associated with a transaction virtual PAN using a biometric device. As used herein, "stored fingerprint", "stored palm scan", or other behavioural and similar phrases may include a digital illustration and/or other illustration of biometric or palm data. A stored data may identify features, edges, dimensions, and other information used to identify the biometric behavioural or physiological such as palm, facial, retinal, fingerprint, vocal, handwriting, gesture, or other biometric information of an individual.
The present disclosure includes processes, methods, and electronic fintech payment products for completing transactions using a virtual PAN associated with biometrics, PIN, and/or palm scan information to identify the registered account holder. The systems may authorize and/or unauthorized transactions based in part on authentication data known to the issued virtual PAN
holder such as a PIN/password, or palm data. Transactions may include all type of bank transaction, any point of sale transaction, bill-payment or purchase, rewards or loyalty point's transaction or any request services by visiting bank branch and all type of ATM transactions unless otherwise mentioned but not limited, or otherwise making changes or payments related to a transaction account. The systems may also approve and/or decline transactions based in part on biometric data inherent to the account holder such as palm scan, facial recognition, fingerprints, voice recognition and/or retinal scans. As such, customer holding account may transact without needing credit card, debit card, or mobile device, digital wallet or wallet containing an account number.
As used herein, "exactly match" or "associated with" or similar phrases may include an identical match, a partial match, meeting certain criteria, matching a subset of data, a correlation, satisfying certain criteria, a correspondence, an association, an algorithmic relationship and/or the like. For example, a first stored information may match a second stored in response to the captured information being sufficiently similar to imply the biometric data of each registered is likely from the same customer or person, even though the source from which the stored registered information are generated may not be exactly identical. Similarly, as used herein, "authenticate" or similar terms may include an exact authentication, a partial authentication, authenticating a subset of data, a correspondence, satisfying certain criteria, an association, an algorithmic relationship and/or the like.
With reference to FIG. 1, A payment system generate the random number combination of finger illustrated as L1, L2, L3, L4, L5, R6, R7, R8, R9, R10 where L5 and R6 represent the thumb of left and right respectively. Where identification of number for biometric finger data has been captured will be stored into communication message to validate against same finger verification.
Also, in case of conflict of data has been found in such cases the second factor authentication requires by using the (left or right) palm scan or biometric password or PIN
against stored virtual PAN while issued.
With reference to FIG. 2, a method I (.1. for enrollment) for processing any type of transactions without using debit, credit cards or mobile device or digital wallet is shown, with various embodiments of the invention. The method I may include a control processor device G in communication with and/or comprising a biometric data device E. Control processor device G
may generate the cryptogram using key security algorithm F to encrypt such message data;
wherein EPOS , computer(laptop, desktop, notebook or tablet), or a set of computers, ATM, point-of-sale device, any cellular or smart phone, any wearable device, or any other device capable of capturing a biometric data device E to collect identifying biometric information data to authenticate stored virtual PAN data for customer's account.
With various embodiments of the invention, biometric data device E may comprise any capable of device by scanning, storing, processing, capturing and/or communicating biometric data or other digital form of biometric data. The biometric data device E include fingerprint scanner, palm scanner, retinal scanner, touch pad, or other form of biometric data devices capable of capturing behavioural biometric data and/or biometric data. The biometric information captured by biometric data device may be encrypted into message in the form of standard payment message format or other representations at control processor device G prior to route into bank server or cloud C over the network. The biometric data prior to route may encrypt the raw biometric data from exposure during communication into network, further route to bank server C. Bank server/cloud C may include one or more devices such as application servers, computers, or other suitable devices.
For larger system, identifying a customer based on Biometrics due to false acceptance rate (FAR) and/or false recognition rate (FRR) being relatively high compared to the number of customers in larger system. In small scale systems potentially having very less number of customers, using biometric identification may be challenging as the FAR and FRR rates virtually guarantee collisions and/or false recognitions when matching a customer to a virtual account. As such, the customer may choose on the POS the issued account to make payment by using palm scan or entering a biometric password or PIN, which issued for authenticate with biometric data.
Additionally, encrypted biometric data may be sent in same standard message format to the backend for verification processing.
Control processing device G may be in communication with bank server C over a payment communication network. The payment network may be local area network using TCP/IP
communication, Wi-Fi, NFC and wide area network in the Internet. The payment communication network may also be an internal network isolated from the Internet. The payment communication networks of method I may be exposed to third party attacks at various points.
Control processing device G and bank server C may thus communicate over the network with encrypted messages.
Encryption may be performed by any of the techniques to generate cryptogram message available in the art or which may later available. E.g., available encryption key techniques may include DUKPT, Racal, and RSA, DSA, PKI, GnuPG or other symmetric or asymmetric algorithms but not limited. While message communicates to such level encryption required as TLS/SSL may be used in conjunction with payload encryption to further secure communications.
With various embodiments of the invention, bank server/cloud C may use the biometric data from a customer account holder in association with a virtual primary account number to access or identify a transaction account associated with the customer account. The virtual PAN may be implying to biometrics such that the virtual PAN is only valid for use with biometric transactions listed herein. Bank server C may retain a mapping of virtual PANs associated may not be one-to-one. A virtual PAN based on each of fingerprint features or other form of behavioural combination thereof, or a subset multiple virtual for the account associated with the customer's account. Stored biometric data will be associated with accounts by storage in a data store specific to virtual issued accounts.
With various embodiments of the invention, the virtual PAN may have any segment, or other limitations as to where and when the virtual PAN may be issued and used.
Domain restriction controls may be implemented upon enrolment. While examples of domain restriction controls may include a value limitation of such transactions, and the authentication method, etc. A bank may issue multiple virtual PANs, for example, to merchants to complete a single transaction. A
bank may also limit transactions based on virtual PANs to any sort of merchant transaction. The mapping may be stored in an appropriate virtual PAN data store D using any DB
or another suitable database type. Merchants may utilize the virtual PAN to calculate the cryptogram sent to bank servers C to request authorization. A cryptogram data may include a hash of the biometric data, transaction details, merchant details, date and time of the transaction, a nonce for reply attack prevention), an indicator that this is an physical transaction,"
without using card or mobile or digital wallet for the authentication methods.
With various embodiments of the invention, bank server may also use authentication data from the customer's account to identify the transaction which associated with the individual. For example, the captured authentication data may be used to choose input associated with the customer's account from a database.
With reference to FIG. 3, a complete payment diagram which will be self-guided from the image itself.
The POS may be an existing POS having biometric capture capabilities and updated with software to enable the functionality described herein. Older POS and ATM
devices without biometric capture capabilities may also integrate hardware updates and/or replacements to enable biometric capture capabilities.
With reference to Fig. 4A, Merchant will initiate the transaction on the secure Biometric /
Merchant device (using the Secured Biometrics Authorization Process) for the customer to make the payment of the goods purchase. Before Merchant initiate the transaction (with Customer's Goods Purchase Amount Details), Merchant will also setup his Credit Settlement Account /
Direct Deposit of the goods purchase amount.
Benefit of this invention is to provide the security to avoid the fraud and tempering the device at merchant end.
With reference to Fig. 4, Customer will authorize the transaction by using Merchant Biometric Device (POS, EPOS, Vending Machine or any capable device and ATM) to capture customer Biometric Authorization data and Goods Purchase transaction / any type transactions details with various selection input(s) on devices provided by Merchant / Consumer; further route to payment processor.
According to Block A, Bank Server will receive the Biometric data and search the transaction account authorization details. To assess the risk associated with the payment transaction, input data can be identified to a fraud and risk of payment processor. The bank server will use the Received Biometric Data as criteria against the stored biometric data to identify the account (Virtual PAN) and authorization.
With various embodiments of the invention, bank server may enroll customer for Biometric authorization process. Customer Biometric data will be captured and stored in the Bank /
Financial Institute server / Cloud Server to issue the account (the Virtual PAN).
Bank server (Fig 2: Block C) may compare the biometric data against the stored Biometric data in the Virtual PAN. Stored Biometric Virtual PAN may be any digital representation of biometric data in non-image form. For further explanation of security based on fingerprints and gestures see U.S. patent application Ser. No. 14/860,375, entitled "SYSTEMS
AND METHODS
FOR GESTURE BASED BIOMETRIC SECURITY," which is incorporated herein in its entirety.
Under the representation of Behavioral and Physiological biometric security features, further explanation of authenticating based on facial recognition see U.S. patent application Ser. No.
14/273,225, entitled "SYSTEMS AND METHODS FOR AUTHENTICATING FACIAL
BIOMETRIC DATA AGAINST SECONDARY SOURCES," which is incorporated herein in its entirety.
With various embodiments, the transaction may also be evaluated on supplementary criteria.
This invention payment method only may be restricted to only register Biometric Authorization Process. Customer who has not registered Biometric Authorization Process, are having limitation of the account (Virtual Pan).
During verification / authorization of biometric data conflict against the stored biometric data, as result of the comparison between the received biometric data and the stored biometric data is ambiguous (Fig 4 : Block C). In response to a strong likelihood that the biometric data does not match or the risk of the transaction is unacceptable, bank server may decline the transaction (Fig 4: Block D).
In response to an ambiguous result from the comparison, the system may request additional authentication and/or biometric data (Fig 4: Block E). A risky transaction may be characterized by risk markers. Examples of risk markers include, for example, a password entry device without protection or a velocity transaction that seems unlikely such as a user conducting two transactions in a short amount of time on same date between two physical locations that are significantly separated by distance. System may use the additional data to authenticate the individual associated with the transaction account by comparing the additional data to known data associated with the account. System may decline the transaction in response to the step-up authentication failing (Fig 4: Block D). In response to the step-up authentication passing, system may continue the transaction with the account (Fig 4: Block G). In continuing the transaction with the account, system may apply additional criteria to evaluate risk, account settings, domain restriction controls for biometric payment transactions, or other criteria prior to authorizing a transaction.
With various embodiments, system illustrated as executing on portion of authorization process of transmitted the biometric data to the Bank server in encrypted mode / format.
Further validation take place on decrypted message on various characteristic of message data.
In event of more than one biometric identifier may be used in order to limit the possibility of false positives allowing for duplicate authentications. For example, the combination of fingerprint from an individual may be used to verify a transaction account belonging to the individual. The biometric data may be supplemented with authentication data such as palm scan and biometric PIN or Password.
System may determine whether the addition data request authorization was successful (Fig 4:
Block G). System may decline the transaction in response to the additional verification being unsuccessful (Fig 4: Block E). System may detect unauthorized transaction by evaluating Biometric data unsuccessful by using the received biometric data and/or authentication data as criteria and receiving an empty results set. System may also detect an unsuccessful transaction by submitting a search query using the biometric data and/or authentication data as criteria and receiving a result set having accounts belonging to more than one individual.
During successful authorization, system may determine with various characteristic of transaction message (which is valid) associated with transaction on the associated account (Fig 4: Block G).
The account associated with the biometric data may also include domain restriction controls for the use of the biometric-based payments. For example, the account may include a daily, total, weekly, or other spending limit on biometric-based transactions. The account may also restrict biometric-based transactions to limited merchant segments in case of emergency such as, for example, food, medical, transportation, or lodging.
In response to the transaction being invalid, system may decline the transaction (Fig 4: Block D).
In response to the transaction characteristics indicating the transaction is valid, system may continue the transaction with the identified account (Fig 4: Block G).
Additional / secondary account holder can be added to the same account by capturing Biometrics measures / data of the secondary account holder and stored / map along with Primary account holder's biometric data. This will enable both, primary and secondary, account holders can perform the payment transaction for the same account using the biometric payment method solution.
Customer account details and / or other biometric data can be stored in the database. Merchant can be authorized biometric device by using his / her biometric data or else by using biometric PIN or password.
Any databases discussed herein may include relational, hierarchical, graphical, block chain, object-oriented structure and/or any other database configurations. Any database can be used to implement this invention / solution.
With various embodiments of this invention, methods can be described herein may be vulnerable to attacks including spoofing, tampering, repudiation, information disclosure, denial of service, and escalation of privilege. Any type of biometric terminals may not be under the control of customers and may be rogue terminals. However biometric terminal device can be authorized before initiating the transaction with additional security of biometric merchant authentication method.
The disclosure and claims in this invention specification can be developed using any combination of rules and various embodiments with specific rules, technologies and programing languages.
Moreover, the claimed invention includes an inventive concept that may be found in the non-conventional and non-generic arrangement of known, conventional pieces and our invention method go way beyond any conventionality of any one of the systems in that the interaction and synergy of the systems leads to additional functionality that is not provided by any one of the systems operating independently.
The disclosure and claims may also include the interaction between multiple different systems, so the disclosure cannot be considered an implementation of a generic computer, or just "apply it" to an abstract process. The disclosure and claims may also be directed to improvements to software with a specific implementation of a solution to a problem in the software arts.
In various embodiments, the method / process may include alerting a subscriber that may include generating customized information and alerting to the subscriber's wireless devices or any other electronic devices by SMS, email or any alert massage standard. Alert message may contain characteristics of transaction details.
With various embodiments of this invention, the system and method may include a graphical user interface for dynamically relocating/rescaling obscured textual information of an underlying window to become automatically viewable to the user. By permitting textual information to be dynamically relocated based on an overlap condition, the computer's ability to display information is improved. More particularly, the method for dynamically relocating textual information within an underlying window displayed in a graphical user interface may comprise displaying a first window containing textual information in a first format within a graphical user interface on a computer screen; displaying a second window within the graphical user interface;
constantly monitoring the boundaries of the first window and the second window to detect an overlap condition where the second window overlaps the first window such that the textual information in the first window is obscured from a user's view; determining the textual information would not be completely viewable if relocated to an unobstructed portion of the first window; calculating a first measure of the area of the first window and a second measure of the area of the unobstructed portion of the first window; calculating a scaling factor which is proportional to the difference between the first measure and the second measure; scaling the textual information based upon the scaling factor; automatically relocating the scaled textual information, by a processor, to the unobscured portion of the first window in a second format during an overlap condition so that the entire scaled textual information is viewable on the computer screen by the user; and automatically returning the relocated scaled textual information, by the processor, to the first format within the first window when the overlap condition no longer exists.
With various embodiments of this invention, merchant biometric system can configured and accessible using any computer device to add / remove third party authorised person with restricted role based access to handle the merchant biometric device.
Innovation system, methods and computer program products are provided. In the detailed description herein, references to "various embodiments", "With various embodiments of this invention", "one embodiment", "an embodiment", "an example embodiment", etc., indicate that the embodiment described may include a particular feature, structure, or characteristic, but every embodiment may not necessarily include the particular feature, structure, or characteristic.
Moreover, such phrases are not necessarily referring to the same embodiment.
Further, when a particular feature, structure, or characteristic is described in connection with an embodiment, it is submitted that it is within the knowledge of one skilled in the art to affect such feature, structure, or characteristic in connection with other embodiments whether or not explicitly described. After reading the description, it will be apparent to one skilled in the relevant art(s) how to implement the disclosure in alternative embodiments.
Terms and phrases similar to "associate" and/or "associating" may include tagging, flagging, correlating, using a look-up table or any other method or system for indicating or creating a relationship between elements, such as, for example, (i) a transaction account and (ii) an item (e.g., offer, reward, discount) and/or digital channel. Moreover, the associating may occur at any point, in response to any suitable action, event, or period of time. The associating may occur at pre-determined intervals, periodic, randomly, once, more than once, or in response to a suitable request or action. Any of the information may be distributed and/or accessed via a software enabled link, wherein the link may be sent via an email, text, post; social network input and/or any other method known in the art.
Phrases and terms similar to "transaction account" or "Virtual PAN (Primary Account Number)"
may include any account that may be used to facilitate a financial transaction.
Phrases and terms similar to "financial institution" or "bank" may include any entity that offers transaction account services. Although often referred to as a "financial institution," the financial institution may represent any type of bank, lender or other type of account issuing institution, such as credit card companies, card sponsoring companies, or third party issuers under contract with financial institutions. It is further noted that other participants may be involved in some phases of the transaction, such as an intermediary settlement institution.
The phrases consumer, merchant, customer, user, account holder, account affiliate, card member or the like shall include any person, entity, business, government organization, business, software, hardware, machine associated with a transaction account, buys merchant offerings offered by one or more merchants using the account and/or who is legally designated for performing transactions on the account, regardless of whether a physical card is associated with the account. For example, the card member may include a transaction account owner, a transaction account user, an account affiliate, a child account user, a subsidiary account user, a beneficiary of an account, a custodian of an account, and/or any other person or entity affiliated or associated with a transaction account.
With various embodiments of this invention, any communication, transmission and/or channel discussed herein may include any system or method for delivering content (e.g.
data, information, mctadata, etc.), and/or the content itself. The content may be presented in any form or medium, and in various embodiments, the content may be delivered electronically and/or capable of being presented electronically. Moreover, examples of mobile device communications include texting, email, and mobile applications for smartphones.
A "consumer profile" or "merchant profile" or "consumer profile data" or "merchant profile data"
may comprise any information or data about a consumer / merchant that describes an attribute associated with the consumer /merchant (e.g., a preference, an interest, demographic information, personally identifying information, and the like).
With various embodiments of this invention, the various system components discussed herein may include one or more of the following: a host server or other computing systems including a processor for processing digital data; a memory coupled to the processor for storing digital data;
an input digitizer coupled to the processor for inputting digital data; an application program stored in the memory and accessible by the processor for directing processing of digital data by the processor; a display device coupled to the processor and memory for displaying information derived from digital data processed by the processor; and a plurality of databases. Various databases used herein may include: client data; biometric data; merchant data;
financial institution data; and/or like data useful in the operation of the system.
Various operating system can be used to develop and maintain this invention / solution.
With various embodiments of this invention, the present system or any part(s) or function(s) thereof may be implemented using hardware, software or a combination thereof and may be implemented in one or more computer systems or other processing systems.
However, the manipulations performed by embodiments were often referred to in terms, such as matching or selecting, which are commonly associated with mental operations performed by a human operator. No such capability of a human operator is necessary, or desirable in most cases, in any of the operations described herein. Rather, the operations may be machine operations. Useful machines for performing the various embodiments include general purpose digital computers or similar devices. The computer system includes one or more processors, such as processor. The processor is connected to a communication infrastructure that may include various software embodiments are described in terms of this exemplary computer system. After reading this description, it will become apparent to a person skilled in the relevant art(s) how to implement various embodiments using other computer systems and/or architectures.
Computer system can include a display interface that forwards graphics, text, and other data from the communication infrastructure (or from a frame buffer not shown) for display on a display unit.
With various embodiments of this invention, "Cloud" or "Cloud computing"
includes a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. Cloud computing may include location-independent computing, whereby shared servers provide resources, software, and data to computers and other devices on demand.
With various embodiments of this invention, one skilled in the art will also appreciate that, for security reasons, any databases, systems, devices, servers or other components of the system may consist of any combination thereof at a single location or at multiple locations, wherein each database or system includes any of various suitable security features, such as firewalls, access codes, encryption, decryption, compression, decompression, and/or the like.
Similarly, the software elements of the system may be implemented with any programming or scripting languages.
REFERENCES
U.S. Patent Documents 9,916,432 Storing and retrieving cryptographic keys from biometric data 9,141,951 Electronic transaction verification system with biometric 8,403,213 Time analysis at a banking system controlled by data bearing records 7,614,551 Method and system for securely encoding and decoding biometric data into a memory device using a two dimensional symbol 10,049,673 Synthesized voice authentication engine 8,725,579 Device ID and financial information 8,370,262 System and method for performing secure online transactions 9,984,360 Processing payment transactions without a secure element 9,972,005 Cloud-based transactions methods and systems 9,898,728 System and method for one-time payment authorization in a portable communication device 9,775,029 Embedding cloud-based functionalities in a communication device 9,241,238 Wireless communication system and wireless communication method 9,047,601 Method and apparatus for settling payments using mobile devices 9,978,064 Hosted thin-client interface in a payment authorization system 9,972,047 Systems and methods for performing a purchase transaction using rewards points 8,682,791 Redemption of credit card rewards at a point of sale 9,940,612 Fraud detection in portable payment readers 9,846,875 Electronic transaction verification system with biometric authentication 9,177,314 Method of making secure electronic payments using communications devices and biometric data 9,165,323 Biometric transaction system and method 8,407,142 Managing a universal payment account 7,631,193 Tokenless identification system for authorization of electronic transactions and electronic transmissions 7,620,605 System and method for processing tokenless biometric electronic transmissions using an electronic rule module clearinghouse 6,615,191 Software licensing and distribution systems and methods employing biometric sample authentication
The scope of this invention; just using touch to pay This is Biometric Payment Solution for the modern edge and digital revolution in fintech industry. Today there are more solutions introduced for the digital payments and claiming the security in the different aspects. Most of them are mobile based solution. As mobile is become a part of everyone's life, more mobile solutions are introduced. However Biometric Payment Method (an innovation) is opening all new way to look at the payment solutions.
This solution gives an access to pay anything and everything on your fingertips. One can pay his / her grocery bill by touching biometric touch pad. No Card or Mobile or any other medium is required. All you need is your fingers.
This is most secure way to pay at shop, roam freely around without wallet or mobile. Without fear of identity theft or card stolen or lost. This innovation will give you a freedom to pay by using your fingers. No one else can pay without you or behalf of you; not even your wife.
While carrying cash, cards, mobile devices, or digital wallet are associated with payment methods for merchant transaction or ATM transaction while travelling, communicating under any purchases, transportation or outing, where expenses or small grocery purchases can be made using.
For security of such items while taking services to authorized the permission of securing account information are necessary regardless when far from home and find a convenient way, even to forget such item or steal. So fintech system will require at least one to initiate such kind of services to purchase and unable to use such.
In the example, A person driving car and stopped by; while his friend met, excited to see and move around nearby restaurant; while taking break and relaxing with friend, car has been locked by mistake as key inside, however realised while paying the bill. In such kind of scenario by touch to pay using biometric will be effective.
In another example, Husband are on the way to pick up his wife from airport very early in the morning, as it was unexpected plan to come back, as she has changed her plan.
While husband was unaware and got a call to pick up from airport; he drives the car, while he has noticed that gas/petrol is about to finish and drives his car on gas station/petrol or diesel pump. He realize that he does not carry anything, nor even mobile. Touch to pay is the option in such a scenario.
OBJECTIVE
The main purpose of this invention in fintech industry to secure customer and bank data while a payment transaction(even small grocery transaction) will be processing without carrying mobile, wallet, mobile wallet, any type of debit or credit cards account products based on biometric data.
It reduces the cost of issuing physical cards for financial institution or bank; and its biggest advantage.
BACKGROUND
With various embodiments' background of this invention, includes information that may be useful in understanding the present invention. It is not an admission that any of the information provided herein is prior art or relevant to the presently claimed invention, or that any publication specifically or implicitly referenced is prior art.
A payment gateway/processor for POS/ATMNending Machine/any capable of device, which allows and process transactions using biometric data without use of mobile/cards/wallets by authorized biometric data. Financial institution while issuing accounts (by registering customer using biometric) also assigned virtual biometric account / credit cards to process a transaction. A
Payment transaction does not require any physical payment card or any sort of current mode of transaction information. A payment gateway system will authorized the merchant payment from customer's account using stored biometric data while issued/registered from issuer financial institution. The customer's biometric (all 10 finger-print) and palm (Left and Right) information stored in Bank / Financial Institute server / Cloud server.
The payment switch will route payment transaction from captured biometric information (encrypted data) by using any capable of device to identify an account. This biometric data will be encrypted using security device and in sort of standard existing security biometric encryption algorithm. Routed message will be sent to card management server under the issuer bank /
financial institution using payment method and further interface to host banking or third-parties like VISA/MASTERCARD/AMEX/Diners/etc. Bank or issuer financial system will authorized the payment transaction using captured biometric information against account registered with biometric stored data. In the event of any unauthorized payment transaction against the verification of biometric data registered on issuer server while such discrepancy found against captured such encrypted information using device from transaction decrypted message information.
SUMMARY
A payment gateway processor using point of sale device to initiate the transaction by using biometric information with random generation of 2 or 3 finger combination or single finger scan data to identify the associated account stored against the bank issued Virtual PAN with biometric information without using credit or debit cards or mobile devices.
A payment transaction does not contained or required standard card information to complete the transaction; just by using biometric information. Gateway will expect to process the transaction using encrypted payment request message. Encrypted message / data will use the biometric captured data (using biometric devices) to approve the transaction against stored biometric data in the issuer server/cloud server.
A transaction can be identified using captured biometric information comparison and decline transaction if it differs. In different type of embodiments, the processor may transmit captured biometric data to identify accounts from encrypted message format. Received /
Captured biometric data using security devices (can be used any of exist encryption algorithm method) against stored biometric data in respect to Virtual PAN (primary account number). The Virtual PAN/ account may have domain restriction controls based on date and time of the transaction, an amount, or a merchant and device registered. The processor may receive a payment cryptogram including the transaction details with encrypted biometric data whereas same cryptogram message can be decrypted under same algorithm method (encrypted while captured)which can be used from current running payment transaction or biometric system. The device system may take input from on board instruction by customer/ merchant to further route the message for required message communication information using standard message protocol such as IS08583, IS020022 etc. along with captured biometric data to authenticate using 2 or 3 finger combination scan (random generation combination) or single finger scan to validate against the stored biometric data against same identification of finger print.
The biometric data can be captured under behavioral scan algorithm as issued while registered such account with issuer on various compatible technique. The payment invention system must register customer biometric 10 fingerprint scan characteristics using order with left and right hand as Li, L2, L3, IA, L5, R6, R7, R8, R9, R10 sequence and issue a virtual PAN for credit or debit mode which is digitally stored. Also palm (Left and Right) scan data to be registered and stored for same while conflict of message data to use second factor authentication. The validation data used to verify a payment message against the random 2 or 3 finger combination or single finger included with left and right finger numbering information in the message against the stored 10 finger biometric data accordance with same numbering left and right combination data received.
The payment system may use two-factor verification by palm (Left or Right) scan authentication or PIN/password which has been issued same in response to the stored biometric data while conflict of finger scans data.
The forgoing element and enhancement or feature of invention may be combined in various combinations without exclusivity, unless expressly indicated herein otherwise and under the security standard compliances like PCI-DSS, PA DSS etc. These elements and enhancements or features of invention as well as the operation of the disclosed embodiments will be under the criteria defined by national payment system under listed rules of each specified country. Also these elements and enhancements or features of invention as well as the operation of the disclosed embodiments will become more apparent as per the following description and attached charts and drawings.
The purpose of this invention to overcome the fees charging by bank to the merchant and customer: and direct credit of the goods purchase amount to the merchant's account. The biggest advantage of this invention for bank is to reduce the cost of generating/issuing physical cards and secured data.
BRIEF DESCRIPTION OF DRAWING
These subject and other features, aspects, and advantages of the present invention will become better understood when the following detailed description is read with reference to the accompanying drawings in which representation of characteristics like parts throughout the diagram, wherein:
FIG. 1 illustrates the identification of finger using Left and Right numbering as well as palm scan left or right. The identification number would be sent along with message for validating against the specific finger.
FIG. 2 illustrates a conventional electronic system which processes using biometric authentication of virtual PAN to complete transaction without use of card or mobile or digital wallet, with various embodiments of the invention;
FIG. 3 illustrates with block diagram of a complete payment gateway process to authenticate payment transaction using captured data using any capable of device such as ATM/POS/Vending machine without card or mobile or digital wallet and validate against stored biometric virtual PAN, with various embodiments of the invention; and FIG. 4 illustrates complete flow diagram of communication process based on biometrics, palm, biometric passcodes or PIN (personal identification number), with various embodiments of the invention.
FIG. 5 illustrates the characteristics of further identified and considered for future under such various embodiments represent as same.
DETAILED SPECIFICATION
The detailed specification herein is presented for purposes of illustration only and not to the any limitation. Thus, the detailed specification of various embodiments herein makes reference to the accompanying representation of drawings, flow diagrams and pictures, which show various embodiments by way of illustration. While these various embodiments are described with sufficient detail to enable those technical skilled in the art to practice the disclosure, it should be understood that other embodiments may be realized and that logical and mechanical changes may be made without outstating from the spirit and scope of the disclosure.
For e.g, the steps recited in any of the method or process specification may be executed in any order and are not limited to the order presented. Moreover, any of the functions or steps may be outsourced to or performed by one or more third parties. Furthermore, any reference to singular includes plural embodiments, and any reference to more than one component may include a singular embodiment.
The stored biometric information may be used by a virtual account system to identify and/or authenticate a person associated with a transaction virtual PAN using a biometric device. As used herein, "stored fingerprint", "stored palm scan", or other behavioural and similar phrases may include a digital illustration and/or other illustration of biometric or palm data. A stored data may identify features, edges, dimensions, and other information used to identify the biometric behavioural or physiological such as palm, facial, retinal, fingerprint, vocal, handwriting, gesture, or other biometric information of an individual.
The present disclosure includes processes, methods, and electronic fintech payment products for completing transactions using a virtual PAN associated with biometrics, PIN, and/or palm scan information to identify the registered account holder. The systems may authorize and/or unauthorized transactions based in part on authentication data known to the issued virtual PAN
holder such as a PIN/password, or palm data. Transactions may include all type of bank transaction, any point of sale transaction, bill-payment or purchase, rewards or loyalty point's transaction or any request services by visiting bank branch and all type of ATM transactions unless otherwise mentioned but not limited, or otherwise making changes or payments related to a transaction account. The systems may also approve and/or decline transactions based in part on biometric data inherent to the account holder such as palm scan, facial recognition, fingerprints, voice recognition and/or retinal scans. As such, customer holding account may transact without needing credit card, debit card, or mobile device, digital wallet or wallet containing an account number.
As used herein, "exactly match" or "associated with" or similar phrases may include an identical match, a partial match, meeting certain criteria, matching a subset of data, a correlation, satisfying certain criteria, a correspondence, an association, an algorithmic relationship and/or the like. For example, a first stored information may match a second stored in response to the captured information being sufficiently similar to imply the biometric data of each registered is likely from the same customer or person, even though the source from which the stored registered information are generated may not be exactly identical. Similarly, as used herein, "authenticate" or similar terms may include an exact authentication, a partial authentication, authenticating a subset of data, a correspondence, satisfying certain criteria, an association, an algorithmic relationship and/or the like.
With reference to FIG. 1, A payment system generate the random number combination of finger illustrated as L1, L2, L3, L4, L5, R6, R7, R8, R9, R10 where L5 and R6 represent the thumb of left and right respectively. Where identification of number for biometric finger data has been captured will be stored into communication message to validate against same finger verification.
Also, in case of conflict of data has been found in such cases the second factor authentication requires by using the (left or right) palm scan or biometric password or PIN
against stored virtual PAN while issued.
With reference to FIG. 2, a method I (.1. for enrollment) for processing any type of transactions without using debit, credit cards or mobile device or digital wallet is shown, with various embodiments of the invention. The method I may include a control processor device G in communication with and/or comprising a biometric data device E. Control processor device G
may generate the cryptogram using key security algorithm F to encrypt such message data;
wherein EPOS , computer(laptop, desktop, notebook or tablet), or a set of computers, ATM, point-of-sale device, any cellular or smart phone, any wearable device, or any other device capable of capturing a biometric data device E to collect identifying biometric information data to authenticate stored virtual PAN data for customer's account.
With various embodiments of the invention, biometric data device E may comprise any capable of device by scanning, storing, processing, capturing and/or communicating biometric data or other digital form of biometric data. The biometric data device E include fingerprint scanner, palm scanner, retinal scanner, touch pad, or other form of biometric data devices capable of capturing behavioural biometric data and/or biometric data. The biometric information captured by biometric data device may be encrypted into message in the form of standard payment message format or other representations at control processor device G prior to route into bank server or cloud C over the network. The biometric data prior to route may encrypt the raw biometric data from exposure during communication into network, further route to bank server C. Bank server/cloud C may include one or more devices such as application servers, computers, or other suitable devices.
For larger system, identifying a customer based on Biometrics due to false acceptance rate (FAR) and/or false recognition rate (FRR) being relatively high compared to the number of customers in larger system. In small scale systems potentially having very less number of customers, using biometric identification may be challenging as the FAR and FRR rates virtually guarantee collisions and/or false recognitions when matching a customer to a virtual account. As such, the customer may choose on the POS the issued account to make payment by using palm scan or entering a biometric password or PIN, which issued for authenticate with biometric data.
Additionally, encrypted biometric data may be sent in same standard message format to the backend for verification processing.
Control processing device G may be in communication with bank server C over a payment communication network. The payment network may be local area network using TCP/IP
communication, Wi-Fi, NFC and wide area network in the Internet. The payment communication network may also be an internal network isolated from the Internet. The payment communication networks of method I may be exposed to third party attacks at various points.
Control processing device G and bank server C may thus communicate over the network with encrypted messages.
Encryption may be performed by any of the techniques to generate cryptogram message available in the art or which may later available. E.g., available encryption key techniques may include DUKPT, Racal, and RSA, DSA, PKI, GnuPG or other symmetric or asymmetric algorithms but not limited. While message communicates to such level encryption required as TLS/SSL may be used in conjunction with payload encryption to further secure communications.
With various embodiments of the invention, bank server/cloud C may use the biometric data from a customer account holder in association with a virtual primary account number to access or identify a transaction account associated with the customer account. The virtual PAN may be implying to biometrics such that the virtual PAN is only valid for use with biometric transactions listed herein. Bank server C may retain a mapping of virtual PANs associated may not be one-to-one. A virtual PAN based on each of fingerprint features or other form of behavioural combination thereof, or a subset multiple virtual for the account associated with the customer's account. Stored biometric data will be associated with accounts by storage in a data store specific to virtual issued accounts.
With various embodiments of the invention, the virtual PAN may have any segment, or other limitations as to where and when the virtual PAN may be issued and used.
Domain restriction controls may be implemented upon enrolment. While examples of domain restriction controls may include a value limitation of such transactions, and the authentication method, etc. A bank may issue multiple virtual PANs, for example, to merchants to complete a single transaction. A
bank may also limit transactions based on virtual PANs to any sort of merchant transaction. The mapping may be stored in an appropriate virtual PAN data store D using any DB
or another suitable database type. Merchants may utilize the virtual PAN to calculate the cryptogram sent to bank servers C to request authorization. A cryptogram data may include a hash of the biometric data, transaction details, merchant details, date and time of the transaction, a nonce for reply attack prevention), an indicator that this is an physical transaction,"
without using card or mobile or digital wallet for the authentication methods.
With various embodiments of the invention, bank server may also use authentication data from the customer's account to identify the transaction which associated with the individual. For example, the captured authentication data may be used to choose input associated with the customer's account from a database.
With reference to FIG. 3, a complete payment diagram which will be self-guided from the image itself.
The POS may be an existing POS having biometric capture capabilities and updated with software to enable the functionality described herein. Older POS and ATM
devices without biometric capture capabilities may also integrate hardware updates and/or replacements to enable biometric capture capabilities.
With reference to Fig. 4A, Merchant will initiate the transaction on the secure Biometric /
Merchant device (using the Secured Biometrics Authorization Process) for the customer to make the payment of the goods purchase. Before Merchant initiate the transaction (with Customer's Goods Purchase Amount Details), Merchant will also setup his Credit Settlement Account /
Direct Deposit of the goods purchase amount.
Benefit of this invention is to provide the security to avoid the fraud and tempering the device at merchant end.
With reference to Fig. 4, Customer will authorize the transaction by using Merchant Biometric Device (POS, EPOS, Vending Machine or any capable device and ATM) to capture customer Biometric Authorization data and Goods Purchase transaction / any type transactions details with various selection input(s) on devices provided by Merchant / Consumer; further route to payment processor.
According to Block A, Bank Server will receive the Biometric data and search the transaction account authorization details. To assess the risk associated with the payment transaction, input data can be identified to a fraud and risk of payment processor. The bank server will use the Received Biometric Data as criteria against the stored biometric data to identify the account (Virtual PAN) and authorization.
With various embodiments of the invention, bank server may enroll customer for Biometric authorization process. Customer Biometric data will be captured and stored in the Bank /
Financial Institute server / Cloud Server to issue the account (the Virtual PAN).
Bank server (Fig 2: Block C) may compare the biometric data against the stored Biometric data in the Virtual PAN. Stored Biometric Virtual PAN may be any digital representation of biometric data in non-image form. For further explanation of security based on fingerprints and gestures see U.S. patent application Ser. No. 14/860,375, entitled "SYSTEMS
AND METHODS
FOR GESTURE BASED BIOMETRIC SECURITY," which is incorporated herein in its entirety.
Under the representation of Behavioral and Physiological biometric security features, further explanation of authenticating based on facial recognition see U.S. patent application Ser. No.
14/273,225, entitled "SYSTEMS AND METHODS FOR AUTHENTICATING FACIAL
BIOMETRIC DATA AGAINST SECONDARY SOURCES," which is incorporated herein in its entirety.
With various embodiments, the transaction may also be evaluated on supplementary criteria.
This invention payment method only may be restricted to only register Biometric Authorization Process. Customer who has not registered Biometric Authorization Process, are having limitation of the account (Virtual Pan).
During verification / authorization of biometric data conflict against the stored biometric data, as result of the comparison between the received biometric data and the stored biometric data is ambiguous (Fig 4 : Block C). In response to a strong likelihood that the biometric data does not match or the risk of the transaction is unacceptable, bank server may decline the transaction (Fig 4: Block D).
In response to an ambiguous result from the comparison, the system may request additional authentication and/or biometric data (Fig 4: Block E). A risky transaction may be characterized by risk markers. Examples of risk markers include, for example, a password entry device without protection or a velocity transaction that seems unlikely such as a user conducting two transactions in a short amount of time on same date between two physical locations that are significantly separated by distance. System may use the additional data to authenticate the individual associated with the transaction account by comparing the additional data to known data associated with the account. System may decline the transaction in response to the step-up authentication failing (Fig 4: Block D). In response to the step-up authentication passing, system may continue the transaction with the account (Fig 4: Block G). In continuing the transaction with the account, system may apply additional criteria to evaluate risk, account settings, domain restriction controls for biometric payment transactions, or other criteria prior to authorizing a transaction.
With various embodiments, system illustrated as executing on portion of authorization process of transmitted the biometric data to the Bank server in encrypted mode / format.
Further validation take place on decrypted message on various characteristic of message data.
In event of more than one biometric identifier may be used in order to limit the possibility of false positives allowing for duplicate authentications. For example, the combination of fingerprint from an individual may be used to verify a transaction account belonging to the individual. The biometric data may be supplemented with authentication data such as palm scan and biometric PIN or Password.
System may determine whether the addition data request authorization was successful (Fig 4:
Block G). System may decline the transaction in response to the additional verification being unsuccessful (Fig 4: Block E). System may detect unauthorized transaction by evaluating Biometric data unsuccessful by using the received biometric data and/or authentication data as criteria and receiving an empty results set. System may also detect an unsuccessful transaction by submitting a search query using the biometric data and/or authentication data as criteria and receiving a result set having accounts belonging to more than one individual.
During successful authorization, system may determine with various characteristic of transaction message (which is valid) associated with transaction on the associated account (Fig 4: Block G).
The account associated with the biometric data may also include domain restriction controls for the use of the biometric-based payments. For example, the account may include a daily, total, weekly, or other spending limit on biometric-based transactions. The account may also restrict biometric-based transactions to limited merchant segments in case of emergency such as, for example, food, medical, transportation, or lodging.
In response to the transaction being invalid, system may decline the transaction (Fig 4: Block D).
In response to the transaction characteristics indicating the transaction is valid, system may continue the transaction with the identified account (Fig 4: Block G).
Additional / secondary account holder can be added to the same account by capturing Biometrics measures / data of the secondary account holder and stored / map along with Primary account holder's biometric data. This will enable both, primary and secondary, account holders can perform the payment transaction for the same account using the biometric payment method solution.
Customer account details and / or other biometric data can be stored in the database. Merchant can be authorized biometric device by using his / her biometric data or else by using biometric PIN or password.
Any databases discussed herein may include relational, hierarchical, graphical, block chain, object-oriented structure and/or any other database configurations. Any database can be used to implement this invention / solution.
With various embodiments of this invention, methods can be described herein may be vulnerable to attacks including spoofing, tampering, repudiation, information disclosure, denial of service, and escalation of privilege. Any type of biometric terminals may not be under the control of customers and may be rogue terminals. However biometric terminal device can be authorized before initiating the transaction with additional security of biometric merchant authentication method.
The disclosure and claims in this invention specification can be developed using any combination of rules and various embodiments with specific rules, technologies and programing languages.
Moreover, the claimed invention includes an inventive concept that may be found in the non-conventional and non-generic arrangement of known, conventional pieces and our invention method go way beyond any conventionality of any one of the systems in that the interaction and synergy of the systems leads to additional functionality that is not provided by any one of the systems operating independently.
The disclosure and claims may also include the interaction between multiple different systems, so the disclosure cannot be considered an implementation of a generic computer, or just "apply it" to an abstract process. The disclosure and claims may also be directed to improvements to software with a specific implementation of a solution to a problem in the software arts.
In various embodiments, the method / process may include alerting a subscriber that may include generating customized information and alerting to the subscriber's wireless devices or any other electronic devices by SMS, email or any alert massage standard. Alert message may contain characteristics of transaction details.
With various embodiments of this invention, the system and method may include a graphical user interface for dynamically relocating/rescaling obscured textual information of an underlying window to become automatically viewable to the user. By permitting textual information to be dynamically relocated based on an overlap condition, the computer's ability to display information is improved. More particularly, the method for dynamically relocating textual information within an underlying window displayed in a graphical user interface may comprise displaying a first window containing textual information in a first format within a graphical user interface on a computer screen; displaying a second window within the graphical user interface;
constantly monitoring the boundaries of the first window and the second window to detect an overlap condition where the second window overlaps the first window such that the textual information in the first window is obscured from a user's view; determining the textual information would not be completely viewable if relocated to an unobstructed portion of the first window; calculating a first measure of the area of the first window and a second measure of the area of the unobstructed portion of the first window; calculating a scaling factor which is proportional to the difference between the first measure and the second measure; scaling the textual information based upon the scaling factor; automatically relocating the scaled textual information, by a processor, to the unobscured portion of the first window in a second format during an overlap condition so that the entire scaled textual information is viewable on the computer screen by the user; and automatically returning the relocated scaled textual information, by the processor, to the first format within the first window when the overlap condition no longer exists.
With various embodiments of this invention, merchant biometric system can configured and accessible using any computer device to add / remove third party authorised person with restricted role based access to handle the merchant biometric device.
Innovation system, methods and computer program products are provided. In the detailed description herein, references to "various embodiments", "With various embodiments of this invention", "one embodiment", "an embodiment", "an example embodiment", etc., indicate that the embodiment described may include a particular feature, structure, or characteristic, but every embodiment may not necessarily include the particular feature, structure, or characteristic.
Moreover, such phrases are not necessarily referring to the same embodiment.
Further, when a particular feature, structure, or characteristic is described in connection with an embodiment, it is submitted that it is within the knowledge of one skilled in the art to affect such feature, structure, or characteristic in connection with other embodiments whether or not explicitly described. After reading the description, it will be apparent to one skilled in the relevant art(s) how to implement the disclosure in alternative embodiments.
Terms and phrases similar to "associate" and/or "associating" may include tagging, flagging, correlating, using a look-up table or any other method or system for indicating or creating a relationship between elements, such as, for example, (i) a transaction account and (ii) an item (e.g., offer, reward, discount) and/or digital channel. Moreover, the associating may occur at any point, in response to any suitable action, event, or period of time. The associating may occur at pre-determined intervals, periodic, randomly, once, more than once, or in response to a suitable request or action. Any of the information may be distributed and/or accessed via a software enabled link, wherein the link may be sent via an email, text, post; social network input and/or any other method known in the art.
Phrases and terms similar to "transaction account" or "Virtual PAN (Primary Account Number)"
may include any account that may be used to facilitate a financial transaction.
Phrases and terms similar to "financial institution" or "bank" may include any entity that offers transaction account services. Although often referred to as a "financial institution," the financial institution may represent any type of bank, lender or other type of account issuing institution, such as credit card companies, card sponsoring companies, or third party issuers under contract with financial institutions. It is further noted that other participants may be involved in some phases of the transaction, such as an intermediary settlement institution.
The phrases consumer, merchant, customer, user, account holder, account affiliate, card member or the like shall include any person, entity, business, government organization, business, software, hardware, machine associated with a transaction account, buys merchant offerings offered by one or more merchants using the account and/or who is legally designated for performing transactions on the account, regardless of whether a physical card is associated with the account. For example, the card member may include a transaction account owner, a transaction account user, an account affiliate, a child account user, a subsidiary account user, a beneficiary of an account, a custodian of an account, and/or any other person or entity affiliated or associated with a transaction account.
With various embodiments of this invention, any communication, transmission and/or channel discussed herein may include any system or method for delivering content (e.g.
data, information, mctadata, etc.), and/or the content itself. The content may be presented in any form or medium, and in various embodiments, the content may be delivered electronically and/or capable of being presented electronically. Moreover, examples of mobile device communications include texting, email, and mobile applications for smartphones.
A "consumer profile" or "merchant profile" or "consumer profile data" or "merchant profile data"
may comprise any information or data about a consumer / merchant that describes an attribute associated with the consumer /merchant (e.g., a preference, an interest, demographic information, personally identifying information, and the like).
With various embodiments of this invention, the various system components discussed herein may include one or more of the following: a host server or other computing systems including a processor for processing digital data; a memory coupled to the processor for storing digital data;
an input digitizer coupled to the processor for inputting digital data; an application program stored in the memory and accessible by the processor for directing processing of digital data by the processor; a display device coupled to the processor and memory for displaying information derived from digital data processed by the processor; and a plurality of databases. Various databases used herein may include: client data; biometric data; merchant data;
financial institution data; and/or like data useful in the operation of the system.
Various operating system can be used to develop and maintain this invention / solution.
With various embodiments of this invention, the present system or any part(s) or function(s) thereof may be implemented using hardware, software or a combination thereof and may be implemented in one or more computer systems or other processing systems.
However, the manipulations performed by embodiments were often referred to in terms, such as matching or selecting, which are commonly associated with mental operations performed by a human operator. No such capability of a human operator is necessary, or desirable in most cases, in any of the operations described herein. Rather, the operations may be machine operations. Useful machines for performing the various embodiments include general purpose digital computers or similar devices. The computer system includes one or more processors, such as processor. The processor is connected to a communication infrastructure that may include various software embodiments are described in terms of this exemplary computer system. After reading this description, it will become apparent to a person skilled in the relevant art(s) how to implement various embodiments using other computer systems and/or architectures.
Computer system can include a display interface that forwards graphics, text, and other data from the communication infrastructure (or from a frame buffer not shown) for display on a display unit.
With various embodiments of this invention, "Cloud" or "Cloud computing"
includes a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. Cloud computing may include location-independent computing, whereby shared servers provide resources, software, and data to computers and other devices on demand.
With various embodiments of this invention, one skilled in the art will also appreciate that, for security reasons, any databases, systems, devices, servers or other components of the system may consist of any combination thereof at a single location or at multiple locations, wherein each database or system includes any of various suitable security features, such as firewalls, access codes, encryption, decryption, compression, decompression, and/or the like.
Similarly, the software elements of the system may be implemented with any programming or scripting languages.
REFERENCES
U.S. Patent Documents 9,916,432 Storing and retrieving cryptographic keys from biometric data 9,141,951 Electronic transaction verification system with biometric 8,403,213 Time analysis at a banking system controlled by data bearing records 7,614,551 Method and system for securely encoding and decoding biometric data into a memory device using a two dimensional symbol 10,049,673 Synthesized voice authentication engine 8,725,579 Device ID and financial information 8,370,262 System and method for performing secure online transactions 9,984,360 Processing payment transactions without a secure element 9,972,005 Cloud-based transactions methods and systems 9,898,728 System and method for one-time payment authorization in a portable communication device 9,775,029 Embedding cloud-based functionalities in a communication device 9,241,238 Wireless communication system and wireless communication method 9,047,601 Method and apparatus for settling payments using mobile devices 9,978,064 Hosted thin-client interface in a payment authorization system 9,972,047 Systems and methods for performing a purchase transaction using rewards points 8,682,791 Redemption of credit card rewards at a point of sale 9,940,612 Fraud detection in portable payment readers 9,846,875 Electronic transaction verification system with biometric authentication 9,177,314 Method of making secure electronic payments using communications devices and biometric data 9,165,323 Biometric transaction system and method 8,407,142 Managing a universal payment account 7,631,193 Tokenless identification system for authorization of electronic transactions and electronic transmissions 7,620,605 System and method for processing tokenless biometric electronic transmissions using an electronic rule module clearinghouse 6,615,191 Software licensing and distribution systems and methods employing biometric sample authentication
Claims (10)
1. A process, from payment request message to authorize the transaction using issued biometric information (stored on Bank / Financial Institution server/ cloud) against such virtual PAN or virtual credit card account. Biometric authorization requested data will be random generation of combination of 2 or 3 finger-prints or single finger-prints at the time of transaction initiation.
After providing biometric input from ATM/POS/any form of capable device, data will be encrypted (using security device by secured algorithm) and a standard payment message route for verification. Bank / financial institution will verify biometric details by using payment switch gateway to card issuing server further to host server. A host bank server will identify and authenticate upon message decryption. Biometric information will be verified against stored virtual PAN information (provided at the time of account registration). Upon a successful authorization / match, success message reply sent back for transaction confirmation. In the event of unauthorized transaction or match not found, decline or unsuccessful transaction message response will be sent using standard response information such as IS08583 and IS020022, etc.
After providing biometric input from ATM/POS/any form of capable device, data will be encrypted (using security device by secured algorithm) and a standard payment message route for verification. Bank / financial institution will verify biometric details by using payment switch gateway to card issuing server further to host server. A host bank server will identify and authenticate upon message decryption. Biometric information will be verified against stored virtual PAN information (provided at the time of account registration). Upon a successful authorization / match, success message reply sent back for transaction confirmation. In the event of unauthorized transaction or match not found, decline or unsuccessful transaction message response will be sent using standard response information such as IS08583 and IS020022, etc.
2. Whereas, virtual PAN has restriction against the transaction date & time, amount and merchant details in the message captured by using the secured device.
3. Whereas, further verification by bank / Financial Institute server/cloud server for customer's virtual PAN using behavioural scan at least two or three combination or single finger scan from any fingerprint contained information.
4. Finger-prints requested for any two or three fingers random combination (further identify by L1, L2, L3, L4, L5 and R6, R7, R8, R9, R10) or single finger scan for authentication by device.
Finger scan numbering as described in FIG.1 against stored 10 finger biometric data. Same data will be used for identification.
Refer Fig. 1 for Hand finger with identification and palm identification.
Finger scan numbering as described in FIG.1 against stored 10 finger biometric data. Same data will be used for identification.
Refer Fig. 1 for Hand finger with identification and palm identification.
5. Further authorization request message will be sent to the Bank / Financial Institute server for verification. A standard payment cryptogram message including characteristics of the payment message; issued using the Virtual PAN associated and authorized the payment by replying standard message communication methods. A enrollment process will take place by using biometric information from Bank / Financial Institution, where registration of biometric data stored in secured issuing bank server or cloud server of financial institution, and issued virtual PAN/ account.
6. At the time of encountering unauthorized / declined transaction based on security risk including at least one of a second factor authentication (by palm scan or biometric registered virtual PAN password/PIN without protection) will be requested for authorization. A risk transaction wherein a customer initiates two transactions in a difference amount of time on same date at two physical locations that are significantly separated using merchant and device registered information.
7. Further request message requesting to the bank server, a standard payment cryptogram message, differentiates from the captured biometric information against the stored biometric behavioral information to decline by such response in the reply message.
8. A process by the bank/ Financial Institute server to conduct transaction in the Bank/ Financial Institute branch by using similar point of sale device to credit against other party e.g. fund transfer or similar to cheque paid. This includes all type of transactions (point of sale, rewards, loyalty points, branch transfers or ATM) on any type of device not limited to and allows under the feature of this invention.
9. A EPOS system, or point of sale or any such capable of devices or processor configured to further communication with payment switch or similar process system having such on-pad input instructions to guide customer by selecting input for credit/debit and VISA/MASTERCARD/AMEX/Dinners/ any type of standards to route transaction by selecting such issuer to proper route transaction to the issuer Bank/ Financial Institution associated as issuer; verifying to approve or decline the payment or point of sale transaction against stored biometric information. Also ATM device with capability of biometric captured can perform all transaction as existing system.
10. Wherein the process further describe, a message receiving by the bank/
Financial Institute server, a payment cryptogram including characteristics of the standard transaction message protocols and issued against virtual PAN information; Consider such encryption and decryption of information will take in place where it required by using such algorithm.
Financial Institute server, a payment cryptogram including characteristics of the standard transaction message protocols and issued against virtual PAN information; Consider such encryption and decryption of information will take in place where it required by using such algorithm.
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CA3015041A CA3015041C (en) | 2018-08-20 | 2018-08-20 | Biometric payment transaction without mobile or card |
US16/172,820 US20200058032A1 (en) | 2018-08-20 | 2018-10-28 | Biometric Payment Transaction Without Mobile or Card |
PCT/IN2018/050797 WO2019162957A1 (en) | 2018-08-20 | 2018-11-29 | Biometric payment transaction without mobile or card |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CA3015041A CA3015041C (en) | 2018-08-20 | 2018-08-20 | Biometric payment transaction without mobile or card |
Publications (2)
Publication Number | Publication Date |
---|---|
CA3015041A1 true CA3015041A1 (en) | 2018-12-12 |
CA3015041C CA3015041C (en) | 2019-07-23 |
Family
ID=64655294
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA3015041A Active CA3015041C (en) | 2018-08-20 | 2018-08-20 | Biometric payment transaction without mobile or card |
Country Status (1)
Country | Link |
---|---|
CA (1) | CA3015041C (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11645865B2 (en) | 2021-03-04 | 2023-05-09 | Qualcomm Incorporated | Randomized multi-fingerprint authentication |
-
2018
- 2018-08-20 CA CA3015041A patent/CA3015041C/en active Active
Also Published As
Publication number | Publication date |
---|---|
CA3015041C (en) | 2019-07-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20200058032A1 (en) | Biometric Payment Transaction Without Mobile or Card | |
US20210073821A1 (en) | Proxy device for representing multiple credentials | |
US20240305628A1 (en) | Techniques for token proximity transactions | |
US10771251B1 (en) | Identity management service via virtual passport | |
CN107851254B (en) | Seamless transactions with minimized user input | |
US11157905B2 (en) | Secure on device cardholder authentication using biometric data | |
US8423476B2 (en) | Methods and apparatus for conducting electronic transactions | |
US7505941B2 (en) | Methods and apparatus for conducting electronic transactions using biometrics | |
US20170109752A1 (en) | Utilizing enhanced cardholder authentication token | |
CN112823368B (en) | Tokenized contactless transactions through cloud biometric identification and authentication | |
WO2019162957A1 (en) | Biometric payment transaction without mobile or card | |
RU2728828C2 (en) | Systems and methods for user authentication based on biometric data and device data | |
EP3186739B1 (en) | Secure on device cardholder authentication using biometric data | |
US20190139051A1 (en) | Biometric secure transaction system | |
US20180322501A1 (en) | Systems and methods for registering for card authentication reads | |
US20210241266A1 (en) | Enhancing 3d secure user authentication for online transactions | |
CA3015041C (en) | Biometric payment transaction without mobile or card | |
US20220207526A1 (en) | Secure contactless credential exchange | |
CN116057556A (en) | System and method for user authentication via a short-range transceiver | |
CN117981274A (en) | Remote identity interaction | |
CN118076964A (en) | Efficient and protected data transmission system and method |