GB2469025A - Verification of a payment card transaction - Google Patents

Verification of a payment card transaction Download PDF

Info

Publication number
GB2469025A
GB2469025A GB0905388A GB0905388A GB2469025A GB 2469025 A GB2469025 A GB 2469025A GB 0905388 A GB0905388 A GB 0905388A GB 0905388 A GB0905388 A GB 0905388A GB 2469025 A GB2469025 A GB 2469025A
Authority
GB
United Kingdom
Prior art keywords
card
location
mobile telephone
server
payment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB0905388A
Other versions
GB0905388D0 (en
Inventor
David Redpath
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
X122 Co
Original Assignee
X122 Co
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by X122 Co filed Critical X122 Co
Priority to GB0905388A priority Critical patent/GB2469025A/en
Publication of GB0905388D0 publication Critical patent/GB0905388D0/en
Publication of GB2469025A publication Critical patent/GB2469025A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/353Payments by cards read by M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
    • G06F17/60
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3224Transactions dependent on location of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/326Payment applications installed on the mobile devices
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The present invention provides a system and method for verification of a payment card transaction. The system comprises a retailer payment card reader 1 for receiving card details from a payment card 3; a retailer server 7; and a payment card issuer sever 12, 13. The payment card reader 1 is arranged to transmit details of the payment card 3 to the retailer server 7. From the card details, the retailer server 7 identifies the payment card issuer and provides the card issuer server 10 with card details obtained from the card 3. The retailer server 7 also identifies the location of the payment card reader 1 and issues a transaction authorisation request. The card issuer sever 10 stores mobile telephone numbers associated with card holders 2 and identifies the mobile telephone number of the card holder associated with the received card details, issues a location enquiry of the card holder's mobile telephone 16 and authorises or declines the transaction depending, partly, on the location of the mobile telephone 16. The card issuer server 10 has means for receiving a communication from the card holder 2, permitting the card holder to temporarily modify the verification process such that for a temporary period the location of the card holder's mobile telephone 16 need not match the location of the card reader 1 for a transaction to be authorised.

Description

Verification of a Payment Card Transaction The present invention relates to a system and method for verification of a payment card transaction and particularly, but not exclusively by a transaction conducted by means of a chip and PIN' payment card.
For the purposes of this specification, a payment card is defined as any card used for the payments of goods or services, or for the recordal of other transaction types and includes not only credit and debit cards, but other cards where values other than monetary values may be credited to, or debited from, an account.
Transactions conducted by means of a payment card have in the past, commonly been made by a retailer or merchant taking an imprint of a card holders card on a payment slip and obtaining the card holder's signature on the imprinted payment slip, on which the transaction amount was also recorded. Such systems have been replaced by electronic card readers, which originally used a magnetic strip on the card to obtain details relating to the card. To reduce fraudulent use of the payment cards, in some countries all debit and credit cards are now of the "chip and PIN" cards, where the card has an electronic chip on which data is stored. A card holder first enters his card into the card reader, which card reader then requires the card holder to enter his personal identification number (PIN) into the card reader in order to conduct a transaction.
In systems where a card reader is employed, the card reader can connect during the transaction to an acquirer server, typically at the bank of the retailer, which in turn contacts a server of the card issuer, for example a bank, or a card scheme used by the card issuer, for example MasterCard TM or VISA TMto obtain authorisation for the transaction, prior to completing the transaction.
The universal adoption of chip and PIN technology throughout a country means that virtually all transactions an individual makes with a payment card, other than Internet or telephone transactions, will be made using a card reader. This together with the common use of mobile telephones has enabled a system to be proposed whereby, if a card holder desires an additional level of security, then the known location of the card reader requesting authorisation for a transaction, is compared with the location of the card holders mobile telephone, provided by the appropriate mobile telephone network operator. The system verifies the transaction if the mobile telephone is in the same location as the retailer card reader.
A system using the position of a mobile telephone associated with the card holder to verify a card transaction by the card holder is disclosed in International patent application, publication number WO 2004/070492 A3. Such a system offers significant advantages because, although a card and telephone could be stolen together, this is less likely to occur and a card holder is very likely to notice that he is no longer in possession of his mobile telephone, even though he may not immediately realise that a payment card is missing from a wallet or purse. However, there are some disadvantages of this proposal and it is the object of the present invention to provide an improved system.
According to the first aspect present invention, there is provided a system for verification of a payment card transaction, the system comprising: a payment card reader associated with a retailer, or merchant, for receiving card details from a payment card; an acquirer server; and a payment card issuer sever, wherein: the payment card reader is arranged to transmit details of the payment card to the acquirer server as part of a transaction process; the acquirer server is arranged to identifiy from the card details the payment card issuer, to contact the card issuer server and provide the card issuer server with card details obtained from the payment card together with data from which the location of the payment card reader can be determined; the card issuer sever is arranged to store a plurality of mobile telephone numbers associated with respective card holders, identify the mobile telephone number of the card holder associated with the received card details, issue an enquiry regarding the location of a mobile telephone associated with that mobile number to a mobile telephone network and to authorise or decline the transaction depending, at least in part, on the location information received from the telephone network; and wherein the card issuer server has means for receiving a communication from the card holder, permitting the card holder to temporarily modify the verification process such that for a temporary period the location of the card holder's mobile telephone need not match the location of the card reader for a transaction to be authorised.
A system in accordance with the present invention enables a card holder to contact a card issuer server responsible for authorising a transaction, possibly by means of logging in to an online or telephone banking service, such that he may temporarily modify the verification process for a temporary period. This permits the card holder who for some reason does not have a telephone with him, to advise the card issuer server accordingly and to then, for a temporary period, continue making transactions with his payment card without the requirement for the mobile telephone to be present. The temporary period may last for a predetermined period of time, for example 24 hours, or may be reset at a predetermined time, for example 3 o'clock the next morning.
The card reader may be connected to the acquirer server via a point of sale device or to a retailer server, possibly via a point of sale device. A plurality of payment card readers, at the same location may be similarly connected to such a retail retailer server. In this case a general indication of the location of the retailer server will be a sufficient indication of the location of the card reader. Alternatively, a retailer server may be at a location remote from the card reader or from a plurality of card readers of the retailer, which may themselves be at different locations. In this case the retailer server will need to know the location of each card reader and convey this to the card issuer server via the acquirer server.
The card reader, point of sale or retailer server may transmit location data, or the acquirer server may use the identity of the card reader, point of sale or retailer server to identify the location from data stored within the acquirer server.
The location data may be in any convenient format, for example latitude and longitude coordinates or a postal area.
In one embodiment, the card issuer server is arranged to provide the location of the payment card reader to the mobile telephone network and receive a response advising whether the mobile telephone network is at the said location. This avoids the need for the telephone network to divulge the location of the mobile telephone. Alternatively, the card issuer server may be arranged to request the location of mobile telephone associated with the card holder and then compare the location received from the telephone network with the location of the payment card reader (or point of sale / retailer server, as may be appropriate). This requires the mobile telephone network to divulge the location of the mobile telephone to the card issuer server, but then enables the card issuer server (which is responsible for authorising the transaction) to set parameters by which it considers the card holder's mobile telephone to be at the same location as the card reader where a transaction is to be authorised on the card holder's card.
The system of the invention may further comprise a card location server, wherein the card issuer server is arranged to issue an enquiry regarding the location of the mobile telephone by transmitting the location of the card to the card location server; the card location server being arranged to issue an enquiry to the appropriate telephone network and make a comparison of the location of the payment card reader and the location of the card holders mobile telephone supplied in response to the enquiry, establish if the locations are the same and conirnunicate this to the card issuer server.
For the purposes of this specification, the card issuer server' may not be a single entity but is a term used to describe a computer or computer system associated with the card issuer or acting under the instructions of the card issuer, and may be at an establishment of a company contracted by the card issuers to provide card location services.
Similarly, what is termed the acquirer server' for the purposes of this specification need not be a single server but may be a computer system of the acquirer or a computer system over which the acquirer has some control, possibly by contracting services to a third party such as a party administering a card scheme. All the connections referred to may be by way of one or more intermediaries.
The card issuer server may be arranged to be accessed by the card holder via a password protected web portal. This will enable the card holder to modify the verification process from any computer having Internet access. Alternatively this can be done by the card holder logging in to an online banking service or phoning in to a telephone banking service.
Advantageously, the card issuer server may be arranged to be accessed by the card holder and receive from that card holder the location of a computer from where the card holder will be making an online transaction. The card issuer server can then be arranged to, for a temporary period, compare this locations with the location of the card holder's mobile telephone when the card holder's card details are received from an online retailer requiring authorisation of a transaction in that period. In this way, the verification process can be extended to Internet transactions, whereby the card holder will effectively authorise online transactions for a temporary period, but only if the online transaction is performed when his mobile telephone is at the specified location.
The card issuer server may be arranged to be accessed by the card holder and to receive details of any foreign country the card holder intends visiting, together with the dates when he will be in that country. The card issuer server can then be arranged to require verification of the card holder's mobile telephone location from a telephone network responding to an enquiry relating to the location of the card holder's mobile telephone, or to suspend for said dates the requirement for such verification, in dependence of the telephone services known by the card issuer server to be supported in the country to which the card holder intends to travel. This permits a card holder travelling abroad to identify to the card issuer server his intention to travel to a particular country. This will enable the card issuer to identify whether appropriate telephone services are available in that country to permit the normal verification process to continue. If they are not and the mobile telephone cannot subsequently be located, transactions can then be authorised for the said period without employing the normal verification process.
Preferably, the card reader is a personal identification number (PIN) entry device, however the invention is equally applicable to card readers obtaining data from the magnetic stripe of a payment card.
According to a second aspect of the invention, there is provided a method of verifying a payment card transaction, the method comprising: receiving payment card details from a card reader associated with a retailer or merchant which has requested authorisation of a transaction and determining the location of the a payment card reader; comparing the payment card details with stored data and identifying a mobile telephone number of a card holder of the card; issuing an enquiry regarding the location of the mobile telephone having the said telephone number to an appropriate mobile telephone network; and authorising or declining the translation in dependence on, at least in part, the location information received in response to the enquiry, the method further comprising permitting the card holder to temporarily modify the verification process, such that for that temporary period the location of the card holder's mobile telephone need not match the location of the card reader for a transaction to be authorised The present invention will now be described by way of example, with reference to the accompanying figure, which figure schematically illustrates one possible configuration of components of a system for verification of a payment card transaction, in accordance with the present invention.
Referring to Figure 1, a system for verification of payment card transactions comprises a card reader 1, in the form of a PIN entry device into which a card holder 2 inserts his payment card 3 having an electronic chip 4 mounted therein. The card reader 1 is connected via a line 5, which alternatively could be a wireless link, to a retailer point of sale device 6. The retailer point of sale device 6 is in turn connected by a link 8 to a retailer server 7, which may be on the same premises as the point of sale device 6, or may for example be at a head office location. The retailer server is in turn connected by link 9 to the server 10 of the acquirer, which will typically be a bank providing card transaction services for the retailer. In an alternative arrangement the card reader 3 could be connected to the acquirer server 10 directly, via a point of sale device directly connected to the acquirer server 10 or by connecting directly with the retail server 7.
The acquirer server 10 is connected via link 11 to one or any number of card issuer servers. One card issuer server 12 is illustrated, which is associated with payment card 3 of card holder 2. The card issuer server 12 is connected to a card locator server 13. These could be one of the same server or could be implemented by two servers, as shown, at separate locations. The card locator server 13 may be managed by a separate company contracted to the card issuer to provide card location services and such services may be provided to more than one card issuer.
The card issuer server 12 has a data store 1 2a storing payment card details with the associated mobile telephone numbers of card holders of the respective cards.
The card location server 13 is connected via link 14 with a mobile telephone network 15. The mobile telephone network 15 provides location based services for mobile telephones on the network and thus knows or can determine the location of mobile telephones using the network and can determine the location of the mobile telephone 16 of the card holder 2.
The card holder 2 has access to a computer 17, which may for example be at his home or his office which can connect over the Internet 18 with online retailer 19 and with the card issuer server 12. The online retailer 19 can also connect to his acquirer server 10 via link 20.
When making a transaction at a retailers premises, the card holder 2 inserts his payment card 3 into card reader 1 associated with a retailer and types in his PIN to confirm his identity. The card details are transmitted via the point of sale 6 and retail server 7 to acquirer server 10. The retail server 7 at the same time as providing the card details to the acquirer server 10, requests authorisation for a transaction to be made by the card holder 2.
The acquirer server 10 identifies the location of the card reader 1, either by its association with a point of sale 6, the retailer server 7 or by its location being transmitted by the retail server 7 to the acquirer server 10. The card details and the location are then transmitted via telephone network 11 to a card issuer server 12.
The card issuer server 12 with which card 3 is associated, identifies in the data store 12a the mobile telephone number of the mobile telephone 16 of the card holder 2. The card issuer server 12 provides this information to the card location server 13 which then contacts the appropriate mobile telephone network 15. The card locator server may provide the location of the card reader 1 and enquire of the mobile telephone system, whether mobile telephone 16 is at the same location, or alternatively it may request the location of mobile telephone 16 which it then compares with the location of the card reader 1 provided by the card issuer server 12. n either case, the card location server advises the card issuer server 12 whether or not the mobile telephone 16 of card holder 2 is at the same location as a card reader 1, in to which the card holder's card 3 has been inserted. The card issuer server 12 uses this information together other criteria for authorising the transaction via the acquirer server 10, retailer server 7 and point of sale 6.
The card holder 2 may connect to the card issuer server 12 via the Internet 18 and his password protected online banking service and notify the card issuer server 10 of the location of terminal 17 from which he intends to make an online transaction. When the card holder 2 subsequently makes an online transaction, the online retailer 19 seeks authorisation, via line 20 and acquirer server 10, to the card issuer server 12. The card issuer server 12 ascertains if notification has been received in a predetermined period prior to the authorisation request and if it has the server 10 then determines the location of the card holder's mobile telephone 16, using the card location server 13 in the normal manner.
If the card location server indicates that the card holder's mobile telephone is at a location of the terminal 17, the card issuer server 12 authorises the transaction, if other criteria are also satisfied. If the card holder's mobile telephone 16 is not at the pre-notified location then the transactions is declined.
If the card holder wishes to temporarily modify the verification process then the card holder 2 connects to the card issuer server 12 via the Internet 18 and his password protected online banking service (or alternatively by phoning in to a telephone banking service) Internet 18 to notify the card issuer server 12 that he does not wish verification to be made using the location of his mobile telephone 16. He may do this for example when he has left his mobile telephone at home but still wishes to make transactions via his payment card 3. In this scenario, the card issuer server 12 suspends the verification process for a predetermined period of time, for example 24 hours, or until a predetermined time, for example 3am the day after notification is received from the card holder.
The card holder 2 may also contact the card issuer server to advise that he will be travelling to a foreign country and advise of the period for which he will be travelling to that country with his mobile telephone 16. The card issuer server 12 ascertains whether the telephone system of the country to be visited supports the necessary services for it to verify a transaction based on the location of the mobile telephone. If such services are supported, then transactions are verified in the normal manner. However if such services are not supported in that country, then the verification process relying on the position of the mobile telephone is suspended for the duration of the visit.
The invention has been described above by way of example only and it will be appreciated that the location and position of the various servers has been illustrated schematically for the purposes of explanation of the invention. Tt also will be apparent that a large number of alternative arrangements may be possible which fall within the scope of the appended claims.

Claims (18)

  1. -10 -Claims 1. A system for verification of a payment card transaction, the system comprising: a payment card reader associated with a retailer or merchant for receiving card details from a payment card; an acquirer scrvcr; and a payment card issuer sever, wherein: the payment card reader is arranged to transmit details of the payment card to the acquirer server as part of a transaction process; the acquirer server is arranged to identify from the card details the payment card issuer, to contact the card issuer server and provide the card issuer server with card details obtained from the payment card together with data from which the location of the payment card reader can be determined; the card issuer sever is arranged to store a plurality of mobile telephone numbers associated with respective card holders, identify the mobile telephone number of the card holder associated with the received card details, issue an enquiry regarding the location of a mobile telephone associated with that mobile number to a mobile telephone network and to authorise or decline the transaction depending, at least in part, on the location information received from the telephone network; and wherein the card issuer server has means for receiving a communication from the card holder, permitting the card holder to temporarily modify the verification process such that for a temporary period the location of the card holder's mobile telephone need not match the location of the card reader for a transaction to be authorised.
  2. 2. A system as claimed in Claim 1, wherein the card issuer server is arranged to provide the location of the payment card reader to the mobile telephone network and receive a response advising whether the mobile telephone is at the said location.
  3. 3. A system as claimed in Claim 1, wherein the card issuer server is arranged to request the location of the mobile telephone associated with the card holder and compares the location received from the telephone network with the location of the payment card reader.
  4. 4. A system as claimed in any preceding claim further comprising a card location server, wherein the card issuer server is arranged to issue an enquiry regarding the location of the mobile telephone by transmitting the location of the card to the card location server; the card location server being arranged to issue an enquiry to the appropriate telephone network and make a comparison of the location of the payment card reader and the location of the card holders mobile telephone supplied in response to the enquiry, establish if the locations are the same and communicate this to the card issuer server.
  5. 5. A system as claimed in Claim 4, wherein a comi-non card location server is arranged to respond to enquiries from of a plurality of different card issuer servers.
  6. 6. A system as claimed in any preceding claim, wherein the card issuer server is arranged to be accessed by the card holder via a password protected web portal.
  7. 7. A system as claimed in any preceding claim, wherein the card issuer server is arranged to be accessed by the card holder and receive from a card holder the location of a computer where the card holder will be located when making an online transaction, wherein the card issuer server is arranged for a set period thereafter to compare this location with the location of the card holder's mobile telephone if the card holder's card details are received from an online retailer or merchant requiring authorisation of a transaction in said period.
  8. 8. A system as claimed in any preceding claim, wherein the card issuer server is arranged to be accessed by the card holder and to receive details of any foreign country the card holder intends visiting and the period for which he will be in that country, wherein the card issuer server is arranged to require verification of the card holder's mobile telephone -12 -location from a telephone network responding to an enquiry relating to the location of the card holder's mobile telephone, or to suspend for the said period the requirement for such verification, in dependence on the telephone services supported in the country to which the card holder intends to travel.
  9. 9. A system as claimed in any preceding claim, wherein the card reader is a personal identification number (PIN) entry device.
  10. 10. A method of verifying a payment card transaction, the method comprising: receiving payment card details from a card reader associated with a retailer or merchant which has requested authorisation of a transaction and determining the location of the a payment card reader; comparing the payment card details with stored data and identifying a mobile telephone number of a card holder of the card; issuing an enquiry regarding the location of the mobile telephone having the said telephone number to an appropriate mobile telephone network; and authorising or declining the translation in dependence on, at least in part, the location information received in response to the enquiry, the method further comprising permitting the card holder to temporarily modify the verification process, such that for that temporary period the location of the card holder's mobile telephone need not match the location of the card reader for a transaction to be authorised.
  11. 11. A method as claimed in Claim 10 comprising transmitting the location of the payment card reader to the mobile telephone network and receiving a response from the mobile telephone network advising whether or not the card holder's mobile telephone is at the said location.
  12. 12. A method as claimed in Claim 10 comprising requesting the location of the card holder's mobile telephone from the telephone network and comparing this location with the location of the payment card reader.
    -
  13. 13 - 13. A method as claimed in any one of Claims 10 to 12 wherein the card may use a password protected web portal to temporarily modify the verification.
  14. 14. A method as claimed in any one of Claims 10 to 13, further comprising receiving from the card holder information relating to the location of a computer from where he intends to perform an online transaction, determining on receipt of a request for authorisation whether information relating to the location of a computer from where the card user intends to perform an online transaction has been received within a predetermined period prior to the request for the authorisation and, if it has, using this information to subsequently authorise an online transaction if the card holder's mobile telephone is at the specified location.
  15. 15. A method as claimed in any one of Claims 10 to 14, further comprising the step of determining whether the card holder is intending to travel to a foreign country and for what period, determining the telephone services supported in that country and suspending the requirement for verification for that period in dependence on the telephone services supported in that country.
  16. 16. A verification system for a payment card transaction, substantially as hereinbefore described, with reference to and/or as illustrated in one or more of the accompanying drawings.
  17. 17. A method of verifying a payment card transaction substantially as hereinbefore described with reference to and/or as illustrated in, one or more of the accompanying figures.
  18. 18. A card issuer sever arranged to store details relating to issued payment cards together with a plurality of mobile telephone numbers associated with respective card holders of the payment cards, the card issuer server being arranged to receive details relating to a payment card and identify the mobile telephone number of the card holder associated with the received card details, issue an enquiry regarding the location of a mobile telephone associated with that mobile number to a mobile telephone network and to -14 -authorise or decline the transaction depending, at least in part, on the location information received from the telephone network; wherein the card issuer server is arranged to receive a communication from the card holder and permit the card holder to temporarily modify the verification process, such that for a temporary period the location of the card holder's mobile telephone need not match the location of the card reader for the card issuer server to authorise a transaction in that period.
GB0905388A 2009-03-30 2009-03-30 Verification of a payment card transaction Withdrawn GB2469025A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB0905388A GB2469025A (en) 2009-03-30 2009-03-30 Verification of a payment card transaction

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB0905388A GB2469025A (en) 2009-03-30 2009-03-30 Verification of a payment card transaction

Publications (2)

Publication Number Publication Date
GB0905388D0 GB0905388D0 (en) 2009-05-13
GB2469025A true GB2469025A (en) 2010-10-06

Family

ID=40671904

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0905388A Withdrawn GB2469025A (en) 2009-03-30 2009-03-30 Verification of a payment card transaction

Country Status (1)

Country Link
GB (1) GB2469025A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2479131A (en) * 2010-03-29 2011-10-05 It Consultancy Solutions Ltd Fraud detection system for determining fraud risk associated with a transaction
US20120131121A1 (en) * 2009-07-31 2012-05-24 Finsphere,Inc Mobile communications message verification of financial transactions
GB2563608B (en) * 2017-06-20 2020-08-05 Soloprotect Ltd An identity card holder and system
US10776791B2 (en) 2007-03-16 2020-09-15 Visa International Service Association System and method for identity protection using mobile device signaling network derived location pattern recognition
US11405781B2 (en) 2007-03-16 2022-08-02 Visa International Service Association System and method for mobile identity protection for online user authentication

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116051105B (en) * 2023-02-18 2023-10-20 深圳市盛思达通讯技术有限公司 Payment processing method and system based on android consumer

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030135463A1 (en) * 2002-01-16 2003-07-17 International Business Machines Corporation Credit authorization system and method
WO2003063037A1 (en) * 2002-01-17 2003-07-31 Telia Ab (Pub) Procedure and system for verification of subscriptions
WO2007004224A1 (en) * 2005-07-05 2007-01-11 Mconfirm Ltd. Improved location based authentication system
US20070055785A1 (en) * 2005-09-02 2007-03-08 Qwest Communications International Inc. Location based authorization of financial card transactions systems and methods
WO2009009872A2 (en) * 2007-07-13 2009-01-22 Killswitch Systems Inc. Financial transaction system having location-based fraud-protection

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030135463A1 (en) * 2002-01-16 2003-07-17 International Business Machines Corporation Credit authorization system and method
WO2003063037A1 (en) * 2002-01-17 2003-07-31 Telia Ab (Pub) Procedure and system for verification of subscriptions
WO2007004224A1 (en) * 2005-07-05 2007-01-11 Mconfirm Ltd. Improved location based authentication system
US20070055785A1 (en) * 2005-09-02 2007-03-08 Qwest Communications International Inc. Location based authorization of financial card transactions systems and methods
WO2009009872A2 (en) * 2007-07-13 2009-01-22 Killswitch Systems Inc. Financial transaction system having location-based fraud-protection

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10776791B2 (en) 2007-03-16 2020-09-15 Visa International Service Association System and method for identity protection using mobile device signaling network derived location pattern recognition
US11405781B2 (en) 2007-03-16 2022-08-02 Visa International Service Association System and method for mobile identity protection for online user authentication
US20120131121A1 (en) * 2009-07-31 2012-05-24 Finsphere,Inc Mobile communications message verification of financial transactions
US9818121B2 (en) * 2009-07-31 2017-11-14 Visa International Space Association Mobile communications message verification of financial transactions
US10580009B2 (en) 2009-07-31 2020-03-03 Visa International Service Association Mobile communications message verification of financial transactions
GB2479131A (en) * 2010-03-29 2011-10-05 It Consultancy Solutions Ltd Fraud detection system for determining fraud risk associated with a transaction
GB2563608B (en) * 2017-06-20 2020-08-05 Soloprotect Ltd An identity card holder and system

Also Published As

Publication number Publication date
GB0905388D0 (en) 2009-05-13

Similar Documents

Publication Publication Date Title
US11195168B2 (en) Online transaction system
US7865448B2 (en) Methods and systems for performing credit transactions with a wireless device
US20180374090A1 (en) Consumer authentication system and method
US7131574B1 (en) Optical memory card based e-commerce business method
TW200306483A (en) System and method for secure credit and debit card transactions
US20090150248A1 (en) System for enhancing payment security, method thereof and payment center
US20020169713A1 (en) System and method for electronic transaction settlement
WO2009052196A1 (en) Onetime passwords for mobile wallets
EP3268913A1 (en) Payment card storing tokenized information
MX2007009329A (en) Secure transaction system.
CN101473344A (en) Consumer authentication system and method
CN105359179A (en) Mobile tokenization hub
JP2008518332A (en) Transaction system and method
CA2722933A1 (en) Device including form factor indicator
WO2003094375A1 (en) Charge approval and payment system
GB2469025A (en) Verification of a payment card transaction
CZ2007504A3 (en) Method of making payment transaction by making use of mobile terminal
WO2002025495A1 (en) A computerized method and system for a secure on-line transaction using cardholder authentication
US20240144283A1 (en) Systems and methods for authentication based on personal network
US20150278777A1 (en) Payment system
KR100762971B1 (en) System of Real-time Funds Transfer in Point of Sale Using Portable Recording Medium Storing Biometric Information, And Method Thereof, And Media That Can Record Computer Program for Method Thereof
JP2002042034A (en) Settlement determining device and method therefor, and settlement system using substitute for cash
US10769612B2 (en) System and method for customers initiated payment transaction using customer's mobile device and card
KR100711844B1 (en) Method for settlement with certification number via network and system thereof
US20020073315A1 (en) Placing a cryptogram on the magnetic stripe of a personal transaction card

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)