US20170046711A1 - Secured Mobile Transaction Device - Google Patents

Secured Mobile Transaction Device Download PDF

Info

Publication number
US20170046711A1
US20170046711A1 US15/339,671 US201615339671A US2017046711A1 US 20170046711 A1 US20170046711 A1 US 20170046711A1 US 201615339671 A US201615339671 A US 201615339671A US 2017046711 A1 US2017046711 A1 US 2017046711A1
Authority
US
United States
Prior art keywords
transaction
mobile
user
scrambled
gps location
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US15/339,671
Inventor
Xia Dai
Original Assignee
Xia Dai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to US30067910P priority Critical
Priority to US13/018,375 priority patent/US9501773B2/en
Application filed by Xia Dai filed Critical Xia Dai
Priority to US15/339,671 priority patent/US20170046711A1/en
Publication of US20170046711A1 publication Critical patent/US20170046711A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/204Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/209Specified transaction journal output feature, e.g. printed receipt or voice output
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3224Transactions dependent on location of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/126Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
    • H04W4/008
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/021Services related to particular areas, e.g. point of interest [POI] services, venue services or geofences
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/63Location-dependent; Proximity-dependent
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/77Graphical identity

Abstract

The present invention relates to a secured transaction system. In one embodiment, a computer implemented method for generating a transaction at a mobile device includes receiving a transaction type selected by a user and a user password via a touch screen display of the mobile device; forming, by a processor of the mobile device, a unique transaction description using the transaction type, the user password, a transaction amount, and a transaction time stamp; generating dynamically, by the processor of the mobile device, a scrambled two dimensional bit map representing the unique transaction description; displaying, by the touch screen display of the mobile device, the scrambled two dimensional bit map; and transmitting, by a transceiver of the mobile device, the scrambled two dimensional bit map to a mobile transaction processing agent for processing.

Description

    CROSS REFERENCE TO RELATED APPLICATIONS
  • This application is a continuation of U.S. application Ser. No. 13/018,375, “A Secured Transaction System” filed Jan. 31, 2011, which claims the benefit of U.S. provisional application No. 61/300,679, “A Secured Transaction System” filed Feb. 2, 2010. The aforementioned United States applications are hereby incorporated by reference in their entirety.
  • FIELD OF THE INVENTION
  • The present invention relates to the field of mobile communications. In particular, the present invention relates to apparatuses and methods for generating a transaction at a mobile device.
  • BACKGROUND OF THE INVENTION
  • There are numerous ways for buyers and sellers to exchange money for goods and services. One commonly used conventional method is that a buyer pays cash to a seller. There are several problems with this payment method. First, if a transaction is large, it would be hard for both the buyer and seller to handle a large amount of cash, for example for transactions over a few thousand dollars. Besides the need to provide exact changes, doing transactions in cash would require more efforts in book keeping for both buyers and sellers. In addition, the parties may be exposed to the risk of counterfeiting as well as theft or robbery.
  • Another commonly used conventional method is that the buyer writes a check to the seller. However, this method of payment also has several drawbacks. First, it is inconvenient for the buyer to carry a check around, and it is also inconvenient for the seller to deposit the check to a bank every time he receives a check. In addition, the buyer may be concerned with the risk of lost checks and the seller may be exposed to the risk of counterfeit checks. If a check has bounced, which means insufficient fund in the buyer's bank, it may cost additional money and effort for both the buyer and seller to fix the problem.
  • Yet another commonly used conventional method is that the buyer pays with a credit or debit card. However, there are numerous problems associated with this payment method. To the buyer, it is inconvenient to carry multiple cards and many merchants do not accept credit cards if the transaction amount is relatively small, such as less than $20. In addition, if the credit cards are lost or stolen, it would cause stress and effort for the card holder to inform the issuing bank and have the cards replaced, and it would cost the issuing bank to create and mail a replacement card to the card holder. Furthermore, the credit/debit card numbers are static, which do not change within their corresponding expiration dates. Such static card numbers may be stolen during online transactions without card owner's knowledge. Furthermore, a record breach at merchant sites or at issuing banks would create tremendous financial risks to the card holders, merchants, and/or the issuing banks.
  • Therefore, there is a need for systems and methods that can address the problems of the conventional payment methods and assist users in conducting transactions using mobile devices.
  • SUMMARY
  • The present invention relates to a secured transaction system. In one embodiment, a mobile client device includes a mobile client device includes a user interface configured to enable a user to select a transaction type and collect a user pin number, a processor configured to generate a secured transaction description using the transaction type and the user pin number, wherein the secured transaction description includes issuer ID, account ID, merchant ID, password, transaction amount, and transaction time stamp, and the processor is further configured to transmit the secured transaction description to a mobile processing agent for processing, and receive a transaction record from the mobile transaction processing agent, and a memory configured to store the transaction record in the mobile client device.
  • In another embodiment, a computer implemented method for generating a transaction from a mobile client device includes selecting a transaction type, collecting a user pin number, generating a secured transaction description dynamically using the transaction type and the user pin number, wherein the secured transaction description includes issuer ID, account ID, merchant ID, password, transaction amount, and transaction time stamp, and transmitting the secured transaction description to a mobile transaction processing agent for processing.
  • In yet another embodiment, a point-of-sale (POS) system includes an input module configured to receive a transaction description from a mobile client device, an encryption engine configured to generate an encrypted transaction description using the transaction description from the mobile client device, and a communication module configured to transmit the encrypted transaction description for processing.
  • In yet another embodiment, a computer implemented method for processing secured transactions includes receiving a transaction description from a mobile client device, generating an encrypted transaction description using the transaction description from the mobile client device, and transmitting the encrypted transaction description for processing.
  • In yet another embodiment, a mobile transaction processing agent system includes a communication module configured to receive a secured transaction description from a mobile client device or an encrypted transaction description from a point-of-sale (POS) device, wherein the secured transaction description is in the form of a bar code generated by the mobile client device, an authentication module configured to decode the secured transaction description and verify the secured transaction description is valid based on the mobile client device or the point-of-sale device, and a transaction processing module configured to process the transaction in accordance with the secured transaction description.
  • In yet another embodiment, a computer implemented method for processing secured transactions includes receiving a payment request, wherein the payment request includes a transaction description, verifying payer account information in association with the payment request, processing the payment request upon verifying the payer account information, receiving a digital signature from the payer, adjusting the payer account with the transaction amount upon authenticating the transaction with the received digital signature, and sending a transaction receipt to the payer.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • The aforementioned features and advantages of the invention, as well as additional features and advantages thereof, will be more clearly understandable after reading detailed descriptions of embodiments of the invention in conjunction with the following drawings.
  • FIG. 1A illustrates a system for processing transactions between a buyer and a seller using mobile device according to embodiments of the present invention.
  • FIG. 1B illustrates a flow chart describing processing a transaction with a mobile device according to embodiments of the present invention.
  • FIG. 1C illustrates a series of user interfaces corresponding to a transaction described in FIG. 1B on the mobile device according to embodiments of the present invention.
  • FIG. 1D illustrates another series of user interfaces corresponding to a transaction described in FIG. 1B on the mobile device according to embodiments of the present invention.
  • FIG. 2A illustrates components of a mobile client device according to embodiments of the present invention.
  • FIG. 2B illustrates software components of a mobile client according to embodiments of the present invention.
  • FIG. 3 illustrates components of a POS device according to embodiments of the present invention.
  • FIGS. 4A-4C illustrate applications of a mobile transaction processing agent according to embodiments of the present invention.
  • FIGS. 5A-5B illustrate a system for deploying mobile client, POS device, and MTPA with existing financial infrastructures according to embodiments of the present invention.
  • FIGS. 6A-6B illustrate yet another system for deploying mobile client, POS device, and MTPA with existing financial infrastructures according to embodiments of the present invention.
  • FIGS. 7A-7C illustrate implementations of processing a mobile check according to embodiments of the present invention.
  • FIG. 8 illustrates a method of security enhancement and book keeping according to embodiments of the present invention.
  • FIG. 9 illustrates a method of using electronic coupon according to embodiments of the present invention.
  • DESCRIPTION OF EMBODIMENTS
  • Method and system are provided for handling secured transactions. The following descriptions are presented to enable any person skilled in the art to make and use the invention. Descriptions of specific embodiments and applications are provided only as examples. Various modifications and combinations of the examples described herein will be readily apparent to those skilled in the art, and the general principles defined herein may be applied to other examples and applications without departing from the spirit and scope of the invention. Thus, the present invention is not intended to be limited to the examples described and shown, but is to be accorded the widest scope consistent with the principles and features disclosed herein.
  • Some portions of the detailed description that follows are presented in terms of flowcharts, logic blocks, and other symbolic representations of operations on information that can be performed on a computer system. A procedure, computer-executed step, logic block, process, etc., is here conceived to be a self-consistent sequence of one or more steps or instructions leading to a desired result. The steps are those utilizing physical manipulations of physical quantities. These quantities can take the form of electrical, magnetic, or radio signals capable of being stored, transferred, combined, compared, and otherwise manipulated in a computer system. These signals may be referred to at times as bits, values, elements, symbols, characters, terms, numbers, or the like. Each step may be performed by hardware, software, firmware, or combinations thereof.
  • FIG. 1A illustrates a system for processing transactions between a buyer and a seller using mobile device according to embodiments of the present invention. As shown in FIG. 1A, the system includes a mobile client device 102 (also referred to as mobile device or mobile client for short) possessed by the buyer. The mobile client device 102 includes, but not limited to, cellular phone, Personal Digital Assistant (PDA) device, tablet PC, or other portable devices. The system also includes a point-of-sale (POS) device 104, which is typically a check-out station, a cash register, or other types of transaction processing system at a merchant site. The system further includes one or more mobile transaction processing agent (MTPA) servers 106 (a MTPA server is also referred to as mobile transaction processing system), which is configured to communicate with the mobile device 102 and the POS device 104, either directly or indirectly via other computer networks and/or computer servers.
  • FIG. 1B illustrates a flow chart that describes processing a transaction with a mobile device according to embodiments of the present invention. In the example shown in FIG. 1B, a mobile device receives a triggering event to initiate a mobile transaction in block 110. The triggering event may be generated by a user by pressing a preprogrammed button of the mobile device 102. In block 112, the mobile device prompts the user to select a transaction type. For example, one exemplary transaction type is mobile-cash (M-cash), which may be a debit account the user has established with the MTPA or with another financial institution and the MTPA is authorized to withdraw user-prescribed funds from the account. Another exemplary transaction type is mobile-credit (M-credit), which may be a credit account the user has established with the MTPA or with another financial institution and the MTPA is authorized to withdraw user-prescribed funds from the account. In block 114, the mobile device collects user information to ensure the user is authorized to conduct transaction. In one approach, the mobile device may prompt the user to enter a pin number. The mobile device then compares the pin number entered by the user to an authorized pin number stored in the device. If an invalid pin number is entered, the mobile device may allow the user to try to enter the pin number again for a few times before terminating the transaction. If the user enters a valid pin number, the mobile device moves on to the next stage of the transaction.
  • In block 116, based on the information preinstalled in the mobile device and the information entered by the user during the transaction, such as the pin number and the transaction amount, the mobile device generates a secured transaction description dynamically. The secured transaction description may include issuer ID 123, account ID 124, user password 125, merchant ID 126, transaction amount 127, and transaction time stamp 128. The secured transaction description may be in the form of a scrambled bar code or in the form of a scrambled two dimensional pattern containing the transaction information described above.
  • According to embodiments of the present invention, the account ID 124 field is dynamic and scrambled, and the MTPA has the keys to decrypt the scrambled account ID 124. The account ID 124 may be updated according to a predetermined period of time, such as every day, every week, or randomly. The updating field value may like updating enigma code, which makes it harder to crack by hackers. In the event the mobile client device is lost or the account ID is breached, the account ID may be easier to change, for example by a mobile network operator. The transaction time stamp 128 incorporates the time of the transaction and facilitates record keeping. Besides, this field makes all transaction IDs (also referred to as transaction description) unique and different from each other. This is because each end user may only make one transaction at any given place and time.
  • In block 118, the mobile device transmits the secured transaction description to the MTPA server. According to various implementations of the present invention, the transmission of the secured transaction description may be carried out wirelessly from the mobile device to the MTPA servers. Alternatively, the transmission of the secured transaction description may be done via the POS device and then transmitted through a wired network or wirelessly from the POS device to the MTPA servers. In block 120, upon verification and approval of the transaction by the MTPA servers, the mobile device receives an acknowledgement of the transaction from the MTPA servers. The acknowledgement may include a confirmation number, transaction amount, time and date of the transaction, name of the seller, and remaining balance on the M-cash account. Similar to block 118, the mobile device may receive the acknowledgement wirelessly from the MTPA servers, or from the MTPA servers via the POS device. In block 122, the mobile device stores a record of the transaction either on the device or sending the record to a remote folder specified by the user.
  • FIG. 1C illustrates a series of user interfaces corresponding to a transaction described in FIG. 1B on the mobile device according to embodiments of the present invention. In one approach, screen 130 may be configured to implement block 110 where the mobile client device prompts a user to press the M-Pay button 131 to initiate a mobile transaction. Screen 132 may be configured to implement block 112 where the mobile client device prompts a user may choose a transaction type. For example, the transaction type M-cash 133 may be selected. Screens 134 and 136 implement the block 114 where the mobile device requests the user to enter a password 135; and a masked password 137 is entered by the user. In screen 138, a secured transaction description is generated by the mobile client device, which corresponds to the function performed in block 116 of FIG. 1B. The secured transaction description may be read from the mobile client device or be transmitted from the mobile client device in accordance with the function performed in block 118 of FIG. 1B.
  • In this implementation, the secured transaction description is a scrambled bar code 139 that includes information of issuer ID 123, account ID 124, user password 125, merchant ID 126, transaction amount 127, and time stamp 128. Note that this secured transaction description is generated dynamically as opposed to a static description of transaction information as in the cases of credit card transactions or transactions involving checks. The secured transaction description 139 is unique not only because it includes the user password in addition to the issuer ID, account ID, and merchant ID, it also includes the transaction amount which typically varies based on the item being purchases, and the time stamp which changes constantly. One of the benefits of the secured transaction description over the conventional transaction description is that it may be used only once and the risk of this information being stolen is significantly reduced. Unlike credit card information and bank account information shown on a check, once they are stolen, they may be used repeatedly by criminals.
  • In yet another embodiment of the present invention, the secured transaction description may further include the global positioning system (GPS) location 129 of the mobile client device, which further contributes to the security of the transaction. In this case, if the criminals do not have or do not know the GPS location of the mobile client device, they would not be able to generate the secured transaction description and thus would not be able to complete any fraudulent transaction. According to embodiments of the present invention, location based fraud detection may be implemented using mobile client device location tracking or GPS technologies. In one implementation, every mobile payment may be monitored by comparing the transaction location (for example GPS terminal location) against the location of the mobile client device, which may be obtained, for example by a mobile network operator, through mobile client location tracking technologies. In this approach, the POS ID may be forwarded to MTPA along with the transaction ID, and the mobile client location may be obtained from the mobile network operator for comparison. When there is a mismatch, a fraud alert will be generated and the transaction is declined.
  • In screen 140, a transaction acknowledgment 141 is received by the mobile client device. In this particular example, the transaction acknowledgement includes information about the user's account, such as the original balance, the last payment amount, and the remaining balance. The mobile device may be configured to store a record of the transaction or wirelessly transmit this record to a remote storage location. Screen 140 corresponds to the functions performed in blocks 120 and 122 of FIG. 1B.
  • FIG. 1D illustrates another series of user interfaces corresponding to a transaction described in FIG. 1B on the mobile device according to embodiments of the present invention. Similar to the example described in FIG. 1C, screen 150 may be configured to implement block 112 where the mobile client device prompts a user to choose a transaction type. For example, the transaction type M-credit 151 may be selected. Upon receiving a selection by the user, in screen 152, the mobile client device displays types of credit cards may be used to carry out the transaction, including but not limit to Discover, MasterCard, VISA, and American Express.
  • Screens 154 and 156 implement the block 114 where the mobile device requests the user to enter a password 155; and a masked password 157 is entered by the user. In screen 158, a secured transaction description is generated by the mobile client device, which corresponds to the function performed in block 116 of FIG. 1B. The secured transaction description may be read from the mobile client device or be transmitted from the mobile client device in accordance with the function performed in block 118 of FIG. 1B.
  • In this implementation, the secured transaction description is a scrambled multi-dimensional bit map 159 that includes information of issuer ID 123, account ID 124, user password 125, merchant ID 126, transaction amount 127, time stamp 128, and GPS location 129. Note that this secured transaction description is generated dynamically as opposed to a static description of transaction information as in the cases of credit card transactions or transactions involving checks. The secured transaction description 159 is unique not only because it includes the user password in addition to the issuer ID, account ID, and merchant ID, it also includes the transaction amount which typically varies based on the item being purchases, the time stamp which changes constantly, and the GPS location of the mobile device which may also change. One of the benefits of the secured transaction description over the conventional transaction description is that it may be used only once and the risk of this information being stolen is significantly reduced. Unlike credit card information and bank account information shown on a check, once they are stolen, they may be used repeatedly by criminals.
  • In screen 160, a transaction acknowledgment 161 is received by the mobile client device. In this particular example, the transaction acknowledgement includes a list of items purchased at the Happy Shopping Market, the subtotal amount of the purchase, the sales tax, and the total amount of the purchase. The mobile device may be configured to store a record of the transaction or wirelessly transmit this record to a remote storage location. Screen 160 corresponds to the functions performed in blocks 120 and 122 of FIG. 1B.
  • There are numerous advantages associated with the transaction processing system described in FIGS. 1A-1D. One advantage is that an active mobile client device is a secured ID device for authentication purposes. This is because an active mobile client device is most likely to have a unique phone number and a unique user. Mobile client devices are ubiquitous and have the largest user base among all electronic devices. They are mostly likely to be always on, always connected, and always with the users. Mobile client devices may be configured to work with Short Message Service (SMS) real time feedback for monitoring account activities. Moreover, mobile client devices may be configured to provide location based fraud detection using triangular cell positioning or GPS technologies, and they can implement strong security features, such as two- or three-factor authentication.
  • In addition, an active mobile client device offers dynamic account ID that may be used to guard against fraud from credit/debit transaction record breach. For example, mobile client devices can store credit/debit account ID that is provisioned over the air (by a mobile network operator), with security protocol guarding confidentiality and various update algorithm applied (regular, random, or situation based). Mobile client devices may be configured to scramble credit/debit account ID with random numbers and/or time stamps. Furthermore, Mobile client devices may be configured to apply security protocols, such as random number generator, message authentication code (MAC), digital signature, public key infrastructure (PM), etc., which add additional security in the authentication process.
  • FIG. 2A illustrates key components of a mobile client device according to embodiments of the present invention. As shown in FIG. 2, mobile client device 200 includes an operating system (OS), software application programs, and a UICC 206. The UICC 206 may further include an input/output (IO) block, a central processing unit (CPU) 210 and its associated RAM 214, EEPROM 216, and ROM 218. The CPU also includes a crypto engine 212.
  • According to embodiments of the present invention, the UICC (Universal Integrated Circuit Card) may be implemented as a smart card used in mobile terminals in GSM and UMTS networks. The UICC ensures the integrity and security of all kinds of personal data, and it typically holds a few hundred kilobytes. In 2G networks, the SIM card and SIM application are bound together, so that a SIM Card could mean the physical card, or any physical card with the SIM application. In 3G networks, applications are run on a UICC card. The UICC smart card includes a CPU, ROM, RAM, EEPROM and I/O circuits. The use and content of the card may be protected by use of PIN codes. One code, PIN1, can be defined to control normal use of the phone. Another code, PIN2, can be set, to allow the use of special functions (like limiting outbound telephone calls to a list of numbers). PUK1 and PUK2 may be used to reset PIN1 and PIN2 respectively. The integration of the ETSI framework and the Application management framework of Global Platform is standardized in the UICC configuration.
  • FIG. 2B illustrates software components of a mobile client according to embodiments of the present invention. As shown in FIG. 2B, software components of the mobile client include a set of client applications, for example client application 1 (221), client application 2 (222) to client application N (223). The mobile client software components further include a client application framework 224, a widget framework 225, an optimized binary processing engine 226, a mobile API (application program interface) wrapper 227, a MIDP2.0 API 228, a CLDC1.0 229, a WMA 230, and a JVM on phone 231. According to embodiments of the present invention, the client application framework 224 provides a framework to create client applications. The widget framework 225 may be used to create weather, news, finance, games, shopping, and portal discovery widgets, which may be built-in widgets that come with the application or mobile device. The optimized binary processing engine 226 runs client application scripts and widget scripts in binary format. The mobile application programming interface (API) wrapper 227 provides a layer of abstraction on mobile API for creating a platform independent environment. The MIDP2.0 API 228 provides the Mobile Information Device Profile 2.0 API on Java mobile devices. The CLDC1.0 229 provides the Connected Limited Device Configuration API on Java mobile devices. The WMA 230 provides the Wireless Messaging API on Java mobile devices. The JVM on Phone 231 provides the Java Virtual Machine on Java mobile devices.
  • FIG. 3 illustrates components of a POS device according to embodiments of the present invention. As discussed above in association with FIG. 1A, a POS device can be configured to receive information from a mobile client, and send that mobile client information along with other information provided by the merchant to a mobile transaction processing agent located remotely. As shown in FIG. 3, POS device 300 includes an optical scanner or near field communication (NFC) device 302, an encryption engine 304, and a wireless transceiver 306. According to embodiments of the present invention, a NFC device is a short-range high frequency wireless communication device configured to exchange data between devices about a 10 centimeter distance. The technology is an extension of the ISO/IEC 14443 proximity-card standard (contactless card, RFID) that combines the interface of a smartcard and a reader into a single device. An NFC device can communicate with both existing ISO/IEC 14443 smartcards and readers, as well as with other NFC devices, and is thereby compatible with existing contactless infrastructure already in use for public transportation and payment.
  • FIGS. 4A-4C illustrate applications of a mobile transaction processing agent according to embodiments of the present invention. As shown in FIG. 4A, mobile transaction processing agent (MTPA) server 400 is communicatively coupled to a mobile payer device 402 and a mobile payee device 404, respectively. Both the mobile payer device 402 and the mobile payee device 404 may have their own funding sources, respectively. For example, Funding Source 1 (406) is associated with the mobile payer device 402, and Funding Source N (408) is associated with the mobile payee device 404.
  • FIG. 4B illustrates an exemplary transaction processed by a MTPA according to embodiments of the present invention. In block 410, the MTPA server 400 (also referred to as MTPA for short) receives a payment request from a mobile payer device 402 (also referred to as the payer for short). In block 412, the MTPA server 400 verifies the payer account information in association with the payment request. The payer account information may be previously established between the MTPA and the payer, and money may be deposited by the payer in its account with the MTPA. In block 414, upon verifying the payer account information, the MTPA acknowledges the payment request by sending an acknowledgement to the payer. In block 416, the MTPA receives a digital signature from the payer, which is used to authenticate the transaction. After authenticating the transaction with the received digital signature, the MTPA debits the payer's account with the transaction amount. In block 418, the MTPA sends a transaction receipt to the payer, and concludes the transaction.
  • FIG. 4C illustrates another exemplary transaction processed by a MTPA according to embodiments of the present invention. In block 420, the MTPA server receives a payment request from a mobile payee device 404 (also referred to as the payee for short). Note that in this case, there is a transaction between the payer and payee, and the MTPA serves as a processing agent to facilitate the transaction. Prior to the transaction, both the payer and the payee have established accounts with the MTPA, and money may be deposited by the payer in its account with the MTPA. The payment request from the payee includes the payer information. In block 422, the MTPA verifies the payer account information in association with the payment request. In block 424, upon verifying the payer account information, the MTPA processes the payment request by sending a request for digital signature to the payer. In block 426, the MTPA receives a digital signature from the payer, which is used to authenticate the transaction. After authenticating the transaction with the received digital signature, the MTPA debits the payer's account and credits the payee's account with the transaction amount. In block 428, the MTPA sends a transaction receipt to both the payer and the payee, and concludes the transaction.
  • FIGS. 5A-5B illustrate a system for deploying mobile client, POS device, and MTPA with existing financial infrastructures according to embodiments of the present invention. As shown in FIG. 5A, mobile client device 501, POS device 503, and MTPA server 505 may be configured to work with one or more acquirer servers 502 and one or more issuer servers 504.
  • According to embodiments of the present invention, an acquirer (or acquiring bank) is a member of a card association, for example MasterCard and/or Visa, which maintains merchant relationships and receives all bankcard transactions from the merchant. In a credit card transaction, the acquirer is the entity that receives an authorization request from its merchant accepting the card as a form of payment and forwards it through various authorization networks to the Issuing Bank (“Issuer”). The Issuer determines whether to approve or decline the sale, since they are the entities actually extending credit to their cardholders. An acquiring bank (or acquirer) is the bank or financial institution that accepts payments for the products or services on behalf of a merchant. The term acquirer indicates that the bank accepts or acquires transactions performed using a credit card issued by a bank other than itself. According to embodiments of the present invention, an issuing bank is a bank that offers card association branded payment cards directly to consumers. In the case of credit cards, the issuing bank extends a line of credit to the consumer. Liability for non-payment is then shared by the issuing bank and the acquiring bank, according to rules established by the card association brand.
  • FIG. 5B illustrates an exemplary flow chart for the system of FIG. 5A according to embodiments of the present invention. In block 520, the mobile client device 501 generates a bar code for a transaction. In block 522, the POS device 503 scans bar code displayed by the mobile client 501 and generates a transaction ID. The transaction ID may include Issuer ID, Account ID, Merchant ID, time stamp, and transaction amount. In block 524, the POS device 503 sends the transaction ID to the acquirer server 502. In one approach, the mechanism for sending the transaction ID may employ a wireless transmission. In another approach, the mechanism for sending the transaction ID may employ a public switched data network (PSDN) or a local area network (LAN).
  • According to embodiments of the present invention, the POS device 503 may secure the transaction ID using a secure socket layer (SSL) protocol or using a Derived Unique Key Per Transaction (DUKPT) key management scheme. Note that the Secure Sockets Layer (SSL) and the Transport Layer Security (TLS) are cryptographic protocols that provide security for communications over networks such as the Internet. TLS and SSL encrypt the segments of network connections at the Transport Layer end-to-end. Several versions of the protocols are in use in applications like web browsing, electronic mail, Internet faxing, instant messaging and voice-over-IP (VoIP).
  • In addition, DUKPT is a key management scheme in which for every transaction, a unique key is used which is derived from a fixed key. Therefore, if a derived key is compromised, future and past transaction data are still protected since the next or prior keys cannot be determined easily. DUKPT allows the processing of the encryption to be moved away from the devices that hold the shared secret. The encryption is done with a derived key, which is not re-used after the transaction. DUKPT is used to encrypt electronic commerce transactions. While it can be used to protect information between two companies or banks, it is typically used to encrypt PIN information acquired by Point-Of-Sale (POS) devices.
  • The DUKPT scheme enables both originating and receiving parties to be in agreement as to the key being used for a given transaction. Each transaction will have a distinct key from all other transactions, except by coincidence. If a present key is compromised, past and future keys (and thus the transactional data encrypted under them) remain uncompromised. Each device generates a different key sequence. Originators and receivers of encrypted messages do not have to perform an interactive key-agreement protocol beforehand.
  • In block 526, the acquirer server 502 uses an issuer ID embedded in the transaction ID to route the transaction via the MTPA server 505 to the issuer server 504 for authorization. In one approach, the Acquirer server 502 appends its own Acquirer ID with the transaction ID and forwards it to the MTPA server 505 or other processing agents. The routing may use a wide area network (WAN) with a variety of security schemes, such as the Internet Protocol Security (IPsec), the Triple Data Encryption Standard (3DES), or the Advanced Electronic Signature (AES). The destination may be the MTPA server 505.
  • According to embodiments of the present invention, IPsec is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a data stream. IPsec may also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. IPsec may be used to protect data flows between a pair of hosts (for example computer users or servers), between a pair of security gateways (for example routers or firewalls), or between a security gateway and a host. IPsec is a dual mode, end-to-end, security scheme operating at the Internet Layer of the Internet Protocol Suite or OSI model Layer 3. Some other Internet security systems in use, such as Secure Sockets Layer (SSL), Transport Layer Security (TLS) and Secure Shell (SSH), operate in the upper layers of these models. Hence, IPsec can be used for protecting any application traffic across the Internet. Applications need not be specifically designed to use IPsec. The use of TLS/SSL may typically be incorporated into the design of applications.
  • According to embodiments of the present invention, 3DES is a common name for the Triple Data Encryption Algorithm (TDEA) block cipher, which applies the Data Encryption Standard (DES) cipher algorithm three times to each data block. 3DES provides a method of increasing the key size of DES to protect against brute force attacks, without requiring a completely new block cipher algorithm.
  • According to embodiments of the present invention, an electronic signature is any legally recognized electronic means that indicates that a person adopts the contents of an electronic message. One definition of electronic signature may be an electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record. It may be an electronic transmission of the document which contains the signature, as in the case of facsimile transmissions, or it may be encoded message, such as telegraphy using Morse code. Increasingly, encrypted digital signatures are used in e-commerce and in regulatory filings as digital signatures are more secure than a simple generic electronic signature.
  • In block 528, the MTPA server 505 routes the transaction packet to the issuer server 504. In one approach, the MTPA server 505 decrypts the account ID, performs checks on identity and validity of accounts, and routs the account ID and transaction dollar amount to the issuer server 504 for further validation and authorization. In block 530, the issuer server 504 authorizes the transaction. According to an exemplary implementation, the Issuer server 504 validates the account ID, performs the payment transaction, and appends transaction packets with an authentication/acknowledge field, and sends the authorization to the MTPA server 505.
  • In block 532, the MTPA server 505 sends an acknowledged transaction packet to the acquirer server 502. Similar to block 526, the transmission mechanism may use WAN with IPSEC, 3DES, or AES. In addition, the transaction packet may include an appended acknowledgement receipt. In block 534, the acquirer server 502 sends the acknowledged transaction packet to the POS device 503. Similar to the block 524, the transmission may use wireless/LAN/PSDN, and the security may employ SSL/DUKPT. In block 536, the POS device 503 prints a receipt for the mobile client device 501. In block 538, the MTPA 505 sends an electronic receipt to the mobile client device 501, for example via a Short Message Service (SMS), and the transaction is completed.
  • According to embodiments of the present invention, a SMS is a communication service standardized in the GSM mobile communication system, using standardized communications protocols allowing the interchange of short text messages between mobile telephone devices. Messages are sent to a Short Message Service Centre (SMSC) which provides a store-and-forward mechanism. It attempts to send messages to their recipients. If a recipient is not reachable, the SMSC queues the message for later retry. Transmission of short messages between the SMSC and the mobile device is performed using the Mobile Application Part (MAP) of the SS7 protocol. Messages are sent with the MAP mo-ForwardSM and mt-ForwardSM operations, whose payload length is limited by the constraints of the signaling protocol to precisely 140 octets (140 octets=140*8 bits=1120 bits). Short messages can be encoded using a variety of alphabets: the default GSM 7-bit alphabet, the 8-bit data alphabet, and the 16-bit UTF-16 alphabet. Depending on which alphabet the subscriber has configured in the mobile device, this leads to the maximum individual Short Message sizes of 160 7-bit characters, 140 8-bit characters, or 70 16-bit characters, including spaces. Larger content (Concatenated SMS, multipart or segmented SMS or “long SMS”) can be sent using multiple messages, in which case each message starts with a user data header (UDH) containing segmentation information. Since UDH is inside the payload, the number of characters per segment is lower: 153 for 7-bit encoding, 133 for 8-bit encoding and 67 for 16-bit encoding. The receiving mobile device is then responsible for reassembling the message and presenting it to the user as one long message. While the standard theoretically permits up to 255 segments, 6 to 8 segment messages are the practical maximum, and long messages are often billed as equivalent to multiple SMS messages.
  • FIGS. 6A-6B illustrate yet another system for deploying mobile client, POS device, and MTPA with existing financial infrastructures according to embodiments of the present invention. The mobile client device 601, the POS device 603, the MTPA server 605 may be configured as shown in FIG. 6A to work with one or more acquirer servers 602 and one or more issuer servers 604.
  • In the exemplary implementation shown in FIG. 6B, in block 620, the mobile client device 601 generates a bar code for a transaction. In block 622, the POS device 603 scans the bar code and generates a transaction ID. The transaction ID may include Issuer ID, Account ID, Merchant ID, time stamp, and transaction amount. In block 624, the POS device 603 sends the transaction ID to the MTPA server 605. The sending mechanism may employ LAN, PSDN, or wireless transmission; and the security employed in the transmission may be SSL/DUKPT to encode the transaction ID.
  • In block 626, the MTPA server 605 uses an issuer ID embedded in the transaction ID to route the transaction via the acquirer server 602 to the issuer server 604 for authorization. The MTPA decrypts the account ID, performs checks on identity and validity of accounts, and routs the account ID and transaction dollar amount via the acquirer server 602 to the issuer server 604 for further validation and authorization.
  • In block 628, the acquirer server 602 routes the transaction packet to the issuer server 604. The acquirer server may append its own Acquirer ID with the transaction ID and forwards it to the issuer server 604. According to embodiments of the present invention, the routing may use WAN with IPSEC/3DES/AES. In block 630, the issuer server 604 authorizes the transaction. In particular, the issuer server 604 validates the account ID, performs the needed payment transaction, appends transaction packets with authentication/acknowledge field, and sends the authorization to the acquirer server 602.
  • In block 632, the acquirer server 602 sends an acknowledged transaction packet to the MTPA server 605. The transmission mechanism may use WAN with IPSEC/3DES/AES; and the transaction packet may include an appended acknowledgement receipt. In block 634, the MTPA server 605 sends the acknowledged transaction packet to the POS device 603. The transmission may use LAN, PSDN, or wireless transmission, and the security may employ SSL/DUKPT. In block 636, the POS device 603 prints a receipt for the mobile client device 601. In block 638, the MTPA 605 sends an electronic receipt to the mobile client device 601, and the transaction is completed.
  • FIGS. 7A-7C illustrate implementations of processing a mobile check according to embodiments of the present invention. In the example shown in FIG. 7A, a check 702 may include payer information such as name and address of the payer, date the check is written, dollar amount of the transaction, payer's bank name, address and ABA number, and the payer's account number. A mobile client device 704 includes an application program that takes in the above information of a conventional paper check and generates a bar code pattern 706 (also referred to as security stamp) that can be transmitted to a payer device, and subsequently to any processing center in a secured manner In one approach, to generate the bar code pattern 706, the application program may use the user ID and time of the transaction as seeds of a random number for generating the bar code pattern 706. In another approach, the application program may use the 10 digit mobile number and time of the transaction as seeds of a random number for generating the bar code pattern 706. In yet another approach, application program may use any combination of the user ID, 10 digit phone number, time of the transaction, and point-of-sale GPS location as seeds of a random number for generating the bar code pattern 706. With such a secured encoding, only the payee's bank can authenticate that the security stamp is created by the payee using the payee's user ID, and perform verification and acknowledgement of this secured transaction.
  • FIGS. 7B and 7C illustrate transaction flow in processing a mobile check according to embodiments of the present invention. As shown in FIG. 7B, the transaction flow includes payer device 710, payee device 712, payee's clearing bank server 714, and payer's bank server 716. In the case where the payer and payee use the same bank, the payee's clearing bank server 714 and the payer's bank server 716 may be implemented with the same group of servers. FIG. 7C illustrates how the devices and servers of FIG. 7B interact with each other according to embodiments of the present invention. In 720, payer device 710 generates a mobile check in the form of bar code which encodes check payment information. In 722, payee device 712 scans in the mobile check, and decodes the barcode. The scanning may be performed using a phone camera, or using conventional scanner of a cash register. In 724, the payee device 712 sends decoded information to payee's clearing bank server 714. In 726, the payee clearing bank server 714 forwards the payment information of the mobile check to payer's bank server 716. In 728, payer's bank server 716 verifies the authenticity of the payment information of the mobile check through account information validation as well as security stamp validation. In 730, payer's bank server 716 completes the transaction and sends an acknowledge receipt to the payer device 710.
  • According to some aspects of the disclosure, the payer may set threshold amounts in the payer device for different types of transactions. Similarly, the payer's bank may also set threshold transaction amounts for different types of transactions in the payer's bank server. In this manner, to process a particular transaction, if the transaction amount is larger than the preset threshold amount, the payer's bank server 716 sends a request to the payer device 710 and waits for the payer's confirmation before it releases the fund and completes the transaction. Upon completion of the transaction, the payee's clearing bank server may send a transaction acknowledge receipt to the payee device 712.
  • FIG. 8 illustrates a method of security enhancement and book keeping according to embodiments of the present invention. In the exemplary method shown in FIG. 8, each payment transaction can have transaction record sent to payer's phone through SMS or email or web messaging protocol. In addition to transaction date, post date, reference number, description of transaction, and amount of each transaction, a transaction record 800 can include point-of-sale GPS location information. The client device can be configured to save each transaction into a transaction record database. Using the transaction record, the payer can verify the validity of each transaction by clicking on the location field (GPS coordinates) and see the location where the transaction occurred. The client device can also be configured to allow the payer to view a group of transactions within a specified period showing on a map with markings of the locations of the corresponding transactions. Markings of locations that are outside of the payer's activity scope can be identified and reported as potentially fraudulent activities.
  • For example, transactions 804, 806, and 810 occurred in northern California, while transaction 808 occurred in Las Vegas, Nev. The method checks the GPS locations of the client device during the period of transactions. If there is a discrepancy between any of the transactions and the actual GPS locations of the client device around the time and date of the transactions, the client device can be configured to issue a notification, in the form of generating instant message, email, ringtone, or vibration to notify the user. In this example, assuming the user was in northern California and did not go to Las Vegas, a timely notification to the user can allow the user to address the issue as soon as possible.
  • In conventional methods, a user is provided with his transaction record in batch mode, for example once a month though paper statements, or through online accesses by the user periodically. Weeks after the transactions have occurred; some users may no longer remember certain transactions, despite the transaction records have provided them with information such as date, company name, city, state, and amount of the transaction. This problem is address by the present disclosure. Using the POS GPS locations provided in the transaction record, the client device can be configured to allow the user to view the location on a map, or view a photo of the business where the transaction occurred. Thus, enhancement in monitoring the transaction record can help fraud identification and loss avoidance, which result in better security and higher integrity of the disclosed mobile payment system.
  • FIG. 9 illustrates a method of using electronic coupon according to embodiments of the present invention. In 902, the client device collects electronic coupons (E-coupons), which may be received via email 908, mobile web 910, SMS 912, or via synchronization with a personal computer 914. In 916, the E-coupons are accepted and stored in a coupon basket in memory of the client device. According to embodiments of the present invention, an E-coupon includes presentation contents and an identification field. The presentation contents includes, but not limited to, merchant name, merchant item, and value of discount offered. The identification field may include a one dimensional or a two dimensional bar code. In one approach, the client device may be configured to store a list of user's favorite merchants. When the user is within a preset proximity (for example 200 yards) of a merchant, the client device may generate a notification to the user about the availability of the merchant's E-coupons.
  • In 904, when the user is making a purchase, the client device compares the merchant and the item being purchased with the E-coupons collected. In 906, if there is a match, the E-coupon is applied to the purchase as part of the mobile web transaction flow. In one approach, once an identification field is scanned and verified by the merchant, all items purchased by the user can enjoy certain E-coupon subject to the restrictions imposed by the merchant.
  • In one application, the client device may be configured to receive auto notification of availability of E-coupons from a merchant when the user is within a preset proximity (for example ¼ mile) of the merchant. This is beneficial to both the merchant and the user compared to the traditional public announcement system through merchant's speakers. It allows the merchant to send different users with different E-coupons based on the users' prior purchase history with the merchant. It also allows the merchant to send recommendations to a user based on the user's prior purchase history. For example, if the user has previously purchased diapers, the merchant may recommend E-coupons of infant formulae. In another application, the merchant may send E-coupons to the user based on items the user will purchase. For example, if the user has selected steak, then the merchant may recommend E-coupons for certain red wines; or if the user has selected tortilla chips, the merchant may recommend E-coupons for certain salsas.
  • According to some aspects of the present disclosure, the client device may be configured to perform auto delete of expired E-coupons according to the corresponding expiration date associated with the E-coupons, which can save the user time by going through and removing expired paper coupons in conventional methods. In addition, according to some aspects of the present disclosure, the client device may be configured to remind the user about expiration of certain E-coupons issued by a list of user's favorite merchants.
  • It will be appreciated that the above description for clarity has described embodiments of the invention with reference to different functional units and processors. However, it will be apparent that any suitable distribution of functionality between different functional units or processors may be used without detracting from the invention. For example, functionality illustrated to be performed by separate processors or controllers may be performed by the same processors or controllers. Hence, references to specific functional units are to be seen as references to suitable means for providing the described functionality rather than indicative of a strict logical or physical structure or organization.
  • The methodologies described herein can be implemented by various means depending upon the application. For example, these methodologies can be implemented in hardware, firmware, software, or a combination thereof. For a hardware implementation, the processing units can be implemented within one or more application specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), field programmable gate arrays (FPGAs), processors, controllers, micro-controllers, microprocessors, electronic devices, other electronic units designed to perform the functions described herein, or a combination thereof. Herein, the term “control logic” encompasses logic implemented by software, hardware, firmware, or a combination.
  • For a firmware and/or software implementation, the methodologies can be implemented with modules (e.g., procedures, functions, and so on) that perform the functions described herein. Any machine readable medium tangibly embodying instructions can be used in implementing the methodologies described herein. For example, software codes can be stored in a memory and executed by a processing unit. Memory can be implemented within the processing unit or external to the processing unit. As used herein the term “memory” refers to any type of long term, short term, volatile, nonvolatile, or other storage devices and is not to be limited to any particular type of memory or number of memories, or type of media upon which memory is stored.
  • If implemented in firmware and/or software, the functions may be stored as one or more instructions or code on a computer-readable medium. Examples include computer-readable media encoded with a data structure and computer-readable media encoded with a computer program. Computer-readable media may take the form of an article of manufacturer. Computer-readable media includes physical computer storage media. A storage medium may be any available medium that can be accessed by a computer. By way of example, and not limitation, such computer-readable media can comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to store desired program code in the form of instructions or data structures and that can be accessed by a computer; disk and disc, as used herein, includes compact disc (CD), laser disc, optical disc, digital versatile disc (DVD), floppy disk and Blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers. Combinations of the above should also be included within the scope of computer-readable media.
  • In addition to storage on computer readable medium, instructions and/or data may be provided as signals on transmission media included in a communication apparatus. For example, a communication apparatus may include a transceiver having signals indicative of instructions and data. The instructions and data are configured to cause one or more processors to implement the functions outlined in the claims. That is, the communication apparatus includes transmission media with signals indicative of information to perform disclosed functions. At a first time, the transmission media included in the communication apparatus may include a first portion of the information to perform the disclosed functions, while at a second time the transmission media included in the communication apparatus may include a second portion of the information to perform the disclosed functions.
  • The invention can be implemented in any suitable form, including hardware, software, firmware, or any combination of these. The invention may optionally be implemented partly as computer software running on one or more data processors and/or digital signal processors. The elements and components of an embodiment of the invention may be physically, functionally, and logically implemented in any suitable way. Indeed, the functionality may be implemented in a single unit, in a plurality of units, or as part of other functional units. As such, the invention may be implemented in a single unit or may be physically and functionally distributed between different units and processors.
  • One skilled in the relevant art will recognize that many possible modifications and combinations of the disclosed embodiments may be used, while still employing the same basic underlying mechanisms and methodologies. The foregoing description, for purposes of explanation, has been written with references to specific embodiments. However, the illustrative discussions above are not intended to be exhaustive or to limit the invention to the precise forms disclosed. Many modifications and variations are possible in view of the above teachings. The embodiments were chosen and described to explain the principles of the invention and their practical applications, and to enable others skilled in the art to best utilize the invention and various embodiments with various modifications as suited to the particular use contemplated.

Claims (20)

What is claimed is:
1. A computer implemented method for generating a transaction at a mobile device, comprising:
receiving a transaction type selected by a user and a user password via a touch screen display of the mobile device;
forming, by a processor of the mobile device, a unique transaction description using the transaction type, the user password, a transaction amount, and a transaction time stamp;
generating dynamically, by the processor of the mobile device, a scrambled two dimensional bit map representing the unique transaction description;
displaying, by the touch screen display of the mobile device, the scrambled two dimensional bit map; and
transmitting, by a transceiver of the mobile device, the scrambled two dimensional bit map to a mobile transaction processing agent for processing.
2. The computer implemented method of claim 1, wherein receiving the transaction type comprises at least one of:
receiving a selection of mobile cash;
receiving a selection of mobile check; or
receiving a selection of mobile credit.
3. The computer implemented method of claim 1, wherein forming the unique transaction description further comprises:
forming the unique transaction description using an issuer ID, an account ID, a merchant ID, and a point-of-sale GPS location of the mobile device.
4. The computer implemented method of claim 3, wherein forming the unique transaction description further comprises:
updating the account ID using an enigma code according to a predetermined period of time; or
updating the account ID using the enigma code according to a random period of time.
5. The computer implemented method of claim 4, wherein transmitting the scrambled two dimensional bit map comprises:
transmitting the scrambled two dimensional bit map using a near field communication device; or
transmitting the scrambled two dimensional bit map using the touch screen display for receiving by an optical scanning device.
6. The computer implemented method of claim 1 further comprising:
receiving a transaction record from the mobile transaction processing agent, wherein the transaction in the transaction record includes a corresponding point-of-sale GPS location of the mobile device, and
storing the transaction record in a memory of the mobile device.
7. The computer implemented method of claim 6, further comprising:
verifying validity of the transaction using the corresponding point-of-sale GPS location of the mobile device;
identifying a fraudulent activity according to a discrepancy between the corresponding point-of-sale GPS location and an actual GPS location of the mobile device; and
reporting the fraudulent activity to the user of the mobile device.
8. The computer implemented method of claim 7, wherein verifying validity of the transaction comprises:
examining a group of transactions within a time period; and
displaying a map with markings of locations of the group of transactions.
9. The computer implemented method of claim 7, wherein verifying validity of the transaction further comprises:
displaying the point-of-sale GPS location of the transaction record on a map; and
displaying a photo of a business where the transaction occurred.
10. The computer implemented method of claim 7, wherein reporting the fraudulent activity comprises:
generating at least one of instant message, email, ringtone, or vibration to notify the user of the mobile device.
11. A mobile device, comprising:
a touch screen display configured to receive a transaction type selected by a user and a user password;
a processor configured to:
form a unique transaction description using the transaction type, the user password, a transaction amount, and a transaction time stamp;
generate dynamically a scrambled two dimensional bit map representing the unique transaction description;
the touch screen display is further configured to display the scrambled two dimensional bit map; and
a transceiver configured to transmit the scrambled two dimensional bit map to a mobile transaction processing agent for processing.
12. The mobile device of claim 11, wherein the touch screen display configured to receive at least one of:
a selection of mobile cash;
a selection of mobile check; or
a selection of mobile credit.
13. The mobile device of claim 11, wherein the processor is further configured to:
form the unique transaction description using an issuer ID, an account ID, a merchant ID, and a point-of-sale GPS location of the mobile device.
14. The mobile device of claim 13, wherein the processor is further configured to:
update the account ID using an enigma code according to a predetermined period of time; or
update the account ID using the enigma code according to a random period of time.
15. The mobile device of claim 14, wherein the transceiver is further configured to:
transmit the scrambled two dimensional bit map using a near field communication device; or
transmit the scrambled two dimensional bit map using the touch screen display for receiving by an optical scanning device.
16. The mobile device of claim 11, wherein the processor is further configured to:
receive a transaction record from the mobile transaction processing agent, wherein a transaction in the transaction record includes a corresponding point-of-sale GPS location of the mobile device, and
store the transaction record in a memory of the mobile device.
17. The mobile device of claim 16, wherein the processor is further configured to:
verify validity of the transaction using the corresponding point-of-sale GPS location of the mobile device;
identify a fraudulent activity according to a discrepancy between the corresponding point-of-sale GPS location and an actual GPS location of the mobile device; and
report the fraudulent activity to the user of the mobile device.
18. The mobile device of claim 17, wherein the processor is further configured to:
examine a group of transactions within a time period; and
display a map with markings of locations of the group of transactions.
19. The mobile device of claim 17, wherein the processor is further configured to:
display the point-of-sale GPS location of the transaction record on a map; and
display a photo of a business where the transaction occurred.
20. The mobile device of claim 17, wherein the processor is further configured to:
generate at least one of instant message, email, ringtone, or vibration to notify the user of the mobile device.
US15/339,671 2010-02-02 2016-10-31 Secured Mobile Transaction Device Abandoned US20170046711A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US30067910P true 2010-02-02 2010-02-02
US13/018,375 US9501773B2 (en) 2010-02-02 2011-01-31 Secured transaction system
US15/339,671 US20170046711A1 (en) 2010-02-02 2016-10-31 Secured Mobile Transaction Device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US15/339,671 US20170046711A1 (en) 2010-02-02 2016-10-31 Secured Mobile Transaction Device

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US13/018,375 Continuation US9501773B2 (en) 2010-02-02 2011-01-31 Secured transaction system

Publications (1)

Publication Number Publication Date
US20170046711A1 true US20170046711A1 (en) 2017-02-16

Family

ID=44342480

Family Applications (2)

Application Number Title Priority Date Filing Date
US13/018,375 Expired - Fee Related US9501773B2 (en) 2010-02-02 2011-01-31 Secured transaction system
US15/339,671 Abandoned US20170046711A1 (en) 2010-02-02 2016-10-31 Secured Mobile Transaction Device

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US13/018,375 Expired - Fee Related US9501773B2 (en) 2010-02-02 2011-01-31 Secured transaction system

Country Status (1)

Country Link
US (2) US9501773B2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180123844A1 (en) * 2015-02-18 2018-05-03 Newracom, Inc. Support of frequency diversity mode for block code based transmission in ofdma

Families Citing this family (134)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10176476B2 (en) 2005-10-06 2019-01-08 Mastercard Mobile Transactions Solutions, Inc. Secure ecosystem infrastructure enabling multiple types of electronic wallets in an ecosystem of issuers, service providers, and acquires of instruments
US10032160B2 (en) 2005-10-06 2018-07-24 Mastercard Mobile Transactions Solutions, Inc. Isolating distinct service provider widgets within a wallet container
US9824349B2 (en) * 2002-10-01 2017-11-21 World Award Academy Facilitating mobile device payments using product code scanning
US9953308B2 (en) * 2002-10-01 2018-04-24 World Award Academy, World Award Foundation, Amobilepay, Inc. Payment, messaging, calling, and multimedia system on mobile and wearable device with haptic control for one-scan and single-touch payments
US8762263B2 (en) 2005-09-06 2014-06-24 Visa U.S.A. Inc. System and method for secured account numbers in proximity devices
US7739169B2 (en) 2007-06-25 2010-06-15 Visa U.S.A. Inc. Restricting access to compromised account information
US8121942B2 (en) 2007-06-25 2012-02-21 Visa U.S.A. Inc. Systems and methods for secure and transparent cardless transactions
US7937324B2 (en) 2007-09-13 2011-05-03 Visa U.S.A. Inc. Account permanence
US8219489B2 (en) 2008-07-29 2012-07-10 Visa U.S.A. Inc. Transaction processing using a global unique identifier
AU2009311303B2 (en) 2008-11-06 2015-09-10 Visa International Service Association Online challenge-response
US9715681B2 (en) 2009-04-28 2017-07-25 Visa International Service Association Verification of portable consumer devices
US8893967B2 (en) 2009-05-15 2014-11-25 Visa International Service Association Secure Communication of payment information to merchants using a verification token
US9038886B2 (en) 2009-05-15 2015-05-26 Visa International Service Association Verification of portable consumer devices
US10846683B2 (en) 2009-05-15 2020-11-24 Visa International Service Association Integration of verification tokens with mobile communication devices
US8602293B2 (en) 2009-05-15 2013-12-10 Visa International Service Association Integration of verification tokens with portable computing devices
US8534564B2 (en) 2009-05-15 2013-09-17 Ayman Hammad Integration of verification tokens with mobile communication devices
US9105027B2 (en) 2009-05-15 2015-08-11 Visa International Service Association Verification of portable consumer device for secure services
US7891560B2 (en) 2009-05-15 2011-02-22 Visa International Service Assocation Verification of portable consumer devices
US10255591B2 (en) 2009-12-18 2019-04-09 Visa International Service Association Payment channel returning limited use proxy dynamic value
CA3045817A1 (en) 2010-01-12 2011-07-21 Visa International Service Association Anytime validation for verification tokens
US10255601B2 (en) 2010-02-25 2019-04-09 Visa International Service Association Multifactor authentication using a directory server
US9245267B2 (en) 2010-03-03 2016-01-26 Visa International Service Association Portable account number for consumer payment account
US9342832B2 (en) 2010-08-12 2016-05-17 Visa International Service Association Securing external systems with account token substitution
US10223691B2 (en) 2011-02-22 2019-03-05 Visa International Service Association Universal electronic payment apparatuses, methods and systems
US10223730B2 (en) 2011-09-23 2019-03-05 Visa International Service Association E-wallet store injection search apparatuses, methods and systems
US10586227B2 (en) 2011-02-16 2020-03-10 Visa International Service Association Snap mobile payment apparatuses, methods and systems
AU2013214801B2 (en) 2012-02-02 2018-06-21 Visa International Service Association Multi-source, multi-dimensional, cross-entity, multimedia database platform apparatuses, methods and systems
US9971998B2 (en) * 2011-02-25 2018-05-15 Paypal, Inc. Location-based automatic payment system
AU2012225684B2 (en) 2011-03-04 2016-11-10 Visa International Service Association Integration of payment capability into secure elements of computers
US9280765B2 (en) 2011-04-11 2016-03-08 Visa International Service Association Multiple tokenization for authentication
US9582598B2 (en) 2011-07-05 2017-02-28 Visa International Service Association Hybrid applications utilizing distributed models and views apparatuses, methods and systems
WO2013006725A2 (en) 2011-07-05 2013-01-10 Visa International Service Association Electronic wallet checkout platform apparatuses, methods and systems
US9367841B2 (en) * 2011-07-18 2016-06-14 Tiger T G Zhou Facilitating mobile device payments using product code scanning
US9704155B2 (en) 2011-07-29 2017-07-11 Visa International Service Association Passing payment tokens through an hop/sop
US10825001B2 (en) 2011-08-18 2020-11-03 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US9355393B2 (en) 2011-08-18 2016-05-31 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US10242358B2 (en) 2011-08-18 2019-03-26 Visa International Service Association Remote decoupled application persistent state apparatuses, methods and systems
WO2013029014A2 (en) 2011-08-24 2013-02-28 Visa International Service Association Method for using barcodes and mobile devices to conduct payment transactions
EP2761911A4 (en) * 2011-09-26 2015-06-03 Cubic Corp Personal point of sale
US10019704B2 (en) 2011-09-26 2018-07-10 Cubic Corporation Personal point of sale
GB2495474B (en) * 2011-10-03 2015-07-08 Barclays Bank Plc User authentication
BR112014008941A2 (en) 2011-10-12 2017-05-02 C-Sam Inc platform that enables secure multilayer mobile transactions
US9613352B1 (en) * 2011-12-20 2017-04-04 Nicolas LEOUTSARAKOS Card-less payments and financial transactions
WO2013103991A1 (en) 2012-01-05 2013-07-11 Visa International Service Association Data protection with translation
US9830595B2 (en) 2012-01-26 2017-11-28 Visa International Service Association System and method of providing tokenization as a service
WO2013130716A1 (en) * 2012-02-29 2013-09-06 Patel Upen System and method to manage information for conducting secure transactions
US10282724B2 (en) 2012-03-06 2019-05-07 Visa International Service Association Security system incorporating mobile device
US9724462B2 (en) 2012-03-19 2017-08-08 Steadymed Ltd. Fluid-connection mechanism for patch-pumps
WO2013140397A1 (en) * 2012-03-19 2013-09-26 Pay Services Inc. Payment system and method
DE102012005693A1 (en) * 2012-03-20 2013-09-26 Giesecke & Devrient Gmbh Method for performing cash transaction between point-of-sale (POS) terminal and mobile terminal, used in store, involves detecting and processing transaction code to perform transaction by POS terminal
US10453105B2 (en) 2012-03-30 2019-10-22 Ent. Services Development Corporation Lp Encrypted payment image
WO2013166501A1 (en) 2012-05-04 2013-11-07 Visa International Service Association System and method for local data conversion
US9524501B2 (en) 2012-06-06 2016-12-20 Visa International Service Association Method and system for correlating diverse transaction data
US9547769B2 (en) 2012-07-03 2017-01-17 Visa International Service Association Data protection hub
US9846861B2 (en) 2012-07-25 2017-12-19 Visa International Service Association Upstream and downstream data conversion
US9256871B2 (en) 2012-07-26 2016-02-09 Visa U.S.A. Inc. Configurable payment tokens
US9665722B2 (en) 2012-08-10 2017-05-30 Visa International Service Association Privacy firewall
WO2014043278A1 (en) 2012-09-11 2014-03-20 Visa International Service Association Cloud-based virtual wallet nfc apparatuses, methods and systems
WO2014066559A1 (en) 2012-10-23 2014-05-01 Visa International Service Association Transaction initiation determination system utilizing transaction data elements
CN103810592A (en) * 2012-11-08 2014-05-21 吴客 Two-dimensional code payment
US9911118B2 (en) 2012-11-21 2018-03-06 Visa International Service Association Device pairing via trusted intermediary
WO2014087381A1 (en) 2012-12-07 2014-06-12 Visa International Service Association A token generating component
US10740731B2 (en) 2013-01-02 2020-08-11 Visa International Service Association Third party settlement
US9741051B2 (en) 2013-01-02 2017-08-22 Visa International Service Association Tokenization and third-party interaction
US10223710B2 (en) 2013-01-04 2019-03-05 Visa International Service Association Wearable intelligent vision device apparatuses, methods and systems
SG11201509386UA (en) 2013-05-15 2015-12-30 Visa Int Service Ass Mobile tokenization hub
US10878422B2 (en) * 2013-06-17 2020-12-29 Visa International Service Association System and method using merchant token
EP2819082A1 (en) * 2013-06-26 2014-12-31 Entersekt (Pty) Ltd Batch transaction authorisation
SG11201600520QA (en) 2013-07-24 2016-02-26 Visa Int Service Ass Systems and methods for communicating risk using token assurance data
AP2016009010A0 (en) 2013-07-26 2016-01-31 Visa Int Service Ass Provisioning payment credentials to a consumer
WO2015021420A1 (en) 2013-08-08 2015-02-12 Visa International Service Association Methods and systems for provisioning mobile devices with payment credentials
US10496986B2 (en) 2013-08-08 2019-12-03 Visa International Service Association Multi-network tokenization processing
DE102013013490A1 (en) * 2013-08-15 2015-02-19 Afc Rechenzentrum Gmbh Method for the cashless processing of payments from portable telecommunication equipment to cash registers with a telecommunication connection
CA2927052A1 (en) 2013-10-11 2015-04-16 Visa International Service Association Network token system
US9978094B2 (en) 2013-10-11 2018-05-22 Visa International Service Association Tokenization revocation list
KR101373455B1 (en) * 2013-10-15 2014-03-13 펜타시큐리티시스템 주식회사 Apparatus for distinguishing the counterfeits and method thereof
US10515358B2 (en) 2013-10-18 2019-12-24 Visa International Service Association Contextual transaction token methods and systems
US10489779B2 (en) 2013-10-21 2019-11-26 Visa International Service Association Multi-network token bin routing with defined verification parameters
US10366387B2 (en) 2013-10-29 2019-07-30 Visa International Service Association Digital wallet system and method
CA2930149A1 (en) 2013-11-19 2015-05-28 Visa International Service Association Automated account provisioning
US9223965B2 (en) * 2013-12-10 2015-12-29 International Business Machines Corporation Secure generation and management of a virtual card on a mobile device
US9235692B2 (en) 2013-12-13 2016-01-12 International Business Machines Corporation Secure application debugging
US9922322B2 (en) 2013-12-19 2018-03-20 Visa International Service Association Cloud-based transactions with magnetic secure transmission
SG10201900964QA (en) 2013-12-19 2019-03-28 Visa Int Service Ass Cloud-based transactions methods and systems
CN104751359B (en) * 2013-12-30 2020-08-21 中国银联股份有限公司 System and method for payment clearing
US10433128B2 (en) 2014-01-07 2019-10-01 Visa International Service Association Methods and systems for provisioning multiple devices
US9846878B2 (en) 2014-01-14 2017-12-19 Visa International Service Association Payment account identifier system
SG2014011308A (en) * 2014-02-11 2015-09-29 Smart Communications Inc Authentication system and method
US10026087B2 (en) 2014-04-08 2018-07-17 Visa International Service Association Data passed in an interaction
US9251330B2 (en) 2014-04-09 2016-02-02 International Business Machines Corporation Secure management of a smart card
US9942043B2 (en) 2014-04-23 2018-04-10 Visa International Service Association Token security on a communication device
US20150310421A1 (en) * 2014-04-23 2015-10-29 Rfcyber Corporation Electronic payment transactions without POS terminals
SG11201608973TA (en) 2014-05-01 2016-11-29 Visa Int Service Ass Data verification using access device
SG10201803024SA (en) 2014-05-05 2018-06-28 Visa Int Service Ass System and method for token domain control
US10475026B2 (en) 2014-05-16 2019-11-12 International Business Machines Corporation Secure management of transactions using a smart/virtual card
AU2015264124B2 (en) 2014-05-21 2019-05-09 Visa International Service Association Offline authentication
CN105099692B (en) * 2014-05-22 2020-01-14 创新先进技术有限公司 Security verification method and device, server and terminal
US10496988B2 (en) 2014-06-23 2019-12-03 The Toronto-Dominion Bank Systems and methods for authenticating user identities in networked computer systems
US20170132588A1 (en) * 2014-07-01 2017-05-11 Francesco Ricci Electronic Payment System and Relative Method
US9780953B2 (en) 2014-07-23 2017-10-03 Visa International Service Association Systems and methods for secure detokenization
US10484345B2 (en) 2014-07-31 2019-11-19 Visa International Service Association System and method for identity verification across mobile applications
US9775029B2 (en) 2014-08-22 2017-09-26 Visa International Service Association Embedding cloud-based functionalities in a communication device
US10140615B2 (en) 2014-09-22 2018-11-27 Visa International Service Association Secure mobile device credential provisioning using risk decision non-overrides
AU2015319804B2 (en) 2014-09-26 2019-03-14 Visa International Service Association Remote server encrypted data provisioning system and methods
US10015147B2 (en) 2014-10-22 2018-07-03 Visa International Service Association Token enrollment system and method
GB201419016D0 (en) 2014-10-24 2014-12-10 Visa Europe Ltd Transaction Messaging
US10325261B2 (en) 2014-11-25 2019-06-18 Visa International Service Association Systems communications with non-sensitive identifiers
US10257185B2 (en) 2014-12-12 2019-04-09 Visa International Service Association Automated access data provisioning
US10187363B2 (en) 2014-12-31 2019-01-22 Visa International Service Association Hybrid integration of software development kit with secure execution environment
US10096009B2 (en) 2015-01-20 2018-10-09 Visa International Service Association Secure payment processing using authorization request
US10193700B2 (en) 2015-02-27 2019-01-29 Samsung Electronics Co., Ltd. Trust-zone-based end-to-end security
US10164996B2 (en) 2015-03-12 2018-12-25 Visa International Service Association Methods and systems for providing a low value token buffer
US9892396B2 (en) * 2015-03-19 2018-02-13 International Business Machines Corporation Multi-point authentication for payment transactions
US9953324B2 (en) * 2015-03-19 2018-04-24 International Business Machines Corporation Multi-point authentication for payment transactions
US20160275507A1 (en) * 2015-03-19 2016-09-22 International Business Machines Corporation Multi-point authentication for payment transactions
CA2977427A1 (en) 2015-04-10 2016-10-13 Visa International Service Association Browser integration with cryptogram
US9998978B2 (en) 2015-04-16 2018-06-12 Visa International Service Association Systems and methods for processing dormant virtual access devices
US10552834B2 (en) 2015-04-30 2020-02-04 Visa International Service Association Tokenization capable authentication framework
US10699274B2 (en) 2015-08-24 2020-06-30 Samsung Electronics Co., Ltd. Apparatus and method for secure electronic payment
US10846696B2 (en) 2015-08-24 2020-11-24 Samsung Electronics Co., Ltd. Apparatus and method for trusted execution environment based secure payment transactions
US10664843B2 (en) 2015-12-04 2020-05-26 Visa International Service Association Unique code for token verification
EP3185168A1 (en) * 2015-12-24 2017-06-28 Gemalto Sa Method and system for enhancing the security of a transaction
CN106934615B (en) * 2015-12-29 2020-08-04 阿里巴巴集团控股有限公司 Payment and service processing method and device based on mobile terminal bar code
US10243958B2 (en) 2016-01-07 2019-03-26 Visa International Service Association Systems and methods for device push provisoning
US10313321B2 (en) 2016-04-07 2019-06-04 Visa International Service Association Tokenization of co-network accounts
US10361856B2 (en) 2016-06-24 2019-07-23 Visa International Service Association Unique token authentication cryptogram
US20180012221A1 (en) * 2016-07-08 2018-01-11 American Express Travel Related Services Company, Inc. Systems and methods for points-of-sale transactions and custom content
US10296905B2 (en) * 2016-09-08 2019-05-21 Eyl Inc. Method and system using quantum random generator
US10509779B2 (en) 2016-09-14 2019-12-17 Visa International Service Association Self-cleaning token vault
US10339777B2 (en) * 2016-12-13 2019-07-02 Lenovo (Singapore) Pte. Ltd. Identifying an individual based on an electronic signature
US10915899B2 (en) 2017-03-17 2021-02-09 Visa International Service Association Replacing token on a multi-token user device
US10902418B2 (en) 2017-05-02 2021-01-26 Visa International Service Association System and method using interaction token
US10491389B2 (en) 2017-07-14 2019-11-26 Visa International Service Association Token provisioning utilizing a secure authentication system
US20190188672A1 (en) * 2017-12-19 2019-06-20 American Express Travel Related Services Company, Inc. Virtual point of sale

Family Cites Families (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5949044A (en) * 1997-06-13 1999-09-07 Walker Asset Management Limited Partnership Method and apparatus for funds and credit line transfers
US6021397A (en) * 1997-12-02 2000-02-01 Financial Engines, Inc. Financial advisory system
EP2024921A4 (en) * 2005-10-06 2010-09-29 C Sam Inc Transactional services
US7571140B2 (en) * 2002-12-16 2009-08-04 First Data Corporation Payment management
US7590589B2 (en) * 2004-09-10 2009-09-15 Hoffberg Steven M Game theoretic prioritization scheme for mobile ad hoc networks permitting hierarchal deference
US20080091616A1 (en) * 2004-12-15 2008-04-17 Erich Helwin Communication System And Method Using Visual Interfaces For Mobile Transactions
US7503489B2 (en) * 2005-04-26 2009-03-17 Bpriv, Llc Method and system for monitoring electronic purchases and cash-withdrawals
MX2008013361A (en) * 2006-04-17 2009-01-22 Veritec Inc Methods and systems for secure transactions with electronic devices.
US20080011825A1 (en) * 2006-07-12 2008-01-17 Giordano Claeton J Transactions using handheld electronic devices based on unobtrusive provisioning of the devices
US20080208681A1 (en) * 2006-09-28 2008-08-28 Ayman Hammad Payment using a mobile device
US8762211B2 (en) * 2007-10-03 2014-06-24 Mastercard International Incorporated System for personalized payments via mobile devices
US7865308B2 (en) * 2007-12-28 2011-01-04 Yahoo! Inc. User-generated activity maps
US8977567B2 (en) * 2008-09-22 2015-03-10 Visa International Service Association Recordation of electronic payment transaction information
GB0904874D0 (en) * 2009-03-20 2009-05-06 Validsoft Uk Ltd Smartcard security system
US20100257254A1 (en) * 2009-04-01 2010-10-07 Mayank Bhatnagar Apparatus, Method and System for Securely Handling Digital Transaction Documents
US9135424B2 (en) * 2009-05-29 2015-09-15 Paypal, Inc. Secure identity binding (SIB)
US9734496B2 (en) * 2009-05-29 2017-08-15 Paypal, Inc. Trusted remote attestation agent (TRAA)
US20110035294A1 (en) * 2009-08-04 2011-02-10 Authernative, Inc. Multi-tier transaction processing method and payment system in m- and e- commerce
US20110057025A1 (en) * 2009-09-04 2011-03-10 Paycode Systems, Inc. Generation, management and usage of on-demand payment ids
US8620798B2 (en) * 2009-09-11 2013-12-31 Visa International Service Association System and method using predicted consumer behavior to reduce use of transaction risk analysis and transaction denials

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180123844A1 (en) * 2015-02-18 2018-05-03 Newracom, Inc. Support of frequency diversity mode for block code based transmission in ofdma
US10523483B2 (en) * 2015-02-18 2019-12-31 Newracom, Inc. Support of frequency diversity mode for block code based transmission in OFDMA

Also Published As

Publication number Publication date
US9501773B2 (en) 2016-11-22
US20110191244A1 (en) 2011-08-04

Similar Documents

Publication Publication Date Title
US10565580B2 (en) Methods and systems for secure mobile device initiated payment using generated image data
US10922686B2 (en) System and method for secured account numbers in proximity devices
JP6374906B2 (en) Track data encryption
US10652028B2 (en) Systems and methods for secure detokenization
US20190066069A1 (en) Device including encrypted data for expiration date and verification value creation
US10552828B2 (en) Multiple tokenization for authentication
US20200151698A1 (en) Distributed authenticity verification for consumer payment transactions
US20180255460A1 (en) Device enrollment system and method
US20200126080A1 (en) Method and System for Multi-Modal Transaction Authentication
US9904919B2 (en) Verification of portable consumer devices
US10325261B2 (en) Systems communications with non-sensitive identifiers
JP6122565B2 (en) System and method for conversion between Internet-based and non-Internet-based transactions
US10726416B2 (en) Secure mobile payment system
US10798571B2 (en) Method and system for provisioning access data to mobile device
US9390412B2 (en) Dynamic point of sale system integrated with reader device
JP2019106212A (en) Systems and methods for mutually operable network-token processing
US20180089661A1 (en) Split Mobile Payment System
AU2017200988B2 (en) Payment device with integrated chip
US20160335623A1 (en) Reverse Payment Flow
US10361856B2 (en) Unique token authentication cryptogram
JP5857067B2 (en) System and method for promoting secure transactions
US20160239842A1 (en) Peer forward authorization of digital requests
US20160148197A1 (en) Tokenization request via access device
US9292870B2 (en) System and method for point of service payment acceptance via wireless communication
DK2622585T3 (en) PIN verification to the hub and spokes

Legal Events

Date Code Title Description
STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION