CN101473344A - Consumer authentication system and method - Google Patents
Consumer authentication system and method Download PDFInfo
- Publication number
- CN101473344A CN101473344A CNA2007800228745A CN200780022874A CN101473344A CN 101473344 A CN101473344 A CN 101473344A CN A2007800228745 A CNA2007800228745 A CN A2007800228745A CN 200780022874 A CN200780022874 A CN 200780022874A CN 101473344 A CN101473344 A CN 101473344A
- Authority
- CN
- China
- Prior art keywords
- consumer
- challenge
- message
- response message
- authorization
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/085—Payment architectures involving remote charge determination or related payment systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
- G06Q20/3672—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes initialising or reloading thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
- G06Q20/3674—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/385—Payment protocols; Details thereof using an alias or single-use codes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
- G06Q20/105—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems involving programming of a portable memory device, e.g. IC cards, "electronic purses"
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
- G06Q20/204—Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q2220/00—Business processing using cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Engineering & Computer Science (AREA)
- Finance (AREA)
- Theoretical Computer Science (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Strategic Management (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Marketing (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Signal Processing (AREA)
- Technology Law (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Cash Registers Or Receiving Machines (AREA)
- Storage Device Security (AREA)
Abstract
A method for using a secondary PAN is disclosed. The method includes providing a secondary PAN associated with a primary PAN, where the secondary PAN has at least one end portion that is the same as the primary PAN, but has a middle portion of that is different than the primary PAN.
Description
The cross reference of related application
The application is the U.S. Provisional Patent Application of submitting on June 19th, 2,006 60/815, the U.S. Provisional Patent Application 60/815 that on June 20th, No. 059 1 submitted to, the U.S. Provisional Patent Application 60/884 that No. 430 and on January 9th, 2007 submit to, No. 089 non-temporary patent application, and require the right of priority of the submission date of these provisional application.All these applications are herein quoted by integral body for all purposes and are incorporated into this.
Background
The mechanism that has the consumer who guarantees to use such as portable consumer devices such as credits card and be really the consumer who is associated with this credit card is desirable.Fraudulent activities concerning businessman, portable consumer device publisher and other people cost may be very high.
Known have multiple consumer authentication mechanism.In an example of conventional consumer authentication process, the consumer can use its credit card to buy coal gas in gas station.Before this consumer is allowed to buy coal gas and be sent in authentication request message before the publisher of portable consumer device, gas pump can requesting consumption person provide its postcode.This authentication request can be provided as guaranteeing that the consumer is actually a kind of mode of the consumer who is associated with this credit card by businessman.Gas station wants to verify that the consumer is believable, because gas station may bear some risk by the caused any fraudulent activities of purchase of carrying out in this gas station.
Although the authentication method of this routine is effectively, can make multiple improvement.For example, Chang Gui authentication request is normally static.For example, if someone has stolen consumer's portable consumer device and has known this consumer's postcode, then this people still can use this credible portable consumer device to carry out fraudulent trading.In addition, businessman has the finite information about this consumer, and the type of the inquiry that can provide at the consumer place is limited.
Need better to use portable consumer device to authenticate consumer's mode.Various embodiments of the present invention overcome the above problems and other problem individually or jointly.
Summary of the invention
Various embodiments of the present invention can authenticate the consumer.
One embodiment of the invention are at comprising the method that receives the authentication request message that is associated with the consumer who uses portable consumer device to conclude the business.Send challenge message to this consumer, wherein this challenge message is dynamic or partly dynamic.Receive challenge response message from this consumer, and send authorization response message to this consumer.Whether this authorization response message indicates this transaction to be authorized to.
Another embodiment of the present invention is at a kind of method, this method comprises the initiation authorization request message, and wherein this authorization request message is associated with the consumer who concludes the business with portable consumer device and is sent to the publisher who is associated with this portable consumer device; Receive challenge message, wherein this challenge message is dynamic or partly dynamic; And initiate challenge response message subsequently, wherein this challenge response message is in response to this challenge message.Receive authorization response message, wherein whether this authorization response message indicates this transaction to be authorized to.
Another embodiment of the present invention is at a kind of method, and this method is included in the publisher and locates to receive the authorization request message that sends from access device.In response to receiving this authorization request message, before the transaction of authorizing the consumer to carry out, one or more dynamic challenge are offered this consumer.
Another embodiment of the present invention is at a kind of method, this method comprises first authorization request message that reception is associated with the consumer who concludes the business with portable consumer device, send challenge message to this consumer, reception comprises second authorization request message of challenge response message, and send authorization response message to this consumer, wherein whether this authorization response message indicates this transaction to be authorized to.
Another embodiment of the present invention is at a kind of method, this method comprises first authorization request message that transmission is associated with the consumer who concludes the business with portable consumer device, receive challenge message, transmission comprises second authorization request message of challenge response message, and the reception authorization response message, wherein whether this authorization response message indicates this transaction to be authorized to.
Other embodiments of the invention at said method system associated, portable consumer device and computer-readable medium.
Below with reference to accompanying drawing and detailed description these and other embodiment of the present invention has been described in more detail.
Description of drawings
Fig. 1 illustrates the block diagram according to the system of one embodiment of the invention.
Fig. 2 illustrates the block diagram of one type portable consumer device.
Fig. 3 illustrates the planimetric map of the portable consumer device of second type.
Fig. 4 illustrates the illustration process flow diagram of method according to an embodiment of the invention.
Fig. 5 illustrates illustration another process flow diagram of other method according to an embodiment of the invention.
Fig. 6 illustrates the block diagram of some authenticated connection of various embodiments of the present invention.
Fig. 7 illustrates the block diagram of computer installation.
Describe in detail
Current, use the consumer authentication of challenge usually to carry out at the businessman place. Disappear with portable in permission Before the purchase-transaction of expense person's equipment carried out, businessman required such as signs such as driving licenses to the consumer. At some In the situation, provide more the consumer authentication process possibility of " rear end " better, so that publisher and/or payment place Reason tissue (as, Visa (Visa)) can verify consumer's identity. Publisher and/or payment processes tissue Have more data about this consumer than businessman, authenticate this consumption thereby be in better position The person. For example, the publisher has the address such as the consumer, mother's the information such as nee name. In addition, distribution Merchant and payment processes tissue have information such as nearest purchase information and customer buying behavior. Any this The information of kind all can be used to help to authenticate the consumer in purchase-transaction.
Therefore, in various embodiments of the present invention, have payment processes tissue about consumer's information, Publisher or any other non-merchant entities can propose challenge to the consumer and authenticate this consumption The person. Challenge can be static, wherein to the same problem of each purchase-transaction inquiry, or moving Attitude, wherein passage can be inquired different problems in time.
The problem of inquiring also can have, and (half is dynamic or dynamically complete) static state or dynamic answers. For example, problem " when your birthday is? " require static the answer, can not change because answer. Problem " you Postcode what are? " it requires half dynamic the answer, because can change or can change once in a while. After, problem " 4 of you what having been bought? " yesterday afternoon to require dynamic answer, frequently change because answer Become. Therefore, in each preferred embodiment, " the reality that challenge preferably has based on publisher's most probable The time " information. For example, the consumer may be asked more specifically problem, as " you went out at Mexican last night Have a meal in the dining room? " by providing based on more specifically consumer's inquiry of knowledge, guaranteed recognizing the consumer Card.
In one embodiment, the method comprises that the use portable consumer device carries out such as friendships such as purchase-transactions Easily. Portable consumer device can be credit card or similar devices. Purchase-transaction can occur in have all Businessman place such as access devices such as point of sales terminals.
The consumer can and advance such as access devices such as point of sales terminals with this portable consumer device Row is mutual and start this process. Authentication request message, this message can be initiated and be generated subsequently to point of sales terminal After this can be sent to payment processing network, and be sent to subsequently the distribution of this portable consumer device The merchant. When payment processing network or publisher receive this authentication request message, analyze this message. Give birth to subsequently Becoming can be dynamic or half dynamic challenge message in essence, and sends it to the consumer. Challenge message Can be sent back to access device, or the portable consumer device that sends to the consumer is (for example, portable Consumer device is in the situation of mobile phone).
This consumer provides the response to this challenge message subsequently. Receiving this challenge response from this consumer disappears Breath. If this challenge response message is verified subsequently and it is verified, then analyze authorization response message with really Whether fixed this transaction is authorized to the (account that for example, has enough funds or this consumer among this consumer's the account There are enough credit lines in the family). If this transaction is authorized to, then publisher and in addition payment processes Network sends authorization response message to this consumer. Whether this authorization response message indicates this transaction to be authorized to.
In above and following described each specific embodiment, described challenge in detail, but various embodiments of the present invention are not limited thereto.Various embodiments of the present invention generally can relate to the challenge message that use can comprise challenge.In certain embodiments, following will the description in more detail, challenge message can by or can not read by the consumer, and can address inquires to consumer's authenticity with direct or indirect mode.The problem that the example of challenge comprises the portable consumer device that relates to the consumer (for example, what is the CVV2 of your card backside or card proof test value?), consumer's position (for example, what is your postcode?), the consumer move or landline telephone (for example, what is your Mobile Directory Number?), consumer's personal information (for example, what is your mother's nee name?) etc.Not that the example of the challenge message of the problem clearly answered by the consumer comprises to phone and automatically inquires about its position or telephone number and fetch the message of this information.Another example of challenge message can be the message that code (or other authentication token) is provided to phone, and uses this code will authenticate this user at the access device place.
I. system
Fig. 1 illustrates illustration example system 20 according to an embodiment of the invention.Other system according to other embodiments of the invention can comprise than more or less assembly illustrated in fig. 1.
System 20 shown in Fig. 1 comprises businessman 22 and the acquirer 24 who is associated with businessman 22.In typical payment transaction, consumer 30 can use portable consumer device 32 to buy commodity or service at businessman 22 places.Businessman 22 can be entity businessman or electronics businessman (e-merchant).Acquirer 24 can communicate with publisher 28 via payment processing network 26.Businessman 22 can alternatively be directly connected to payment processing network 26.
Consumer 30 can be individual or such as the tissues such as company that can buy commodity or service.In other embodiments, consumer 30 can only be the individual who wants to carry out to wait such as money transfer transactions or the transaction at the ATM place transaction of certain other type.Consumer 30 is operate wireless phone 34 randomly.
The illustrative portable consumer device 32 of phone form ' can comprise computer-readable medium and body as shown in Figure 2.(Fig. 2 illustrates a plurality of assemblies, and can comprise any suitable combination or the subclass of these assemblies according to the portable consumer device of various embodiments of the present invention.) computer-readable medium 32 (b) can be present in the body 32 (h), or can separate with it.Body 32 (h) can be the form of plastic, shell or other structure.Computer-readable medium 32 (b) can be the storage memory of data and can be any suitable form, comprise magnetic stripe, memory chip etc.Storer is preferably stored such as Financial Information, traffic information (for example, at subway or train critical point), discrepancy information information such as (for example, in the certificates of coming in and going out).Financial Information can comprise such as bank account information, bank identifier number (BIN), credit or debit card information, account balance information, the term of validity, such as information such as consumer information such as name, birthdays.Any of these information all can be sent by portable consumer device 32.
Information in the storer can also be the form of the data track that is associated with credit card traditionally.These magnetic tracks comprise magnetic track 1 and magnetic track 2.Magnetic track 1 (" International Air Transport Association ") is stored more information than magnetic track 2, and comprises name and account number and other arbitrary data of holder.This magnetic track is used when guaranteeing house seat with credit card by airline sometimes.Magnetic track 2 (" Banking Association ") is current the most generally use.This is the magnetic track that is read by ATM and credit card verifier.It all must be observed by standard and whole world bank that ABA (Banking Association) has designed this magnetic track.It comprises cardholder account, encrypted PIN data, adds other arbitrary data.
Contactless element 32 (g) can use near-field communication (" NFC ") ability (or near field communication medium) to transmit and receive data according to standardization agreement or data transmission mechanism (for example, ISO 14443/NFC) usually.Near field communications capability is the short-haul connections ability, as RFID, Bluetooth
TM(bluetooth), infrared, maybe can be used to other data transmission capabilities of swap data between portable consumer device 32 and inquiry unit.Therefore, portable consumer device 32 can transmit and transmits data and/or steering order via cellular network and near field communications capability.
If portable consumer device is the form of debit card, credit card or smart card, then this portable consumer device can also randomly have such as features such as magnetic stripes.This equipment can be operated with contact or contactless pattern.
The example of portable consumer device 32 " of card form is shown in Figure 3.Fig. 3 illustrates plastic 32 (m).The contactless element 32 (o) that is used for carrying out interface with access device 34 can be present in plastic 32 (m) and go up or be embedded in wherein.Can be printed or be stamped on the card such as consumer informations 32 (p) such as account number, the term of validity and consumer's names.Equally, magnetic stripe 32 (n) also can be on plastic 32 (m).
As shown in Figure 3, portable consumer device 32 " can comprise magnetic stripe 32 (n) and contactless element 32 (o) both.In other embodiments, magnetic stripe 32 (n) and contactless element 32 (o) both can be in portable consumer device 32 ".In other embodiments, perhaps magnetic stripe 32 (n) or contactless element 32 (o) may reside among portable consumer device 32 ".
Payment processing network 26 can comprise data process subsystem, network and operations such as being used to support and transmitting authorization service, abnormal document service and clearance and clearing service.The exemplary payment process network can comprise VisaNet
TMSuch as VisaNet
TMCan handle the business transaction of credit card trade, debit card transactions and other type etc. payment processing network.Particularly, VisaNet
TMComprise the VIP system (Visa integrated payment system) that handles authorization requests and carry out clearance and the Base II system of clearing service.
Payment processing network 26 can comprise server computer.Computing machine that server computer is normally powerful or computer cluster.For example, server computer can be mainframe computer, small-size computer group or the group of server that operates as a unit.In an example, server computer can be to be coupled to web data in server storehouse server.Payment processing network 26 can be used any suitable wired or wireless network, comprises the Internet.
As shown in Figure 1, payment processing network 26 can comprise server 26 (a), and it can comprise challenge engine 26 (a)-1.Server 26 (a) can also be communicated by letter with challenge database 26 (c) with transaction history data storehouse 26 (b).Following will the description in more detail, challenge engine 26 (a)-1 can extract challenge simply from the challenge database 26 (c).Alternatively or additionally, challenge engine 26 (a)-1 can use the information in the transaction history data storehouse 26 (b) to generate challenge.
Following will the explanation in more detail, challenge can be static or dynamic in essence.For example, challenge engine 26 (a)-1 can receive authorization request message, and this authorization request message can comprise consumer's account number and buy the amount of money.It can search consumer's account number and any consumer information that is associated with this consumer's account number subsequently.After this it can retrieve suitable problem or can generate suitable challenge independently from challenge database 26 (c).For example, in some cases, after receiving authorization request message, challenge engine 26 (a)-1 can be from challenge database 26 (c) search problem " what your Mobile Directory Number is? "Alternatively, challenge engine 26 (a)-1 can generate such as " you used this credit card in McDonald last night? " etc. dynamic problem.Information about the particular restaurant at consumer place 30 day before yesterday can retrieve from transaction history data storehouse 26 (b).
Challenge database 26 (c) can be filled with the problem of any adequate types.These problems (for example can relate to position in the past, the city that the current residence of consumer, consumer visit recently) or current location (current location in the shop at the current place of consumer), the consumer is staying or the type of the businessman of having visited in the past and title, consumer's family or personal data (for example, name, telephone number, social security number etc.), or the like.Problem in the challenge database 26 (c) can generate and be stored in subsequently in the challenge database 26 (c) by challenge engine 26 (a)-1.
Alternatively, or additionally, challenge can generate and be stored in subsequently the challenge database 26 (c) from external source.For example, consumer 30 can use browser on personal computer or the similar devices via coming to provide concrete challenge to server 26 (a) such as communication media (not shown) such as the Internets.
In certain embodiments, the consumer can determine to inquire the kind and/or the quantity of his or she challenge.For example, this consumer wants to be inquired three challenge if the consumer can specify this consumer to go to the jeweler's shop, if only ask a problem but this consumer goes to the fast food restaurant.The type of the problem that the consumer proposed can be based on businessman's type, purchase frequency etc.Describe in No. 10/093,002, the U.S. Patent application that some aspect that relates to user-defined authorization parameter was submitted on March 5th, 2005, it is quoted in conjunction with therewith by integral body for all purposes.
In each preferred embodiment, challenge is to derive in the transaction data in the past from transaction history data storehouse 26 (b).Passage in time, consumer 30 may carry out many transaction with payment processing network 26 (and/or publisher 28).Passage in time, this payment transaction information can be stored in the transaction history data storehouse 26 (b), and can use Transaction Information to generate challenge.The Transaction Information in past provides the good basis that is used to authenticate consumer 30, has carried out what transaction in the past because consumer 30 will know consumer 30.For example, the consumer may use its credit card to pay hotel room 30 day before yesterday in New York, and next day may by the inquiry such as " you stayed in the hotel in New York yesterday? " etc. problem.In another example, the consumer may buy the article that surpass $2000 30 day before yesterday, and next day may by inquiry " you carried out surpassing the shopping of $2000 yesterday? " the question/response of presenting to consumer 30 can be free form in essence and/or can comprise answer such as multiselect or true-pre-formatting that users such as false answer can therefrom select.
Businessman 22 also can have can carry out mutual access device 34 with portable consumer device 32 maybe can be from its received communication.Access device according to various embodiments of the present invention can be any suitable form.The example of access device comprises point of sale (POS) equipment, cell phone, PDA, personal computer (PC), board PC, handheld specialized reader, set-top box, electronic cash register (ECR), Automatic Teller Machine (ATM), virtual cashing machine (VCR), telephone booth, security system, connecting system etc.
If access device 34 is point of sales terminals, then any suitable point of sales terminal can use, and comprises card reader.Card reader can comprise any suitable contact or contactless operator scheme.For example, exemplary card readers can comprise with portable consumer device 32 and carries out mutual RF (radio frequency) antenna, magnetic stripe reader etc.
Publisher 28 can be bank or other tissue that can have with consumer's 30 accounts associated.Publisher 26 can operate the server 28 (a) that can have challenge engine 28 (a)-1.Can communicate by letter with server 28 (a) with challenge database 28 (c) in transaction history data storehouse 26 (b).Publisher's server 28 (a), challenge engine 28 (a)-1, transaction history data storehouse 26 (b) and challenge database 28 (c) can be operated with mode identical with challenge database 28 (c) with payment processing network server 28 (a), challenge engine 28 (a)-1, transaction history data storehouse 28 (b) or different modes.More than go for element 28 (a), 28 (a)-1,28 (b) and 28 (c) about the description of element 26 (a), 26 (a)-1,26 (b) and 26 (c).
Various embodiments of the present invention are not limited to the various embodiments described above.For example, although for publisher, payment processing network and acquirer illustrate independent functional block, some entity is carried out whole or any suitable combinations of these functions and can be included in the various embodiments of the present invention.Other assembly also can be included in the various embodiments of the present invention.
Fig. 7 illustrates the typical components or the subsystem of computer installation.Any subclass of these assemblies or these assemblies may reside in each assembly shown in Fig. 1, comprises access device 34, server computer 26 (a), 28 (a) etc.Each subsystem shown in Fig. 7 interconnects via system bus 775.Show such as printer 774, keyboard 778, shaft collar 779, be coupled to the other subsystems such as monitor 776 of video adapter 782.The periphery and I/O (I/O) equipment that are coupled to I/O controller 771 can be by being connected to computer system such as any amount of means well known in the art such as serial ports 777.For example, serial port 777 or external interface 781 can be used to computer installation is connected to such as wide area networks such as the Internet, mouse input equipment or scanner.Interconnection via system bus 775 allows central processing unit 773 and each subsystem communication and control from the execution of the instruction of system storage 772 or shaft collar 779 and the message exchange between each subsystem.System storage 772 and/or shaft collar 779 can be embodied as computer-readable medium.
II. method
Can method according to various embodiments of the present invention be described with reference to figure 1 and Fig. 4.In typical purchase-transaction, consumer 30 uses such as portable consumer devices such as credit card 32 and buys commodity or service at businessman 22 places.Consumer's portable consumer device 32 can with businessman 22 places carry out mutual (step 102) such as access devices 34 such as POS (point of sale) terminals.For example, consumer 30 can hold credit card and it can be brushed suitable groove in the POS terminal.Alternatively, the POS terminal can be contactless reader, and portable consumer device 32 can be such as contactless devices such as non-contact cards.
First authorization request message is forwarded to acquirer 24 subsequently.After acquirer 24 received this first authorization request message, this first authorization request message was sent to payment processing network 26 (step 104) subsequently.This first authorization request message is located to be received and payment processing network server 26 (a) need to determine whether to address inquires to subsequently at payment processing network server 26 (a) subsequently.
Can use various criterions need to determine whether to address inquires to.For example, payment processing network server 26 (a) can determine that particular transaction is high-value transactions (for example, surpass $1000) and therefore to address inquires to be suitable.In another example, payment processing network server 26 (a) can determine that it is suitable having certain to suspect and can determine in view of the above to address inquires to current transaction.For example, payment processing network server 26 (a) can determine that portable consumer device 32 current different with consumer's state, local positions are used, and nearest this consumer of purchase history display of consumer is not in travelling.
In case it determines to address inquires to concerning current transaction is suitable, then challenge engine 26 (a)-1 can read (Local or Remote) challenge (step 108) subsequently.In certain embodiments, challenge engine 26 (a)-1 can be from challenge database 26 (c) search problem.
At this some place, be not to send first authorization request message to publisher 26, payment processing network 26 is beamed back access device 34 (step 110) via businessman 22 and acquirer 24 with first authorization response message.First authorization response message can comprise the data of expression challenge engine 26 (a)-1 previous challenge request that obtain.This challenge request can be the challenge that is sent by the rear end, or to order access device, send inquiry based on the problem of one group of prestrain in the access device.This first authorization response message can be characterized as being tentatively decline, because it does not indicate the approval transaction.
In case 34 places receive this challenge at access device, then consumer 30 provides challenge response to access device 34.Can in any suitable manner challenge response be offered access device 34 (for example, by keypad, contactless reader etc.).In case access device 34 receives this challenge response, then access device 34 is forwarded to payment processing network server 26 (a) via businessman 22 and acquirer 24 with this challenge response subsequently, and it is received (step 122) by them.This challenge response (or addressing inquires to and response or inquiry pointer and response) message can be the part of second authorization request message.
Payment processing network server 26 (a) is confirmed this challenge response message (step 114) subsequently.If this challenge response message is not identified, then payment processing network server 26 (a) can be beamed back the not approved response message of this transaction of indication to access device 34.Alternatively or additionally, payment processing network server 26 (a) can send another challenge to access device 34.On the other hand, if this inquiry is identified, then payment processing network server 26 (a) can send second authorization request message (step 116) to publisher 28, and consumer 30 has satisfied the indication of any inquiry that payment processing network 26 proposed.
After publisher 28 received this second authorization requests, publisher 28 used publisher's server 28 (a) to determine this transaction (step 118) that be authorized to or that be not authorized to.This transaction can not have enough funds or credit line because of consumer 30 and is not authorized to.If consumer 30 has enough funds or credit line, then publisher 28 can beam back second authorization response message (step 122) that this transaction of indication is authorized to access device 34 via payment processing network 26, acquirer 24 and businessman 22 subsequently.
When checking out, transaction processing system 26 can be cleared and settlement process normally.The clearance process is that exchange finance is detailed so that to consumer's account's posting and the process of checking account with consumer's clearing position between acquirer and publisher.Clearance and clearing can take place simultaneously.
A plurality of alternative embodiments also are possible.For example, publisher 28 can generate challenge, and except or replace payment processing network 26, can send it to consumer 30.Publisher's 28 operated challenge engine 28 (b)-1, transaction history data storehouse 28 (b) and challenge databases 26 (c) can be used with above-mentioned and be used by the identical or different mode of payment processing network 26 operated challenge engine 26 (b)-1, transaction history data storehouse 26 (b) and challenge database 26 (c).
In the various embodiments described above, there are two authorization request message to be sent to payment processing network 26 (and/or publisher 28).This is desirable, because existing payment processing network has " timer " that is provided with at the each point place between access device 34 and publisher 28 during the payment authorization process.This timer to the payment authorization process during each incident timing should take place how long to carry out.This timer can be set up and be embodied as computer code at acquirer 24, payment processing network 26 and publisher 28 places.For example, the timer at acquirer 24, payment processing network 26 and publisher 28 places can correspondingly be set to 3 seconds, 6 seconds and 10 seconds.If do not receive authorization request message in these corresponding times, then some incident can be triggered.For example, if 10 seconds inherent publisher 28 places do not receive authorization request message, then error message can be beamed back access device 34, requires businessman 22 to resubmit authorization request message.If before challenge request during the licensing process was created, and at this authorization request message arrival publisher 28, then publisher's timer can trigger the incident that indication has made a mistake.During single licensing process, create challenge request and respond and to conflict mutually with the timer that is pre-stored in the payment system.
By use at least two authorization request message in two independent licensing processs, above-mentioned timer is advantageously uninfluenced.Timer needn't be changed to consumer 30 and send challenge.This allows various embodiments of the present invention to use and need not to make change widely with existing payment foundation structure in various embodiments of the present invention.As a comparison, if take place to use the challenge retrieval of single authorization request message during the payment authorization process, then it may postpone this authorization request message and the change to the timer that exists in the payment processing system is necessitated.
These at least two authorization request message can have such as information such as BIN (bank identifier number), dealing money, account number, service code.It can also comprise about the same dealing money of ongoing transaction and/or different dealing money.For example, first authorization request message can have actual dealing money, and second authorization request message can have 0 dollar of amount of money or other identifier is submitted with the previous authorization requests that indication has dealing money.In certain embodiments, can use transaction code to link first and second authorization requests.
Can be characterized as being " closed conduit (closed channel) " process with reference to figure 4 described methods, because access device 34 receives challenge and response to this challenge is provided.Yet other embodiments of the invention can be used open channel (open channel) solution, and challenge can be sent to the equipment except the access device that sends first authorization response message by this.
Can example according to the open channel method of various embodiments of the present invention be described with reference to figure 1 and Fig. 5.In typical purchase-transaction, consumer 30 uses such as portable consumer devices such as credit card 32 and buys commodity or service at businessman 22 places.Consumer's portable consumer device 32 can with businessman 22 places carry out mutual (step 202) such as access devices 34 such as POS (point of sale) terminals.For example, consumer 30 can hold credit card and it can be brushed suitable groove in the POS terminal.Alternatively, the POS terminal can be contactless reader, and portable consumer device 32 can be such as contactless devices such as non-contact cards.
First authorization request message is forwarded to acquirer 24 subsequently.After receiving this first authorization request message, this first authorization request message is sent to payment processing network 26 (204) subsequently.This first authorization request message is located to be received and payment processing network server 26 (a) need to determine whether to address inquires to subsequently at payment processing network server 26 (a).
Can use various criterions need to determine whether to address inquires to.For example, payment processing network server 26 (a) can determine that particular transaction is high-value transactions (for example, surpass $1000) and therefore to address inquires to be suitable.In another example, payment processing network server 26 (a) can determine that it is suitable having certain to suspect and can determine in view of the above to address inquires to current transaction.
In case it determines to address inquires to concerning current transaction is suitable, then challenge engine 26 (a)-1 can read (Local or Remote) challenge (step 208) subsequently.In certain embodiments, challenge engine 26 (a)-1 can be from challenge database 26 (c) search problem.
Be not to send first authorization request message to publisher 26, and be not that first authorization response message is beamed back access device 34, payment processing network 26 is beamed back consumer's the mobile phone 34 (step 210) or the access device of other type with first authorization response message.This first authorization response message can be beamed back consumer's mobile phone 34.This can directly or by a certain intermediate entities finish.First authorization response message can comprise expression before by the data of challenge engine 26 (a)-1 challenge request that is obtained.This first authorization response message can be characterized as being tentatively decline, because it does not indicate the approval transaction.
In case 34 places receive this challenge at mobile phone, then consumer 30 provides challenge response (step 212) to access device 34.Access device 34 is forwarded to payment processing network server 26 (a) via businessman 22 and acquirer 24 with this challenge response subsequently, and it is received (step 214) by them.Challenge response message can be the part of second authorization response message.
Notice that though described the challenge that the user answers on one's own initiative in detail with reference to figure 5, the challenge request of other type also can be sent to mobile phone 34.For example, in some cases, challenge request may not require the answer that consumer 30 provides on one's own initiative.Passive answer to challenge request can be provided.For example, in certain embodiments, the challenge request that is provided for mobile phone 34 can be the inquiry about the physical location of mobile phone 34.Mobile phone 34 can have GPS equipment or other positioning equipment and this information (or such as out of Memory such as passwords) can be sent to payment processing network 26, and payment processing network 26 can use this positional information to authenticate consumer 34.
In case payment processing network server 26 (a) receives challenge response message, then payment processing network server 26 (a) is confirmed this challenge response message (step 216) subsequently.If this challenge response message is not identified, then payment processing network server 26 (a) can be beamed back the not approved response message of this transaction of indication to access device 34.Alternatively or additionally, payment processing network server 26 (a) can send another challenge message to access device 34 and/or mobile phone 34.On the other hand, if this inquiry is identified, then payment processing network server 26 (a) can send second authorization request message (step 218) to publisher 28 subsequently, and consumer 30 has satisfied the indication of any inquiry that payment processing network 26 proposed.
After publisher 28 received this second authorization requests, publisher 28 used publisher's server 28 (a) to determine this transaction (step 220) that be authorized to or that be not authorized to.This transaction can not have enough funds or credit line because of consumer 30 and is not authorized to.If consumer 30 has enough funds or credit line, then publisher 28 can beam back second authorization response message (step 222) that this transaction of indication is authorized to access device 34 via payment processing network 26, acquirer 24 and businessman 22 subsequently.
When checkout, transaction processing system 26 can be cleared and settlement process normally.The clearance process is that exchange finance is detailed so that to consumer's account's posting and the process of checking account with consumer's clearing position between acquirer and publisher.Clearance and clearing can take place simultaneously.
A plurality of alternative embodiments also are possible.For example, publisher 28 can generate challenge, and except or replace payment processing network 26, can send it to mobile phone 34.Publisher's 28 operated challenge engine 28 (b)-1, transaction history data storehouse 28 (b) and challenge databases 26 (c) can be used with above-mentioned and be used by the identical or different mode of payment processing network 26 operated challenge engine 26 (b)-1, transaction history data storehouse 26 (b) and challenge database 26 (c).
In another embodiment, replace the transmission challenge, payment processing network server 26 (a) can send electronic coupons to consumer's mobile phone 34.Payment processing network 26 can be determined to address inquires to be suitable and can to send these electronic coupons to phone 34.After receiving these electronic coupons, the consumer can be prompted to use this reward voucher at access device 34 places subsequently.If consumer 30 uses this reward voucher at access device 34 places, then access device 34 is transmitted this reward voucher to payment processing network 26, and the reception of 26 pairs of these reward vouchers of payment processing network indication consumer 30 is certified.Incredible consumer thinks that consumer 30 is believable, because can not have consumer's phone 34.
III. transaction authentication
Above-mentioned inquiry verification process is to be used to authenticate consumer's process and can is the part of bigger overall " transaction authentication " process.
Fig. 6 illustrates conceptual block diagram 110, and the authentication of purchase-transaction can have various aspects.These aspects comprise that the consumer of portable consumer device authentication 100 (a), consumer authentication 100 (b), the back-end processing 100 (c) that comprises real-time venture analysis and purchase-transaction notifies 100 (d).
The portable consumer device authentication relates to the authentication to portable consumer device.That is, in the portable consumer device verification process, making about the portable consumer device that is used in this purchase-transaction is the judgement of the portable consumer device of believable portable consumer device or personation.The concrete example technique that is used to improve to the authentication of portable consumer device comprises:
On the portable consumer device such as dynamic CVV such as magnetic stripe card
Card security feature (existing and new)
Contactless chip (restriction is used)
The magnetic stripe sign
Card verifying value (CVV and CVV2)
Contact EMV chip
Consumer authentication relates to the whether owner of portable consumer device or the judgement of authorized user about the people that concludes the business.Traditional consumer authentication process is undertaken by businessman.For example, before carrying out business transaction with the credit cardholder, businessman can ask to check this credit cardholder's driving license.Authentication consumer's alternate manner will be desirable, because the consumer authentication of locating in businessman is not all to take place in each case.The concrete example of improving the possible method of consumer authentication process comprises following at least:
Challenge response based on knowledge
Hardware token (many solution options)
OTP (one-time password, restriction is used)
AVS (not as independently solution)
Signature
Software token
PIN (on-line)
User ID/password
Dual channel road verification process (for example, via phone)
Bio-measurement
Back-end processing relates to the processing that can occur in the non-merchant location of publisher or payment processing network or other place.Can locate to carry out various processes to assist in ensuring that ongoing any transaction all is believable in " rear end " of payment transaction.Back-end processing can also prevent the transaction that should not be authorized to, and can allow the transaction that should be authorized to.
At last, consumer notice be transaction authentication on the other hand.In some cases, can notify consumer's purchase-transaction to take place or take place.If consumer's notified (for example, via cell phone) is just using its portable consumer device to conclude the business, and in fact this consumer do not carrying out this transaction, then can take appropriate steps to prevent the generation of concluding the business.The concrete example of consumer's notification procedure comprises:
Purchase notice via SMS
Purchase notice via e-mail
Purchase notice by phone
The U.S. Provisional Patent Application of submitting on June 19th, 2006 about certain some other details of above-mentioned each side 60/815, the U.S. Provisional Patent Application 60/815 that on June 20th, No. 059 1 submitted to, the U.S. Provisional Patent Application 60/884 that No. 430 and on January 9th, 2007 submit to, describe in No. 089, these provisional application are quoted by integral body for all purposes and are incorporated into this.The detail of each concrete aspect can be combined in any suitable manner and not be deviated from the spirit and scope of various embodiments of the present invention.For example, portable consumer device authentication, consumer authentication, back-end processing and consumer transaction notice can be combined in certain embodiments of the present invention all.Yet other embodiments of the invention can be at the specific embodiment that relates to each independent aspect, or the concrete combination of these independent aspects.
Should be appreciated that as mentioned above the present invention can realize with the form of steering logic with modularization or the integrated mode software that uses a computer.Based on open and teaching mentioned herein, those skilled in the art will appreciate that and recognize and use the combination of hardware and hardware and software to realize alternate manner of the present invention and/or method.
Any component software of Miao Shuing or function all can be implemented as by processor and use such as, the software code of carrying out such as any suitable computereses such as using Java, C++ conventional or OO technology or Perl for example in this application.Software code can be used as a series of instructions or order and is stored in such as random-access memory (ram) or ROM (read-only memory) (ROM), such as magnetic medium such as hard disk or floppy disk or such as on the computer-readable mediums such as optical medium such as CD-ROM.Any this computer-readable medium can reside on the single calculation element or within, and can be present on the various computing device in system or the network or within.
Above instructions is illustrative and nonrestrictive.After those skilled in the art are referring to the disclosure, many modification of the present invention will become apparent.Therefore, scope of the present invention should not determine with reference to above description, but opposite, should with reference to claims with and four corner or equivalents determine.
Can combine with one or more features of any other embodiment and do not deviate from scope of the present invention from one or more features of any embodiment.
Narration to " one ", " one " or " being somebody's turn to do " is intended to expression " one or more ", unless indication is on the contrary particularly arranged.
Above-mentioned all patents, patented claim, publication and description are quoted by integral body for all purposes and are incorporated into this.They are not considered to be prior art.
Claims (31)
1. method comprises:
Receive the authorization request message that is associated with the consumer who concludes the business with portable consumer device;
Send challenge message to described consumer, wherein said challenge message is dynamic or partly dynamic;
Receive challenge response message from described consumer; And
Send authorization response message to described consumer, whether wherein said authorization response message indicates described transaction to be authorized to.
2. the method for claim 1 is characterized in that, described portable consumer device is the form of card or mobile phone.
3. the method for claim 1 is characterized in that, described challenge message comprises dynamic problem.
4. the method for claim 1 is characterized in that, described challenge is dynamic, and uses described consumer's transactions history to create described challenge.
5. the method for claim 1, it is characterized in that, described authorization request message receives at the payment processing network place, and wherein said payment processing network sends described challenge message and receives described challenge response message from described consumer to described consumer, if and described consumer provides correct challenge response message, then:
Described authorization request message is forwarded to the publisher of described portable consumer device; And
Before described authorization response message is sent to described consumer, receive described authorization response message from described publisher.
6. method as claimed in claim 5 is characterized in that described transaction relates to businessman, and wherein said authorization response message sends to described consumer by the access device by businessman's operation.
7. method as claimed in claim 5 is characterized in that described transaction relates to businessman, and wherein said authorization response message is sent to described portable consumer device.
8. the method for claim 1, it is characterized in that, described authorization request message is located to receive the publisher, and described publisher sends to described challenge message described consumer and receives described challenge response message from described consumer, and wherein said publisher is before sending described authorization response message to described consumer, and whether the described challenge response message of also analyzing from described consumer provides correct challenge response message with definite described consumer.
9. the method for claim 1 is characterized in that, described challenge message comprises dynamic problem, and uses described consumer's position to create described challenge message.
10. computer-readable medium comprises:
Be used to carry out the code of the method for claim 1.
11. server computer that comprises computer-readable medium as claimed in claim 10.
12. system that comprises server computer as claimed in claim 11.
13. a system comprises:
Be used to receive the device of the authorization request message that is associated with the consumer who concludes the business with portable consumer device;
Be used for sending to described consumer the device of challenge message, wherein said challenge is dynamic or partly dynamic;
Be used for receiving the device of challenge response message from described consumer; And
Be used for sending to described consumer the device of authorization response message, whether wherein said authorization response message indicates described transaction to be authorized to.
14. a method comprises:
Initiate authorization request message, wherein said authorization request message is associated with the consumer who concludes the business with portable consumer device and is sent to the publisher who is associated with described portable consumer device;
Receive challenge message, wherein said challenge message is dynamic or partly dynamic;
Initiation challenge response message, wherein said challenge response message are in response to described challenge message; And
Receive authorization response message, whether wherein said authorization response message indicates described transaction to be authorized to.
15. method as claimed in claim 14 is characterized in that, described authorization request message and described challenge are by initiating as a side's who concludes the business businessman or at least one side of described consumer.
16. a computer-readable medium comprises:
Be used to initiate the code of authorization request message, wherein said authorization request message is associated with the consumer who concludes the business with portable consumer device and is sent to the publisher who is associated with described portable consumer device;
Be used to receive the code of challenge message, wherein said challenge message is dynamic or partly dynamic;
Be used to initiate the code of challenge response message, wherein said challenge response message is in response to described challenge message; And
Be used to receive the code of authorization response message, whether wherein said authorization response message indicates described transaction to be authorized to.
17. phone that comprises computer-readable medium as claimed in claim 16.
18. a system comprises:
Be used to initiate the device of authorization request message, wherein said authorization request message is associated with the consumer who concludes the business with portable consumer device and is sent to the publisher who is associated with described portable consumer device;
Be used to receive the device of challenge message, wherein said challenge message is dynamic or partly dynamic;
Be used to initiate the device of challenge response message, wherein said challenge response message is in response to described challenge message; And
Be used to receive the device of authorization response message, whether wherein said authorization response message indicates described transaction to be authorized to.
19. an authentication method comprises:
Locate to receive the authorization request message that sends from access device the publisher; And
In response to receiving described authorization requests, before authorized transactions, provide one or more dynamic challenge to described consumer.
20. method as claimed in claim 19 is characterized in that, described dynamic challenge be generate by described publisher and relate to the transaction that the consumer was carried out in the past.
21. a computer-readable medium comprises:
Be used for locating to receive the code of the authorization request message that sends from access device the publisher; And
Be used for before authorizing the transaction that the consumer carried out, providing the code of one or more dynamic challenge to described consumer.
22. a method comprises:
Receive first authorization request message that is associated with the consumer who concludes the business with portable consumer device;
Send challenge message to described consumer;
Reception comprises second authorization request message of challenge response message; And
Send authorization response message, whether wherein said authorization response message indicates described transaction to be authorized to.
23. method as claimed in claim 22 is characterized in that, described challenge message is sent to the mobile phone of described consumer's operation.
24. computer-readable medium that comprises the code that is used to carry out method as claimed in claim 22.
25. server that comprises computer-readable medium as claimed in claim 24.
26. a method comprises:
Send first authorization request message that is associated with the consumer who concludes the business with portable consumer device;
Receive challenge message;
Transmission comprises second authorization request message of challenge response message; And
Receive authorization response message, whether wherein said authorization response message indicates described transaction to be authorized to.
27. method as claimed in claim 26, it is characterized in that, described challenge message is to receive at the mobile phone place by described consumer operation, and wherein said authorization response message receives at the access device place, and wherein said access device comprises point of sales terminal.
28. method as claimed in claim 26 is characterized in that, described challenge message challenge.
29. computer-readable medium that comprises the code that is used to carry out method as claimed in claim 26.
30. point of sale device that comprises computer-readable medium as claimed in claim 29.
31. method as claimed in claim 22 is characterized in that, described challenge message is passive and does not require described consumer's active response.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710173504.7A CN106936587B (en) | 2006-06-19 | 2007-06-15 | Consumer authentication system and method |
Applications Claiming Priority (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US81505906P | 2006-06-19 | 2006-06-19 | |
| US60/815,059 | 2006-06-19 | ||
| US60/815,430 | 2006-06-20 | ||
| US60/884,089 | 2007-01-09 |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710173504.7A Division CN106936587B (en) | 2006-06-19 | 2007-06-15 | Consumer authentication system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101473344A true CN101473344A (en) | 2009-07-01 |
Family
ID=40829560
Family Applications (6)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710173504.7A Active CN106936587B (en) | 2006-06-19 | 2007-06-15 | Consumer authentication system and method |
| CNA2007800228745A Pending CN101473344A (en) | 2006-06-19 | 2007-06-15 | Consumer authentication system and method |
| CN200780022875.XA Active CN101485128B (en) | 2006-06-19 | 2007-06-15 | Portable consumer device verification system |
| CN200780027259.3A Active CN101512957B (en) | 2006-06-19 | 2007-06-18 | Use the transaction authentication of network |
| CN2007800295538A Active CN101502031B (en) | 2006-06-19 | 2007-06-18 | Verification error reduction system |
| CN201710270542.4A Withdrawn CN107067246A (en) | 2006-06-19 | 2007-06-18 | Use the transaction authentication of network |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710173504.7A Active CN106936587B (en) | 2006-06-19 | 2007-06-15 | Consumer authentication system and method |
Family Applications After (4)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200780022875.XA Active CN101485128B (en) | 2006-06-19 | 2007-06-15 | Portable consumer device verification system |
| CN200780027259.3A Active CN101512957B (en) | 2006-06-19 | 2007-06-18 | Use the transaction authentication of network |
| CN2007800295538A Active CN101502031B (en) | 2006-06-19 | 2007-06-18 | Verification error reduction system |
| CN201710270542.4A Withdrawn CN107067246A (en) | 2006-06-19 | 2007-06-18 | Use the transaction authentication of network |
Country Status (1)
| Country | Link |
|---|---|
| CN (6) | CN106936587B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103514536A (en) * | 2012-06-28 | 2014-01-15 | 马克西姆综合产品公司 | Secure payments with untrusted devices |
| CN104126189A (en) * | 2012-07-16 | 2014-10-29 | 美新纳瑞私人有限公司 | Authorization of transactions |
| CN105447691A (en) * | 2014-09-23 | 2016-03-30 | 索尼公司 | E-card transaction authorization based on geographic location |
| CN105490810A (en) * | 2014-09-19 | 2016-04-13 | 腾讯科技(深圳)有限公司 | Method and device for processing virtual resource data and system |
| CN105610865A (en) * | 2016-02-18 | 2016-05-25 | 中国银联股份有限公司 | Method and device for authenticating identity of user based on transaction data |
| CN107209895A (en) * | 2015-01-26 | 2017-09-26 | 维萨国际服务协会 | Direct fund transfer process |
| CN107278306A (en) * | 2014-12-30 | 2017-10-20 | 威斯科数据安全国际有限公司 | User authentication based on personal visit history |
| US20220231866A1 (en) * | 2019-05-29 | 2022-07-21 | Visa International Service Association | System and Method for Dynamic Knowledge-Based Authentication |
Families Citing this family (59)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104200145B (en) | 2007-09-24 | 2020-10-27 | 苹果公司 | Embedded verification system in electronic device |
| US8600120B2 (en) | 2008-01-03 | 2013-12-03 | Apple Inc. | Personal computing device control using face detection and recognition |
| US9715681B2 (en) | 2009-04-28 | 2017-07-25 | Visa International Service Association | Verification of portable consumer devices |
| US8534564B2 (en) * | 2009-05-15 | 2013-09-17 | Ayman Hammad | Integration of verification tokens with mobile communication devices |
| US8893967B2 (en) | 2009-05-15 | 2014-11-25 | Visa International Service Association | Secure Communication of payment information to merchants using a verification token |
| US9038886B2 (en) | 2009-05-15 | 2015-05-26 | Visa International Service Association | Verification of portable consumer devices |
| US9105027B2 (en) | 2009-05-15 | 2015-08-11 | Visa International Service Association | Verification of portable consumer device for secure services |
| US9633351B2 (en) * | 2009-11-05 | 2017-04-25 | Visa International Service Association | Encryption switch processing |
| US9424413B2 (en) | 2010-02-24 | 2016-08-23 | Visa International Service Association | Integration of payment capability into secure elements of computers |
| AU2011237715B2 (en) | 2010-04-09 | 2014-12-18 | Visa International Service Association | System and method for securely validating transactions |
| CA2724297C (en) * | 2010-12-14 | 2013-11-12 | Xtreme Mobility Inc. | System and method for authenticating transactions through a mobile device |
| CN103282929B (en) * | 2010-12-23 | 2020-04-10 | 贝宝公司 | Method and system for operating mobile device to complete ATM transaction of account holder |
| CN103733203B (en) * | 2011-06-13 | 2017-03-29 | 意法半导体亚太私人有限公司 | Delay or forgery and/or the clone of blocking member |
| US9002322B2 (en) * | 2011-09-29 | 2015-04-07 | Apple Inc. | Authentication with secondary approver |
| EP2795428A4 (en) * | 2011-12-21 | 2016-02-17 | Mashinery Pty Ltd | Gesture-based device |
| US10282724B2 (en) | 2012-03-06 | 2019-05-07 | Visa International Service Association | Security system incorporating mobile device |
| EP3379441B1 (en) * | 2012-06-11 | 2019-12-18 | Samsung Electronics Co., Ltd. | Mobile device and control method thereof |
| CN104685519A (en) * | 2012-08-30 | 2015-06-03 | 黄金富 | Bank card accounting system with dynamic risk management and corresponding method |
| KR101316466B1 (en) * | 2012-11-20 | 2013-10-08 | 신한카드 주식회사 | Mobile transaction system using dynamic track 2 data and method using the same |
| KR101354388B1 (en) * | 2012-12-12 | 2014-01-23 | 신한카드 주식회사 | Generating method for one time code |
| DE102013201027A1 (en) * | 2013-01-23 | 2014-07-24 | Bundesdruckerei Gmbh | Method for authenticating a user to a vending machine |
| WO2014143776A2 (en) | 2013-03-15 | 2014-09-18 | Bodhi Technology Ventures Llc | Providing remote interactions with host device using a wireless device |
| AU2014306259A1 (en) * | 2013-08-08 | 2016-02-25 | Visa International Service Association | Methods and systems for provisioning mobile devices with payment credentials |
| US9898642B2 (en) | 2013-09-09 | 2018-02-20 | Apple Inc. | Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs |
| CN104639517B (en) * | 2013-11-15 | 2019-09-17 | 阿里巴巴集团控股有限公司 | The method and apparatus for carrying out authentication using human body biological characteristics |
| CA2884611C (en) * | 2014-03-12 | 2024-04-16 | Scott Lawson Hambleton | System and method for authorizing a debit transaction without user authentication |
| US9483763B2 (en) | 2014-05-29 | 2016-11-01 | Apple Inc. | User interface for payments |
| WO2015183367A1 (en) | 2014-05-30 | 2015-12-03 | Apple Inc. | Continuity |
| US10140615B2 (en) | 2014-09-22 | 2018-11-27 | Visa International Service Association | Secure mobile device credential provisioning using risk decision non-overrides |
| CN105809494A (en) * | 2014-12-30 | 2016-07-27 | 航天信息股份有限公司 | method and system for invoice generation and invoice verification |
| US20160321627A1 (en) * | 2015-04-29 | 2016-11-03 | Ncr Corporation | Biometric authentication of pre-staged self-service terminal transactions |
| CN106603237B (en) * | 2015-10-16 | 2022-02-08 | 中兴通讯股份有限公司 | Safe payment method and device |
| US10621581B2 (en) | 2016-06-11 | 2020-04-14 | Apple Inc. | User interface for transactions |
| DK201670622A1 (en) | 2016-06-12 | 2018-02-12 | Apple Inc | User interfaces for transactions |
| US10496808B2 (en) | 2016-10-25 | 2019-12-03 | Apple Inc. | User interface for managing access to credentials for use in an operation |
| US11431836B2 (en) | 2017-05-02 | 2022-08-30 | Apple Inc. | Methods and interfaces for initiating media playback |
| US10992795B2 (en) | 2017-05-16 | 2021-04-27 | Apple Inc. | Methods and interfaces for home media control |
| US20220279063A1 (en) | 2017-05-16 | 2022-09-01 | Apple Inc. | Methods and interfaces for home media control |
| CN111343060B (en) | 2017-05-16 | 2022-02-11 | 苹果公司 | Method and interface for home media control |
| CN107277017A (en) * | 2017-06-22 | 2017-10-20 | 北京洋浦伟业科技发展有限公司 | Purview certification method, apparatus and system based on encryption key and device-fingerprint |
| SG10201707194TA (en) * | 2017-09-05 | 2019-04-29 | Mastercard Asia Pacific Pte Ltd | Methods for Authenticating a User, Input Devices, and Computer-readable Media |
| JP6736686B1 (en) | 2017-09-09 | 2020-08-05 | アップル インコーポレイテッドApple Inc. | Implementation of biometrics |
| KR102185854B1 (en) | 2017-09-09 | 2020-12-02 | 애플 인크. | Implementation of biometric authentication |
| CN107563756B (en) * | 2017-10-23 | 2018-07-06 | 福州领头虎软件有限公司 | The verification method and system of a kind of electronic evidence |
| CN109818906B (en) * | 2017-11-21 | 2022-04-15 | 深圳市腾讯计算机系统有限公司 | Equipment fingerprint information processing method and device and server |
| CN108038694B (en) * | 2017-12-11 | 2019-03-29 | 飞天诚信科技股份有限公司 | A kind of fiscard and its working method with fingerprint authentication function |
| US11170085B2 (en) | 2018-06-03 | 2021-11-09 | Apple Inc. | Implementation of biometric authentication |
| US10860096B2 (en) | 2018-09-28 | 2020-12-08 | Apple Inc. | Device control using gaze information |
| US11100349B2 (en) | 2018-09-28 | 2021-08-24 | Apple Inc. | Audio assisted enrollment |
| CN109934709A (en) | 2018-11-05 | 2019-06-25 | 阿里巴巴集团控股有限公司 | Data processing method, device and server based on block chain |
| WO2020174289A2 (en) | 2019-02-27 | 2020-09-03 | Louisiana-Pacific Corporation | Fire-resistant manufactured-wood based siding |
| US10825023B2 (en) | 2019-04-10 | 2020-11-03 | Advanced New Technologies Co., Ltd. | Verification method and apparatus for user signing fast payment with bank card |
| US11010121B2 (en) | 2019-05-31 | 2021-05-18 | Apple Inc. | User interfaces for audio media control |
| KR102436985B1 (en) | 2019-05-31 | 2022-08-29 | 애플 인크. | User interface for controlling audio media |
| US11388006B2 (en) * | 2019-09-03 | 2022-07-12 | Google Llc | Systems and methods for authenticated control of content delivery |
| US11816194B2 (en) | 2020-06-21 | 2023-11-14 | Apple Inc. | User interfaces for managing secure operations |
| US11392291B2 (en) | 2020-09-25 | 2022-07-19 | Apple Inc. | Methods and interfaces for media control with dynamic feedback |
| US11847378B2 (en) | 2021-06-06 | 2023-12-19 | Apple Inc. | User interfaces for audio routing |
| US11784956B2 (en) | 2021-09-20 | 2023-10-10 | Apple Inc. | Requests to add assets to an asset account |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5163097A (en) * | 1991-08-07 | 1992-11-10 | Dynamicserve, Ltd. | Method and apparatus for providing secure access to a limited access system |
| US5577121A (en) * | 1994-06-09 | 1996-11-19 | Electronic Payment Services, Inc. | Transaction system for integrated circuit cards |
| US6850916B1 (en) * | 1998-04-27 | 2005-02-01 | Esignx Corporation | Portable electronic charge and authorization devices and methods therefor |
| US6980660B1 (en) * | 1999-05-21 | 2005-12-27 | International Business Machines Corporation | Method and apparatus for efficiently initializing mobile wireless devices |
| CA2418096A1 (en) * | 2000-06-28 | 2002-01-03 | Patentek, Inc. | Method and system of securely collecting, storing, and transmitting information |
| US6816058B2 (en) * | 2001-04-26 | 2004-11-09 | Mcgregor Christopher M | Bio-metric smart card, bio-metric smart card reader and method of use |
| CN1435985A (en) * | 2002-01-30 | 2003-08-13 | 鸿联九五信息产业股份有限公司 | Dynamic cipher safety system and dynamic cipher generating method |
| CN1508746A (en) * | 2002-12-18 | 2004-06-30 | 薛永嘉 | Personal identity information integrating apparatus |
| BRPI0507070A (en) * | 2004-01-23 | 2007-06-19 | Mastercard International Inc | methods for conducting a secure financial transaction and systems for conducting a secure financial transaction between a merchant and an account owner |
-
2007
- 2007-06-15 CN CN201710173504.7A patent/CN106936587B/en active Active
- 2007-06-15 CN CNA2007800228745A patent/CN101473344A/en active Pending
- 2007-06-15 CN CN200780022875.XA patent/CN101485128B/en active Active
- 2007-06-18 CN CN200780027259.3A patent/CN101512957B/en active Active
- 2007-06-18 CN CN2007800295538A patent/CN101502031B/en active Active
- 2007-06-18 CN CN201710270542.4A patent/CN107067246A/en not_active Withdrawn
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9858560B2 (en) | 2012-06-28 | 2018-01-02 | Maxim Integrated Products, Inc. | Secure payments with untrusted devices |
| US11341472B2 (en) | 2012-06-28 | 2022-05-24 | Maxim Integrated Products, Inc. | Secure payments with untrusted devices |
| CN103514536A (en) * | 2012-06-28 | 2014-01-15 | 马克西姆综合产品公司 | Secure payments with untrusted devices |
| CN104126189A (en) * | 2012-07-16 | 2014-10-29 | 美新纳瑞私人有限公司 | Authorization of transactions |
| CN105490810A (en) * | 2014-09-19 | 2016-04-13 | 腾讯科技(深圳)有限公司 | Method and device for processing virtual resource data and system |
| CN105490810B (en) * | 2014-09-19 | 2020-06-23 | 腾讯科技(深圳)有限公司 | Method, device and system for processing virtual resource data |
| CN105447691A (en) * | 2014-09-23 | 2016-03-30 | 索尼公司 | E-card transaction authorization based on geographic location |
| CN107278306A (en) * | 2014-12-30 | 2017-10-20 | 威斯科数据安全国际有限公司 | User authentication based on personal visit history |
| CN107209895A (en) * | 2015-01-26 | 2017-09-26 | 维萨国际服务协会 | Direct fund transfer process |
| TWI685805B (en) * | 2016-02-18 | 2020-02-21 | 大陸商中國銀聯股份有限公司 | Method and device for authenticating user identity based on transaction data |
| WO2017140190A1 (en) * | 2016-02-18 | 2017-08-24 | 中国银联股份有限公司 | Method and device for authenticating user identity based on transaction data |
| CN105610865A (en) * | 2016-02-18 | 2016-05-25 | 中国银联股份有限公司 | Method and device for authenticating identity of user based on transaction data |
| US20220231866A1 (en) * | 2019-05-29 | 2022-07-21 | Visa International Service Association | System and Method for Dynamic Knowledge-Based Authentication |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106936587A (en) | 2017-07-07 |
| CN101502031B (en) | 2013-02-27 |
| CN106936587B (en) | 2020-05-12 |
| CN101512957B (en) | 2017-12-29 |
| CN107067246A (en) | 2017-08-18 |
| CN101502031A (en) | 2009-08-05 |
| CN101485128A (en) | 2009-07-15 |
| CN101485128B (en) | 2016-08-03 |
| CN101512957A (en) | 2009-08-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20230004957A1 (en) | Consumer authentication system and method | |
| US10755271B2 (en) | Location based authentication | |
| CN101473344A (en) | Consumer authentication system and method | |
| US8706621B2 (en) | Secure checkout and challenge systems and methods | |
| US8565723B2 (en) | Onetime passwords for mobile wallets | |
| WO2022159345A1 (en) | Mobile user authentication system and method | |
| RU2461065C2 (en) | Consumer authentication system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20090701 |