JP2013222444A - System and method for preventing illicit business transactions - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a computer-implemented method.SOLUTION: A computer-implemented method comprises: proving login authentication information associated with a transaction account, which is associated with a consumer, by using a computer-based system to reduce illicit business transactions; generating outputs including a link to a website associated with a dealer by using the computer-based system; transmitting data, indicating that the login authentication information has been proved, to the dealer by using the computer-based system; and authorizing an authorization request from the dealer associated with the transaction account by using the computer-based system.

Description

  The present disclosure relates to online commerce. More particularly, the present disclosure relates to reducing online fraudulent purchases.

  Purchasing goods and services or conducting financial transactions over the Internet allows consumers to shop easily and at will from anywhere at any time of the day. To. However, these purchases may be vulnerable to fraudulent activity, as consumers and credit cards or other transaction account devices are not required to be physically present at the time of purchase. Unauthorized purchases can be made using an account number, and the fraudulent nature of the purchase may not be discovered and its value cannot be recovered until after the goods or services have disappeared There are many.

  In the case of fraudulent business transactions, the burden often falls on one of the companies involved. In many cases, the merchant is responsible for repaying the purchase amount to the account holder. However, in some cases, the issuer of the transaction account is responsible for fraudulent purchases.

  Many attempts have been made to reduce the frequency of fraudulent purchase approvals. For example, many merchants ask consumers to enter a four-digit batch code ("4DBC") or expiration date on a credit card to prove that the consumer owns the card. Request. However, these numbers can also be obtained fraudulently, such as when a card is stolen.

  In some areas, transaction account issuers have established “3D safety systems” to combat fraud. In such a system, the consumer is typically required to pre-register the consumer's identity and password, and typically the consumer purchases the product online. When you are required to enter them. However, such 3D systems have failed to penetrate the market. Therefore, many online transactions often avoid 3D systems and the risk of fraud is hardly reduced.

  In situations where the account issuer is liable for fraudulent purchases without adequate fraud prevention, the account issuer shall not enter into an agreement with the merchant to use the account issuer's products. Can be determined. As a result, account issuers may have lost potential customers or commerce due to the performance limitations of their products. Therefore, there is a need to reduce the frequency of fraudulent purchases online.

  Systems, methods, and articles of manufacture for preventing fraudulent commercial transactions are disclosed. In various embodiments, the method may include verifying login credentials associated with the transaction account by a computer-based system for reducing fraudulent business transactions. A transaction account may be associated with a consumer. The method may include generating an output comprising a link to the merchant website. The method may further include transmitting data to the merchant indicating that the login authentication information has been verified. The method may include authorizing an authorization request from the merchant associated with the business transaction.

In various embodiments, the method may include transmitting a flag to the merchant. The flag may include information indicating that the login authentication information has been certified. The merchant may allow access to the merchant's website in response to detecting the flag.
For example, the present invention provides the following items.
(Item 1)
Verifying login credentials associated with a transaction account by a computer-based system for reducing fraudulent commerce, wherein the transaction account is associated with a consumer;
Generating an output comprising a link to a website associated with the merchant by the computer-based system;
Transmitting data indicating that the login authentication information has been proved to the merchant by the computer-based system;
Authorizing, by the computer-based system, an authorization request from the merchant associated with the transaction account.
(Item 2)
A method according to any of the preceding items, further comprising receiving an authorization request from the merchant by the computer-based system.
(Item 3)
Any of the preceding items further comprising determining, by the computer-based system, that the authorization request comprises data indicating that the login authentication information has been certified by the computer-based system. the method of.
(Item 4)
The method of any preceding item, further comprising determining by the computer-based system that a transaction account number associated with the authorization request is associated with the transaction account.
(Item 5)
The method of any of the preceding items, further comprising determining by the computer-based system that the authorization request is associated with the certified login credentials.
(Item 6)
A method according to any preceding item, further comprising determining by the computer-based system that the consumer is associated with the authorization request.
(Item 7)
The method of any of the preceding items, further comprising: determining by the computer-based system that the login credentials, transaction account number, and a four-digit batch code are associated with the consumer.
(Item 8)
The authorization includes data indicating that the login authentication information is proved by the computer-based system and that a transaction account number in the authorization request is associated with the transaction account. A method according to any of the preceding items, comprising determining by what the computer-based system comprises.
(Item 9)
A method according to any of the preceding items, further comprising transmitting an authorization response to the merchant.
(Item 10)
Any of the preceding items further comprising providing, by the computer-based system, access to an account management page associated with the transaction account in response to the login credentials being verified. Method.
(Item 11)
The method according to any of the preceding items, wherein the data indicating that the login authentication information has been certified comprises a flag.
(Item 12)
The method according to any of the preceding items, wherein the flag comprises an algorithm.
(Item 13)
The method according to any of the preceding items, wherein the flag identifies the type of transaction account.
(Item 14)
A method according to any of the preceding items, wherein the flag comprises a third party globally unique identifier.
(Item 15)
A method according to any of the preceding items, further comprising transmitting a request for certification to the merchant by the computer-based system.
(Item 16)
The method of any of the preceding items, wherein the merchant authorizes access to a protected website in response to the consumer determining that it has proved the login credentials.
(Item 17)
The method of any preceding item, further comprising transmitting a request for certification to the portable consumer device by the computer-based system.
(Item 18)
The method of any of the preceding items, wherein the merchant prevents the consumer from accessing the website in response to not detecting a flag.
(Item 19)
A processor to reduce fraudulent transactions,
A non-transitory tangible memory configured to communicate with the processor, comprising:
The non-temporary tangible memory is responsive to execution by the processor,
Proving login credentials associated with a transaction account by the processor, wherein the transaction account is associated with a consumer;
Generating an output with the processor with a link to a website associated with the merchant;
Transmitting the data indicating that the login authentication information has been proved to the merchant by the processor;
A system for storing instructions in the non-temporary tangible memory that cause the processor to perform an operation including authorizing by the processor an authorization request from the merchant associated with the transaction account.
(Item 20)
In response to execution by a computer-based system to reduce fraudulent commerce, including a non-transitory tangible computer-readable storage medium,
Verifying login credentials associated with a transaction account by the computer-based system, wherein the transaction account is associated with a consumer;
Generating an output comprising a link to a website associated with the merchant by the computer-based system;
Transmitting data indicating that the login authentication information has been proved to the merchant by the computer-based system;
The non-transitory tangible computer-readable instructions that cause the computer-based system to perform an action involving authorizing by the computer-based system an authorization request from the merchant associated with the transaction account Manufactured product stored in a simple storage medium.
SUMMARY Systems, methods, and articles of manufacture for preventing fraudulent commercial transactions are disclosed. The issuer of the transaction account may allow the consumer to access the consumer's online account by certifying login credentials. The issuer of the transaction account may provide the consumer with a link to a third party merchant. The transaction account issuer may transmit data to the merchant indicating that the transaction account issuer has verified the login credentials. The data may comprise a flag. In response to identifying the flag, the merchant may allow the consumer to access the protected merchant's website. Consumers may conduct financial transactions through a protected merchant website.

A system for reducing fraudulent purchases according to various embodiments is described. FIG. 6 illustrates a process flow diagram for reducing fraudulent purchases in accordance with various embodiments. FIG. 6 illustrates a process flow diagram for reducing fraudulent purchases in accordance with various embodiments. A computer system that can be used in various embodiments is described.

  The detailed description of exemplary embodiments herein refers to the accompanying drawings and images that illustrate various embodiments by way of example. These various embodiments have been described in sufficient detail to enable those skilled in the art to practice the disclosure, but other embodiments may be implemented and logical changes and It should be understood that mechanical changes may be made without departing from the spirit and scope of the present disclosure. Accordingly, the detailed description herein is for illustrative purposes only and is not intended to be limiting. For example, the steps recited in any of the descriptions of methods or processes may be performed in any order and are not limited to the order presented. Further, any of the functions or steps may be outsourced to one or more third parties or performed by one or more third parties. In addition, all singular references may include a plurality of embodiments, and all references to two or more components may include a singular embodiment.

  The terms consumer, customer, account holder, card member, etc. can be any person, organization, government organization, company associated with the account, whether or not the physical card is associated with the transaction account. Including machines. For example, a consumer may be a transaction account owner, transaction account user, account subscriber, child account user, auxiliary account user, account beneficiary, account administrator, and / or transaction. It may include any other person or organization affiliated or associated with the account.

  Transaction account issuers may allow consumers to access their accounts online. Consumers may be required to enter an identity and password in order to access their account. There are many other ways to access an online account in the art and they are compatible with the present disclosure. When the consumer accesses his account, the consumer can be presented with various management options. For example, the consumer may make payments, send money, or update account settings.

  In various embodiments, after the identity and password are verified, the consumer may be presented with an option to purchase goods or services or to conduct a financial transaction through a third party merchant. The consumer may choose to select a link or indicate a decision to buy the desired product or buy from the desired merchant. The consumer may be directed to a merchant's website that sells or provides the desired goods or services.

  In various embodiments, by accessing the merchant's website via the consumer's online transaction account, the merchant confirms that the consumer has already been authenticated and verified with the account issuer. You can be notified. The consumer may then enter information related to the transaction account, such as a transaction account number, a four digit batch code (4DBC), and / or an expiration date. The merchant may transmit the transaction information to the account issuer, and the account issuer may confirm that the transaction account number, 4DBC, expiration date, and / or other information has been previously verified and verified. It may prove that it is associated with a password. In response to proving the business transaction information, the account issuer may transmit an approval message to the third party service provider.

  With reference to FIG. 1, the system will be described in accordance with various embodiments. Web client 110 may include any device (eg, a personal computer) that communicates through any network, such as, for example, the networks discussed herein. Web client 110 may comprise internet browsing software installed on a computer computing unit or system for online commerce and / or communication. These computer computing units or systems may take the form of a single computer or a set of computers, but may be laptops, notebooks, tablets, handheld computers, mobile terminals, set top boxes, workstations , Computer servers, main frame computers, small computers, PC servers, pervasive computers, computer network suites, personal computers such as iPad, iMac, and MacBook, information kiosk terminals, terminals, point-of-sale (POS) devices And / or other types of computer computing units or systems including terminals, televisions, or any other device capable of receiving data over a network , It may also be used. Web client 110 may run Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Apple Safari, or any other of a myriad of software packages available for browsing the Internet.

  Web client 110 may communicate with transaction account issuer 120. Transaction account issuer 120 may comprise at least a computer, a server, a database, and / or software. Web client 110 and transaction account issuer 120 may communicate with merchant 140. The merchant 140 may comprise at least a computer, a server, a database, and / or software. The flag certification module 130 may communicate with the merchant 140. The flag certification module 130 may include software that can identify a flag in data transmission.

  Transaction account issuer 120 may communicate with database 150. Database 150 may include hardware, software, or a combination of both. Database 150 may store information including usernames and passwords, account information, and / or fraud data.

  Any database discussed herein may include a relational structure, a hierarchical structure, a graph structure, an object-oriented structure, and / or any other database configuration. Common database products that can be used to implement the database are DB2 by IBM (Armonk, NY), various database products available from Oracle Corporation (Redwood Shores, CA), Microsoft Corporation (Redmond, Washington) Includes MySQL by Microsoft Access or Microsoft SQL Server, MySQL AB (Uppsala, Sweden), or any other suitable database product. Further, the database may be organized in any suitable manner, such as, for example, a data table or a lookup table. Each record may be a single file, a series of files, a series of linked data fields, or any other data structure. The specific data association may be achieved by any desired data association technique, such as an association technique known in the art or an association technique performed in the art. For example, the association may be accomplished either manually or automatically. Auto-association techniques, for example, database search; database fusion; GREP; AGREP; SQL; use key fields in tables to accelerate searches; sequential search through all tables and files; Sorting the records in the file according to a known order to do so. The associating step may be accomplished by a database fusion function, for example using a “key field” in a pre-selected database or data sector. Various database tuning steps are contemplated to optimize database performance. For example, frequently used files such as indexes may be placed on separate file systems to reduce input / output (I / O) failures.

  Various system components may communicate over a network. As used herein, the term “network” includes any cloud, cloud computing system, or electronic communication system, or method of incorporating hardware and / or software components. The communication between the parties is, for example, a telephone network, an extranet, an intranet, the Internet, an interconnection point device (store point-of-sale information management device, portable terminal (for example, iPhone (registered trademark), Palm Pilot (registered trademark), Blackberry ( Registered trademark)), mobile phone, information kiosk terminal, etc.), online communication, satellite communication, offline communication, wireless communication, transponder communication, local area network (LAN), wide area network (WAN), virtual private Through any suitable communication channel, such as a network (VPN), networked or linked device, keyboard, mouse, and / or any suitable communication or data entry format It can be achieved. Further, although the system is frequently described herein as implementing a TCP / IP communication protocol, the system can also be IPX, Appletalk, IP-6, NetBIOS, OSI, any tunneling protocol (eg, IPsec). SSH), or any number of existing or future protocols. If the network is of the nature of a public network such as the Internet, it may be advantageous to assume that the network is not secure and is open to eavesdroppers. Specific information regarding the protocols, standards, and application software utilized in connection with the Internet is generally known to those skilled in the art and need not be described in detail herein. For example, Internet Standards and Protocols by Dilip Naik (1998); Java 2 Complete by Various Authors (Sybex 1999); Mastering HTML 4.0 by Deborah Ray and Eric Ray and TCP by IP (Lin); See Clearly Expanded (1997); and HTTP, The Defined Guide (2002) by David Gourley and Brian Totty. These contents are incorporated by reference.

  Merchant 140 and transaction account issuer 120 may be interconnected via a second network called a payment network. A payment network that can be part of a particular transaction refers to an existing proprietary network that currently accepts transactions for credit cards, debit cards, and other types of financial / bank cards. The payment network may be a closed network that is considered safe from eavesdroppers. Exemplary commerce networks may include American Express®, VisaNet®, and Veriphone® networks.

  With reference now to FIGS. 2-3, the depicted process flow is merely an embodiment and is not intended to limit the scope of the present disclosure. For example, the steps recited in any of the method or process descriptions may be performed in any order and are not limited to the order presented. It will be understood that the following description provides an appropriate reference to the various system components described above with reference to FIG. 1, as well as the steps and user interface elements depicted in FIGS. Is done.

  With reference to FIG. 2, a flowchart is described in accordance with various embodiments. Consumers may attempt to access their online transaction accounts. The account can be accessed by the Internet, for example, by the web client 110. The consumer may access the transaction account by entering a URL, selecting a link, or any other method known in the art.

  In step 210, the consumer may be instructed to enter login credentials to access the consumer's account. The login authentication information may comprise identity verification, such as a user name, account number, or any other information that identifies the consumer. The consumer may also be instructed to enter a password that confirms that the consumer is authorized to access the transaction account online. In step 220, in response to an identity verification and password that matches a transaction account managed by the account issuer, the consumer may be allowed to access the transaction account online.

  Once the consumer is granted access, the consumer can perform various functions associated with the transaction account. For example, the consumer may check the balance, make a payment, transfer money, or perform any other function known in the art. In various embodiments, the transaction account issuer 120 further presents the consumer with an option to purchase goods from a third party merchant. For example, in step 230, the issuer of the transaction account may present the consumer with a link to a third party merchant website.

  In step 240, in response to the consumer selecting a link to the merchant website, the transaction account issuer 120 may transfer the consumer to the protected merchant website. In step 250, the issuer of the transaction account may transmit a message including a flag to the merchant 140. The flag may include information indicating that the consumer has authenticated the login authentication information with the transaction account issuer 120. The flag may include additional information about the consumer, such as account status, purchase history, payment history, or any other information that may be beneficial to provide the consumer with an optimal purchase history. The flag may include an algorithm that indicates authentication of login authentication information and other information about the transaction account.

  In various embodiments, the flag may include a third party globally unique identifier (TPGUID). The TPGUID may include a unique reference number that is used as an identifier. The TPGUID may be displayed as a 32 character hexadecimal string. The flag may include a plastic color code (PCC). The PCC may indicate what type of account the consumer has with the transaction account issuer 120, such as platinum, gold, for example.

  Data transmitted to a protected merchant website (or any other data discussed herein) may be encrypted. For example, the data may be encrypted using Triple DES. The Triple DES may include a Triple Data Encryption Algorithm block cipher that applies a data encryption standard cryptographic algorithm to each data block three times.

  In various embodiments, the protected merchant website may be similar to the merchant's regular website. However, the protected merchant website is not protected by the consumer unless it has been transferred from the transaction account issuer 120 after certifying their login credentials. May prevent you from accessing. In various embodiments, merchant 140 may check a flag associated with a consumer attempting to access a protected merchant website. In response to not detecting the flag, merchant 140 may deny access to the consumer. In step 260, in response to detecting the flag, the merchant may grant access to the consumer.

  In various embodiments, the flag certification module 130 associated with the protected merchant website verifies that the flag is present. In response, the consumer may be allowed to access a protected merchant website. The consumer may select a desired transaction account and enter transaction account information. In various embodiments, merchant 140 may allow a consumer to pay using a transaction account. However, in various embodiments, the merchant may only accept payments from the transaction account associated with the flag.

  In step 270, in response to receiving the transaction account information, the merchant may transmit an authorization request to the transaction account issuer 120. In various embodiments, the authorization request may indicate that the flag associated with the transaction account has been identified by the merchant 140. At step 280, the transaction account issuer 120 may perform an authorization analysis on the authorization request and may transmit an authorization response to the merchant 140 at step 290.

  Referring to FIG. 3, in various embodiments, the consumer may directly access the consumer's regular website. Typically, the consumer may shop until the consumer is instructed to select the desired business transaction and enter payment information. In order to pay using a particular transaction account, the merchant 140 must first go to the account management page of the transaction account issuer and enter identifying information about the transaction account. May be notified. In various embodiments, the merchant 140 may instruct the consumer to enter a transaction account number and responds to the transaction account issuer 120 determining that it requires a further level of fraud prevention. The consumer can then be automatically directed to an account management page to enter identification information.

  In step 310, in response to the consumer determining that it is attempting to pay using a particular transaction account, merchant 140 may transmit a notification message to transaction account issuer 120. . In step 320, the transaction account issuer 120 may transmit a request for certification to the merchant or website client 110. The request for proof may appear in an inline frame or pop-up message on the merchant website. The request for certification may include a site key associated with the consumer. The site key may be an image or other symbol that the consumer has previously associated with the transaction account. The request for proof may require the consumer to enter a username and password associated with the transaction account. The request for certification may include transmitting a unique code to a portable consumer device such as a mobile phone and requesting the consumer to enter the unique code.

  The consumer may enter login credentials and submit them to the transaction account issuer 120. In step 330, the transaction account issuer 120 may verify the login credentials, and in step 340, in response to the transaction account issuer 120 certifying the login credentials, the transaction account issuer 120 Issuer 120 may transmit a certification response to merchant 140 indicating that the authentication information has been certified. The certification response may include a flag indicating that the authentication information has been certified. In step 350, the merchant 140 may transmit an authorization request to the transaction account issuer 120, which parses the request and sends an authorization response comprising a request message or a rejection message to the merchant 140. May be transmitted.

  In various embodiments, in response to the transaction account issuer 120 proving login credentials, the consumer may be transferred to a protected merchant website. The merchant 140 may transmit an authorization request to the transaction account issuer 120, and the transaction account issuer 120 may transmit an authorization response to the merchant 140.

  In various embodiments, the present disclosure is directed to one or more computer systems capable of performing the functions described herein. An example of a computer system 400 is shown in FIG.

  Computer system 400 includes one or more processors 402. The processor 402 is connected to a communication infrastructure 404 (eg, a communication bus, crossover bar, or network). Various software embodiments are described in terms of this exemplary computer system. After reading this description, it will be apparent to a person skilled in the art how to implement the present disclosure using other computer systems and / or architectures. The computer system 400 can include a display interface 406 that transfers graphics, text, and other data from the communications infrastructure 404 (or a frame buffer not shown) for display on the display unit 408.

  Computer system 400 also includes main memory 410, preferably random access memory (RAM), and may include secondary memory 412. Secondary memory 412 may include, for example, a hard disk drive 414 and / or a removable storage drive 416, such as a floppy disk drive, magnetic tape drive, optical disk drive, information storage device, and the like. . The removable storage drive 416 reads from and / or writes to the removable storage unit 418. The removable storage unit 418 refers to a floppy (registered trademark) disk, a magnetic tape, an optical disk, or the like that is read or written by the removable storage drive 416. Removable storage unit 418 includes a computer usable storage medium that stores computer software and / or data therein.

  In alternative embodiments, secondary memory 412 may include other similar devices for causing computer system 400 to load computer programs or other instructions. Such a device may include, for example, a removable storage unit, 418, 420, and an interface 422. Examples of secondary memory 412 are a removable memory chip (eg, erasable programmable read only memory (EPROM) and / or programmable read only memory (PROM)), removable, with a program cartridge and cartridge interface, associated sockets. A storage unit 418, 420 and / or an interface 422 that allows software and data to be communicated from the removable storage unit 418, 420 to the computer system 400.

  Computer system 400 may also include a communication interface, such as network interface 424. The network interface 424 transmits software and data between the computer system 400 and external devices. Examples of communication interfaces may include modems, network interfaces (eg, Ethernet cards), communication ports, PC Memory Card International Association (PCMCIA) slots and cards, and the like. The software and data communicated via the communication interface is in the form of a signal 426 that can be an electronic signal, an electromagnetic signal, an optical signal, or other signal that can be received by the communication interface. These signals are provided to the communication interface via a communication path 428 (eg, channel). Communication path 428 carries signal 426 and may be implemented using wires or cables, fiber optics, telephone lines, cellular links, radio frequency (RF) links, and / or other communication channels.

  In this document, the terms “computer program medium” and “computer usable medium” generally refer to media such as a removable storage drive, such as a hard disk installed in hard disk drive 414, and signal 426. Used to refer to These computer program products provide software to computer system 400. The present disclosure relates to such computer program products.

  Computer programs (also called computer control logic) are stored in main memory 410 and / or secondary memory 412. The computer program may also be received via a communication interface. Such a computer program, when executed, enables the computer system 400 to perform functions as described herein. In particular, the computer program, when executed, enables the processor 402 to perform functions. Therefore, such a computer program means a controller of the computer system 400.

  In embodiments in which the present disclosure is implemented using software, the software is stored in a computer program product using the removable storage device 416, hard drive 414, or network interface 424 and stored in the computer system 400. May be loaded. Control logic (software), when executed by processor 402, causes processor 402 to perform the functions of the present disclosure as described herein.

  Systems, methods, and computer program products are provided. In the detailed description herein, references to “various embodiments”, “one embodiment”, “embodiments”, “exemplary embodiments”, etc., refer to specific features described by the embodiments described. It is shown that all embodiments may not necessarily include that particular function, structure, or property, although it may include that feature, structure, or property. Moreover, such phrases are not necessarily referring to the same embodiment. Further, when a particular function, structure, or characteristic is described with respect to an embodiment, such function, structure, or characteristic may be defined with respect to other embodiments, whether or not explicitly described. It is believed that achieving is within the knowledge of one of ordinary skill in the art. After reading this description, how to implement the present disclosure in alternative embodiments will be apparent to those skilled in the art.

  In various embodiments, the methods described herein are implemented using various specific machines described herein. As will be readily appreciated by those skilled in the art, the methods described herein may be implemented using the particular machine described and the machine to be developed in any suitable combination. Further, as will be apparent from the present disclosure, the methods described herein can result in various changes to a particular item.

  For simplicity, conventional data networking, application development, and other functional aspects of the system (and components of the individual operational components of the system) may not be described in detail herein. . Further, the connecting lines shown in the various figures contained herein are intended to represent exemplary functional relationships and / or physical coupling between various elements. Note that many alternative or additional functional relationships or physical connections may exist in a real system.

  Various system components discussed herein include: a host server or other computer computing system that includes a processor for processing digital data; a memory coupled to the processor for storing digital data; An input digitizer coupled to the processor for inputting digital data; an application program stored in memory and accessible by the processor to direct the processing of the digital data by the processor; derived from the digital data processed by the processor A display device coupled to the processor and memory to display the information; and one or more of a plurality of databases. The various databases used herein may include client data, merchant data, financial institution data, and / or similar data useful in the operation of the system. As will be appreciated by those skilled in the art, the user's computer can be an operating system (e.g., Windows (R) NT, Windows (R) 95/98/2000, Windows (R) XP, Windows (R) Vista, Windows® 7, OS2, UNIX®, Linux®, Solaris, MacOS, etc.) as well as various conventional support software and drivers typically associated with computers .

  In various embodiments, the server may include an application server (eg, WEB SPHERE, WEB LOGIC, JBOSS). In various embodiments, the server may include a web server (eg, APACHE, IIS, GWS, SUN JAVA® SYSTEM WEB SERVER).

  The employee understands that the web client may or may not contact the application server directly. For example, a web client may access application server services through another server and / or hardware component that may be in direct or indirect contact with an Internet server. For example, a web client may communicate with an application server via a load balancer. In the exemplary embodiment, access is via a network or the Internet via a commercially available web browser software package.

  As will be appreciated by those skilled in the art, the web client can be an operating system (e.g., Windows (R) NT, 95/98/2000 / CE / Mobile, OS2, UNIX (R), Linux (R), Solaris, As well as various conventional support software and drivers typically associated with a computer. Web clients may include any suitable personal computer, network computer, workstation, mobile terminal, mobile phone, smart phone, small computer, mainframe, etc. The web client may be in a home or business environment with access to the network. In the exemplary embodiment, access is via a network or the Internet via a commercially available web browser software package. Web clients may implement security protocols such as secure socket layer (SSL) and transport layer security (TLS). A web client may implement a number of application layer protocols including http, https, ftp, and sftp.

  In various embodiments, the components, modules, and / or engines of system 100 may be implemented as micro-applications or micro-apps. Micro-apps are typically associated with mobile operating systems, including, for example, Palm mobile operating system, Windows mobile operating system, Android operating system, Apple iOS, Blackberry operating system, etc. Deployed. The micro-app may be configured to enhance the larger operating system and associated hardware resources through a set of predetermined rules that govern the operation of various operating systems and hardware resources. For example, if a micro-app wishes to communicate with a device or network other than a mobile device or mobile operating system, the micro-app will operate under the predetermined rules of the mobile operating system and the operating system and associated The device hardware communication protocol may be enhanced. In addition, if the micro application wants input from the user, it monitors various hardware components and then requests a response from the operating system that communicates the detected input from the hardware to the micro application. The micro-app may be configured.

  Various system components are typically used in connection with standard modem communications, cable modems, Dish networks, ISDN, digital subscriber lines (DSL), or various wireless communication methods, for example, It may be appropriately coupled to the network independently, separately or collectively via a data link including a connection to an Internet service provider (ISP) via a local loop. See, for example, Gilbert Held, Understanding Data Communications (1996). That document is incorporated by reference. It should be noted that the network may be implemented as other types of networks such as interactive television (ITV) networks. In addition, the system contemplates the use, sale, or distribution of any goods, services, or information by any network that has similar functionality described herein.

  “Cloud” or “cloud computing” is a reconfigurable computer resource (eg, network, server, storage, application, etc.) that can be quickly delivered and published with minimal administrative effort or service provider interaction. And a model that allows convenient on-demand network access to a shared pool of services). Cloud computing can include location-dependent computer calculations, whereby shared servers provide resources, software, and data to computers and other devices on demand. For more information on cloud computing, see http: // csrc. nist. gov / groups / SNS / cloud-computing / cloud-def-v15. See the NIST (National Institute of Standards and Technology) cloud computing definition in doc (last visit on February 4, 2011). That document is incorporated by reference in its entirety.

  Systems related to web services, utility computing, pervasive computing and individualized computing, security and identity solutions, automated computing, cloud computing, commodity computing, mobility and wireless solutions, open source Contemplate use of biometrics, grid computing, and / or mesh computing.

  A “key field” may partition a database according to a high-level class of objects defined by the key field. For example, a particular type of data can be designated as a key field in multiple related data tables, and then the data tables can be linked based on the type of data in the key field. The data corresponding to the key fields in each of the linked data tables is preferably the same or of the same type. However, data tables that are not identical in the key field but have similar data may also be linked, for example by using AGREP. In accordance with one embodiment, any suitable data storage technology may be utilized to store data without using a standard format. A dataset is a domain in which, for example, an ISO / IEC 7816-4 file structure is used to store individual files, and a dedicated file is selected to open one or more basic files containing one or more datasets. Using a data set stored in individual files using a hierarchical filing system (compressed file, SQL accessible file, one or more keys by a first tuple, ie Data sets, binary large objects (BLOB), ISO / IEC 7816-6 data elements stored as records in a single file (including numeric keys, files hashed via alphanumeric keys, etc.) Stored as ungrouped data elements encoded using, Stored as ungrouped data elements encoded using ISO / IEC Abstract Syntax Rules (ASN.1) as in ISO / IEC 8824 and 8825, and / or fractal compression methods, image compression It may be stored using any suitable technology, including other proprietary technologies that may include law and the like.

  In various embodiments, the ability to store a wide variety of information in different formats is facilitated by storing the information as a BLOB. In this way, any binary information can be stored in the storage space associated with the data set. As discussed above, the binary information can be stored on the financial transaction instrument or closely associated with the financial transaction instrument, but can be stored external to the financial transaction instrument. The BLOB method uses a fixed storage allocation, cyclic queuing technique, or any of the best implementations for memory management (eg, called memory, least recently used memory, etc.) Data sets may be stored as ungrouped data elements formatted as blocks of binary data via memory offsets. By using the BLOB method, the ability to store various data sets having different formats facilitates data storage associated with financial transaction instruments by multiple unrelated owners of the data set. For example, a first data set that can be stored can be provided by a first party, a second data set that can be stored can be provided by an unrelated second party, and a third data set that can be stored. May be provided by a third party unrelated to the first and second parties. Each of these three exemplary data sets may include different information stored using different data storage formats and / or different data storage technologies. Further, each data set may include a subset of data, and the subset of data may also be distinct from other subsets.

  As described above, in various embodiments, data can be stored without considering a common format. However, in one exemplary embodiment, a data set (eg, BLOB) may be annotated in a standard manner when provided to manipulate data in a financial transaction instrument. The annotation may comprise a short header, trailer, or other suitable indicator for each data set configured to convey information useful in managing the various data sets. For example, annotations may be referred to herein as “condition headers”, “headers”, “postscripts”, or “statuses”, and may include a display of the status of a data set, even if a particular publication of data It may include an identifier that is correlated to the owner or owner. In one example, the first 3 bytes of each data set BLOB indicates the status of that particular data set, such as loaded, initialized, ready, blocked, removable, or deleted. Or may be configurable. The next byte of data may be used, for example, to indicate the issuer, the user's identity, the commerce / member account identifier, and the like. Each of these condition annotations is further discussed herein.

  Data set annotations may also be used for various other purposes as well as other types of status information. For example, the annotation of the dataset may include security information that establishes an access level. For example, the access level is specified to allow only certain individuals, employee levels, companies, or other organizations to access the data set or based on commerce, merchants, issuers, users, etc. May be configured to allow access to the data set. Further, the security information may restrict / allow only certain actions such as accessing the data set, modifying the data set, and / or deleting the data set. In one example, data set annotation may allow only the data set owner or user to delete the data set and allow various identified users to access the data set for reading. , And all others are shown to be excluded from accessing the data set. However, other access restriction parameters may also be used, allowing different organizations to access the data set with different tolerance levels as needed.

  Data that includes a header or trailer may be received by a standalone interaction device configured to add, delete, modify, or augment data according to the header or trailer. Thus, in one embodiment, the header or trailer is not stored on the commerce device along with the relevant data owned by the publisher, but instead the user of the commerce instrument on the stand-alone device has the appropriate options for the action to be performed. Appropriate actions can be taken. The system may contemplate a data storage device in which a data header or trailer, or a history of data header or trailer, is stored in a commerce instrument in association with appropriate data.

  For security reasons, any database, system, device, server, or other component of the system may consist of any combination thereof in a single location or multiple locations, each database or system being Those skilled in the art will also appreciate that they include any of a variety of suitable security features such as, for example, firewalls, access codes, encryption, decryption, compression, decompression, and the like.

  Encryption is a technology that is currently available or may be available in the art, such as Twofish, RSA, El Gamal, Schorr signature, DSA, PGP, PKI, GPG (GnuPG), and symmetric cryptosystems and It may be performed by any one of asymmetric cryptosystems.

  The computer computing unit of the web client 110 may further be equipped with an internet browser connected to the internet or intranet using standard dialup, cable, DSL, or any other internet protocol known in the art. A commerce transaction initiated at the web client may pass through a firewall to prevent unauthorized access from users of other networks. In addition, additional firewalls may be deployed between the various components of the system 100 to further increase security.

  A firewall may include any hardware and / or software suitably configured to protect system 100 components and / or corporate computer resources from users of other networks. Further, the firewall may be configured to limit or restrict access to various systems and components after the firewall for web clients connecting through a web server. The firewall may exist in various configurations including stateful inspection, proxy-based, access control lists, packet filtering, and the like. The firewall may be integrated into the web server or any other component of the system 100, or may further exist as a separate entity. The firewall may implement network address translation (“NAT”) and / or network address port translation (“NAPT”). The firewall may adapt various tunneling protocols, such as those used in virtual private networking, to facilitate secure communications. A firewall may implement a demilitarized zone (“DMZ”) to facilitate communication with public networks such as the Internet. The firewall may be integrated as software in the Internet server or any other application server component, in a separate computing device, or in the form of a stand-alone hardware component.

  The computers discussed herein may provide a suitable website or other internet-based graphical user interface accessible by the user. In one embodiment, the Microsoft Internet Information Server (IIS), the Microsoft Transaction Server (MTS), and the Microsoft SQL Server, the Microsoft SQL Server, the Microsoft SQL Server, the Microsoft SQL Server, the Microsoft SQL Server, and the Microsoft SQL Server. Used. In addition, components such as Access or Microsoft SQL Server, Oracle, Sybase, Inform MySQL, Interbase, etc. may be used to provide a database management system compatible with Active Data Object (ADO). In one embodiment, the Apache web server is used in conjunction with the Linux operating system, the MySQL database, and the Perl, PHP, and / or Python programming languages.

  Any of the communications, inputs, storage, databases, or displays discussed herein can be facilitated through a website having web pages. The term “web page”, as used herein, is not meant to limit the types of documents and applications that can be used to interact with a user. For example, typical websites include standard HTML documents, Java applets, JavaScript, active server pages (ASP), common gateway interface scripts (CGI), It may include various formats such as Extensible Markup Language (XML), Dynamic HTML, Cascading Style Sheet (CSS), AJAX (Asynchronous JavaScript (XML) And XML), helper application, and plug-in. The server may include a web server that receives requests from the web server, the request including a URL (http://yahoo.com/stockquotes/ge) and an IP address (123.56.789.234). The web server retrieves the appropriate web page and sends the data or application for the web page to the IP address. Web services are applications that can interact with other applications via communication means such as the Internet. Web services are typically based on standards or protocols such as XML, SOAP, AJAX, WSDL, and UDDI. Web service methods are well known in the art and are addressed in many standard textbooks. See, for example, Alex Nghiem, IT Web Services: A Roadmap for the Enterprise (2003). That textbook is incorporated herein by reference.

  The middleware may include any hardware and / or software suitably configured to facilitate communication between heterogeneous computer systems and / or to process business transactions. Middleware components are commercially available and known in the art. The middleware may be implemented through commercially available hardware and / or software, through custom hardware and / or software components, or a combination thereof. Middleware may exist in various configurations and may exist as a stand-alone system or a software component that resides on an Internet server. The middleware may be configured to process commerce transactions between various components of the application server and any number of internal or external systems for any of the purposes disclosed herein. IBM, Inc. WebSphere MQTM (formerly MQSeries) by (Armonk, NY) is an example of a commercially available middleware product. An enterprise service bus (“ESB”) application is another example of middleware.

  Employees also understand that there are many ways to display data in browser-based documents. The data may be displayed as standard text or in a list, scrollable list, drop-down list, editable text area, text area, pop-up window, and the like. Similarly, there are a number of methods available for modifying data in a web page, such as free text entry using a keyboard, menu item selection, check boxes, option boxes, and the like.

  The system and method may be described herein in terms of functional block components, screenshots, option selections, and various processing steps. It should be understood that such functional blocks may be implemented by any number of hardware and / or software components configured to perform a particular function. For example, the system may include various integrated circuit components, such as memory elements, processing elements, logic elements, look-up tables, that may perform various functions under the control of one or more microprocessors or other control devices. Etc. may be used. Similarly, the software elements of the system are C, C ++, C #, Java (registered trademark), JavaScript (registered trademark), VB Script, Macromedia Cold Fusion, COBOL, Microsoft Active Server Pages, Assembly, PERRw, PH, PRLw. Implemented in any programming or scripting language such as Visual Basic, SQL Stored Procedures, PL / SQL, any UNIX shell script, and extensible markup language (XML). It may be implemented with any combination of objects, processes, routines, or other programming elements. Furthermore, it should be noted that the system may utilize any number of conventional techniques for data transmission, signaling, data processing, network control, and the like. Still further, the system can be used to detect or prevent security issues related to client side scripting languages such as JavaScript, VBSscript, and the like. For a basic introduction to cryptography and network security, see one of the following references: (1) “Applied Cryptography: Protocols, Algorithms, CedS, by Bruce Schneier, published by John Wiley & Sons. In C, "(2nd edition, 1995); (2), published by O'Reilly & Associates," Java (R) Cryptography "by Jonathan Knudson (1998); (3) Published by Prentice Hall. "Cryptography & Network Securit by William Stallings : Principles & Practice ". All of these references are incorporated by reference.

  As used herein, the terms “end user”, “consumer”, “customer”, “cardholder”, “company”, or “merchant” may be used interchangeably. Each means any person, organization, government organization, company, machine, hardware, and / or software. The bank can be part of the system, but the bank is a credit card company that has a contract with a financial institution, a company that sponsors the card, or other types of card issuers such as third party issuers. May be represented. It is further noted that other participants, such as interim clearing houses, may be included in some stage of commerce, but these participants are not shown.

  As will be appreciated by those skilled in the art, the system 100 is a custom-made product of an existing system, an add-on product, a processing device that runs upgraded software, a stand-alone system, a distributed system, a method, a data processing system, data It may be embodied as a device for processing and / or a computer program product. Thus, any portion or module of system 100 may be a processor, an Internet-based embodiment, a fully hardware embodiment that executes code, or an embodiment that combines aspects of the Internet, software, and hardware. You may take Further, the system may take the form of a computer program product on a computer readable storage medium having computer readable program code means embodied in the storage medium. Any suitable computer readable storage medium may be utilized including hard disks, CD-ROMs, optical storage devices, magnetic storage devices, and the like.

  Systems and methods are described herein with reference to block and flowchart illustrations of methods, apparatus (eg, systems) and computer program products according to various embodiments. It is understood that each functional block and flowchart illustration in the block diagram, and combinations of functional blocks in the block diagram and flowchart illustration, can each be implemented by computer program instructions.

  These computer program instructions create a machine such that instructions executing on a computer or other programmable processing device create a means for implementing the functions specified in one or more blocks of the flowchart. To a general purpose computer, special purpose computer, or other programmable data processing device. These computer program instructions may also be stored in a computer readable memory, wherein the computer program instructions are stored in a block or blocks of the flowchart where the instructions stored in the computer readable memory are identified. The computer or other programmable data processing device can be instructed to function in a particular manner that produces an article of manufacture that includes instruction means for implementing the programmed functions. Computer program instructions also create a computer-implemented process in which instructions executing on a computer or other programmable device provide steps for implementing the functions identified in one or more blocks of the flowchart. Thus, a computer or other programmable data processing device may be loaded so that a series of operational steps are performed in the computer or other programmable device.

  Accordingly, the functional blocks of the block diagram and the description of the flow diagram support a combination of means for performing a specific function, a combination of steps for performing a specific function, and a program instruction means for performing a specific function. . Each functional block and flowchart illustration in the block diagram, and the combination of the functional block and flowchart illustration in the block diagram, is a dedicated hardware-based computer system that performs a specific function or step, or dedicated hardware and computer instructions It is also understood that it may be implemented by any suitable combination. Further, the description and description of the process flow may refer to a user's window, web page, website, web form, prompt, etc. The practitioner understands that the described steps described herein may comprise any number of configurations including the use of windows, web pages, web forms, pop-up windows, prompts, and the like. It should be further understood that the steps described and described may be combined into a single web page and / or window, but have been developed for brevity. In other cases, the steps described and described as a single process step may be divided into multiple web pages and / or windows, but are combined for brevity.

  The term “non-temporary” is understood as removing only the temporary signal itself from the scope of the claims, and all the standard not only propagating the temporary signal itself. Never give up your rights to computer-readable media. In other words, the meanings of the terms “non-transitory computer-readable medium” and “non-transitory computer-readable storage medium” are within the scope of the patentable invention under 35 USC 101. As such, it should be construed to exclude only temporary computer readable media of the type known in In Re Nuijten.

  Phrases and terms similar to “account”, “account number”, “account code”, or “consumer account” may be used to refer to any device, code (eg, authorization / access code, as used herein). , Personal identification number “PIN”), Internet code, one or more of other identity verification codes, etc.), numbers, letters, symbols, digital certificates, smart chips, digital signals, analog signals, biometrics, or consumption It may include other identifiers / indicators suitably configured to allow a person to access, interact with, or communicate with the system. Account number can be paid, account, credit account, debt account, prepaid account, telephone card, embossed card, smart card, magnetic stripe card, bar code card, transponder, radio frequency card as required Or may be shown on or associated with an associated account.

  The system may include any of the above accounts, devices, and / or transponders, and readers (eg, RFID readers) that are in RF communication with a transponder (which may include a fob), even if they interface with them. Or it may communicate between the initiator and a target enabled by near field communication (NFC). A typical device may include, for example, a key ring, tag, card, cell phone, watch, or any such form that can be presented for inquiries. Further, the systems, computer computing units, or devices discussed herein may include “pervasive computer devices” that may include conventional non-computerized devices with embedded computer computing units. Examples may include watches, kitchen utensils that can use the internet, restaurant tables with embedded RF readers, wallets or wallets with embedded transponders, and the like. In addition, the device or financial transaction instrument may be, for example, a network of electronic circuitry printed on or embedded in a transaction instrument (and typically referred to as a “smart card”); a fob having a transponder and an RFID reader; And / or may have electronic communication capabilities enabled by near field communication (NFC) technology. For more information on NFC, please refer to the following specifications incorporated by reference. ISO / IEC 18092 / ECMA-340, Near Field Communication Interface and Protocol-1 (NFCIP-1); ISO / IEC 21481 / ECMA-352, Near Field Communication Interface and Protocol-2 (NFCIP-2); / Www. emvco. com / default. EMV 4.2 available at aspx.

  The account number may be distributed and stored in any form of credit card, electronic device, magnetic device, radio frequency device, wireless device, voice device, and / or optical device, which is the second device You can transmit or download data from them. Each credit provider has its own numbering scheme, such as the 15 digit numbering scheme used by American Express, but the consumer account number may be, for example, a 16 digit account number. Each company's account number is that company using a 15-digit format, generally using a set of three numbers spaced as represented by the number “0000 000000 00000”. Fits standardized format. The first 5-7 digits are reserved for processing purposes and identify the issuing bank, account type, etc. In this example, the last 15th digit is used as a checksum for a 15 digit number. The middle 8th to 11th digits are used to uniquely identify the consumer. The merchant account number may be any number or alphanumeric character that identifies a particular merchant for purposes such as account acceptance, account adjustment, reporting, and the like.

  Phrases and terms similar to “transaction account” may include any account that may be used to facilitate financial transactions.

  Phrases and terms similar to "financial institution" or "transaction account issuer" may include any entity that provides transaction account services. Often referred to as a “financial institution,” a financial institution can be any type of bank, lender, or credit card company, card sponsoring company, or third-party issuer under a contract with a financial institution. Other types of account issuing agencies may be represented. It should further be noted that other participants, such as interim clearing houses, may be included at some stage of the commerce.

  As used herein, “transmit” may include transmitting electronic data from one system component to another system component over a network connection. Further, as used herein, “data” may include comprehensive information, such as data for commands, queries, files, storage, in digital form or any other form.

  Phrases and terms similar to “company” or “merchant” may be used interchangeably and may be any person, entity, provider, broker, and / or any other entity in the distribution network of goods or services, Distribution system, software and / or hardware. For example, the merchant may be a grocery store, retail store, travel agency, service provider, online merchant, and the like.

  Phrases and terms similar to “internal data” may include any data that a credit issuer owns or acquires for a particular consumer. Internal data may be collected before, during or after the relationship between the credit issuer and the transaction account holder (eg, consumer or buyer). Such data may include consumer demographic data. Consumer demographic data includes any data about the consumer. Consumer demographic data may include a consumer's name, address, telephone number, email address, employer, and social security number. Consumer commerce data is any data related to a particular business transaction that a consumer has made during any given period of time. Consumer commerce data may include, for example, commerce volume, commerce time, commerce seller / merchant, and commerce seller / merchant location. The merchant seller / merchant location may include a high degree of specificity for the seller / merchant. For example, a commerce seller / merchant location may include a particular gas station at a particular zip code defined in a particular sample or address. Also, for example, a merchant's seller / merchant location may be a specific web address, such as a Uniform Resource Locator ("URL"), email address, and / or Internet Protocol ("IP") address for the seller / merchant. May be included. The merchant seller / merchant, and the merchant seller / merchant location may be associated with a particular consumer and may further be associated with a consumer pair. Consumer payment data includes any data relating to the history of consumers paying debt contracts. Consumer payment data may include consumer payment date, payment amount, difference, and credit limit. The internal data may further comprise a record of the consumer's business call, a claim, a request for an increase in credit limit, a question, and a comment. The consumer business call record includes, for example, any record or summary of the call date, reason for the call, and actual call.

  Benefits, other advantages, and solutions to problems have been described herein with regard to specific embodiments. However, its benefits, its benefits, solutions to its problems, and any elements that can give rise to, or even make, any benefit, any advantage, or any solution to a problem are important It is not to be construed as a feature or element, a required feature or element of the present disclosure, or an essential feature or element of the present disclosure. Accordingly, the scope of the disclosure is not limited except as by the appended claims, and in the appended claims, references to elements in the singular are " Is not intended to mean "rather", but rather means "one or more". Further, when a phrase similar to “at least one of A, B, and C” or “at least one of A, B, or C” is used in the claims or specification, The phrase is that A alone may be present in embodiments, B may be present alone, in embodiments, C may be present alone, in embodiments, or A, B And any combination of the elements of C may be present in a single embodiment, eg, interpreted as meaning A and B, A and C, B and C, or A and B and C It is intended to be Although the present disclosure includes methods, it is contemplated that the present disclosure may be embodied as computer program instructions in a tangible computer readable transport means such as a magnetic or optical memory, or a magnetic or optical disk. Yes. All structural, chemical, and functional equivalents known to those of ordinary skill in the art for the elements of the exemplary embodiments described above are expressly incorporated by reference and are hereby incorporated by reference It is intended to be covered by the claims. Further, since a device or method is within the scope of the claims, the device or method need not address every and every problem sought to be solved by the present disclosure. Further, an element, component, or method step in this disclosure is intended to be dedicated to the public regardless of whether the element, component, or method step is explicitly recited in the claims. Not intended. A claim element in this specification is subject to the provisions of 35 USC 112, unless the element is explicitly listed using the phrase “means to do”. Is not interpreted. As used herein, the terms “comprising”, “comprising”, or any other variation thereof, means that a process, method, article of manufacture, or apparatus comprising a list of elements is Include non-exclusive inclusions that may include other elements not explicitly listed, or other elements specific to such processes, methods, articles of manufacture or equipment, rather than including only elements Is intended to include.

Claims (20)

Verifying login credentials associated with a transaction account by a computer-based system for reducing fraudulent transactions, wherein the transaction account is associated with a consumer;
Generating an output with a link to a website associated with the merchant by the computer-based system;
Transmitting data indicating that the login authentication information has been certified to the merchant by the computer-based system;
Authorizing, by the computer-based system, an authorization request from the merchant associated with the transaction account.   The method of claim 1, further comprising receiving an authorization request from the merchant by the computer-based system.   The method of claim 2, further comprising: determining by the computer-based system that the authorization request comprises data indicating that the login authentication information has been certified by the computer-based system. .   The method of claim 1, further comprising determining by the computer-based system that a transaction account number associated with the authorization request is associated with the transaction account.   The method of claim 1, further comprising determining by the computer-based system that the authorization request is associated with the certified login credentials.   The method of claim 1, further comprising determining by the computer-based system that the consumer is associated with the authorization request.   The method of claim 6, further comprising determining by the computer-based system that the login credentials, transaction account number, and a four-digit batch code are associated with the consumer.   The authorization includes data indicating that the login authentication information has been certified by the computer-based system and that a transaction account number in the authorization request is associated with the transaction account. The method of claim 1, comprising determining by means of the computer-based system.   The method of claim 1, further comprising transmitting an authorization response to the merchant.   The method of claim 1, further comprising providing, by the computer-based system, access to an account management page associated with the transaction account in response to the login credentials being verified.   The method of claim 1, wherein the data indicating that the login authentication information has been certified comprises a flag.   The method of claim 11, wherein the flag comprises an algorithm.   The method of claim 11, wherein the flag identifies the type of transaction account.   The method of claim 11, wherein the flag comprises a third party globally unique identifier.   The method of claim 1, further comprising transmitting a request for certification to the merchant by the computer-based system.   The method of claim 1, wherein the merchant grants access to a protected website in response to the consumer determining that it has proved the login credentials.   The method of claim 1, further comprising transmitting a request for certification to the portable consumer device by the computer-based system.   The method of claim 1, wherein the merchant prevents the consumer from accessing the website in response to not detecting a flag. A processor to reduce fraudulent transactions,
A non-transitory tangible memory configured to communicate with the processor, comprising:
The non-transitory tangible memory is responsive to execution by the processor,
Verifying login credentials associated with a transaction account by the processor, wherein the transaction account is associated with a consumer;
Generating an output with the processor with a link to a website associated with the merchant;
Transmitting, by the processor, data indicating that the login authentication information has been certified to the merchant;
A system that causes the processor to store instructions in the non-temporary tangible memory that includes performing an operation associated with the transaction account from the merchant to authorize an authorization request from the merchant. In response to execution by a computer-based system to reduce fraudulent commerce, including a non-transitory tangible computer-readable storage medium,
Verifying login credentials associated with a transaction account by the computer-based system, wherein the transaction account is associated with a consumer;
Generating an output with a link to a website associated with the merchant by the computer-based system;
Transmitting data indicating that the login authentication information has been certified to the merchant by the computer-based system;
The non-transitory tangible computer-readable instructions that cause the computer-based system to perform an action including authorizing by the computer-based system an authorization request from the merchant associated with the transaction account Manufactured product stored in a simple storage medium.