WO2010126509A2 - Systems and methods for randomized mobile payment - Google Patents

Systems and methods for randomized mobile payment Download PDF

Info

Publication number
WO2010126509A2
WO2010126509A2 PCT/US2009/042212 US2009042212W WO2010126509A2 WO 2010126509 A2 WO2010126509 A2 WO 2010126509A2 US 2009042212 W US2009042212 W US 2009042212W WO 2010126509 A2 WO2010126509 A2 WO 2010126509A2
Authority
WO
WIPO (PCT)
Prior art keywords
user
temporary account
account number
temporary
user device
Prior art date
Application number
PCT/US2009/042212
Other languages
French (fr)
Other versions
WO2010126509A3 (en
Inventor
Donald Michael Cardina
Lee P. Huggins
Original Assignee
Donald Michael Cardina
Huggins Lee P
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Donald Michael Cardina, Huggins Lee P filed Critical Donald Michael Cardina
Priority to US13/063,676 priority Critical patent/US9117210B2/en
Priority to EP09844164A priority patent/EP2425386A2/en
Priority to PCT/US2009/042212 priority patent/WO2010126509A2/en
Publication of WO2010126509A2 publication Critical patent/WO2010126509A2/en
Publication of WO2010126509A3 publication Critical patent/WO2010126509A3/en
Priority to US14/796,445 priority patent/US20150324799A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/204Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists

Definitions

  • the disclosed systems and methods generally relate to financial transaction systems. More specifically, the disclosed systems and methods relate to providing payment using randomized temporary account numbers and systems and methods for obtaining and using randomized temporary account numbers on a mobile device.
  • POS devices currently in use typically have a magnetic reader that reads the account information from the card when the card is swiped through the reader, such as a personal account number and an expiration date. This account information is then transmitted over a wired or wireless network to a payment service provider for processing. Purchases are also made without using a POS terminal directly. For example, a customer may telephone a merchant and provide credit or debit card information verbally. Purchases may also be completed over the internet, a practice that is becoming more common, by providing credit or debit card information to a web server through a web site. Because account information is contained on the credit or debit card itself, unauthorized use is difficult to prevent if the card owner does not have physical control over the card and has not notified the card issuer that the card has been lost or stolen.
  • POS devices may use near field communications (NFC) to detect information on a customer's electronic device.
  • NFC near field communications
  • Customer devices that may be used to contain and transmit account information include mobile telephones, personal data assistants (PDAs), and passive devices such as radio-frequency identification (RFID) tags.
  • PDAs personal data assistants
  • RFID radio-frequency identification
  • the customer's actual account numbers are contained on the electronic device, so, like an actual credit or debit card, unauthorized use is not easily preventable if the device is not in the customer's physical control.
  • additional information may be required beyond that provided by a credit or debit card or electronic representation thereof, especially in situations where the purchaser is not physically present at a merchant location, such as when a purchase is completed over the phone or through a web site.
  • additional information may include a particular code printed on the card itself (known variously as a card verification value (CW), card validation code (CVC), or card ID (CID)) or a billing address zip code.
  • CW card verification value
  • CVC card validation code
  • CID card ID
  • Other efforts to reduce fraud include checking the signature on the back of a credit or debit card for a match against a signed sales receipt, using a personal identification code, and requiring a driver's license matching the name on the credit or debit card.
  • a user may operate a user device to request a temporary account number associated with an account identified on the user device.
  • the user device may not have any actual account information, such as an account number, for the identified account.
  • a temporary account number provider may receive the request, determine an actual account associated with the account identified in the request, the user, or the device originating the request, and transmit a response to the user device.
  • the response may include a temporary account number, expiration date, and any other account information that may be required or useful in making a purchase.
  • the user device itself may generate a temporary account number.
  • the temporary account number information may be viewed for purchases via web where card presence in not required or the user device may then transmit the temporary account data to a merchant, in one embodiment using near-field communications (NFC), in order to complete a purchase.
  • NFC near-field communications
  • a purchase request including a temporary account number may be transmitted from a merchant to a temporary account number provider, either directly or indirectly.
  • the temporary account number provider may correlate the temporary account number in the request with an actual account number and transmit a purchase request to a payment processor including the actual account number.
  • the temporary account number provider may transmit a response to the merchant including the temporary account number.
  • Additional security measures may be implemented to further limit the possibility of fraud.
  • a user may be required to submit a PIN at a user device in order to request a temporary account number and related data.
  • Temporary account numbers received on a user device may expire and be automatically deleted after a period of time, or may be manually deleted when the user is finished with them.
  • Figure 1 is a graphical representation of a non- limiting exemplary system in which systems and methods for randomized mobile payments may be implemented.
  • Figure 2 is a graphical representation of a non- limiting exemplary method of implementing an aspect of a randomized mobile payment system.
  • Figure 3 is a graphical representation of a non- limiting exemplary method of implementing another aspect of a randomized mobile payment system.
  • Figure 4 is a graphical representation of a non- limiting exemplary system in which systems and methods for randomized mobile payments may be implemented and a non- limiting exemplary user interface.
  • Figure 5 is a graphical representation of another non-limiting exemplary system in which systems and methods for randomized mobile payments may be implemented and a non- limiting exemplary user interface.
  • Figure 6 is a block diagram of a non-limiting, exemplary user device that may be used in connection with an embodiment of the present disclosure.
  • Figure 7 is a block diagram of a non- limiting, exemplary processor in which the present subject matter may be implemented.
  • FIG. 1 illustrates a non- limiting exemplary system for randomized mobile payment.
  • User 110 may be operating user device 120 at a merchant location.
  • user 110 may be operating user device 120 while shopping online and operating, for example, user computer 122.
  • user computer 122 and user device 120 may be the same device.
  • User device 120 may be a device of any type that is configured to transmit and/or receive of communication signals.
  • user device 120 may be a cellular telephone, a wireless computer, a wireless personal digital assistant (PDA), a wireless video phones, an electronic wallet, or any other portable electronic device configured to implement at least one aspect of the methods and systems recited herein.
  • PDA wireless personal digital assistant
  • user device 120 is also configured with near field communication (NFC) components and/or software that allows user device 120 to exchange data with other devices using short-range wireless communication technology. All other forms of wireless technologies are contemplated.
  • NFC near field communication
  • User 110 may wish to make a purchase or otherwise provide payment to a merchant or other entity using an account.
  • the account may be a credit or charge account and have associated with it a credit card (MASTERCARD®, VISA®, AMERICAN EXPRESS®, merchant-specific credit card, or any other type of credit or charge card.)
  • the account may be a bank account, such as a checking account or a savings account, and have a debit card or automated teller machine (ATM) card associated with it.
  • the account may be a stored value account and have an associated stored value card.
  • the account may be a customer or club member type account, such as a frequent flyer account, and may have a customer or member card associated with it.
  • a device or object other than a card may be used for purchases, such as a programmable key fob or other detectable device.
  • an account may not be financial but instead provide access or other identification information, and may have a card or object associated with it, for example, and access card to allow access into restricted areas, or an identification card that identifies the holder or owner of the account or card. All such embodiments are contemplated as within the scope of the present disclosure.
  • Wireless network 170 may be one or more appropriate telephony radio network, or any other type of communications network, or any combination thereof. Technologies used in wireless network 170 may include global system for mobile communications (GSM), code division multiple access (CDMA), and/or any other form of effective data transport utilizing any communications protocols. Wireless network 170 may support unstructured supplementary service data (USSD), short messaging service (SMS) and/or multimedia messaging service (MMS), and such service may be implemented independently of the method of data transport, and do not depend on any particular network architecture, or underlying protocols.
  • GSM global system for mobile communications
  • CDMA code division multiple access
  • MMS multimedia messaging service
  • wireless network 170 Any protocols or other network technologies may be used on wireless network 170, including WiFi, WiMax, internet protocol (IP), wireless application protocol (WAP), and any other technology or protocol. Any configuration and implementation of communications networks, wired, wireless, and any combination thereof, are represented by wireless network 170, and all such embodiments are contemplated as within the scope of the present disclosure.
  • IP internet protocol
  • WAP wireless application protocol
  • user 110 may operate user device 120 so that a request for a temporary account number or temporary account data is generated and transmitted to a pseudo account server.
  • User device 120 may be configured with software that is provided or maintained by a temporary account number service provider that enables user device 120 to send requests for and/or process responses to requests for temporary account data.
  • user device 120 may be configured with software enabling it to generate temporary account data.
  • a request for temporary account data may be transmitted over wireless communications link 126 to wireless network 170 using any effective means.
  • the request is transmitted as an SMS message.
  • the request is transmitted as an encrypted SMS message.
  • the request may be sent as an abbreviated dial code or a control signal.
  • wireless network 170 may transmit the message to pseudo account server 150, which may communicate with wireless network 170 using any effective means over communication link 155, which may be a wired or wireless link.
  • Pseudo account server 150 may process the request and reply with a temporary account number and, in one embodiment, other relevant details such as an expiration date.
  • pseudo account server 150 may process the request and reply with other temporary account data, such as a key or seed that allows user device 120 configured with appropriate software to generate a temporary account number and/or related information.
  • the temporary account number provided or generated is in the same format as the actual account number associated with it.
  • the temporary account number may also be a 16 digit number. Any other combination and number of numbers, letters, or other characters, or any other identifier of an account may be used.
  • additional temporary data provided such as an expiration date, may also be in the format that is used by the actual data. This may enable a user to use the temporary account data in an identical manner as the user would use actual account data.
  • Processing of the request may include evaluating the request and determining actual account number information associated with user 110, and then selecting an appropriate temporary account number and related information, or an appropriate key or seed value.
  • user device 120 may generate a temporary account number, with or without communicating with a pseudo account server. Details on methods of requesting and processing requests for temporary account numbers and data will be discussed in more detail herein.
  • user 110 may proceed with a purchase.
  • user 110 may operate user device 120 to transmit the received temporary account number using NFC communications link 125 to point of sale (POS) device 130, which may be located at a merchant premises.
  • POS point of sale
  • user device 120 may be configured to automatically transmit the temporary account number using NFC communications link 125 to POS device 130 upon receipt of the temporary account number.
  • user 110 may read the temporary account number and related information from user device 120 and enter the information into a web page using user computer 122.
  • user computer 122 may be configured to detect NFC signals and detect the temporary account number and related data from user device 120.
  • user device 120 and user computer 122 may be integrated into a single device, and the temporary account number may be exchanged internally between hardware and/or software components of the integrated user device 120 and user computer 122.
  • user 110 may read the temporary account number from a display of user device 120 and provide the account number orally or via other means to the merchant. All such embodiments are contemplated as within the scope of the present disclosure.
  • POS device 130 having received the temporary account number and any related information from user device 120 via NFC in one embodiment, may then transmit a request for authorization of the purchase to the payment service provider.
  • POS device 130 transmits the request to merchant device 140 over communications link 136.
  • POS device 130 transmits the temporary account number and any related information over communications link 136 to merchant device 140, which then generates a requests based on the information provided by POS device 130.
  • merchant device 140 may receive the temporary account number and any related information through network 180 from user computer 122 and generate a request for purchase authorization. The request may then be transmitted to network 180 over communications link 145.
  • POS device 130 may be configured with its own communication capabilities, and may transmit a request for purchase authorization directly to network 180 using communications link 135, which may be a wired or wireless communications link. Any means of generating a request and transmitting such a request on a network are contemplated as within the scope of the present disclosure.
  • Network 180 may be any type of data network capable of enabling Communications between two or more devices, including the Internet.
  • Network 180 represents any number of interconnected data networks, utilizing any type of communications technologies and protocols, or any combination of technologies and protocols, included wired and wireless communications means.
  • Payment service provider device 160 may process the request for purchase authorization. Such processing may include evaluating the temporary account number contained in the purchase request and determining that pseudo account server 150 is the appropriate server to authorize the purchase. Payment service provider device 160 may then transmit the request for purchase authorization to pseudo account server 150 over network 180.
  • pseudo account server 150 may process the request to determine if the purchase is authorized. Such processing may include determining the temporary account number from the purchase authorization request, determining an actual account number associated with the temporary account number, and determining an issuer or financial institution associated with the financial institution. Pseudo account server 150 may generate another request for purchase authorization using the actual account number associated with the a temporary account number and transmit the request to issuer device 190 over network 180 for authorization.
  • Issuer device 190 may receive the request over communications link 195 and perform authorization processing on the request, including checking for sufficient credit, a valid account in good standing, and any other relevant data, and determine an appropriate response.
  • the response may then be transmitted to pseudo account server 150, which may then transmit the response to payment service provider device 160, in one embodiment altering the response or performing other processing on the response.
  • pseudo account server 150 upon receiving the response from issuer device 190, pseudo account server 150 generates a separate response based on the received response from issuer device 190.
  • Pseudo account server 150 may transmit a response to the device that initially requested purchase authorization, such as merchant device
  • the merchant and user 110 in one embodiment automatically through the use of merchant device 140 and/or POS device 130, may then complete the purchase.
  • the merchant never has or needs access to any actual account data, and similarly, actual account data is never present on user device 120, thus ensuring that actual account data is never exposed for misuse during the purchase process.
  • Figure 2 illustrates a non- limiting exemplary method 200 of requesting and receiving a temporary account number.
  • the aspects of the disclosure described in relation to Figure 2 may be performed by a user device, such as user device 120, or any other device capable of performing these aspects.
  • Such devices include mobile communications device, such as mobile telephones, equipped with hardware and software configured to perform the disclosed aspects. It is contemplated that all such embodiments are within the scope of the present disclosure.
  • a user interface is displayed. This may be generated by software on a user device stored in memory and executed by one or more user device processors.
  • This software may be downloaded or otherwise installed on a user device and may be provided by and/or maintained by a temporary account data service provider.
  • This software may be downloaded in its entirety each time a user operates a user device to obtain temporary account data, or parts of the software, such as specific components, keys, seeds, sets of temporary account number, libraries, modules, or any other software element may be downloaded or otherwise obtained each time a user operates a user device to obtain temporary account data.
  • this software may be downloaded or otherwise obtained once and reused each time a user operates a user device to obtain temporary account data, with or without periodic updates.
  • the user interface may be displayed on one or more displays configured on the user device or communicatively connected to the user device.
  • the user interface combined with the user device may allow for the selection of visual items presented, the entering of textual information, and/or the detection of activation of controls, such as buttons.
  • the user interface presented on a display may include a listing of account types, which, when selected, may generate a display of specific accounts associated with the selected account types.
  • the user interface may present a listing of specific accounts.
  • Specific accounts may be identified by user defined labels or other identifiers. However, in the preferred embodiment, the actual account numbers associated with the specific accounts are not displayed or stored on the user device in any form.
  • the list of accounts may be stored on the user device, or the list may be downloaded from a temporary account number provider device at each execution of software used for temporary account number requests. Exemplary user interfaces are described in more detail herein.
  • the selection of an account is detected. This may be accomplished through any effective means, such as detecting the actuation of an input button or activation of any input control, determining the area of a display that is highlighted, or otherwise detecting which of the displayed accounts are selected.
  • a request for a personal identification number is displayed. This may be a simple numeric code, or may be alphanumeric, and may be of any length. Alternatively, other security measures may be employed, such as biometric confirmation (finger print, retina scan, etc.), one or more required security questions and answers, or any other type of confirmation known in the art, now known or to be developed.
  • Any security information requested and/or required may be user configurable, and may or may not be associated with other PINs, such as those used for access to an account at a financial institution automated teller machine (ATM). Any means or mechanism for preventing the request of a temporary account number and related information by unauthorized persons is contemplated.
  • the PIN and/or other security measures blocks of the present method may be implemented before or after displaying account numbers and detecting a user selection of an account. For example, a correct PIN detection may be required before user accounts are displayed in a user interface, and/or before a user is permitted to select a user account. All such embodiments are contemplated as within the scope of the present disclosure.
  • the PIN or other security related input may be detected using any effective means.
  • a determination may be made as to whether the PIN or other security input is correct or otherwise satisfies predetermined security requirements. If not, at block 260 a rejection message may be displayed and the user interface may again be presented at block 210.
  • the user may be locked out of the software application implementing method 200, or locked out of the device running the software implementing method 200.
  • a user may be allowed a predetermined number of times in which an incorrect PIN or other security information may be provided before the user is locked out of the software and/or the device. In other embodiments, there may be no limit on the amount of incorrect security inputs allowed. The number of incorrect security inputs allowed may be user configurable in some embodiments. Any configuration of security measures may be implemented and all such configurations are contemplated.
  • a request for a temporary account number and related information is generated and transmitted to a provider of such numbers, such as pseudo account server 150 of Figure 1.
  • a request for temporary account data allowing generation of a temporary account number and related information, such as a seed or key, is generated and transmitted to a provider of such data.
  • a request for temporary account data allowing generation of a temporary account number and related information may be sent when a purchase is desired, or may be sent at any time, and used to generate a temporary account number when a purchase is desired.
  • the request transmitted to a provider may consist of any information that may be used by a provider of temporary account numbers to identify a particular account, some of which may be provided by default depending on the communication technology.
  • the telephone number associated with the user device may identify the user in a database maintained by a provider of temporary account numbers.
  • a unique number, value or other identifier may be associated with the user and/or user device in a database maintained by a provider of temporary account numbers. This number or other identifier may accompany a request for a temporary account number, in some embodiments by default if the protocol used to transmit the message, such as SMS, includes such numbers by default.
  • the request may also include a code, a unique number, a value, a nickname or other identifier associated with an account, or other identifying data that specifies a particular account from among a plurality of accounts.
  • the request may also include a dollar amount of the purchase or an amount to be preauthorized.
  • the request may be sent using any means, including as an USSD, SMS or MMS message, as an abbreviated dial code or a control signal, using WiFi, WiMax, or other wireless technologies, and may be encrypted using any encryption means. Any information that may be used to specify a particular account and/or an amount to be charged against the account, as well as any effective communication means of transmitting a request, is contemplated.
  • a temporary account number, temporary account data, and/or any related data may be received on a user device.
  • the temporary account number and/or any related data may be received as an USSD, SMS, or MMS message, or via any other communications means.
  • Related information may include a credit or debit card name, expiration date, PIN, CW,
  • a provider of temporary account numbers may always use the same expiration date, or the same part of an expiration date, such as the year, for each temporary account number and related data generated for a particular account. This may assist a user in tracking which temporary account data corresponds to which account, and verifying that any temporary account data received is associated with the correct account or card. For example, temporary account data with an expiration date in the year 2011 may always be provided for a user's AMERICAN EXPRESS® card.
  • any other means or methods of encoding identifiers of an account into temporary account data that does not include actual account numbers or other actual account data are contemplated as within the scope of the present disclosure. If a temporary account number and related data is received at block 275, the method progresses to block 280.
  • a seed or key may be received on the user device at block 275 that allows software and/or hardware configured on the user device to generate a temporary account number at block 277.
  • the seed or key may be accompanied by a partial temporary account number and/or related temporary account information.
  • the entire temporary account number may be generated by the user device from the seed by applying an algorithm to the key or seed to generate the account number.
  • a portion of the temporary account number may be generated by applying an algorithm to the key or seed and appended the generated number to a portion of the temporary account number received in the response, stored on the user device, or obtained by other means.
  • the first eight digits of a 16 digit account number may be predetermined and received on the user device in a response from a temporary account number provider, or already stored on the user device.
  • the user device may then receive a seed or key value which is then manipulated by software and/or hardware on the user device to generate the last eight digits of the 16 digit account number.
  • the temporary account number may then be formed by appending the generated eight digits to the predetermined eight digits.
  • Other means and methods of generating whole or partial account numbers from seeds, keys, or other data are contemplated as within the scope of the present disclosure.
  • the number generation application operating on a user device may be unique to that particular user device by virtue of its software elements such that the number generation application operating in conjunction with a remote server that contains user account data, such as pseudo account server 150 of Figure 1, will create temporary account numbers that are unique to that particular server/user device pair.
  • a particular user device may have one or more keys that correspond to one or more keys maintained by a remote server. The combination of those keys may allow the user device to generate temporary account numbers that other user devices with different sets of keys or different configurations of software cannot generate. Any combination of keys and devices that may be used to create unique data for use as temporary account numbers and related information are contemplated as within the scope of the present disclosure.
  • the relevant information required for a purchase is transmitted via a user device's NFC components.
  • This allows the user to move the device into an area proximate to a merchant's POS device equipped with NFC components and transmit the temporary account number and other information to the merchant to complete the purchase.
  • the temporary account number and related information may be displayed to the user instead of, or in addition to, transmitting such information via NFC. This allows the user to see the information and provide it orally or input it in an alternative manner.
  • the temporary account number and related information is associated with a debit card, the user may be required to enter a PIN into a merchant's POS device.
  • the temporary PIN to be used with the temporary account number may be presented to the user on the user device. Confirmation of rejection of the purchase may also be received by the user device from the merchant POS device using NFC or any other means of communication.
  • the user may be making a purchase online, and may enter the temporary account number and related information read from the display of a user device into a web page to complete a purchase.
  • the user device may communicate with a user computer via NFC or any other means and transmit the temporary account number and related information to the user computer to complete a purchase.
  • the user may be operating the user device to access the Internet and the temporary account number and related information may be conveyed internally within the user device to another software application that is communicating with a web server to conduct an online transaction. All such embodiments are contemplated as within the scope of the present disclosure.
  • Each temporary account number and related information may be associated with a predetermined lifespan on the user device. By limiting the lifespan of a temporary account number and related information, use of such numbers and information by unauthorized users may be prevented even if such users acquire the device and successfully provide security information.
  • This lifespan may be user configurable, configured by the issuer or pseudo account provider, or may be preconf ⁇ gured in the software implementing method 200.
  • the lifespan of a temporary account number and related information may be received within the response received at block 275, and may be any amount of time. In one embodiment, the lifespan of a temporary account number and related information may be set a small number of minutes, such as five or ten minutes.
  • a user device may look at the timestamp of the response received that provided the temporary account number and compare that timestamp to the current time maintained by the device in order to determine whether the lifespan has expired. Any other means used to determine whether the lifespan has expired may be used and all such implementations are contemplated as embodiments of the present disclosure.
  • a number of uses may be determined at block 285.
  • Each temporary account number and related data may be valid for only a limited number of uses.
  • each temporary account number and related data may be usable only one time. In some embodiments, this may be user configurable, while in other embodiments the number of uses permitted may be system determined.
  • the temporary account number and related data is automatically erased from a user device. Other configurations based on a number of uses are contemplated.
  • the method returns to block 285 to check again.
  • the user device and/or software configured thereon may delete the temporary account number and all related information from memory, data storage, and any where else that the information may have been recorded on the user device, and the method is complete. This ensures that the temporary account number will not be available to any users, authorized or not, in the future, thus reducing the opportunity for fraud using the temporary account number. Any means and methods may be used to remove the data from the user device, and all such embodiments are contemplated as within the scope of the present disclosure.
  • Figure 3 illustrates a non-limiting exemplary method 300 of receiving a request for a temporary account number, providing a temporary account number, and handling a request for purchase authorization using a temporary account number.
  • the aspects of the disclosure described in relation to Figure 3 may be performed by one or more computing device, such as pseudo account server 150, payment service provider device 160, issuer device 190, and/or any other device or combination of devices capable of performing these aspects.
  • Such devices may be equipped with hardware and software configured to perform the disclosed aspects. It is contemplated that all such embodiments are within the scope of the present disclosure.
  • a request for a temporary account number and related information may be received at a provider of temporary account numbers.
  • the request maybe received as an USSD, SMS or MMS message, or via any other communications means.
  • the request may contain any information that may be useful in performing other aspects of method 300, including a user device telephone number, one or more codes indicating a particular account, a nickname associated with an account, or other identifying data that specifies a particular account from among more than one accounts.
  • the request may also include a dollar amount of the purchase or an amount to be preauthorized. All such embodiments are contemplated as within the scope of the present disclosure.
  • a subset of available temporary account numbers may be generated. This subset may be generated from a list of account numbers provided by an issuer.
  • the issuer of card type X may provide a block of card numbers (for example 1234- 5678-1000-0000 through 1234-5678-1099-9999) to a provider of temporary account numbers. Then, when a user requests a temporary account number to use for an account of card type X, one of the pool of numbers provided the issuer of card type X may be used as a temporary account number for that user.
  • the pool of numbers available for use as temporary account numbers may or may not be reused. Other criteria may also be used to further select the subset of available account numbers.
  • each time a temporary account number is used a record of the use is stored that may include identifying information on the user or device that has used the temporary account number, such as a telephone number or user ID.
  • a particular temporary account number may not be used by the same user and/or user device more than once.
  • once a particular temporary account number is used it may not be used again by any user for a predetermined amount of time, such as three or six months.
  • the particular temporary account number may be used by users other than those users who have used it in the past. Any other criteria may be used to generate a subset of available account numbers for use as temporary account numbers, and all such embodiments are contemplated as within the scope of the present disclosure.
  • a subset of keys or seeds may be generated at block 320 from which a key or seed may be selected that may be transmitted to a user device for the user device to use in the generation of a complete or partial temporary account number.
  • the subset may be determined based on the past use of the keys or seeds, or the past use of temporary account numbers that are generated by the used of such seeds or keys. If the key or seed selected is intended for use in generating a partial temporary account number, a subset of partial temporary account numbers may be generated, from which a partial account number may be selected and sent to a user device for use with account number generation software and/or hardware configured to generate a partial account number. In this embodiment, the partial account number provided and the partial account number generated may be appended or otherwise combined to generate a complete temporary account number.
  • a temporary account number and related information, and/or temporary account data such as a seed or key, is selected and transmitted to a user. Any means of selecting a temporary account number or data may be used, including randomly selecting a temporary account number from among the available account numbers or randomly selecting a key or seed from available keys or seeds. Other data may be determined at block 330 as well, such as an expiration date, CW, CVC, CID, billing zip code, PIN, and any other information associated with the temporary account number that may be desirable. In some embodiments, preauthorization for the purchase may be performed at block 330 as well.
  • the provider of temporary account numbers may determine the actual account number associated with the account identified by the request and transmit an authorization request to the issuer. The provider of temporary account numbers may then respond accordingly to the request for a temporary account number, in one embodiment denying the request if the purchase authorization failed.
  • the temporary account information may be transmitted to the user in any effective manner, including as an USSD, SMS or MMS message. The information may be transmitted in the same manner as the request for a temporary account number was received, or in a different manner. Any manner of selecting an account number and related information and transmitting the same to a user are contemplated as within the scope of the present disclosure.
  • the use of the selected temporary account number and related data, the use of a particular key or seed, or any other data that may be of use may be recorded. Note that this aspect may be performed before or after the temporary account number and related information is transmitted to a user at block 330. It is contemplated that such information may be stored in a database.
  • Examples of information that may be stored include any or all of the information sent to the user (expiration date, CW, CVC, CID, billing zip code, PIN, lifespan, etc.), a user name or other user identifying information, an account nickname, identifying information for the device that requested the temporary account number, identifying information for a seed or key used or the actual seed or key, actual account information for the actual account associated with the temporary account (issuer, account number, expiration date, and any other data), amount of purchase, and any other relevant data.
  • This information may be accessed later to determine whether the temporary account number sent to a user is available for another request for a temporary account number. Any type of information and any means of storing such information are contemplated as within the scope of the present disclosure.
  • a temporary account number provider may receive a request to authorize a purchase by a user who is using the temporary account number and related information provided at block 330.
  • the purchase authorization request may be received via any communications means.
  • the request for purchase authorization may originate at a retailer where the user is present and interacting with a POS device, at a virtual store where the user is shopping online, or from a retailer interacting with the user over the telephone.
  • the request may come directly from a retailer or merchant, or may come from a payment processing service. All such embodiments are contemplated as within the scope of the present disclosure.
  • an email, text message, phone call, or other notification may be sent to a user when such a purchase authorization request is received by a temporary account number provider.
  • a temporary account number provider may determine an actual account number and related information associated with the temporary account number provided in the request received at block 350. This may be done using data stored at block 340, and/or using alternate means. Any information that may be required to obtain a purchase authorization may be obtained at block 360, including a purchase amount which may be derived from the purchase authorization request received at block 350. Having collected or determined all the necessary data, a temporary account number provider may then generate a request for purchase authorization using actual account information and transmit that request to an issuer or other payment processing provider at block 370 using any communications means.
  • a response to the request for purchase authorization using actual account information may be received at a temporary account number provider from an issuer or other payment processing provider using any communications means.
  • the response is processed and a response to the purchase authorization request received from a merchant at block 350 is generated.
  • the response to the merchant may include the acceptance or rejection as set forth in the response received at block 380, as well as the temporary account number and related information.
  • a determination may be made as to the temporary account number and related information that currently corresponds to the actual account number and related information contained in the response received at block 380 from an issuer or other payment processing provider.
  • Once a response is generated it may be transmitted to a merchant, retailer, or other interested party using any communications means. In one embodiment, an email, text message, phone call, or other notification may be sent to a user when such a purchase authorization request is processed by a temporary account number provider. All such embodiments are contemplated as within the scope of the present disclosure.
  • Figure 4 illustrates a non- limiting exemplary embodiment of an activation system and user interface for activating and configuring a user account with a temporary account number provider.
  • User 410 may be operating computer 420, which may be any type of computing device, including a personal computer, laptop, or mobile computing device such as a mobile telephone with computing capabilities.
  • Computer 420 may be configured to communicate with network 430, which may be any computer, data, or voice network, wired or wireless, or any combination thereof, and which may include two or more communicatively connected networks.
  • Computer 420 may be communicating with pseudo account activation server 450 that may be operated and/or maintained by a temporary account number provider.
  • Pseudo account activation server 450 represents any number of devices of any type, and combination of devices, that may be operated by a temporary account number provider.
  • User 410 may be interacting with user interface 460 while operating user computer 420.
  • User interface 460 may be generated and presented using any means, including any combination of software and hardware.
  • the information represented on user interface 460 may be presented on one screen or may be distributed among several screens or windows, and may be supplemented by additional information and data field. Moreover, not all the information displayed by user interface 460 may be required or presented. All such embodiments are contemplated as within the scope of the present disclosure.
  • a user may be required to provide credit or debit card information. This information may be used by a temporary account number provider to obtain purchase authorizations and to correlate actual account numbers to temporary account numbers.
  • a user may enter information about a credit or debit card, including a card type (for example, VISA®, MASTERCARD®, AMERICAN EXPRESS®, etc.), a card number, an expiration date, and a card verification number such as a CW, CVC, or CID.
  • a user may also enter a PIN for a card or account. This may be an issuer PIN, such as those required to use a debit card.
  • this may be a user-defined PIN that may be used on a mobile device to verify that a user requesting a temporary account number is an authorized user, as described above.
  • no PIN may be provided during the activation process. Instead, a PIN may be provided to the actual user device and stored only there so that there was no record of the PIN anywhere else, thereby improving PIN security.
  • only PINs associated with particular cards, account, or types of cards or accounts may be gathered during the activation process. For example, debit card PINs may be stored but not credit card PINs or PINs used to access the software on a user device that requests temporary account data. Any other card or account information may be provided or solicited.
  • the user may also provide a nickname or other identification for a card or account, which may be used to identify the account on a user device.
  • a temporary account number provider may determine identifying information for a card or account. Such identifying information may be necessary because, in one embodiment, no actual account or card information is stored on the user device. Information may be entered into a user interface using any means, including free text field, dropdown menus, radio buttons, etc.
  • the temporary account number provider may store card or account information and present it to a user, for example, in section 468.
  • Billing information for an account or card may also be required, and may be provided to a temporary account number provider through the user interface in a section such as section 464.
  • Typical billing information may be entered, including a card or account owner's name, address, phone number, email address, and any other relevant information.
  • User preferences may also be entered in section 464 or any other section. For example, a user may have the option to get alerts emailed to the user regarding account activity, such as each time an account is used, each time a purchase exceeds a predetermined threshold, or any time any other activity of interest may take place.
  • a user may have the option of enabling or disabling the use of cards or accounts provided to a temporary account number provider.
  • a user may have the option of selecting the devices from which an account or card may be accessible. For example, a user may wish to enable the user's device and a user's child's device to request temporary account data for a personal account, but only allow the user's device to request temporary account data for a business account.
  • a user may have the option of selecting a number of uses that a temporary account number and related information associated with the account or card may be used. For example, a user may specify that a temporary account number associated with a particular card or account may only be used two times before it is automatically erased or otherwise disabled. Alternatively, the temporary account number provider may set a number of uses for each temporary account number and related information, or may only use lifespan or timeout value to determine when to erase or otherwise disable a temporary account number and related information. In yet another embodiment, a user may have the option of specifying the lifespan or a temporary account number and related data. For example, a user may specify, or select from available options, a lifespan often minutes for temporary account numbers associated with a particular account or card.
  • the temporary account number provider may set lifespan for each temporary account number and related information, or may only use number of uses to determine when to erase or otherwise disable a temporary account number and related information. Any other user preferences may be solicited or provided, and all such embodiments are contemplated as within the scope of the present disclosure.
  • user device information may be provided. This information may allow a temporary account number provider to determine which user is sending a request for a temporary account number, or verify that a request for a temporary account number is coming from an authorized device.
  • Information that may be provided includes a telephone number, a model and brand of a device, and a carrier configured to support the device. This information, such as model number and brand of device, may be used to determine an appropriate version or type of software for requesting temporary account data to provide to a user device. Aliases for devices may also be provided to simplify identifying devices by a user during the use of a randomized mobile payment system. Any other information about the user device may be provided.
  • User interface 460 may also provide information on the current configuration for user 410, such as that shown in section 468.
  • the name and address of the user may be presented, as well as a listing of devices and related information and a listing of cards or accounts already configured and related information, such as the nicknames associated with the accounts. Any other information may be presented, including currently configured user preferences. All such embodiments are contemplated as within the scope of the present disclosure.
  • FIG. 5 illustrates a non-limiting exemplary embodiment of a system for requesting and using a temporary account number and related information and user interfaces for requesting and receiving a temporary account number and related information from a temporary account number provider.
  • User 510 may be operating user device 520, which may be a mobile device with computing and wireless communications capabilities, such as a smart phone or PDA.
  • Configured on user device 520 may be software and hardware that enables interaction with a temporary account number provider.
  • Such software may be designed to operate specifically on mobile devices, or may general software configured to operate on a wide variety of devices.
  • Such software may also be downloaded from a temporary account number provider, or otherwise provided by a temporary account number provider, or may be provided by another party or made available by another party, such as a telecommunications provider, a financial institution, or a third party.
  • the software may reside on the device itself, on a subscriber identification module (SIM), a removable memory stick, or any other type of storage medium. In the event that the software resides on the SIM, the software may or may not be able to be activated on another device.
  • SIM subscriber identification module
  • the software on user device 520 may present user interfaces to a user for requesting and receiving temporary account number data.
  • user 510 may activate temporary account number software on user device 520, which may in turn present user interface 560 on a display of user device 520.
  • user interface 560 may present list 562 of available accounts or cards, identified by nicknames or any other identifying information other than actual account numbers. Note that in the preferred embodiment, no actual account information is stored on user device 520.
  • User 510 may select the preferred card or account from list 562 using any means, including pressing a virtual or actual button associated with the preferred card or account, selecting the preferred card or account with a stylus, or any other means of selecting an object through a user interface.
  • User interface 560 may also request an amount of purchase to be preauthorized.
  • user device 520 may have received an amount of purchase from a merchant, for example from data received via NFC from merchant POS device 570.
  • User interface 560 may also show other information about the pending purchase, such as the name, address, phone number, or other information about the merchant. Any other merchant data or account data that may be displayed is contemplated as within the scope of the present disclosure.
  • user interface 564 may be presented to user 510 on user device 520.
  • User interface 564 may request a PIN number from user 510 to ensure that a temporary account number is being requested by an authorized user.
  • the PIN number requested and entered may be associated with the specific account or card selected, or may be a general PIN number used for requesting a temporary account number associated with any available account of a user.
  • the PIN number is a PIN number associated with an account by a financial institution, such as a PIN number used to access an account at an ATM.
  • the PIN number is user configurable and may be set by the user through the activation process as disclosed herein.
  • the entry of a PIN number may be required before a listing of accounts, such as list 562 in user interface 560, is presented.
  • the requiring of a PIN number after an account is selected may still be employed to provide an extra layer of security, and the two PIN numbers may or may not be the same.
  • a security code of any type may be requested, or other security measures may be employed, such as biometric security measures. Any combination or origination of PIN numbers and/or security measures may be used, and all such embodiments are contemplated as within the scope of the present disclosure.
  • Wireless network 530 may be any one or more wireless networks, in some embodiments combined or interconnected to wired networks, that is capable of transmitting and receiving wireless data communications. Wireless network 530 may then transport the request for a temporary account number and related data to pseudo account mobile server 550.
  • Pseudo account mobile server 550 may be operated and/or maintained by a temporary account number provider, and may be dedicated to providing temporary account numbers to mobile device, or may be configured to perform other functions.
  • Pseudo account mobile server 550 may also be several servers, computers, network devices, and/or other device configured to response to requests for temporary account numbers. All such embodiments are contemplated as within the scope of the present disclosure.
  • pseudo account mobile server 550 may generate temporary account number data, and transmit such data to user device 520 over wireless network 530. Pseudo account mobile server 550 may also communicate the temporary account number and related data to pseudo account payment server 555 so that payments using the temporary account data can be authorized. Pseudo account mobile server 550 may be configured to communicate with pseudo account payment server 555 over a network of any kind, or combination of networks. Alternatively, the functions of pseudo account payment server 555 and pseudo account mobile server 550 may be performed by a single device.
  • pseudo account mobile server 550 when pseudo account mobile server 550 receives a request for temporary account data, it may forward the request to pseudo account payment server 555, or it may generate a request for temporary account data and send it to pseudo account payment server 555. Pseudo account payment server 555 may then send temporary account data to pseudo account mobile server 550 for transmission to user device 520.
  • a separate server or other computing device may be configured to generate temporary account data, and may transmit such data to pseudo account mobile server 550 and/or pseudo account payment server 555. Any combination or configuration of devices configured to generate temporary account data is contemplated as within the scope of the present disclosure.
  • a user interface such as that illustrated by user interface 566 may be displayed and presented to user 510.
  • the information presented in user interface 566 may include a temporary account number, an expiration date, a PIN, a billing zip code, a CW, CVC, or CID, and/or a lifespan.
  • the lifespan presented may be the amount of time the user has left to use the temporary account data before it is automatically erased from user device 520.
  • the lifespan may be continually updated on user interface 566 so that user 510 can easily determine the amount of time remaining in which user 510 may use the temporary account data to make a purchase.
  • user interface 566 may provide control 568 which may erase all temporary account data from user device 520.
  • user device 520 may also activate NFC components configured on user device 520 and transmit the received temporary account data via NFC.
  • user 510 may proceed with a purchase.
  • user 510 may place user device 520 in an area so that the NFC components of user device 520 are proximate to merchant POS device 570, which may be configured to receive NFC data from devices such as user device 520.
  • user 510 may read temporary account data from user interface 566 and provide it to a merchant orally, for example by telephone, or electronically, for example by entering temporary account data into a web page.
  • user 510 may provide a portion of the temporary account data to a merchant through a merchant device.
  • the temporary account data is associated with a debit card
  • user 510 may be required to enter a PIN number provided with the temporary account data at merchant POS device 570. All other means and methods of providing payment using temporary account data are contemplated as within the scope of the present disclosure.
  • merchant POS device 570 may transmit a purchase authorization request, directly or indirectly, from merchant POS device 570.
  • the request may include the temporary account number and any other data received from user device 520 or user 510 in any manner, and may also include purchase information, such as an amount of purchase and merchant identifying information.
  • Such a request may be transmitted to network 535, which may be any type of network or combination of networks as described herein.
  • the purchase authorization request may be forwarded to a payment service provider that may in turn forward the purchase authorization request to pseudo account payment server 555.
  • the purchase authorization request may be transmitted directly to pseudo account payment server 555, or pseudo account payment server 555 may also function as a payment service provider.
  • Pseudo account payment server 555 may then correlate the temporary account data with actual account data as described herein, and may generate a purchase authorization request including purchase amounts and merchant information. This request may be transmitted from pseudo account payment server 555 to an issuer, financial institution, or payment processor for purchase authorization based on actual account data.
  • pseudo account payment server 555 may then generate a response for transmission to the merchant, in one embodiment to merchant POS device 570.
  • the response generated may include the temporary account data which may be determined from the actual account data in the response from an issuer, financial institution, or payment processor and records maintained by pseudo account payment server 555, pseudo account mobile server 550, and/or another device operated by a temporary account number provider.
  • the response may be transmitted to merchant POS device 570 over network 535.
  • any of the methods, systems, and means described herein may be implemented with any technology and any devices, components, systems, or systems, and any combination thereof.
  • the randomized mobile payment system as described herein may be integrated into other telephony or communications related systems and devices, such as a wireless or wireline communications system or network, or any other type of communications systems or devices. All such embodiments are contemplated as within the scope of the present disclosure.
  • Figure 6 illustrates an example wireless device 610 that may be used in connection with an embodiment. References will also be made to other figures of the present disclosure as appropriate.
  • user devices 120, 420, and 520 may each be a wireless device of the type described in regard to Figure 6, and may have some, all, or none of the components and modules described in regard to Figure 6.
  • the components and modules of wireless device 610 illustrated in Figure 6 are illustrative, and that any number and type of components and/or modules may be present in wireless device 610.
  • the functions performed by any or all of the components and modules illustrated in Figure 6 may be performed by any number of physical components.
  • the functionality of more than one component and/or module illustrated in Figure 6 may be performed by any number or types of hardware and/or software.
  • Processor 621 may be any type of circuitry that performs operations on behalf of wireless device 610.
  • processor 621 executes software (i.e., computer readable instructions stored in a computer readable medium) that may include functionality related to requesting and receiving temporary account data, communicating with, operating, or interfacing with a temporary account number provider system, and/or running software configured to operate, communicate, or interface with a temporary account number provider system, for example.
  • User interface module 622 may be any type or combination of hardware and/or software that enables a user to operate and interact with wireless device 610, and, in one embodiment, to interact with a temporary account number provider system.
  • user interface module 622 may include a display, physical and "soft" keys, voice and/or speech recognition software, microphone, speaker and the like, and may be configured to display user interfaces, such as user interfaces 460, 560, 564, and 566.
  • Wireless communication module 623 may be any type or combination of hardware and/or software that enables wireless device 610 to communicate with, for example, wireless network 170, wireless network 530, and/or any other type of wireless communications network.
  • Memory 624 enables wireless device 610 to store information, temporary account numbers and related data, software for interacting with a temporary account number provider system, a web browser, other types of data, or the like.
  • Memory 624 may take any form, such as internal random access memory (RAM), an SD card, a microSD card and the like.
  • Power supply 625 may be a battery or other type of power input (e.g., a charging cable that is connected to an electrical outlet, etc.) that is capable of powering wireless device 610.
  • FIG. 7 is a block diagram of an example processor 758 which may be employed in any of the embodiments described herein, including as one or more components of user devices 120, 122, 420, or 520, or devices 130, 140, 150, 160, 190, 450, 550, 555, or 570, or as one or more components of communications network equipment or related equipment, such as any component of networks 170, 180, 430, 530, or 535 and/or as one or more components of any device, component, system, or subsystem that may implement any portion of the subject matter described herein.
  • the block diagram depicted in Figure 7 is exemplary and not intended to imply a specific implementation.
  • the processor 758 can be implemented as a single processor or multiple processors. Multiple processors can be distributed or centrally located. Multiple processors can communicate wirelessly, via hard wire, or any combination thereof.
  • the processor 758 comprises a processing portion 760, a memory portion 762, and an input/output portion 764.
  • the processing portion 760, memory portion 762, and input/output portion 764 are coupled together (coupling not shown in Figure 7) to allow communications between these portions.
  • the input/output portion 764 is capable of providing and/or receiving components, commands, and/or instructions, utilized to, for example, operate a temporary account number provider system, a user device configure to interact with a temporary account number provider system, a network configured transport requests for temporary account data and responses to such request, or any subsystem or component thereof.
  • the processor 758 can be implemented as a client processor and/or a server processor.
  • the processor 758 may include at least one processing portion 760 and memory portion 762.
  • the memory portion 762 can store any information utilized in conjunction with transmitting, receiving, and/or processing temporary account number requests, responses, activation data, or any other data or information.
  • the memory portion is capable of storing temporary account data, actual account data, correlations between temporary and actual account data, and/or software capable of operating a temporary account number provider system and/or a user device and software configured to interact with a temporary account number provider system.
  • the memory portion 762 can be volatile (such as RAM) 766, non-volatile (such as ROM, flash memory, etc.) 768, or a combination thereof.
  • the processor 758 can have additional features/functionality.
  • the processor 758 can include additional storage (removable storage 770 and/or non-removable storage 772) including, but not limited to, magnetic or optical disks, tape, flash, smart cards or a combination thereof.
  • Computer storage media, such as memory and storage elements 762, 770, 772, 766, and 768, include volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules, or other data.
  • Computer storage media include, but are not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disks (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, universal serial bus (USB) compatible memory, smart cards, or any other medium which can be used to store the desired information and which can be accessed by the processor 758. Any such computer storage media may be part of or communicatively connected to the processor 758.
  • the processor 758 can also contain the communications connection(s) 780 that allow the processor 758 to communicate with other devices, for example through networks 170, 180, 430, 530, or 535. Communications connection(s) 780 is an example of communication media.
  • Communication media typically embody computer-readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media.
  • modulated data signal means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal.
  • communication media includes wired media such as a wired network or direct-wired connection as might be used with a land line telephone, and wireless media such as acoustic, RF, infrared, cellular, and other wireless media.
  • the term computer-readable media as used herein includes both storage media and communication media.
  • the processor 758 also can have input device(s) 776 such as keyboard, keypad, mouse, pen, voice input device, touch input device, etc.
  • Output device(s) 774 such as a display, speakers, printer, etc. also may be included.
  • the methods and apparatuses for randomized mobile payment systems and methods can take the form of program code ⁇ i.e., instructions) embodied in tangible media, such as floppy diskettes, CD-ROMs, hard drives, or any other machine-readable storage medium, wherein, when the program code is loaded into and executed by a machine, such as a computer, the machine becomes an apparatus for or a component of a randomized mobile payment system.
  • the computing device will generally include a processor, a storage medium readable by the processor (including volatile and non-volatile memory and/or storage elements), at least one input device, and at least one output device.
  • the program(s) can be implemented in assembly or machine language, if desired.
  • the language can be a compiled or interpreted language, and combined with hardware implementations.
  • the methods and systems for randomized mobile payment as described herein can also be practiced via communications embodied in the form of program code that is transmitted over some transmission medium, such as over electrical wiring or cabling, through fiber optics, or via any other form of transmission, wherein, when the program code is received and loaded into and executed by a machine, such as an EPROM, a gate array, a programmable logic device (PLD), a client computer, a wireless telephone, or the like, the machine becomes an apparatus for a randomized mobile payment system.
  • a machine such as an EPROM, a gate array, a programmable logic device (PLD), a client computer, a wireless telephone, or the like
  • PLD programmable logic device
  • client computer a client computer
  • wireless telephone or the like
  • the program code When implemented on a general-purpose processor, the program code combines with the processor to provide a unique apparatus that operates to invoke the functionality of a randomized mobile payment system.
  • any storage techniques used in connection with a randomized mobile payment system can in

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Cash Registers Or Receiving Machines (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Telephonic Communication Services (AREA)

Abstract

Systems and methods for improving security in mobile payment systems are described. A user device may be operated to request temporary account data for an account. No actual account number may be stored on the device. A remote system may correlate temporary account data to actual account data and transmit temporary account data to the user device, which use the data to make a purchase or generate a temporary account number than may be used to make a purchase. Temporary account data may be automatically erased or expire. A purchase authorization request may be sent by a merchant with temporary account data to a provider of temporary account data. The provider may transmit a request for purchase authorization using actual account data to a payment processor, sending a response to the merchant that does not include actual account data based on a response from the payment processor.

Description

SYSTEMS AND METHODS FOR RANDOMIZED MOBILE PAYMENT
TECHNICAL FIELD
[0001] The disclosed systems and methods generally relate to financial transaction systems. More specifically, the disclosed systems and methods relate to providing payment using randomized temporary account numbers and systems and methods for obtaining and using randomized temporary account numbers on a mobile device.
BACKGROUND
[0002] Traditionally, purchases made with a credit or debit card have been completed by swiping the credit or debit card through a merchant's point of sale (POS) device. POS devices currently in use typically have a magnetic reader that reads the account information from the card when the card is swiped through the reader, such as a personal account number and an expiration date. This account information is then transmitted over a wired or wireless network to a payment service provider for processing. Purchases are also made without using a POS terminal directly. For example, a customer may telephone a merchant and provide credit or debit card information verbally. Purchases may also be completed over the internet, a practice that is becoming more common, by providing credit or debit card information to a web server through a web site. Because account information is contained on the credit or debit card itself, unauthorized use is difficult to prevent if the card owner does not have physical control over the card and has not notified the card issuer that the card has been lost or stolen.
[0003] More recently, the information typically gathered from the magnetic strip on a credit or debit card has been made available on electronic devices that can be detected by POS devices without physical contact. In such systems, a POS device may use near field communications (NFC) to detect information on a customer's electronic device. Customer devices that may be used to contain and transmit account information include mobile telephones, personal data assistants (PDAs), and passive devices such as radio-frequency identification (RFID) tags. In these implementations, the customer's actual account numbers are contained on the electronic device, so, like an actual credit or debit card, unauthorized use is not easily preventable if the device is not in the customer's physical control.
[0004] In an effort to reduce fraud and protect consumers, additional information may be required beyond that provided by a credit or debit card or electronic representation thereof, especially in situations where the purchaser is not physically present at a merchant location, such as when a purchase is completed over the phone or through a web site. Such additional information may include a particular code printed on the card itself (known variously as a card verification value (CW), card validation code (CVC), or card ID (CID)) or a billing address zip code. Other efforts to reduce fraud include checking the signature on the back of a credit or debit card for a match against a signed sales receipt, using a personal identification code, and requiring a driver's license matching the name on the credit or debit card. Despite these efforts, which complicate the purchasing process and therefore may not be desirable by consumers or merchants, fraudulent use of credit and debit cards is still prevalent and of concern to consumers and merchants everywhere.
SUMMARY
[0005] Systems and methods are disclosed for requesting, generating, and using temporary account numbers. A user may operate a user device to request a temporary account number associated with an account identified on the user device. The user device may not have any actual account information, such as an account number, for the identified account. A temporary account number provider may receive the request, determine an actual account associated with the account identified in the request, the user, or the device originating the request, and transmit a response to the user device. The response may include a temporary account number, expiration date, and any other account information that may be required or useful in making a purchase. Alternatively, the user device itself may generate a temporary account number. The temporary account number information may be viewed for purchases via web where card presence in not required or the user device may then transmit the temporary account data to a merchant, in one embodiment using near-field communications (NFC), in order to complete a purchase.
[0006] A purchase request including a temporary account number may be transmitted from a merchant to a temporary account number provider, either directly or indirectly. The temporary account number provider may correlate the temporary account number in the request with an actual account number and transmit a purchase request to a payment processor including the actual account number. Upon receiving a response from the payment processor, the temporary account number provider may transmit a response to the merchant including the temporary account number. Thus, the merchant and the user device never need to obtain or store the actual account number, thereby limiting the possibility of fraud.
[0007] Additional security measures may be implemented to further limit the possibility of fraud. A user may be required to submit a PIN at a user device in order to request a temporary account number and related data. Temporary account numbers received on a user device may expire and be automatically deleted after a period of time, or may be manually deleted when the user is finished with them. Other advantages and embodiments of the present disclosure will be described herein.
BRIEF DESCRIPTION OF THE DRAWINGS
[0008] The foregoing Summary, as well as the following Detailed Description, is better understood when read in conjunction with the appended drawings. In order to illustrate the present disclosure, various aspects of the disclosure are shown. However, the disclosure is not limited to the specific aspects discussed. In the drawings:
[0009] Figure 1 is a graphical representation of a non- limiting exemplary system in which systems and methods for randomized mobile payments may be implemented.
[0010] Figure 2 is a graphical representation of a non- limiting exemplary method of implementing an aspect of a randomized mobile payment system.
[0011] Figure 3 is a graphical representation of a non- limiting exemplary method of implementing another aspect of a randomized mobile payment system.
[0012] Figure 4 is a graphical representation of a non- limiting exemplary system in which systems and methods for randomized mobile payments may be implemented and a non- limiting exemplary user interface.
[0013] Figure 5 is a graphical representation of another non-limiting exemplary system in which systems and methods for randomized mobile payments may be implemented and a non- limiting exemplary user interface.
[0014] Figure 6 is a block diagram of a non-limiting, exemplary user device that may be used in connection with an embodiment of the present disclosure.
[0015] Figure 7 is a block diagram of a non- limiting, exemplary processor in which the present subject matter may be implemented.
DETAILED DESCRIPTION OF ILLUSTRATIVE EMBODIMENTS
[0016] Figure 1 illustrates a non- limiting exemplary system for randomized mobile payment. User 110 may be operating user device 120 at a merchant location. In an alternative embodiment, user 110 may be operating user device 120 while shopping online and operating, for example, user computer 122. Alternatively, user computer 122 and user device 120 may be the same device. User device 120 may be a device of any type that is configured to transmit and/or receive of communication signals. For example, user device 120 may be a cellular telephone, a wireless computer, a wireless personal digital assistant (PDA), a wireless video phones, an electronic wallet, or any other portable electronic device configured to implement at least one aspect of the methods and systems recited herein. In some embodiments, user device 120 is also configured with near field communication (NFC) components and/or software that allows user device 120 to exchange data with other devices using short-range wireless communication technology. All other forms of wireless technologies are contemplated.
[0017] User 110 may wish to make a purchase or otherwise provide payment to a merchant or other entity using an account. The account may be a credit or charge account and have associated with it a credit card (MASTERCARD®, VISA®, AMERICAN EXPRESS®, merchant-specific credit card, or any other type of credit or charge card.) Alternatively, the account may be a bank account, such as a checking account or a savings account, and have a debit card or automated teller machine (ATM) card associated with it. In another alternative, the account may be a stored value account and have an associated stored value card. In yet another alternative, the account may be a customer or club member type account, such as a frequent flyer account, and may have a customer or member card associated with it. In still other embodiments, a device or object other than a card may be used for purchases, such as a programmable key fob or other detectable device. In other embodiments, an account may not be financial but instead provide access or other identification information, and may have a card or object associated with it, for example, and access card to allow access into restricted areas, or an identification card that identifies the holder or owner of the account or card. All such embodiments are contemplated as within the scope of the present disclosure.
[0018] User device 120 may be configured to communicate with wireless network 170. Wireless network 170 may be one or more appropriate telephony radio network, or any other type of communications network, or any combination thereof. Technologies used in wireless network 170 may include global system for mobile communications (GSM), code division multiple access (CDMA), and/or any other form of effective data transport utilizing any communications protocols. Wireless network 170 may support unstructured supplementary service data (USSD), short messaging service (SMS) and/or multimedia messaging service (MMS), and such service may be implemented independently of the method of data transport, and do not depend on any particular network architecture, or underlying protocols. Any protocols or other network technologies may be used on wireless network 170, including WiFi, WiMax, internet protocol (IP), wireless application protocol (WAP), and any other technology or protocol. Any configuration and implementation of communications networks, wired, wireless, and any combination thereof, are represented by wireless network 170, and all such embodiments are contemplated as within the scope of the present disclosure.
[0019] When user 110 wishes to obtain a temporary account number, user 110 may operate user device 120 so that a request for a temporary account number or temporary account data is generated and transmitted to a pseudo account server. User device 120 may be configured with software that is provided or maintained by a temporary account number service provider that enables user device 120 to send requests for and/or process responses to requests for temporary account data. In one alternative, user device 120 may be configured with software enabling it to generate temporary account data. A request for temporary account data may be transmitted over wireless communications link 126 to wireless network 170 using any effective means. In one embodiment, the request is transmitted as an SMS message. In another embodiment, the request is transmitted as an encrypted SMS message. In still another embodiment, the request may be sent as an abbreviated dial code or a control signal. Upon receipt of the request, wireless network 170 may transmit the message to pseudo account server 150, which may communicate with wireless network 170 using any effective means over communication link 155, which may be a wired or wireless link. Pseudo account server 150 may process the request and reply with a temporary account number and, in one embodiment, other relevant details such as an expiration date. Alternatively, pseudo account server 150 may process the request and reply with other temporary account data, such as a key or seed that allows user device 120 configured with appropriate software to generate a temporary account number and/or related information.
[0020] In one embodiment, the temporary account number provided or generated is in the same format as the actual account number associated with it. For example, if the actual account number or card number is a 16 digit number, the temporary account number may also be a 16 digit number. Any other combination and number of numbers, letters, or other characters, or any other identifier of an account may be used. Likewise, additional temporary data provided, such as an expiration date, may also be in the format that is used by the actual data. This may enable a user to use the temporary account data in an identical manner as the user would use actual account data. Processing of the request may include evaluating the request and determining actual account number information associated with user 110, and then selecting an appropriate temporary account number and related information, or an appropriate key or seed value. In another embodiment, user device 120 may generate a temporary account number, with or without communicating with a pseudo account server. Details on methods of requesting and processing requests for temporary account numbers and data will be discussed in more detail herein.
[0021] Upon receiving the reply from pseudo account server 150 containing a temporary account number or other temporary account data, or upon generation of a temporary account number by user device 120, user 110 may proceed with a purchase. In one embodiment, user 110 may operate user device 120 to transmit the received temporary account number using NFC communications link 125 to point of sale (POS) device 130, which may be located at a merchant premises. Alternatively, user device 120 may be configured to automatically transmit the temporary account number using NFC communications link 125 to POS device 130 upon receipt of the temporary account number. In another embodiment, user 110 may read the temporary account number and related information from user device 120 and enter the information into a web page using user computer 122. Alternatively, user computer 122 may be configured to detect NFC signals and detect the temporary account number and related data from user device 120. In still another embodiment, user device 120 and user computer 122 may be integrated into a single device, and the temporary account number may be exchanged internally between hardware and/or software components of the integrated user device 120 and user computer 122. In yet another embodiment, user 110 may read the temporary account number from a display of user device 120 and provide the account number orally or via other means to the merchant. All such embodiments are contemplated as within the scope of the present disclosure.
[0022] POS device 130, having received the temporary account number and any related information from user device 120 via NFC in one embodiment, may then transmit a request for authorization of the purchase to the payment service provider. In one embodiment, POS device 130 transmits the request to merchant device 140 over communications link 136. In another embodiment, POS device 130 transmits the temporary account number and any related information over communications link 136 to merchant device 140, which then generates a requests based on the information provided by POS device 130. In yet another embodiment, merchant device 140 may receive the temporary account number and any related information through network 180 from user computer 122 and generate a request for purchase authorization. The request may then be transmitted to network 180 over communications link 145. In yet another embodiment, POS device 130 may be configured with its own communication capabilities, and may transmit a request for purchase authorization directly to network 180 using communications link 135, which may be a wired or wireless communications link. Any means of generating a request and transmitting such a request on a network are contemplated as within the scope of the present disclosure.
[0023] Network 180 may be any type of data network capable of enabling Communications between two or more devices, including the Internet. Network 180 represents any number of interconnected data networks, utilizing any type of communications technologies and protocols, or any combination of technologies and protocols, included wired and wireless communications means. Once the purchase authorization request is received on network 180 from either POS device 130 or merchant device 140, it may be transmitted to payment service provider device 160 over communications link 165 using any communications means, including wired and wireless.
[0024] Payment service provider device 160, or one or more other devices communicatively connected to payment service provider device 160, may process the request for purchase authorization. Such processing may include evaluating the temporary account number contained in the purchase request and determining that pseudo account server 150 is the appropriate server to authorize the purchase. Payment service provider device 160 may then transmit the request for purchase authorization to pseudo account server 150 over network 180.
[0025] Upon receipt of the request for purchase authorization, pseudo account server 150 may process the request to determine if the purchase is authorized. Such processing may include determining the temporary account number from the purchase authorization request, determining an actual account number associated with the temporary account number, and determining an issuer or financial institution associated with the financial institution. Pseudo account server 150 may generate another request for purchase authorization using the actual account number associated with the a temporary account number and transmit the request to issuer device 190 over network 180 for authorization.
[0026] Issuer device 190 may receive the request over communications link 195 and perform authorization processing on the request, including checking for sufficient credit, a valid account in good standing, and any other relevant data, and determine an appropriate response. The response may then be transmitted to pseudo account server 150, which may then transmit the response to payment service provider device 160, in one embodiment altering the response or performing other processing on the response. In another embodiment, upon receiving the response from issuer device 190, pseudo account server 150 generates a separate response based on the received response from issuer device 190. Pseudo account server 150 may transmit a response to the device that initially requested purchase authorization, such as merchant device
140 and/or POS device 130. The merchant and user 110, in one embodiment automatically through the use of merchant device 140 and/or POS device 130, may then complete the purchase. In many embodiments, the merchant never has or needs access to any actual account data, and similarly, actual account data is never present on user device 120, thus ensuring that actual account data is never exposed for misuse during the purchase process.
[0027] The activities described in regard to Figure 1 will now be disclosed in more detail in the following methods. The disclosed methods may be implemented separately by parts of a randomized mobile system, or may be implemented in a single device or subsystem. The following methods may be implemented using any number and types of devices, in conjunction with any number and types of networks. All such implementations are contemplated as within the scope of the present disclosure.
[0028] Figure 2 illustrates a non- limiting exemplary method 200 of requesting and receiving a temporary account number. The aspects of the disclosure described in relation to Figure 2 may be performed by a user device, such as user device 120, or any other device capable of performing these aspects. Such devices include mobile communications device, such as mobile telephones, equipped with hardware and software configured to perform the disclosed aspects. It is contemplated that all such embodiments are within the scope of the present disclosure.
[0029] At block 210 a user interface is displayed. This may be generated by software on a user device stored in memory and executed by one or more user device processors. This software may be downloaded or otherwise installed on a user device and may be provided by and/or maintained by a temporary account data service provider. This software may be downloaded in its entirety each time a user operates a user device to obtain temporary account data, or parts of the software, such as specific components, keys, seeds, sets of temporary account number, libraries, modules, or any other software element may be downloaded or otherwise obtained each time a user operates a user device to obtain temporary account data. Alternatively, this software may be downloaded or otherwise obtained once and reused each time a user operates a user device to obtain temporary account data, with or without periodic updates.
[0030] The user interface may be displayed on one or more displays configured on the user device or communicatively connected to the user device. The user interface combined with the user device may allow for the selection of visual items presented, the entering of textual information, and/or the detection of activation of controls, such as buttons. The user interface presented on a display may include a listing of account types, which, when selected, may generate a display of specific accounts associated with the selected account types. Alternatively, the user interface may present a listing of specific accounts. Specific accounts may be identified by user defined labels or other identifiers. However, in the preferred embodiment, the actual account numbers associated with the specific accounts are not displayed or stored on the user device in any form. The list of accounts may be stored on the user device, or the list may be downloaded from a temporary account number provider device at each execution of software used for temporary account number requests. Exemplary user interfaces are described in more detail herein.
[0031] At block 220, the selection of an account is detected. This may be accomplished through any effective means, such as detecting the actuation of an input button or activation of any input control, determining the area of a display that is highlighted, or otherwise detecting which of the displayed accounts are selected. At block 230, a request for a personal identification number (PIN) is displayed. This may be a simple numeric code, or may be alphanumeric, and may be of any length. Alternatively, other security measures may be employed, such as biometric confirmation (finger print, retina scan, etc.), one or more required security questions and answers, or any other type of confirmation known in the art, now known or to be developed. Any security information requested and/or required may be user configurable, and may or may not be associated with other PINs, such as those used for access to an account at a financial institution automated teller machine (ATM). Any means or mechanism for preventing the request of a temporary account number and related information by unauthorized persons is contemplated. Note that the PIN and/or other security measures blocks of the present method may be implemented before or after displaying account numbers and detecting a user selection of an account. For example, a correct PIN detection may be required before user accounts are displayed in a user interface, and/or before a user is permitted to select a user account. All such embodiments are contemplated as within the scope of the present disclosure.
[0032] At block 240 the PIN or other security related input may be detected using any effective means. At block 250, a determination may be made as to whether the PIN or other security input is correct or otherwise satisfies predetermined security requirements. If not, at block 260 a rejection message may be displayed and the user interface may again be presented at block 210. Alternatively, rather than returning the user to the user interface, the user may be locked out of the software application implementing method 200, or locked out of the device running the software implementing method 200. In an alternative embodiment, a user may be allowed a predetermined number of times in which an incorrect PIN or other security information may be provided before the user is locked out of the software and/or the device. In other embodiments, there may be no limit on the amount of incorrect security inputs allowed. The number of incorrect security inputs allowed may be user configurable in some embodiments. Any configuration of security measures may be implemented and all such configurations are contemplated.
[0033] If the PIN or other security input provided by the user is correct or satisfactory, then at block 270, a request for a temporary account number and related information is generated and transmitted to a provider of such numbers, such as pseudo account server 150 of Figure 1. Alternatively, a request for temporary account data allowing generation of a temporary account number and related information, such as a seed or key, is generated and transmitted to a provider of such data. Note that a request for temporary account data allowing generation of a temporary account number and related information may be sent when a purchase is desired, or may be sent at any time, and used to generate a temporary account number when a purchase is desired.
[0034] The request transmitted to a provider may consist of any information that may be used by a provider of temporary account numbers to identify a particular account, some of which may be provided by default depending on the communication technology. For example, the telephone number associated with the user device may identify the user in a database maintained by a provider of temporary account numbers. Alternatively, a unique number, value or other identifier may be associated with the user and/or user device in a database maintained by a provider of temporary account numbers. This number or other identifier may accompany a request for a temporary account number, in some embodiments by default if the protocol used to transmit the message, such as SMS, includes such numbers by default. In other embodiments, the request may also include a code, a unique number, a value, a nickname or other identifier associated with an account, or other identifying data that specifies a particular account from among a plurality of accounts. The request may also include a dollar amount of the purchase or an amount to be preauthorized. The request may be sent using any means, including as an USSD, SMS or MMS message, as an abbreviated dial code or a control signal, using WiFi, WiMax, or other wireless technologies, and may be encrypted using any encryption means. Any information that may be used to specify a particular account and/or an amount to be charged against the account, as well as any effective communication means of transmitting a request, is contemplated.
[0035] At block 275, a temporary account number, temporary account data, and/or any related data may be received on a user device. The temporary account number and/or any related data may be received as an USSD, SMS, or MMS message, or via any other communications means. Related information may include a credit or debit card name, expiration date, PIN, CW,
CVC, CID, billing zip code, lifespan or timeout value, number of uses, credit limit, credit or debit limit per transaction, or any other relevant information. In one embodiment, a provider of temporary account numbers may always use the same expiration date, or the same part of an expiration date, such as the year, for each temporary account number and related data generated for a particular account. This may assist a user in tracking which temporary account data corresponds to which account, and verifying that any temporary account data received is associated with the correct account or card. For example, temporary account data with an expiration date in the year 2011 may always be provided for a user's AMERICAN EXPRESS® card. Any other means or methods of encoding identifiers of an account into temporary account data that does not include actual account numbers or other actual account data are contemplated as within the scope of the present disclosure. If a temporary account number and related data is received at block 275, the method progresses to block 280.
[0036] In another embodiment, rather than a complete temporary account number, a seed or key may be received on the user device at block 275 that allows software and/or hardware configured on the user device to generate a temporary account number at block 277. In some embodiments, the seed or key may be accompanied by a partial temporary account number and/or related temporary account information. The entire temporary account number may be generated by the user device from the seed by applying an algorithm to the key or seed to generate the account number. Alternatively, a portion of the temporary account number may be generated by applying an algorithm to the key or seed and appended the generated number to a portion of the temporary account number received in the response, stored on the user device, or obtained by other means. For example, the first eight digits of a 16 digit account number may be predetermined and received on the user device in a response from a temporary account number provider, or already stored on the user device. The user device may then receive a seed or key value which is then manipulated by software and/or hardware on the user device to generate the last eight digits of the 16 digit account number. The temporary account number may then be formed by appending the generated eight digits to the predetermined eight digits. Other means and methods of generating whole or partial account numbers from seeds, keys, or other data are contemplated as within the scope of the present disclosure.
[0037] The number generation application operating on a user device may be unique to that particular user device by virtue of its software elements such that the number generation application operating in conjunction with a remote server that contains user account data, such as pseudo account server 150 of Figure 1, will create temporary account numbers that are unique to that particular server/user device pair. For example, a particular user device may have one or more keys that correspond to one or more keys maintained by a remote server. The combination of those keys may allow the user device to generate temporary account numbers that other user devices with different sets of keys or different configurations of software cannot generate. Any combination of keys and devices that may be used to create unique data for use as temporary account numbers and related information are contemplated as within the scope of the present disclosure.
[0038] At block 280, the relevant information required for a purchase is transmitted via a user device's NFC components. This allows the user to move the device into an area proximate to a merchant's POS device equipped with NFC components and transmit the temporary account number and other information to the merchant to complete the purchase. In another embodiment, the temporary account number and related information may be displayed to the user instead of, or in addition to, transmitting such information via NFC. This allows the user to see the information and provide it orally or input it in an alternative manner. For example, if the temporary account number and related information is associated with a debit card, the user may be required to enter a PIN into a merchant's POS device. The temporary PIN to be used with the temporary account number may be presented to the user on the user device. Confirmation of rejection of the purchase may also be received by the user device from the merchant POS device using NFC or any other means of communication.
[0039] Alternatively the user may be making a purchase online, and may enter the temporary account number and related information read from the display of a user device into a web page to complete a purchase. In another embodiment, the user device may communicate with a user computer via NFC or any other means and transmit the temporary account number and related information to the user computer to complete a purchase. In yet another embodiment, the user may be operating the user device to access the Internet and the temporary account number and related information may be conveyed internally within the user device to another software application that is communicating with a web server to conduct an online transaction. All such embodiments are contemplated as within the scope of the present disclosure.
[0040] At block 285, a determination is made as to whether a timeout threshold has been reached for the temporary account number. Each temporary account number and related information may be associated with a predetermined lifespan on the user device. By limiting the lifespan of a temporary account number and related information, use of such numbers and information by unauthorized users may be prevented even if such users acquire the device and successfully provide security information. This lifespan may be user configurable, configured by the issuer or pseudo account provider, or may be preconfϊgured in the software implementing method 200. The lifespan of a temporary account number and related information may be received within the response received at block 275, and may be any amount of time. In one embodiment, the lifespan of a temporary account number and related information may be set a small number of minutes, such as five or ten minutes. A user device may look at the timestamp of the response received that provided the temporary account number and compare that timestamp to the current time maintained by the device in order to determine whether the lifespan has expired. Any other means used to determine whether the lifespan has expired may be used and all such implementations are contemplated as embodiments of the present disclosure.
[0041] In an alternative embodiment, a number of uses may be determined at block 285. Each temporary account number and related data may be valid for only a limited number of uses. For example, each temporary account number and related data may be usable only one time. In some embodiments, this may be user configurable, while in other embodiments the number of uses permitted may be system determined. In one embodiment, once the threshold of uses is reached, the temporary account number and related data is automatically erased from a user device. Other configurations based on a number of uses are contemplated.
[0042] If the lifespan of the temporary account number and related information has not expired, the method returns to block 285 to check again. Once the lifespan has expired, at block 290 the user device and/or software configured thereon may delete the temporary account number and all related information from memory, data storage, and any where else that the information may have been recorded on the user device, and the method is complete. This ensures that the temporary account number will not be available to any users, authorized or not, in the future, thus reducing the opportunity for fraud using the temporary account number. Any means and methods may be used to remove the data from the user device, and all such embodiments are contemplated as within the scope of the present disclosure.
[0043] Figure 3 illustrates a non-limiting exemplary method 300 of receiving a request for a temporary account number, providing a temporary account number, and handling a request for purchase authorization using a temporary account number. The aspects of the disclosure described in relation to Figure 3 may be performed by one or more computing device, such as pseudo account server 150, payment service provider device 160, issuer device 190, and/or any other device or combination of devices capable of performing these aspects. Such devices may be equipped with hardware and software configured to perform the disclosed aspects. It is contemplated that all such embodiments are within the scope of the present disclosure. [0044] At block 310, a request for a temporary account number and related information, or a request for temporary account data that may be used to generate a temporary account number and related information, may be received at a provider of temporary account numbers. The request maybe received as an USSD, SMS or MMS message, or via any other communications means. The request may contain any information that may be useful in performing other aspects of method 300, including a user device telephone number, one or more codes indicating a particular account, a nickname associated with an account, or other identifying data that specifies a particular account from among more than one accounts. The request may also include a dollar amount of the purchase or an amount to be preauthorized. All such embodiments are contemplated as within the scope of the present disclosure.
[0045] At block 320, a subset of available temporary account numbers may be generated. This subset may be generated from a list of account numbers provided by an issuer. For example, the issuer of card type X may provide a block of card numbers (for example 1234- 5678-1000-0000 through 1234-5678-1099-9999) to a provider of temporary account numbers. Then, when a user requests a temporary account number to use for an account of card type X, one of the pool of numbers provided the issuer of card type X may be used as a temporary account number for that user. The pool of numbers available for use as temporary account numbers may or may not be reused. Other criteria may also be used to further select the subset of available account numbers. In one embodiment, each time a temporary account number is used, a record of the use is stored that may include identifying information on the user or device that has used the temporary account number, such as a telephone number or user ID. In some embodiments, a particular temporary account number may not be used by the same user and/or user device more than once. In other embodiments, once a particular temporary account number is used, it may not be used again by any user for a predetermined amount of time, such as three or six months. Following the predetermined amount of time, in some embodiments, the particular temporary account number may be used by users other than those users who have used it in the past. Any other criteria may be used to generate a subset of available account numbers for use as temporary account numbers, and all such embodiments are contemplated as within the scope of the present disclosure.
[0046] Alternatively, a subset of keys or seeds may be generated at block 320 from which a key or seed may be selected that may be transmitted to a user device for the user device to use in the generation of a complete or partial temporary account number. The subset may be determined based on the past use of the keys or seeds, or the past use of temporary account numbers that are generated by the used of such seeds or keys. If the key or seed selected is intended for use in generating a partial temporary account number, a subset of partial temporary account numbers may be generated, from which a partial account number may be selected and sent to a user device for use with account number generation software and/or hardware configured to generate a partial account number. In this embodiment, the partial account number provided and the partial account number generated may be appended or otherwise combined to generate a complete temporary account number.
[0047] At block 330, a temporary account number and related information, and/or temporary account data such as a seed or key, is selected and transmitted to a user. Any means of selecting a temporary account number or data may be used, including randomly selecting a temporary account number from among the available account numbers or randomly selecting a key or seed from available keys or seeds. Other data may be determined at block 330 as well, such as an expiration date, CW, CVC, CID, billing zip code, PIN, and any other information associated with the temporary account number that may be desirable. In some embodiments, preauthorization for the purchase may be performed at block 330 as well. For example, if the request for a temporary account number or data included an amount of purchase, the provider of temporary account numbers may determine the actual account number associated with the account identified by the request and transmit an authorization request to the issuer. The provider of temporary account numbers may then respond accordingly to the request for a temporary account number, in one embodiment denying the request if the purchase authorization failed. The temporary account information may be transmitted to the user in any effective manner, including as an USSD, SMS or MMS message. The information may be transmitted in the same manner as the request for a temporary account number was received, or in a different manner. Any manner of selecting an account number and related information and transmitting the same to a user are contemplated as within the scope of the present disclosure.
[0048] At block 340, the use of the selected temporary account number and related data, the use of a particular key or seed, or any other data that may be of use may be recorded. Note that this aspect may be performed before or after the temporary account number and related information is transmitted to a user at block 330. It is contemplated that such information may be stored in a database. Examples of information that may be stored include any or all of the information sent to the user (expiration date, CW, CVC, CID, billing zip code, PIN, lifespan, etc.), a user name or other user identifying information, an account nickname, identifying information for the device that requested the temporary account number, identifying information for a seed or key used or the actual seed or key, actual account information for the actual account associated with the temporary account (issuer, account number, expiration date, and any other data), amount of purchase, and any other relevant data. This information may be accessed later to determine whether the temporary account number sent to a user is available for another request for a temporary account number. Any type of information and any means of storing such information are contemplated as within the scope of the present disclosure.
[0049] At block 350, a temporary account number provider may receive a request to authorize a purchase by a user who is using the temporary account number and related information provided at block 330. The purchase authorization request may be received via any communications means. The request for purchase authorization may originate at a retailer where the user is present and interacting with a POS device, at a virtual store where the user is shopping online, or from a retailer interacting with the user over the telephone. The request may come directly from a retailer or merchant, or may come from a payment processing service. All such embodiments are contemplated as within the scope of the present disclosure. In one embodiment, an email, text message, phone call, or other notification may be sent to a user when such a purchase authorization request is received by a temporary account number provider.
[0050] At block 360, a temporary account number provider may determine an actual account number and related information associated with the temporary account number provided in the request received at block 350. This may be done using data stored at block 340, and/or using alternate means. Any information that may be required to obtain a purchase authorization may be obtained at block 360, including a purchase amount which may be derived from the purchase authorization request received at block 350. Having collected or determined all the necessary data, a temporary account number provider may then generate a request for purchase authorization using actual account information and transmit that request to an issuer or other payment processing provider at block 370 using any communications means.
[0051] At block 380, a response to the request for purchase authorization using actual account information may be received at a temporary account number provider from an issuer or other payment processing provider using any communications means. At block 390, the response is processed and a response to the purchase authorization request received from a merchant at block 350 is generated. The response to the merchant may include the acceptance or rejection as set forth in the response received at block 380, as well as the temporary account number and related information. At block 390, a determination may be made as to the temporary account number and related information that currently corresponds to the actual account number and related information contained in the response received at block 380 from an issuer or other payment processing provider. Once a response is generated, it may be transmitted to a merchant, retailer, or other interested party using any communications means. In one embodiment, an email, text message, phone call, or other notification may be sent to a user when such a purchase authorization request is processed by a temporary account number provider. All such embodiments are contemplated as within the scope of the present disclosure.
[0052] Figure 4 illustrates a non- limiting exemplary embodiment of an activation system and user interface for activating and configuring a user account with a temporary account number provider. User 410 may be operating computer 420, which may be any type of computing device, including a personal computer, laptop, or mobile computing device such as a mobile telephone with computing capabilities. Computer 420 may be configured to communicate with network 430, which may be any computer, data, or voice network, wired or wireless, or any combination thereof, and which may include two or more communicatively connected networks. Computer 420 may be communicating with pseudo account activation server 450 that may be operated and/or maintained by a temporary account number provider. Pseudo account activation server 450 represents any number of devices of any type, and combination of devices, that may be operated by a temporary account number provider.
[0053] User 410 may be interacting with user interface 460 while operating user computer 420. User interface 460 may be generated and presented using any means, including any combination of software and hardware. The information represented on user interface 460 may be presented on one screen or may be distributed among several screens or windows, and may be supplemented by additional information and data field. Moreover, not all the information displayed by user interface 460 may be required or presented. All such embodiments are contemplated as within the scope of the present disclosure.
[0054] In order to use the services of a temporary account number provider, a user may be required to provide credit or debit card information. This information may be used by a temporary account number provider to obtain purchase authorizations and to correlate actual account numbers to temporary account numbers. In section 462 of user interface 460, a user may enter information about a credit or debit card, including a card type (for example, VISA®, MASTERCARD®, AMERICAN EXPRESS®, etc.), a card number, an expiration date, and a card verification number such as a CW, CVC, or CID. A user may also enter a PIN for a card or account. This may be an issuer PIN, such as those required to use a debit card. Alternatively, this may be a user-defined PIN that may be used on a mobile device to verify that a user requesting a temporary account number is an authorized user, as described above. In another embodiment, no PIN may be provided during the activation process. Instead, a PIN may be provided to the actual user device and stored only there so that there was no record of the PIN anywhere else, thereby improving PIN security. In another alternative, only PINs associated with particular cards, account, or types of cards or accounts may be gathered during the activation process. For example, debit card PINs may be stored but not credit card PINs or PINs used to access the software on a user device that requests temporary account data. Any other card or account information may be provided or solicited.
[0055] The user may also provide a nickname or other identification for a card or account, which may be used to identify the account on a user device. Alternatively, a temporary account number provider may determine identifying information for a card or account. Such identifying information may be necessary because, in one embodiment, no actual account or card information is stored on the user device. Information may be entered into a user interface using any means, including free text field, dropdown menus, radio buttons, etc. The temporary account number provider may store card or account information and present it to a user, for example, in section 468.
[0056] Billing information for an account or card may also be required, and may be provided to a temporary account number provider through the user interface in a section such as section 464. Typical billing information may be entered, including a card or account owner's name, address, phone number, email address, and any other relevant information.
[0057] User preferences may also be entered in section 464 or any other section. For example, a user may have the option to get alerts emailed to the user regarding account activity, such as each time an account is used, each time a purchase exceeds a predetermined threshold, or any time any other activity of interest may take place. In another embodiment, a user may have the option of enabling or disabling the use of cards or accounts provided to a temporary account number provider. In still another embodiment, a user may have the option of selecting the devices from which an account or card may be accessible. For example, a user may wish to enable the user's device and a user's child's device to request temporary account data for a personal account, but only allow the user's device to request temporary account data for a business account. In another embodiment, a user may have the option of selecting a number of uses that a temporary account number and related information associated with the account or card may be used. For example, a user may specify that a temporary account number associated with a particular card or account may only be used two times before it is automatically erased or otherwise disabled. Alternatively, the temporary account number provider may set a number of uses for each temporary account number and related information, or may only use lifespan or timeout value to determine when to erase or otherwise disable a temporary account number and related information. In yet another embodiment, a user may have the option of specifying the lifespan or a temporary account number and related data. For example, a user may specify, or select from available options, a lifespan often minutes for temporary account numbers associated with a particular account or card. Alternatively, the temporary account number provider may set lifespan for each temporary account number and related information, or may only use number of uses to determine when to erase or otherwise disable a temporary account number and related information. Any other user preferences may be solicited or provided, and all such embodiments are contemplated as within the scope of the present disclosure.
[0058] In section 466, user device information may be provided. This information may allow a temporary account number provider to determine which user is sending a request for a temporary account number, or verify that a request for a temporary account number is coming from an authorized device. Information that may be provided includes a telephone number, a model and brand of a device, and a carrier configured to support the device. This information, such as model number and brand of device, may be used to determine an appropriate version or type of software for requesting temporary account data to provide to a user device. Aliases for devices may also be provided to simplify identifying devices by a user during the use of a randomized mobile payment system. Any other information about the user device may be provided.
[0059] User interface 460 may also provide information on the current configuration for user 410, such as that shown in section 468. The name and address of the user may be presented, as well as a listing of devices and related information and a listing of cards or accounts already configured and related information, such as the nicknames associated with the accounts. Any other information may be presented, including currently configured user preferences. All such embodiments are contemplated as within the scope of the present disclosure.
[0060] Once information is provided to a temporary account number provider, in one embodiment through an user interface and activation process as disclosed herein, a user may then request and use temporary account numbers and related information to make purchases. Figure 5 illustrates a non-limiting exemplary embodiment of a system for requesting and using a temporary account number and related information and user interfaces for requesting and receiving a temporary account number and related information from a temporary account number provider.
[0061] User 510 may be operating user device 520, which may be a mobile device with computing and wireless communications capabilities, such as a smart phone or PDA. Configured on user device 520 may be software and hardware that enables interaction with a temporary account number provider. Such software may be designed to operate specifically on mobile devices, or may general software configured to operate on a wide variety of devices. Such software may also be downloaded from a temporary account number provider, or otherwise provided by a temporary account number provider, or may be provided by another party or made available by another party, such as a telecommunications provider, a financial institution, or a third party. The software may reside on the device itself, on a subscriber identification module (SIM), a removable memory stick, or any other type of storage medium. In the event that the software resides on the SIM, the software may or may not be able to be activated on another device.
[0062] The software on user device 520, operating in conjunction with the hardware on user device 520, may present user interfaces to a user for requesting and receiving temporary account number data. For example, user 510 may activate temporary account number software on user device 520, which may in turn present user interface 560 on a display of user device 520. user interface 560 may present list 562 of available accounts or cards, identified by nicknames or any other identifying information other than actual account numbers. Note that in the preferred embodiment, no actual account information is stored on user device 520. User 510 may select the preferred card or account from list 562 using any means, including pressing a virtual or actual button associated with the preferred card or account, selecting the preferred card or account with a stylus, or any other means of selecting an object through a user interface. User interface 560 may also request an amount of purchase to be preauthorized. Alternatively, user device 520 may have received an amount of purchase from a merchant, for example from data received via NFC from merchant POS device 570. User interface 560 may also show other information about the pending purchase, such as the name, address, phone number, or other information about the merchant. Any other merchant data or account data that may be displayed is contemplated as within the scope of the present disclosure.
[0063] Once an account or card is selected from list 562, user interface 564 may be presented to user 510 on user device 520. User interface 564 may request a PIN number from user 510 to ensure that a temporary account number is being requested by an authorized user. The PIN number requested and entered may be associated with the specific account or card selected, or may be a general PIN number used for requesting a temporary account number associated with any available account of a user. In one alternative, the PIN number is a PIN number associated with an account by a financial institution, such as a PIN number used to access an account at an ATM. In another alternative, the PIN number is user configurable and may be set by the user through the activation process as disclosed herein. In still another alternative, the entry of a PIN number may be required before a listing of accounts, such as list 562 in user interface 560, is presented. In such an alternative, the requiring of a PIN number after an account is selected may still be employed to provide an extra layer of security, and the two PIN numbers may or may not be the same. In yet another alternative, rather than a PIN number, a security code of any type may be requested, or other security measures may be employed, such as biometric security measures. Any combination or origination of PIN numbers and/or security measures may be used, and all such embodiments are contemplated as within the scope of the present disclosure.
[0064] Once a PIN number is entered or other security measures are completed, or once user device 520 is otherwise configured to request a temporary account number and related data, a request for a temporary account number and related data may be generated and transmitted from user device 520 to wireless network 530. Wireless network 530 may be any one or more wireless networks, in some embodiments combined or interconnected to wired networks, that is capable of transmitting and receiving wireless data communications. Wireless network 530 may then transport the request for a temporary account number and related data to pseudo account mobile server 550. Pseudo account mobile server 550 may be operated and/or maintained by a temporary account number provider, and may be dedicated to providing temporary account numbers to mobile device, or may be configured to perform other functions. Pseudo account mobile server 550 may also be several servers, computers, network devices, and/or other device configured to response to requests for temporary account numbers. All such embodiments are contemplated as within the scope of the present disclosure.
[0065] Upon receiving the request for a temporary account number and related data, pseudo account mobile server 550 may generate temporary account number data, and transmit such data to user device 520 over wireless network 530. Pseudo account mobile server 550 may also communicate the temporary account number and related data to pseudo account payment server 555 so that payments using the temporary account data can be authorized. Pseudo account mobile server 550 may be configured to communicate with pseudo account payment server 555 over a network of any kind, or combination of networks. Alternatively, the functions of pseudo account payment server 555 and pseudo account mobile server 550 may be performed by a single device. In one alternative, when pseudo account mobile server 550 receives a request for temporary account data, it may forward the request to pseudo account payment server 555, or it may generate a request for temporary account data and send it to pseudo account payment server 555. Pseudo account payment server 555 may then send temporary account data to pseudo account mobile server 550 for transmission to user device 520. In another alternative embodiment, a separate server or other computing device may be configured to generate temporary account data, and may transmit such data to pseudo account mobile server 550 and/or pseudo account payment server 555. Any combination or configuration of devices configured to generate temporary account data is contemplated as within the scope of the present disclosure.
[0066] When the data is received at user device 520, a user interface such as that illustrated by user interface 566 may be displayed and presented to user 510. In some embodiments, the information presented in user interface 566 may include a temporary account number, an expiration date, a PIN, a billing zip code, a CW, CVC, or CID, and/or a lifespan. The lifespan presented may be the amount of time the user has left to use the temporary account data before it is automatically erased from user device 520. The lifespan may be continually updated on user interface 566 so that user 510 can easily determine the amount of time remaining in which user 510 may use the temporary account data to make a purchase. In one embodiment, user interface 566 may provide control 568 which may erase all temporary account data from user device 520. This may be desirable in a situation where a user has completed a purchase and wants to remove temporary account data so that it is not accidently or maliciously used for purchases that the customer did not intend to make. Any other configurations of user interfaces, controls and information presented on user interfaces, and/or functions provided by user interfaces are contemplated as within the scope of the present disclosure.
[0067] In one embodiment, user device 520 may also activate NFC components configured on user device 520 and transmit the received temporary account data via NFC. When user 510 sees user interface 566, user 510 may proceed with a purchase. In one embodiment, user 510 may place user device 520 in an area so that the NFC components of user device 520 are proximate to merchant POS device 570, which may be configured to receive NFC data from devices such as user device 520. In another embodiment, user 510 may read temporary account data from user interface 566 and provide it to a merchant orally, for example by telephone, or electronically, for example by entering temporary account data into a web page. In another embodiment, user 510 may provide a portion of the temporary account data to a merchant through a merchant device. For example, if the temporary account data is associated with a debit card, user 510 may be required to enter a PIN number provided with the temporary account data at merchant POS device 570. All other means and methods of providing payment using temporary account data are contemplated as within the scope of the present disclosure.
[0068] Upon receiving temporary account data from user device 520, merchant POS device 570 may transmit a purchase authorization request, directly or indirectly, from merchant POS device 570. The request may include the temporary account number and any other data received from user device 520 or user 510 in any manner, and may also include purchase information, such as an amount of purchase and merchant identifying information. Such a request may be transmitted to network 535, which may be any type of network or combination of networks as described herein. From network 535, the purchase authorization request may be forwarded to a payment service provider that may in turn forward the purchase authorization request to pseudo account payment server 555. Alternatively, the purchase authorization request may be transmitted directly to pseudo account payment server 555, or pseudo account payment server 555 may also function as a payment service provider. Pseudo account payment server 555 may then correlate the temporary account data with actual account data as described herein, and may generate a purchase authorization request including purchase amounts and merchant information. This request may be transmitted from pseudo account payment server 555 to an issuer, financial institution, or payment processor for purchase authorization based on actual account data.
[0069] When a response is received from an issuer, financial institution, or payment processor, pseudo account payment server 555 may then generate a response for transmission to the merchant, in one embodiment to merchant POS device 570. The response generated may include the temporary account data which may be determined from the actual account data in the response from an issuer, financial institution, or payment processor and records maintained by pseudo account payment server 555, pseudo account mobile server 550, and/or another device operated by a temporary account number provider. The response may be transmitted to merchant POS device 570 over network 535.
[0070] Note also that any of the methods, systems, and means described herein may be implemented with any technology and any devices, components, systems, or systems, and any combination thereof. Note also that the randomized mobile payment system as described herein may be integrated into other telephony or communications related systems and devices, such as a wireless or wireline communications system or network, or any other type of communications systems or devices. All such embodiments are contemplated as within the scope of the present disclosure.
[0071] Figure 6 illustrates an example wireless device 610 that may be used in connection with an embodiment. References will also be made to other figures of the present disclosure as appropriate. For example, user devices 120, 420, and 520 may each be a wireless device of the type described in regard to Figure 6, and may have some, all, or none of the components and modules described in regard to Figure 6. It will be appreciated that the components and modules of wireless device 610 illustrated in Figure 6 are illustrative, and that any number and type of components and/or modules may be present in wireless device 610. In addition, the functions performed by any or all of the components and modules illustrated in Figure 6 may be performed by any number of physical components. Thus, it is possible that in some embodiments the functionality of more than one component and/or module illustrated in Figure 6 may be performed by any number or types of hardware and/or software.
[0072] Processor 621 may be any type of circuitry that performs operations on behalf of wireless device 610. In one embodiment, processor 621 executes software (i.e., computer readable instructions stored in a computer readable medium) that may include functionality related to requesting and receiving temporary account data, communicating with, operating, or interfacing with a temporary account number provider system, and/or running software configured to operate, communicate, or interface with a temporary account number provider system, for example. User interface module 622 may be any type or combination of hardware and/or software that enables a user to operate and interact with wireless device 610, and, in one embodiment, to interact with a temporary account number provider system. For example, user interface module 622 may include a display, physical and "soft" keys, voice and/or speech recognition software, microphone, speaker and the like, and may be configured to display user interfaces, such as user interfaces 460, 560, 564, and 566. Wireless communication module 623 may be any type or combination of hardware and/or software that enables wireless device 610 to communicate with, for example, wireless network 170, wireless network 530, and/or any other type of wireless communications network. Memory 624 enables wireless device 610 to store information, temporary account numbers and related data, software for interacting with a temporary account number provider system, a web browser, other types of data, or the like. Memory 624 may take any form, such as internal random access memory (RAM), an SD card, a microSD card and the like. Power supply 625 may be a battery or other type of power input (e.g., a charging cable that is connected to an electrical outlet, etc.) that is capable of powering wireless device 610.
[0073] Figure 7 is a block diagram of an example processor 758 which may be employed in any of the embodiments described herein, including as one or more components of user devices 120, 122, 420, or 520, or devices 130, 140, 150, 160, 190, 450, 550, 555, or 570, or as one or more components of communications network equipment or related equipment, such as any component of networks 170, 180, 430, 530, or 535 and/or as one or more components of any device, component, system, or subsystem that may implement any portion of the subject matter described herein. It is emphasized that the block diagram depicted in Figure 7 is exemplary and not intended to imply a specific implementation. Thus, the processor 758 can be implemented as a single processor or multiple processors. Multiple processors can be distributed or centrally located. Multiple processors can communicate wirelessly, via hard wire, or any combination thereof.
[0074] The processor 758 comprises a processing portion 760, a memory portion 762, and an input/output portion 764. The processing portion 760, memory portion 762, and input/output portion 764 are coupled together (coupling not shown in Figure 7) to allow communications between these portions. The input/output portion 764 is capable of providing and/or receiving components, commands, and/or instructions, utilized to, for example, operate a temporary account number provider system, a user device configure to interact with a temporary account number provider system, a network configured transport requests for temporary account data and responses to such request, or any subsystem or component thereof.
[0075] The processor 758 can be implemented as a client processor and/or a server processor. In a basic configuration, the processor 758 may include at least one processing portion 760 and memory portion 762. The memory portion 762 can store any information utilized in conjunction with transmitting, receiving, and/or processing temporary account number requests, responses, activation data, or any other data or information. For example, as described above, the memory portion is capable of storing temporary account data, actual account data, correlations between temporary and actual account data, and/or software capable of operating a temporary account number provider system and/or a user device and software configured to interact with a temporary account number provider system. Depending upon the exact configuration and type of processor, the memory portion 762 can be volatile (such as RAM) 766, non-volatile (such as ROM, flash memory, etc.) 768, or a combination thereof. The processor 758 can have additional features/functionality. For example, the processor 758 can include additional storage (removable storage 770 and/or non-removable storage 772) including, but not limited to, magnetic or optical disks, tape, flash, smart cards or a combination thereof. Computer storage media, such as memory and storage elements 762, 770, 772, 766, and 768, include volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules, or other data. Computer storage media include, but are not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disks (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, universal serial bus (USB) compatible memory, smart cards, or any other medium which can be used to store the desired information and which can be accessed by the processor 758. Any such computer storage media may be part of or communicatively connected to the processor 758. [0076] The processor 758 can also contain the communications connection(s) 780 that allow the processor 758 to communicate with other devices, for example through networks 170, 180, 430, 530, or 535. Communications connection(s) 780 is an example of communication media. Communication media typically embody computer-readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media. The term "modulated data signal" means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal. By way of example, and not limitation, communication media includes wired media such as a wired network or direct-wired connection as might be used with a land line telephone, and wireless media such as acoustic, RF, infrared, cellular, and other wireless media. The term computer-readable media as used herein includes both storage media and communication media. The processor 758 also can have input device(s) 776 such as keyboard, keypad, mouse, pen, voice input device, touch input device, etc. Output device(s) 774 such as a display, speakers, printer, etc. also may be included.
[0077] While example embodiments of systems and methods for operating a temporary account number provider system and user devices that interact with a temporary account number provider system such as those described herein have been described in connection with various communications devices and computing devices/processors, the underlying concepts can be applied to any communications or computing device, processor, or system capable of implementing the systems and methods described. The various techniques described herein can be implemented in connection with hardware or software or, where appropriate, with a combination of both. Thus, the methods and apparatuses for randomized mobile payment systems and methods, or certain aspects or portions thereof, can take the form of program code {i.e., instructions) embodied in tangible media, such as floppy diskettes, CD-ROMs, hard drives, or any other machine-readable storage medium, wherein, when the program code is loaded into and executed by a machine, such as a computer, the machine becomes an apparatus for or a component of a randomized mobile payment system. In the case of program code execution on programmable computers, the computing device will generally include a processor, a storage medium readable by the processor (including volatile and non-volatile memory and/or storage elements), at least one input device, and at least one output device. The program(s) can be implemented in assembly or machine language, if desired. The language can be a compiled or interpreted language, and combined with hardware implementations.
[0078] The methods and systems for randomized mobile payment as described herein can also be practiced via communications embodied in the form of program code that is transmitted over some transmission medium, such as over electrical wiring or cabling, through fiber optics, or via any other form of transmission, wherein, when the program code is received and loaded into and executed by a machine, such as an EPROM, a gate array, a programmable logic device (PLD), a client computer, a wireless telephone, or the like, the machine becomes an apparatus for a randomized mobile payment system. When implemented on a general-purpose processor, the program code combines with the processor to provide a unique apparatus that operates to invoke the functionality of a randomized mobile payment system. Additionally, any storage techniques used in connection with a randomized mobile payment system can invariably be a combination of hardware and software.
[0079] While systems and methods have been described herein in connection with the various embodiments of the various figures, it is to be understood that other similar embodiments can be used or modifications and additions can be made to the described embodiments for performing the same functions without deviating from the described systems and methods. For example, one skilled in the art will recognize that a randomized mobile payment system, a temporary account number provider system, or user device configurations as described in the present application may apply to any environment, whether wired or wireless, and may be applied to any number of such devices connected via one or more communications networks and interacting across such networks. Therefore, randomized mobile payment systems such as those described herein should not be limited to any single embodiment, but rather should be construed in breadth and scope in accordance with the appended claims.

Claims

What is Claimed is:
1. A system for providing a mobile payment, comprising: a receiver configured to receive a request for a temporary account number from a user device; a temporary account number generator configured to determine a personal account number based on the request, select a temporary account number from among a plurality of available temporary account numbers, and record a correlation of the temporary account number to the personal account number; and a transmitter configured to transmit the temporary account number to the user device.
2. The system of claim 1 , wherein the receiver is further configured to receive a plurality of temporary account numbers from an account issuer.
3. The system of claim 1 , wherein the temporary account number generator is further configured to associate the temporary account number with an identifier of the user device.
4. The system of claim 3, wherein the temporary account number generator is further configured to generate the plurality of available temporary account numbers by determining one or more potential temporary account numbers from among a plurality of temporary account numbers that are not associated with the user device.
5. The system of claim 1 , wherein the temporary account number generator is further configured to generate the plurality of available temporary account numbers by determining one or more potential temporary account numbers from among a plurality of temporary account numbers that have not been used as temporary account numbers for at least a predetermined amount of time.
6. The system of claim 1 , wherein the temporary account number generator is further configured to determine an account from among a plurality of accounts associated with a user of the user device.
7. The system of claim 1 , wherein the receiver is configured to receive the request for the temporary account number as at least one of a SMS message, a USSD message, an abbreviated dial code, and a control signal.
8. The system of claim 1 , wherein the receiver is further configured to receive a first purchase authorization request comprising the temporary account number, wherein a processor is configured to determine the personal account number based on the temporary account number and generate a second purchase authorization request comprising the personal account number, and wherein the transmitter is further configured to transmit the a second purchase authorization request to a payment processor.
9. The system of claim 8, wherein the transmitter is further configured to transmit an email message to a user responsive to the receiver receiving a first purchase authorization request
10. A computer-readable storage medium comprising computer-readable instructions for requesting and providing a mobile payment, the computer-readable instructions comprising instructions for: detecting a selection of a user account from among one or more user accounts on a user device, wherein no account numbers are associated with the one or more user accounts on the user device; transmitting a request for a temporary account number comprising data associated with the user account; receiving the temporary account number; and transmitting the temporary account number to a point of sale device.
11. The computer-readable storage medium of claim 10, wherein each of the one or more user accounts is associated with an index number, and wherein the data associated with the user account comprises the index number associated with the user account.
12. The computer-readable storage medium of claim 10, further comprising instructions for automatically erasing the temporary account number after a predetermined amount of time.
13. The computer-readable storage medium of claim 10, further comprising instructions for presenting to a user on the user device an option to erase the temporary account number, and, responsive to detecting a selection of the option, erasing the temporary account number.
14. The computer-readable storage medium of claim 10, further comprising instructions for receiving temporary account data associated with the temporary account number.
15. The computer-readable storage medium of claim 14, further comprising instructions for presenting the temporary account data to user on a display.
16. The computer-readable storage medium of claim 10, wherein the instructions for detecting the selection of the user account from among one or more user accounts on the user device comprise instructions for: responsive to detecting the selection of the user account, presenting a security query on the user device; detecting a response to the security query; and determining whether the response is sufficient.
17. The computer-readable storage medium of claim 16, wherein the security query is a request for a personal identification number.
18. The computer-readable storage medium of claim 10, further comprising instructions for downloading a list of user accounts onto the user device for selection.
19. The computer-readable storage medium of claim 10, further comprising instructions for storing a list of user accounts on the user device.
20. The computer-readable storage medium of claim 10, wherein the instructions for detecting the selection of the user account from among one or more user accounts on the user device comprise instructions for: presenting a security query on the user device; detecting a response to the security query; determining that the response is sufficient; responsive to determining that the response is sufficient, presenting a list of user accounts; and detecting the selection of the user account from the list of user accounts.
PCT/US2009/042212 2009-04-30 2009-04-30 Systems and methods for randomized mobile payment WO2010126509A2 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
US13/063,676 US9117210B2 (en) 2009-04-30 2009-04-30 Systems and methods for randomized mobile payment
EP09844164A EP2425386A2 (en) 2009-04-30 2009-04-30 Systems and methods for randomized mobile payment
PCT/US2009/042212 WO2010126509A2 (en) 2009-04-30 2009-04-30 Systems and methods for randomized mobile payment
US14/796,445 US20150324799A1 (en) 2009-04-30 2015-07-10 Systems and methods for randomized mobile payment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2009/042212 WO2010126509A2 (en) 2009-04-30 2009-04-30 Systems and methods for randomized mobile payment

Related Child Applications (2)

Application Number Title Priority Date Filing Date
US13/063,676 A-371-Of-International US9117210B2 (en) 2009-04-30 2009-04-30 Systems and methods for randomized mobile payment
US14/796,445 Continuation US20150324799A1 (en) 2009-04-30 2015-07-10 Systems and methods for randomized mobile payment

Publications (2)

Publication Number Publication Date
WO2010126509A2 true WO2010126509A2 (en) 2010-11-04
WO2010126509A3 WO2010126509A3 (en) 2011-12-08

Family

ID=43032730

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2009/042212 WO2010126509A2 (en) 2009-04-30 2009-04-30 Systems and methods for randomized mobile payment

Country Status (3)

Country Link
US (2) US9117210B2 (en)
EP (1) EP2425386A2 (en)
WO (1) WO2010126509A2 (en)

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012141495A2 (en) 2011-04-11 2012-10-18 Samsung Electronics Co., Ltd. Apparatus and method for providing a transaction service
WO2013138195A1 (en) * 2012-03-15 2013-09-19 Qualcomm Incorporated System and method for managing payment in transactions with a pcd
US20130246258A1 (en) * 2012-03-15 2013-09-19 Firethorn Mobile, Inc. System and method for managing payment in transactions with a pcd
US20130246202A1 (en) * 2012-03-15 2013-09-19 Ebay Inc. Systems, Methods, and Computer Program Products for Using Proxy Accounts
FR2995711A1 (en) * 2012-09-20 2014-03-21 France Telecom Method for payment by communicating equipment of e.g. vending machine, in parking bay, involves emitting request for release of payment of amount for product or service from user account registered with telecommunications network operator
US8682802B1 (en) * 2011-11-09 2014-03-25 Amazon Technologies, Inc. Mobile payments using payment tokens
EP2724304A1 (en) * 2011-06-22 2014-04-30 Secure Payment Technologies GmbH Method and device for carrying out cashless payments
WO2014174342A1 (en) * 2013-04-25 2014-10-30 Elharras Mohamed Mobile payment with strong authentication and non repudiation
CN104272331A (en) * 2012-04-18 2015-01-07 谷歌公司 Processing payment transactions without a secure element
JP2015506046A (en) * 2011-12-19 2015-02-26 シークエント ソフトウェア インコーポレイテッド.Sequent Software Inc. System and method for dynamic temporary payment authentication in portable communication devices
EP2786328A4 (en) * 2011-11-30 2015-06-03 Spectrum Message Services Pty Ltd A system, payment agent and computer readable storage medium for facilitating contactless mobile payment transactions
US9092777B1 (en) * 2012-11-21 2015-07-28 YapStone, Inc. Credit card tokenization techniques
US9117210B2 (en) 2009-04-30 2015-08-25 Donald Michael Cardina Systems and methods for randomized mobile payment
EP2798580A4 (en) * 2011-12-29 2015-09-23 Intel Corp Method and system for managing multiple electronic user wallet data cards
WO2015169003A1 (en) * 2014-05-08 2015-11-12 中兴通讯股份有限公司 Account assignment method and apparatus
WO2018080518A1 (en) * 2016-10-28 2018-05-03 Visa International Service Association System for data set translation of accounts
US11068881B2 (en) 2019-09-20 2021-07-20 Bank Of America Corporation System for resource distribution within an offline environment
WO2024137742A1 (en) 2022-12-20 2024-06-27 Blueprint Medicines Corporation Compounds and compositions as fgfr3 degraders and uses thereof

Families Citing this family (166)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140019352A1 (en) 2011-02-22 2014-01-16 Visa International Service Association Multi-purpose virtual card transaction apparatuses, methods and systems
US8762263B2 (en) * 2005-09-06 2014-06-24 Visa U.S.A. Inc. System and method for secured account numbers in proximity devices
US7739169B2 (en) 2007-06-25 2010-06-15 Visa U.S.A. Inc. Restricting access to compromised account information
US8121942B2 (en) 2007-06-25 2012-02-21 Visa U.S.A. Inc. Systems and methods for secure and transparent cardless transactions
US7937324B2 (en) 2007-09-13 2011-05-03 Visa U.S.A. Inc. Account permanence
MX2011000165A (en) * 2008-07-09 2011-04-26 Xtreme Mobility Inc Secure wireless deposit system and method.
US8219489B2 (en) 2008-07-29 2012-07-10 Visa U.S.A. Inc. Transaction processing using a global unique identifier
US8127999B2 (en) 2008-08-14 2012-03-06 Visa U.S.A. Inc. Wireless mobile communicator for contactless payment on account read from removable card
AU2009311303B2 (en) 2008-11-06 2015-09-10 Visa International Service Association Online challenge-response
US8196813B2 (en) * 2008-12-03 2012-06-12 Ebay Inc. System and method to allow access to a value holding account
US9715681B2 (en) 2009-04-28 2017-07-25 Visa International Service Association Verification of portable consumer devices
US10846683B2 (en) 2009-05-15 2020-11-24 Visa International Service Association Integration of verification tokens with mobile communication devices
US7891560B2 (en) 2009-05-15 2011-02-22 Visa International Service Assocation Verification of portable consumer devices
US8534564B2 (en) 2009-05-15 2013-09-17 Ayman Hammad Integration of verification tokens with mobile communication devices
US8893967B2 (en) 2009-05-15 2014-11-25 Visa International Service Association Secure Communication of payment information to merchants using a verification token
US9105027B2 (en) 2009-05-15 2015-08-11 Visa International Service Association Verification of portable consumer device for secure services
US9038886B2 (en) 2009-05-15 2015-05-26 Visa International Service Association Verification of portable consumer devices
US8602293B2 (en) 2009-05-15 2013-12-10 Visa International Service Association Integration of verification tokens with portable computing devices
US10140598B2 (en) 2009-05-20 2018-11-27 Visa International Service Association Device including encrypted data for expiration date and verification value creation
US10255591B2 (en) 2009-12-18 2019-04-09 Visa International Service Association Payment channel returning limited use proxy dynamic value
AU2011205391B2 (en) 2010-01-12 2014-11-20 Visa International Service Association Anytime validation for verification tokens
US10255601B2 (en) 2010-02-25 2019-04-09 Visa International Service Association Multifactor authentication using a directory server
US9245267B2 (en) 2010-03-03 2016-01-26 Visa International Service Association Portable account number for consumer payment account
US9342832B2 (en) 2010-08-12 2016-05-17 Visa International Service Association Securing external systems with account token substitution
US9558481B2 (en) * 2010-09-28 2017-01-31 Barclays Bank Plc Secure account provisioning
US11144916B2 (en) * 2010-10-28 2021-10-12 Ncr Corporation Techniques for conducting single or limited use purchases via a mobile device
US10360561B2 (en) * 2010-12-14 2019-07-23 Lime Light RM, Inc. System and method for secured communications between a mobile device and a server
US9596237B2 (en) 2010-12-14 2017-03-14 Salt Technology, Inc. System and method for initiating transactions on a mobile device
US20140156531A1 (en) * 2010-12-14 2014-06-05 Salt Technology Inc. System and Method for Authenticating Transactions Through a Mobile Device
CA2724297C (en) * 2010-12-14 2013-11-12 Xtreme Mobility Inc. System and method for authenticating transactions through a mobile device
US10586227B2 (en) 2011-02-16 2020-03-10 Visa International Service Association Snap mobile payment apparatuses, methods and systems
WO2012112822A2 (en) 2011-02-16 2012-08-23 Visa International Service Association Snap mobile payment apparatuses, methods and systems
US10223691B2 (en) 2011-02-22 2019-03-05 Visa International Service Association Universal electronic payment apparatuses, methods and systems
US8751381B2 (en) 2011-02-23 2014-06-10 Mastercard International Incorporated Demand deposit account payment system
EP2681701A4 (en) 2011-03-04 2014-08-20 Visa Int Service Ass Integration of payment capability into secure elements of computers
WO2012142045A2 (en) 2011-04-11 2012-10-18 Visa International Service Association Multiple tokenization for authentication
US9582598B2 (en) 2011-07-05 2017-02-28 Visa International Service Association Hybrid applications utilizing distributed models and views apparatuses, methods and systems
US10121129B2 (en) 2011-07-05 2018-11-06 Visa International Service Association Electronic wallet checkout platform apparatuses, methods and systems
US9355393B2 (en) 2011-08-18 2016-05-31 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
WO2013019567A2 (en) 2011-07-29 2013-02-07 Visa International Service Association Passing payment tokens through an hop/sop
US20130036051A1 (en) * 2011-08-02 2013-02-07 Bank Of America Corporation Non-near field communication point of sale experience
US9495550B2 (en) * 2011-08-04 2016-11-15 J. Chance Anderson System and method for sharing of data securely between electronic devices
US10242358B2 (en) 2011-08-18 2019-03-26 Visa International Service Association Remote decoupled application persistent state apparatuses, methods and systems
US9710807B2 (en) 2011-08-18 2017-07-18 Visa International Service Association Third-party value added wallet features and interfaces apparatuses, methods and systems
US10825001B2 (en) 2011-08-18 2020-11-03 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
WO2013029014A2 (en) 2011-08-24 2013-02-28 Visa International Service Association Method for using barcodes and mobile devices to conduct payment transactions
US10223730B2 (en) 2011-09-23 2019-03-05 Visa International Service Association E-wallet store injection search apparatuses, methods and systems
GB2497122A (en) * 2011-12-01 2013-06-05 Barclays Bank Plc Online application for payment instrument using two different communication channels
US10223710B2 (en) 2013-01-04 2019-03-05 Visa International Service Association Wearable intelligent vision device apparatuses, methods and systems
WO2013103991A1 (en) 2012-01-05 2013-07-11 Visa International Service Association Data protection with translation
WO2013113004A1 (en) 2012-01-26 2013-08-01 Visa International Service Association System and method of providing tokenization as a service
AU2013214801B2 (en) 2012-02-02 2018-06-21 Visa International Service Association Multi-source, multi-dimensional, cross-entity, multimedia database platform apparatuses, methods and systems
US10282724B2 (en) * 2012-03-06 2019-05-07 Visa International Service Association Security system incorporating mobile device
WO2013155627A1 (en) 2012-04-16 2013-10-24 Salt Technology Inc. Systems and methods for facilitating a transaction using a virtual card on a mobile device
US20130297501A1 (en) 2012-05-04 2013-11-07 Justin Monk System and method for local data conversion
US20130297509A1 (en) * 2012-05-07 2013-11-07 Infosys Limited Mobile payment using dynamic authorization code and multi-payer shared card number
US9524501B2 (en) 2012-06-06 2016-12-20 Visa International Service Association Method and system for correlating diverse transaction data
WO2014008403A1 (en) 2012-07-03 2014-01-09 Visa International Service Association Data protection hub
US9846861B2 (en) 2012-07-25 2017-12-19 Visa International Service Association Upstream and downstream data conversion
US9256871B2 (en) 2012-07-26 2016-02-09 Visa U.S.A. Inc. Configurable payment tokens
US9665722B2 (en) 2012-08-10 2017-05-30 Visa International Service Association Privacy firewall
AU2013315510B2 (en) 2012-09-11 2019-08-22 Visa International Service Association Cloud-based Virtual Wallet NFC Apparatuses, methods and systems
US11210648B2 (en) 2012-10-17 2021-12-28 Royal Bank Of Canada Systems, methods, and devices for secure generation and processing of data sets representing pre-funded payments
US11080701B2 (en) * 2015-07-02 2021-08-03 Royal Bank Of Canada Secure processing of electronic payments
CA2830260C (en) 2012-10-17 2021-10-12 Royal Bank Of Canada Virtualization and secure processing of data
US10176478B2 (en) 2012-10-23 2019-01-08 Visa International Service Association Transaction initiation determination system utilizing transaction data elements
KR20140060849A (en) * 2012-11-12 2014-05-21 주식회사 케이티 System and method for card payment
US9911118B2 (en) 2012-11-21 2018-03-06 Visa International Service Association Device pairing via trusted intermediary
US10304047B2 (en) 2012-12-07 2019-05-28 Visa International Service Association Token generating component
US20140187147A1 (en) * 2012-12-27 2014-07-03 Haim Rochberger Method and system of generating nfc-transaction remotely
US9741051B2 (en) 2013-01-02 2017-08-22 Visa International Service Association Tokenization and third-party interaction
US10740731B2 (en) 2013-01-02 2020-08-11 Visa International Service Association Third party settlement
US9704153B2 (en) * 2013-01-14 2017-07-11 Conduent Business Services, Llc System and method for enabling transactions on an associated network
EP2973278A4 (en) * 2013-03-15 2017-07-19 First Data Corporation Remote secure transactions
US20160042343A1 (en) * 2013-04-30 2016-02-11 Rakuten, Inc. Information processing apparatus, information processing method and information processing program
US11055710B2 (en) 2013-05-02 2021-07-06 Visa International Service Association Systems and methods for verifying and processing transactions using virtual currency
US9978062B2 (en) 2013-05-15 2018-05-22 Visa International Service Association Mobile tokenization hub
US10878422B2 (en) 2013-06-17 2020-12-29 Visa International Service Association System and method using merchant token
SG10201800626RA (en) 2013-07-24 2018-02-27 Visa Int Service Ass Systems and methods for interoperable network token processing
US10002348B1 (en) * 2013-07-24 2018-06-19 Amazon Technologies, Inc. Routing and processing of payment transactions
EP3025291A1 (en) 2013-07-26 2016-06-01 Visa International Service Association Provisioning payment credentials to a consumer
WO2015021420A1 (en) 2013-08-08 2015-02-12 Visa International Service Association Methods and systems for provisioning mobile devices with payment credentials
US10496986B2 (en) 2013-08-08 2019-12-03 Visa International Service Association Multi-network tokenization processing
US10346822B2 (en) 2013-08-23 2019-07-09 Visa International Service Association Dynamic account selection
SG2013068200A (en) * 2013-09-10 2015-04-29 Mastercard Asia Pacific Pte Ltd Method and system for conducting a payment transaction and corresponding devices
US9760872B2 (en) 2013-09-13 2017-09-12 Paypal, Inc. Completion of online payment forms and recurring payments by a payment provider systems and methods
US10515370B2 (en) * 2013-10-09 2019-12-24 The Toronto-Dominion Bank Systems and methods for providing tokenized transaction accounts
US10891610B2 (en) 2013-10-11 2021-01-12 Visa International Service Association Network token system
US9978094B2 (en) 2013-10-11 2018-05-22 Visa International Service Association Tokenization revocation list
US10515358B2 (en) 2013-10-18 2019-12-24 Visa International Service Association Contextual transaction token methods and systems
US10489779B2 (en) 2013-10-21 2019-11-26 Visa International Service Association Multi-network token bin routing with defined verification parameters
US10366387B2 (en) 2013-10-29 2019-07-30 Visa International Service Association Digital wallet system and method
CA2930149A1 (en) 2013-11-19 2015-05-28 Visa International Service Association Automated account provisioning
US9922322B2 (en) 2013-12-19 2018-03-20 Visa International Service Association Cloud-based transactions with magnetic secure transmission
CN115082065A (en) 2013-12-19 2022-09-20 维萨国际服务协会 Cloud-based transaction method and system
US10433128B2 (en) 2014-01-07 2019-10-01 Visa International Service Association Methods and systems for provisioning multiple devices
US9846878B2 (en) 2014-01-14 2017-12-19 Visa International Service Association Payment account identifier system
KR20150089505A (en) * 2014-01-28 2015-08-05 삼성전자주식회사 image forming device for using temporary account, image forming system comprising the image forming device, and methods thereof
US10026087B2 (en) 2014-04-08 2018-07-17 Visa International Service Association Data passed in an interaction
US9942043B2 (en) 2014-04-23 2018-04-10 Visa International Service Association Token security on a communication device
SG11201608973TA (en) 2014-05-01 2016-11-29 Visa Int Service Ass Data verification using access device
SG10202007850WA (en) 2014-05-05 2020-09-29 Visa Int Service Ass System and method for token domain control
EP3146747B1 (en) 2014-05-21 2020-07-01 Visa International Service Association Offline authentication
US11023890B2 (en) 2014-06-05 2021-06-01 Visa International Service Association Identification and verification for provisioning mobile application
US20160005023A1 (en) * 2014-07-07 2016-01-07 Google Inc. Conducting financial transactions by telephone
US9780953B2 (en) 2014-07-23 2017-10-03 Visa International Service Association Systems and methods for secure detokenization
US10484345B2 (en) 2014-07-31 2019-11-19 Visa International Service Association System and method for identity verification across mobile applications
US9775029B2 (en) 2014-08-22 2017-09-26 Visa International Service Association Embedding cloud-based functionalities in a communication device
US10140615B2 (en) 2014-09-22 2018-11-27 Visa International Service Association Secure mobile device credential provisioning using risk decision non-overrides
RU2019124722A (en) 2014-09-26 2019-10-01 Виза Интернэшнл Сервис Ассосиэйшн SYSTEM AND METHODS FOR PROVIDING ENCRYPTED DATA OF A REMOTE SERVER
US11257074B2 (en) 2014-09-29 2022-02-22 Visa International Service Association Transaction risk based token
EP3204903A4 (en) 2014-10-10 2018-02-21 Royal Bank Of Canada Systems for processing electronic transactions
US10015147B2 (en) 2014-10-22 2018-07-03 Visa International Service Association Token enrollment system and method
GB201419016D0 (en) 2014-10-24 2014-12-10 Visa Europe Ltd Transaction Messaging
US10325261B2 (en) 2014-11-25 2019-06-18 Visa International Service Association Systems communications with non-sensitive identifiers
US11620643B2 (en) 2014-11-26 2023-04-04 Visa International Service Association Tokenization request via access device
JP6622309B2 (en) 2014-12-12 2019-12-18 ビザ インターナショナル サービス アソシエーション Provisioning platform for machine-to-machine equipment
US10257185B2 (en) 2014-12-12 2019-04-09 Visa International Service Association Automated access data provisioning
US10187363B2 (en) 2014-12-31 2019-01-22 Visa International Service Association Hybrid integration of software development kit with secure execution environment
US11354651B2 (en) 2015-01-19 2022-06-07 Royal Bank Of Canada System and method for location-based token transaction processing
AU2016208989B2 (en) 2015-01-19 2021-11-25 Royal Bank Of Canada Secure processing of electronic payments
US10096009B2 (en) 2015-01-20 2018-10-09 Visa International Service Association Secure payment processing using authorization request
US11250391B2 (en) 2015-01-30 2022-02-15 Visa International Service Association Token check offline
US11176554B2 (en) 2015-02-03 2021-11-16 Visa International Service Association Validation identity tokens for transactions
US10977657B2 (en) 2015-02-09 2021-04-13 Visa International Service Association Token processing utilizing multiple authorizations
US10164996B2 (en) 2015-03-12 2018-12-25 Visa International Service Association Methods and systems for providing a low value token buffer
SG11201706576TA (en) 2015-04-10 2017-09-28 Visa Int Service Ass Browser integration with cryptogram
US9998978B2 (en) 2015-04-16 2018-06-12 Visa International Service Association Systems and methods for processing dormant virtual access devices
US10552834B2 (en) 2015-04-30 2020-02-04 Visa International Service Association Tokenization capable authentication framework
US10009324B2 (en) * 2015-06-29 2018-06-26 American Express Travel Related Services Company, Inc. Host card emulation systems and methods
US11599879B2 (en) 2015-07-02 2023-03-07 Royal Bank Of Canada Processing of electronic transactions
US10546294B2 (en) * 2015-08-24 2020-01-28 Sequent Software, Inc System and method for a self-calculating token vault
US11568385B2 (en) * 2015-10-12 2023-01-31 Walmart Apollo, Llc System, method, and non-transitory computer-readable storage media related to transactions using a mobile device
CN114529300A (en) 2015-10-15 2022-05-24 维萨国际服务协会 Instant token issuing system
CN105469294A (en) * 2015-11-17 2016-04-06 南京唐一微数字科技有限公司 Purchase request processing method and purchase request processing device
CN113542293B (en) 2015-12-04 2023-11-07 维萨国际服务协会 Method and computer for token verification
US10243958B2 (en) 2016-01-07 2019-03-26 Visa International Service Association Systems and methods for device push provisoning
WO2017136418A1 (en) 2016-02-01 2017-08-10 Visa International Service Association Systems and methods for code display and use
US11501288B2 (en) 2016-02-09 2022-11-15 Visa International Service Association Resource provider account token provisioning and processing
US10313321B2 (en) 2016-04-07 2019-06-04 Visa International Service Association Tokenization of co-network accounts
US11386421B2 (en) 2016-04-19 2022-07-12 Visa International Service Association Systems and methods for performing push transactions
US11250424B2 (en) 2016-05-19 2022-02-15 Visa International Service Association Systems and methods for creating subtokens using primary tokens
EP3466017B1 (en) 2016-06-03 2021-05-19 Visa International Service Association Subtoken management system for connected devices
US20170364879A1 (en) * 2016-06-15 2017-12-21 Mastercard International Incorporated Transaction flows and transaction processing for bridged payment systems
US11068899B2 (en) 2016-06-17 2021-07-20 Visa International Service Association Token aggregation for multi-party transactions
CN115187242A (en) 2016-06-24 2022-10-14 维萨国际服务协会 Unique token authentication verification value
BR112018076196A2 (en) 2016-07-11 2019-03-26 Visa International Service Association method, and portable communication and access devices.
CN109478287B (en) 2016-07-19 2023-08-15 维萨国际服务协会 Method for distributing tokens and managing token relationships
US10509779B2 (en) 2016-09-14 2019-12-17 Visa International Service Association Self-cleaning token vault
WO2018098492A1 (en) 2016-11-28 2018-05-31 Visa International Service Association Access identifier provisioning to application
US10915899B2 (en) 2017-03-17 2021-02-09 Visa International Service Association Replacing token on a multi-token user device
US10902418B2 (en) 2017-05-02 2021-01-26 Visa International Service Association System and method using interaction token
US11494765B2 (en) 2017-05-11 2022-11-08 Visa International Service Association Secure remote transaction system using mobile devices
US10491389B2 (en) 2017-07-14 2019-11-26 Visa International Service Association Token provisioning utilizing a secure authentication system
WO2019031627A1 (en) * 2017-08-09 2019-02-14 주식회사 센스톤 Virtual code providing system, virtual code generation device, virtual code verification device, virtual code providing method and virtual code providing program
EP3762844A4 (en) 2018-03-07 2021-04-21 Visa International Service Association Secure remote token release with online authentication
US11256789B2 (en) 2018-06-18 2022-02-22 Visa International Service Association Recurring token transactions
EP3841498B1 (en) 2018-08-22 2024-05-01 Visa International Service Association Method and system for token provisioning and processing
CN112805737A (en) 2018-10-08 2021-05-14 维萨国际服务协会 Techniques for token proximity transactions
US11080409B2 (en) * 2018-11-07 2021-08-03 Ngd Systems, Inc. SSD content encryption and authentication
CN116074089A (en) 2018-11-14 2023-05-05 维萨国际服务协会 Cloud token provisioning for multiple tokens
US11126707B2 (en) * 2019-01-15 2021-09-21 Visa International Service Association Digital instant issuance with instant processing
US11849042B2 (en) 2019-05-17 2023-12-19 Visa International Service Association Virtual access credential interaction system and method
US10937014B2 (en) * 2019-05-31 2021-03-02 Worldpay, Llc Methods and systems for dual-to-single message conversion in electronic transactions
US11431697B2 (en) * 2020-12-30 2022-08-30 Virtustream Ip Holding Company Llc Access management for multi-cloud workloads
US11995643B2 (en) * 2022-05-10 2024-05-28 Capital One Services, Llc System and method for providing a temporary virtual payment card

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003007250A1 (en) 2001-07-11 2003-01-23 Blandin, Bruno Method for authorising an electronic payment operation by smart card
WO2006125266A2 (en) 2005-05-26 2006-11-30 Shane Eric John Prince A payment system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6636833B1 (en) * 1998-03-25 2003-10-21 Obis Patents Ltd. Credit card system and method
AUPS087602A0 (en) * 2002-03-04 2002-03-28 Ong, Yong Kin (Michael) Electronic fund transfer system
US7472829B2 (en) 2004-12-10 2009-01-06 Qsecure, Inc. Payment card with internally generated virtual account numbers for its magnetic stripe encoder and user display
SE531209C2 (en) 2006-06-30 2009-01-20 Tagmaster Ab Procedure for identification system for a transaction site
GB2446179B (en) * 2007-02-01 2011-08-31 Monitise Group Ltd Methods and a System for Providing Transaction Related Information
WO2010126509A2 (en) 2009-04-30 2010-11-04 Donald Michael Cardina Systems and methods for randomized mobile payment

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003007250A1 (en) 2001-07-11 2003-01-23 Blandin, Bruno Method for authorising an electronic payment operation by smart card
WO2006125266A2 (en) 2005-05-26 2006-11-30 Shane Eric John Prince A payment system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2425386A2

Cited By (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9117210B2 (en) 2009-04-30 2015-08-25 Donald Michael Cardina Systems and methods for randomized mobile payment
EP2697760A4 (en) * 2011-04-11 2014-11-19 Samsung Electronics Co Ltd Apparatus and method for providing a transaction service
WO2012141495A2 (en) 2011-04-11 2012-10-18 Samsung Electronics Co., Ltd. Apparatus and method for providing a transaction service
EP2697760A2 (en) * 2011-04-11 2014-02-19 Samsung Electronics Co., Ltd. Apparatus and method for providing a transaction service
EP2724304A1 (en) * 2011-06-22 2014-04-30 Secure Payment Technologies GmbH Method and device for carrying out cashless payments
US8682802B1 (en) * 2011-11-09 2014-03-25 Amazon Technologies, Inc. Mobile payments using payment tokens
US10621576B1 (en) 2011-11-09 2020-04-14 Amazon Technologies, Inc. Mobile payments using payment tokens
EP2786328A4 (en) * 2011-11-30 2015-06-03 Spectrum Message Services Pty Ltd A system, payment agent and computer readable storage medium for facilitating contactless mobile payment transactions
EP2945111A1 (en) * 2011-12-19 2015-11-18 Sequent Software Inc. System and method for dynamic temporary payment authorization in a portable communication device
EP3690779A1 (en) * 2011-12-19 2020-08-05 Sequent Software Inc. System and method for dynamic temporary payment authorization in a portable communication device
US9898728B2 (en) 2011-12-19 2018-02-20 Gfa Worldwide, Inc. System and method for one-time payment authorization in a portable communication device
EP2795548A4 (en) * 2011-12-19 2015-08-12 Sequent Software Inc System and method for dynamic temporary payment authorization in a portable communication device
JP2015506046A (en) * 2011-12-19 2015-02-26 シークエント ソフトウェア インコーポレイテッド.Sequent Software Inc. System and method for dynamic temporary payment authentication in portable communication devices
EP2798580A4 (en) * 2011-12-29 2015-09-23 Intel Corp Method and system for managing multiple electronic user wallet data cards
WO2013138195A1 (en) * 2012-03-15 2013-09-19 Qualcomm Incorporated System and method for managing payment in transactions with a pcd
US9092776B2 (en) 2012-03-15 2015-07-28 Qualcomm Incorporated System and method for managing payment in transactions with a PCD
US9105021B2 (en) * 2012-03-15 2015-08-11 Ebay, Inc. Systems, methods, and computer program products for using proxy accounts
US20130246258A1 (en) * 2012-03-15 2013-09-19 Firethorn Mobile, Inc. System and method for managing payment in transactions with a pcd
US20130246202A1 (en) * 2012-03-15 2013-09-19 Ebay Inc. Systems, Methods, and Computer Program Products for Using Proxy Accounts
WO2013138194A1 (en) * 2012-03-15 2013-09-19 Qualcomm Incorporated System and method for managing payment in transactions with a pcd
US10679213B2 (en) 2012-03-15 2020-06-09 Paypal, Inc. Systems, methods, and computer program products for using proxy accounts
US9984360B2 (en) 2012-04-18 2018-05-29 Google Llc Processing payment transactions without a secure element
US11042861B2 (en) 2012-04-18 2021-06-22 Google Llc Processing payment transactions without a secure element
CN104272331B (en) * 2012-04-18 2017-06-23 谷歌公司 Payment transaction is processed in the case of without safety element
CN107369015A (en) * 2012-04-18 2017-11-21 谷歌公司 Payment transaction is handled in the case of without safety element
US9171302B2 (en) 2012-04-18 2015-10-27 Google Inc. Processing payment transactions without a secure element
US11704645B2 (en) 2012-04-18 2023-07-18 Google Llc Processing payment transactions without a secure element
CN104272331A (en) * 2012-04-18 2015-01-07 谷歌公司 Processing payment transactions without a secure element
US10628817B2 (en) 2012-04-18 2020-04-21 Google Llc Processing payment transactions without a secure element
FR2995711A1 (en) * 2012-09-20 2014-03-21 France Telecom Method for payment by communicating equipment of e.g. vending machine, in parking bay, involves emitting request for release of payment of amount for product or service from user account registered with telecommunications network operator
US9092777B1 (en) * 2012-11-21 2015-07-28 YapStone, Inc. Credit card tokenization techniques
WO2014174342A1 (en) * 2013-04-25 2014-10-30 Elharras Mohamed Mobile payment with strong authentication and non repudiation
WO2015169003A1 (en) * 2014-05-08 2015-11-12 中兴通讯股份有限公司 Account assignment method and apparatus
WO2018080518A1 (en) * 2016-10-28 2018-05-03 Visa International Service Association System for data set translation of accounts
US11271934B2 (en) 2016-10-28 2022-03-08 Visa International Service Association System for data set translation of accounts
US10616223B2 (en) 2016-10-28 2020-04-07 Visa International Service Association System for data set translation of accounts
US11068881B2 (en) 2019-09-20 2021-07-20 Bank Of America Corporation System for resource distribution within an offline environment
WO2024137742A1 (en) 2022-12-20 2024-06-27 Blueprint Medicines Corporation Compounds and compositions as fgfr3 degraders and uses thereof

Also Published As

Publication number Publication date
US20150324799A1 (en) 2015-11-12
WO2010126509A3 (en) 2011-12-08
US9117210B2 (en) 2015-08-25
EP2425386A2 (en) 2012-03-07
US20120116902A1 (en) 2012-05-10

Similar Documents

Publication Publication Date Title
US9117210B2 (en) Systems and methods for randomized mobile payment
US11720872B2 (en) Methods and systems for wallet enrollment
US9904800B2 (en) Portable e-wallet and universal card
US20180114260A1 (en) System, method, apparatus and computer program product for interfacing a multi-card radio frequency (rf) device with a mobile communications device
US8352323B2 (en) Conducting an online payment transaction using an NFC enabled mobile communication device
US20160217461A1 (en) Transaction utilizing anonymized user data
US8732022B2 (en) Secure mobile-based financial transactions
US20140019360A1 (en) Method for online payment, and system and electronic device for implementing the same
US20130060701A1 (en) Electronic payment service method, and electronic payment service apparatus, mobile communication terminal, and transaction terminal for performing the method
US11580508B2 (en) Contactless message transmission
CA2578893A1 (en) System and method for processing payment options
CN107209890B (en) Flexible electronic payment transaction processing
WO2009058633A1 (en) System and method for validation of transactions
US20140129445A1 (en) Method for Processing a Payment, and System and Electronic Device for Implementing the Same
JP2007521556A (en) Method of authorizing payment order by credit card and related devices
KR101061719B1 (en) Coupon method and system through regular customer confirmation
US20090307103A1 (en) System for managing and facilitating financial transactions locally or remotely made
KR101250387B1 (en) Method for Usage Point using Settlement Terminal, Settlement Terminal
KR20200020442A (en) Card settlement system, server and method that allows to set the payment amount
WO2012106778A1 (en) Mobile communication device services
KR20160113556A (en) COMPUTER-EXECUTABLE METHOD OF paying electron stamp, USER TERMINAL PERFORMING THE SAME, SERVER PERFORMING THE SAME AND STORAGE MEDIUM STORING THE SAME
US20080217395A1 (en) Secure Internet Payment Apparatus and Method
KR20160129926A (en) Systemand method for providing settlement service

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 13063676

Country of ref document: US

NENP Non-entry into the national phase

Ref country code: DE

REEP Request for entry into the european phase

Ref document number: 2009844164

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2009844164

Country of ref document: EP

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09844164

Country of ref document: EP

Kind code of ref document: A2