WO2002052460A1 - Credit or debit card fraud protection system - Google Patents

Credit or debit card fraud protection system Download PDF

Info

Publication number
WO2002052460A1
WO2002052460A1 PCT/GB2001/004292 GB0104292W WO02052460A1 WO 2002052460 A1 WO2002052460 A1 WO 2002052460A1 GB 0104292 W GB0104292 W GB 0104292W WO 02052460 A1 WO02052460 A1 WO 02052460A1
Authority
WO
WIPO (PCT)
Prior art keywords
transaction
card
account
notification
address
Prior art date
Application number
PCT/GB2001/004292
Other languages
French (fr)
Inventor
Mark Christie
Original Assignee
Mark Christie
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mark Christie filed Critical Mark Christie
Publication of WO2002052460A1 publication Critical patent/WO2002052460A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/403Solvency checks
    • G06Q20/4037Remote solvency checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation

Definitions

  • the present invention concerns the field of credit or debit card payment systems, and relates particularly to a system for alerting card holders when fraudulent use of the card may be taking place.
  • Credit and debit card fraud is a serious problem in the developed world. Stolen or mislaid cards can easily be used to make fraudulent purchases, typically at a point of sale by forging of the real owner's signature. Credit card ghosting involves copying the identifying data from a card, or held in relation to a card, and then forming a duplicate card which is used for fraudulent purchases. Card fraud has proved to be a particularly serious problem for internet based commerce, in which transactions commonly involve credit or debit card payment. Payment method is without signature and simply relies upon the passing of card details and card holder address, which is clearly a system vulnerable to fraud.
  • the financial organisation issuing the credit or debit card often limits the financial exposure of the customer by such fraudulent use, but usually only once the cardholder has become aware that the card has been stolen or lost and informed the issuing organisation.
  • the financial loss to the cardholder may nevertheless be significant.
  • the loss to the retailer or the card issuer (such as a bank) may often be more severe.
  • the financial loss to the card issuer is very large because of the large number of transactions which can be made in a short space of time before the card is cancelled.
  • Another system proposes incorporating a photograph of the user on the card. This does not however prevent fraud by telephone purchase or electronic purchases where the user is not at the point of sale.
  • the incorporation of a photograph into a card is an administratively onerous step, as well as adding to manufacturing cost. Clearly if the overall cost outweighs the benefit from fraud reduction to the card issuer, then the card issuer is reluctant to initiate such a system.
  • the present invention seeks to provide a simple and easily implemented system for reducing card fraud which operates irrespective of whether the user is at the point of sale.
  • a system for enabling card based commerce in which a plurality of individual cardholders are each provided with an account and an associated personal card provided with unique account identifiers, which system comprises: a plurality of terminals associated with commercial enterprises, which terminals are adapted for logging of individual account identifiers from the card in response to a transaction request, and further adapted to transmit account and transaction indicators to an account administration system for the card, which account administration system is adapted to access the card holder's account and generate an approve or reject command in response to pre-arranged approval criteria, means updating the account details in response to an approved transaction, means for transmitting the approve/reject command back to the terminal whereby the transaction may be completed or cancelled, characterised by a transaction notification system comprising a database of account identifiers each having an associated electronic notification address, means for transmitting transaction and account details provided by the point of sale terminal to the notification system, means for searching through the database of account identifiers in order to 'identify a match, the presence of
  • the electronic notification address may be a mobile telephone number, an electronic mail address or a pager address.
  • the notification transmission means may be adapted to transmit transaction details including: location of terminal, amount of transaction, nature of goods, date/time of transaction.
  • the notification message preferably includes card issuer contact information which provides the recipient of the message with an immediate contact address (e.g phone number) in the event of a fraudulent or unexpected transaction.
  • an immediate contact address e.g phone number
  • the electronic notification address may be a mobile telephone address, an electronic mail address or a pager address.
  • the notification system may, Recording to a preference specified by the card holder, be adapted to send an short massaging service (SMS) note to a mobile telephone owned by the user, a pager message or an e-mail to the user's internet service provider which may then be collected the user in his/hers preferred way (e.g. mobile e-mail or desktop email.)
  • SMS short massaging service
  • the message will typically indicate the time, place and nature of the transaction. This will allow a user to be quickly alerted to fraudulent use of a card, provided that he/she regularly checks for messages.
  • Credit/debit card transaction systems are well known and operated throughout the world. Worldwide systems are operated under the brand name VISA, Master Card & American express. Many other systems operate but all use similar known technology which is not described in detail herein.
  • the present invention uses the known technology of existing systems and adds an anti-fraud notification system.
  • the system involves the storage by the credit/debit card administrator of an additional personal identifier - an electronic notification address. This in one embodiment is a cellular telephone address compatible with the SMS system whereby text messages are transmitted to mobile phones.
  • the basic credit card transaction administration system is modified by adding a notification system which acts in response to a transaction.
  • the merchant swipes the credit card through an electronic point of sale (EPOS) transaction terminal.
  • EPOS electronic point of sale
  • the EPOS system accesses the relevant credit card network in order to permit an approval assessment for the transaction and logging of the transaction in the card holder's account.
  • Approval of the transaction is transmitted by the network to the EPOS terminal, whereupon a transaction receipt is printed and presented to the card holder for signature.
  • step 4 the credit card network relays transaction identity and details to a credit card transaction fraud (CCTF) assessment gateway.
  • CCTF credit card transaction fraud
  • the CCTF system includes a look-up table of subscribers identified by credit card number. The CCTF system compares the numbers held in the table with the number of the credit card being used in the current transaction.
  • a further look up table is used to derive the preferred notification details, specifically the type of notification required and the address of that notification. This may be an SMS message, an e-mail or a pager.
  • a message is sent to the cardholder, for example by SMS message, indicating transaction details, e.g. "Your VISA card was used on 02 December 2000 15-53 hrs at Woolworths Islington to purchase sundry goods in the sum of »75-50. Please call your card issuer (telephone no%) if you wish to query this purchase” .
  • the cardholder will take no further action if the transaction is one which he/she has approved. On the other hand if the transaction appears to be fraudulent the cardholder can contact his/her card issuer to cancel the card and prevent further transactions, as well as challenging the current transaction.
  • the present invention provides a simple method for considerably reducing credit card fraud, particularly in situations where the cardholder is unaware that a card has been lost and has not cancelled the card, or where a ghost copy of the cardholder' card has been made and is being used fraudulently.
  • a particularly useful feature of the invention is that currently available technology may be readily modified to take advantage of the method of the invention.
  • the standard transaction details forwarded to the credit card network can be repeated to a CCTF gateway by the point of sale terminal, or forwarded to a CCTF gateway by the credit card network.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

System for alerting card holders when fraudulent use of the card may be taking place. Each of several cardholders have respectivelly an account and an associated personal card. The system comprises a plurality of terminal associated with enterprises, the terminals being adapted for logging of individual account indentifiers from the card in response to a transaction request; means for transmitting the approve/reject command back to the terminal comprising a tranaction notification system having a database of account indentifiers each having an associated electronic notification address. The system being adapted to send a message to this notification address when a transaction is carried out using a predetermined account indentifier.

Description

Credit or debit card fraud protection system
The present invention concerns the field of credit or debit card payment systems, and relates particularly to a system for alerting card holders when fraudulent use of the card may be taking place.
Credit and debit card fraud is a serious problem in the developed world. Stolen or mislaid cards can easily be used to make fraudulent purchases, typically at a point of sale by forging of the real owner's signature. Credit card ghosting involves copying the identifying data from a card, or held in relation to a card, and then forming a duplicate card which is used for fraudulent purchases. Card fraud has proved to be a particularly serious problem for internet based commerce, in which transactions commonly involve credit or debit card payment. Payment method is without signature and simply relies upon the passing of card details and card holder address, which is clearly a system vulnerable to fraud.
Currently the financial organisation issuing the credit or debit card often limits the financial exposure of the customer by such fraudulent use, but usually only once the cardholder has become aware that the card has been stolen or lost and informed the issuing organisation. The financial loss to the cardholder may nevertheless be significant. ,The loss to the retailer or the card issuer (such as a bank) may often be more severe. Frequently the financial loss to the card issuer is very large because of the large number of transactions which can be made in a short space of time before the card is cancelled.
Accordingly attempts have been made to reduce fraudulent use of credit or debit cards. Systems have been proposed which concentrate on the structure and configuration of the card. For example cards have been proposed which are fitted with a finger print recognition tab which only permits purchases by the correct user. This system has the disadvantage of cost of incorporating the fingerprint recognition hardware/software into the card. It also is not effective for a card system in which a user may wish to purchase over the phone or use for electronic sales for example over the internet because the user will not be present at the point of sale.
Another system proposes incorporating a photograph of the user on the card. This does not however prevent fraud by telephone purchase or electronic purchases where the user is not at the point of sale. The incorporation of a photograph into a card is an administratively onerous step, as well as adding to manufacturing cost. Clearly if the overall cost outweighs the benefit from fraud reduction to the card issuer, then the card issuer is reluctant to initiate such a system.
The present invention seeks to provide a simple and easily implemented system for reducing card fraud which operates irrespective of whether the user is at the point of sale.
According to one aspect of the present invention there is provided a system for enabling card based commerce in which a plurality of individual cardholders are each provided with an account and an associated personal card provided with unique account identifiers, which system comprises: a plurality of terminals associated with commercial enterprises, which terminals are adapted for logging of individual account identifiers from the card in response to a transaction request, and further adapted to transmit account and transaction indicators to an account administration system for the card, which account administration system is adapted to access the card holder's account and generate an approve or reject command in response to pre-arranged approval criteria, means updating the account details in response to an approved transaction, means for transmitting the approve/reject command back to the terminal whereby the transaction may be completed or cancelled, characterised by a transaction notification system comprising a database of account identifiers each having an associated electronic notification address, means for transmitting transaction and account details provided by the point of sale terminal to the notification system, means for searching through the database of account identifiers in order to 'identify a match, the presence of which generates a transaction notification command, notification transmission means responsive to the notification command and adapted to transmit a message to the notification address by electronic means, which message includes transaction details .
In preferred embodiments, the electronic notification address may be a mobile telephone number, an electronic mail address or a pager address.
The notification transmission means may be adapted to transmit transaction details including: location of terminal, amount of transaction, nature of goods, date/time of transaction.
The notification message preferably includes card issuer contact information which provides the recipient of the message with an immediate contact address (e.g phone number) in the event of a fraudulent or unexpected transaction.
The electronic notification address may be a mobile telephone address, an electronic mail address or a pager address. The notification system may, Recording to a preference specified by the card holder, be adapted to send an short massaging service (SMS) note to a mobile telephone owned by the user, a pager message or an e-mail to the user's internet service provider which may then be collected the user in his/hers preferred way (e.g. mobile e-mail or desktop email.) The message will typically indicate the time, place and nature of the transaction. This will allow a user to be quickly alerted to fraudulent use of a card, provided that he/she regularly checks for messages.
Following is a description by way of example only of a method of putting the present invention into effect.
Credit/debit card transaction systems are well known and operated throughout the world. Worldwide systems are operated under the brand name VISA, Master Card & American express. Many other systems operate but all use similar known technology which is not described in detail herein. The present invention uses the known technology of existing systems and adds an anti-fraud notification system. The system involves the storage by the credit/debit card administrator of an additional personal identifier - an electronic notification address. This in one embodiment is a cellular telephone address compatible with the SMS system whereby text messages are transmitted to mobile phones. Hence, the basic credit card transaction administration system is modified by adding a notification system which acts in response to a transaction.
A typical transaction process will now be described, 1. Consumer chooses an article to purchase and presents their card to the merchant.
2. The merchant swipes the credit card through an electronic point of sale (EPOS) transaction terminal. 3. The EPOS system accesses the relevant credit card network in order to permit an approval assessment for the transaction and logging of the transaction in the card holder's account.
4. Approval of the transaction is transmitted by the network to the EPOS terminal, whereupon a transaction receipt is printed and presented to the card holder for signature.
5. In parallel with step 4 the credit card network relays transaction identity and details to a credit card transaction fraud (CCTF) assessment gateway.
6. The CCTF system includes a look-up table of subscribers identified by credit card number. The CCTF system compares the numbers held in the table with the number of the credit card being used in the current transaction.
7. If the credit card is a subscribing card, then a further look up table is used to derive the preferred notification details, specifically the type of notification required and the address of that notification. This may be an SMS message, an e-mail or a pager.
8. A message is sent to the cardholder, for example by SMS message, indicating transaction details, e.g. "Your VISA card was used on 02 December 2000 15-53 hrs at Woolworths Islington to purchase sundry goods in the sum of »75-50. Please call your card issuer (telephone no...) if you wish to query this purchase" .
9. The cardholder will take no further action if the transaction is one which he/she has approved. On the other hand if the transaction appears to be fraudulent the cardholder can contact his/her card issuer to cancel the card and prevent further transactions, as well as challenging the current transaction.
The present invention provides a simple method for considerably reducing credit card fraud, particularly in situations where the cardholder is unaware that a card has been lost and has not cancelled the card, or where a ghost copy of the cardholder' card has been made and is being used fraudulently. A particularly useful feature of the invention is that currently available technology may be readily modified to take advantage of the method of the invention. In particular the standard transaction details forwarded to the credit card network can be repeated to a CCTF gateway by the point of sale terminal, or forwarded to a CCTF gateway by the credit card network.

Claims

Claims
1. A system for enabling card based commerce in which a plurality of individual cardholders are each provided with an account and an associated personal card provided with unique account identifiers, which system comprises: a plurality of terminals associated with commercial enterprises, which terminals are adapted for logging of individual account identifiers from the card in response to a transaction request, and further adapted to transmit account and . transaction indicators to an account administration system for the card, which account administration system is adapted to accesses the card holder's account and generate an approve or reject command in response to pre-arranged approval criteria, means updating the account details in response to an approved transaction, means for transmitting the approve/reject command back to the terminal whereby the transaction may be completed or cancelled, characterised by a transaction notification system comprising a database of account identifiers each having an associated electronic notification address, means for transmitting transaction and account details provided by the point of sale terminal to the notification system, means for searching through the database of account identifiers in order to identify a match, the presence of which generates a transaction notification command, notification transmission means responsive to the notification command and adapted to transmit a message to the notification address by electronic means, which message includes transaction details .
2. A system as claimed in claim 1 wherein the electronic notification address may be a mobile telephone number, an electronic mail address or a pager address.
3. A system as claimed in claim 2 wherein the notification transmission means is adapted to transmit transaction details: including location of terminal, „ amount of transaction, nature of goods, date/time of transaction.
4. A system as claimed in any preceding claim wherein the notification message includes card issuer contact information which provides the recipient of the message with an immediate contact address (e.g phone number) in the event of a fraudulent or unexpected transaction.
5. A system substantially as hereinbefore described,
PCT/GB2001/004292 2000-12-27 2001-09-26 Credit or debit card fraud protection system WO2002052460A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB0031712.3 2000-12-27
GB0031712A GB2370668A (en) 2000-12-27 2000-12-27 Notification system for card transactions

Publications (1)

Publication Number Publication Date
WO2002052460A1 true WO2002052460A1 (en) 2002-07-04

Family

ID=9905941

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2001/004292 WO2002052460A1 (en) 2000-12-27 2001-09-26 Credit or debit card fraud protection system

Country Status (2)

Country Link
GB (1) GB2370668A (en)
WO (1) WO2002052460A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003079258A1 (en) * 2002-03-20 2003-09-25 Tan Kah Pheng Alex Anti fraud mobile alert system
WO2004111892A1 (en) * 2003-06-19 2004-12-23 Markets-Alert Pty Ltd. A monitoring system
AU2014100826B4 (en) * 2014-03-06 2014-11-27 Mirador Marketing Pty Ltd System and Method for Mobile Tracking

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
SG104342A1 (en) * 2002-07-17 2004-06-21 Kam Fu Wong A security system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0745961A2 (en) * 1995-05-31 1996-12-04 AT&T IPM Corp. Transaction authorization and alert system
US5757917A (en) * 1995-11-01 1998-05-26 First Virtual Holdings Incorporated Computerized payment system for purchasing goods and services on the internet
US5826241A (en) * 1994-09-16 1998-10-20 First Virtual Holdings Incorporated Computerized system for making payments and authenticating transactions over the internet
WO1999014711A2 (en) * 1997-09-17 1999-03-25 Andrasev Akos Method for checking rightful use of a debit card or similar means giving right of disposing of a bank account
WO2000075749A2 (en) * 1999-06-09 2000-12-14 Intelishield.Com, Inc. Internet payment system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1057178C (en) * 1994-05-19 2000-10-04 黄金富 Anti-theft security method for non-cash immediate payment and its equipment system
US5903830A (en) * 1996-08-08 1999-05-11 Joao; Raymond Anthony Transaction security apparatus and method
US6064990A (en) * 1998-03-31 2000-05-16 International Business Machines Corporation System for electronic notification of account activity

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5826241A (en) * 1994-09-16 1998-10-20 First Virtual Holdings Incorporated Computerized system for making payments and authenticating transactions over the internet
EP0745961A2 (en) * 1995-05-31 1996-12-04 AT&T IPM Corp. Transaction authorization and alert system
US5757917A (en) * 1995-11-01 1998-05-26 First Virtual Holdings Incorporated Computerized payment system for purchasing goods and services on the internet
WO1999014711A2 (en) * 1997-09-17 1999-03-25 Andrasev Akos Method for checking rightful use of a debit card or similar means giving right of disposing of a bank account
WO2000075749A2 (en) * 1999-06-09 2000-12-14 Intelishield.Com, Inc. Internet payment system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003079258A1 (en) * 2002-03-20 2003-09-25 Tan Kah Pheng Alex Anti fraud mobile alert system
WO2004111892A1 (en) * 2003-06-19 2004-12-23 Markets-Alert Pty Ltd. A monitoring system
AU2004248209B2 (en) * 2003-06-19 2007-02-08 Markets-Alert Pty Ltd A monitoring system
AU2014100826B4 (en) * 2014-03-06 2014-11-27 Mirador Marketing Pty Ltd System and Method for Mobile Tracking

Also Published As

Publication number Publication date
GB2370668A (en) 2002-07-03
GB0031712D0 (en) 2001-02-07

Similar Documents

Publication Publication Date Title
US10552842B2 (en) SKU level control and alerts
US8380628B1 (en) System and method for verifying commercial transactions
US7761381B1 (en) Method and system for approving of financial transactions
US20120118983A1 (en) Commercial Transactions Card With Security Markings
US8364552B2 (en) Camera as a vehicle to identify a merchant access device
US20060032909A1 (en) System and method for providing database security measures
JP2010515166A (en) Customized payment transaction notification
US20070244830A1 (en) Method and system for real time financial transaction alert
EP1487176A1 (en) A method of paying from an account by a customer having a mobile user terminal, and a customer authenticating network
US20040177046A1 (en) Credit card protection system
JP2008512790A (en) Warning method and financial transaction warning device in financial transaction
US20040039691A1 (en) Electronic funds transaction system
KR100354390B1 (en) credit card processing method using a mobile phone
JP6154971B1 (en) Credit card usage notification system
WO2002033615A1 (en) Method and apparatus for notifying credit transaction information
US20030141361A1 (en) Monetary transaction information delivery system
JP6571244B2 (en) Credit card usage notification system
KR20000049788A (en) Personal ID automatic delivery and security by telecommunication system
JP2004507000A (en) Method and apparatus for transmitting an electronic amount from a fund storage device by WAP
WO2002052460A1 (en) Credit or debit card fraud protection system
WO2000045349A1 (en) Systems and methods of paying for commercial transactions
JP6407323B2 (en) Credit card usage notification system
KR20030002534A (en) Method for notification and management of credit card approvement using mobile phone
US20080109357A1 (en) System and method for monitoring commercial transactions
CA2542988A1 (en) Method and system for real time financial transaction alert

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PH PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP