公开(公告)号：US20190392440A1

公开(公告)日：2019-12-26

申请号：US16448822

申请日：2019-06-21

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Robert Albert Ederle ,  Julia Sharon Gosset ,  Ranjita Shankar Iyer ,  Brian Piel ,  Dennis A. Gamiello ,  Christopher John Merz ,  Felix Johnnes Flory

IPC: G06Q20/40 ,  H04L29/06

Abstract: An authentication platform for authenticating an online user is provided. The authentication platform includes a memory device including an authentication profile and at least one processor coupled to the memory device. The at least one processor is programmed to receive an authentication request message for a transaction. The authentication request message includes authentication data. The at least one processor is also programmed to extract the authentication data from the authentication request message and determine if the ACS is available to process the transaction. If the ACS is unavailable, the at least one processor is further programmed to generate, based at least in part on the extracted authentication data, risk-based authentication (RBA) result data including a risk score and transmit an authentication response message based on the RBA result data.

公开(公告)号：US20180240120A1

公开(公告)日：2018-08-23

申请号：US15438488

申请日：2017-02-21

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Laurie Ann Nicoletti ,  Elisabeth Lea Rode ,  Janet Marie Smith ,  Brandon Craig Bryson ,  Sameer Tare ,  Brian Piel ,  Steve Hubbard

IPC: G06Q20/40

CPC classification number: G06Q20/40145 ,  G06F21/32 ,  G06Q20/305 ,  G06Q20/325 ,  G06Q30/016

Abstract: Systems and methods are provided for use in enhancing security associated with services related to payment or banking accounts, in connection with communication between consumers and consumer service call centers associated with the accounts. One exemplary method includes receiving, at a computing device, a request to authenticate a consumer to a payment or banking account from a call center associated with consumer services for the account, and soliciting a biometric from the consumer. The method also includes receiving biometric data from a communication device associated with the consumer relating to the solicited biometric, and confirming the received biometric data based on reference biometric data for the consumer. The method then further includes transmitting an authentication confirmation to the call center, when the received biometric data is confirmed, whereby the call center is able to proceed in providing the consumer services to the consumer with or without security questions.

公开(公告)号：US20250078072A1

公开(公告)日：2025-03-06

申请号：US18239092

申请日：2023-08-28

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： David Ver Eecke ,  Dennis A. Gamiello ,  Brian Piel ,  Warda Zahid Khan ,  Ranjita Shankar Iyer ,  Nili Klenoff ,  Kevin Maxham ,  Julia Sharon Gosset ,  Valerie Matusiak

IPC: G06Q20/40

Abstract: Systems and methods are provided for associating confirmed user (CU) indications to network-initiated transactions. An example method includes receiving network details for a transaction between a user and a first party and storing the network details in a data repository in association with an transaction identifier for the transaction. The method also includes accessing, from the data repository, network details for multiple prior transactions between the user and the first party and comparing the network details for said transaction and the network details for the multiple prior transactions. The method then includes, based on a match between the network details for said transaction and the network details for the multiple prior transactions, appending a confirmed user flag in an authorization message for the transaction, whereby an issuer relies on the confirmed user flag in deciding to approve or decline the transaction.

公开(公告)号：US20240112182A1

公开(公告)日：2024-04-04

申请号：US18387440

申请日：2023-11-06

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Sowmya Reddy Lakka ,  Brian Piel ,  Vincenzo Palomba ,  Jonathan James Main ,  David Anthony Roberts

IPC: G06Q20/38 ,  G06Q20/04 ,  G06Q20/12 ,  G06Q20/40

CPC classification number: G06Q20/385 ,  G06Q20/04 ,  G06Q20/12 ,  G06Q20/38215 ,  G06Q20/401

Abstract: Systems and methods are provided for authenticating users. An exemplary method includes receiving, by a directory server (DS), an authentication request for a transaction to an account where the request includes a token and a cryptogram, and transmitting the token and cryptogram to a digital service server (DSS). The method also includes mapping, by the DSS, the token to an account number for the account, validating the cryptogram, generating a directory server nonce (DSN) for the request, and transmitting the DSN and the account number to the DS. The method further includes transmitting, by the DS, the DSN and the account number to an access control server (ACS) associated with an issuer of the account and, in response to an issuer authentication value (IAV), compiling an accountholder authentication value (AAV) including the IAV, the DSN and an amount of the transaction and transmitting the AAV to a merchant or server.

公开(公告)号：US11875349B2

公开(公告)日：2024-01-16

申请号：US16448572

申请日：2019-06-21

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Julia Sharon Gosset ,  Robert Albert Ederle ,  Ranjita Shankar Iyer ,  Brian Piel ,  Christopher John Merz ,  Felix Johannes Flory ,  Andres Gonzalez

IPC: G06Q20/40 ,  H04L9/40 ,  G06Q20/32 ,  H04W12/67 ,  G06Q20/12

CPC classification number: G06Q20/4016 ,  G06Q20/12 ,  G06Q20/3226 ,  G06Q20/405 ,  H04L63/08 ,  H04L63/083 ,  H04L63/101 ,  H04W12/67

Abstract: A computer-implemented method for authenticating an online user with an access control server (ACS) is provided. The method includes receiving, at a risk-based authentication enabled (RBA-enabled) directory server, an authentication request message including authentication data, extracting, using the RBA-enabled directory server, the authentication data from the authentication request message, transmitting the extracted authentication data to an RBA engine, generating, using the RBA engine, based at least in part on the extracted authentication data, RBA result data including a risk score, a risk analysis, and at least one reason code, transmitting the RBA result data to the RBA-enabled directory server, embedding, using the RBA-enabled directory server, the RBA result data into the authentication request message to generate an enhanced authentication request message, and transmitting the enhanced authentication request message to the ACS to enable the ACS to make an authentication decision based on the RBA result data.

公开(公告)号：US11282073B2

公开(公告)日：2022-03-22

申请号：US15782721

申请日：2017-10-12

Applicant: MasterCard International Incorporated

Inventor： Brian Piel

IPC: G06Q20/40 ,  G06Q30/02 ,  G06Q20/32 ,  G06Q20/34 ,  G06Q20/38 ,  G06Q20/36 ,  G06Q20/10 ,  G06Q30/00 ,  G06Q30/06 ,  G06Q20/08 ,  G06Q20/12

Abstract: An electronic payment card processing system and method includes at least one host computing device having at least one processor in communication with a memory device and a multi-party payment processing system and network for processing payment card transactions. The at least one host computing device retrieves delivery data for a purchased item associated with at least one disputed charge by a cardholder of a payment card transaction that was previously approved through the multi-party payment processing system, and analyzes the retrieved delivery data to determine a basis for the at least one disputed charge including whether the at least one disputed charge is friendly fraud.

公开(公告)号：US20200007536A1

公开(公告)日：2020-01-02

申请号：US16025851

申请日：2018-07-02

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Brian Piel

IPC: H04L29/06

Abstract: An authentication correlation (AC) computing device is provided. The AC computing device includes a processor and a memory. The AC computing device receives a first authentication request from a requesting computer device including an account identifier, a first timestamp, and at least one authentication factor, and determines a first security level of the first authentication request. The AC computing device stores the first security level and the first timestamp. The AC computing device is also configured to receive a second authentication request including the account identifier and a second timestamp, determine that the second authentication satisfies an authentication rule based on the account identifier, the second timestamp, and the stored authentication data wherein the rule defines a timeframe and an authentication threshold, and generate an authentication response based on the determination and the authentication rule wherein the authentication response includes an approval indicator.

公开(公告)号：US20190392450A1

公开(公告)日：2019-12-26

申请号：US16448884

申请日：2019-06-21

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Julia Sharon Gosset ,  Robert Albert Ederle ,  Ranjita Shankar Iyer ,  Brian Piel ,  Christopher John Merz ,  Felix Johannes Flory ,  Nimit Gulati ,  Paul Baker

IPC: G06Q20/40 ,  G06Q20/12 ,  H04L29/06

Abstract: An authentication platform for authenticating an online user in a transaction without use of strong consumer authentication (SCA) includes receiving an authentication request message for a transaction involving a regulated market includes authentication data and a transaction value, extracting the authentication data from the authentication request message, generating risk-based authentication (RBA) result data, determining that a risk of fraud in the transaction satisfies a risk threshold established by the regulatory entity by evaluating the risk score relative to the risk threshold, determining that the transaction value is below a transaction limit set by the regulatory entity, the transaction limit identifies a threshold transaction value below which strong consumer authentication may be avoided for transactions satisfying the risk threshold, and transmitting an authentication response message authenticating the transaction without strong consumer authentication having been performed based on satisfying the risk threshold and being below the transaction limit.

公开(公告)号：US20190114624A1

公开(公告)日：2019-04-18

申请号：US15782721

申请日：2017-10-12

Applicant: MasterCard International Incorporated

Inventor： Brian Piel

IPC: G06Q20/36 ,  G06Q20/38 ,  G06Q20/40 ,  G06Q30/00 ,  G06Q30/06 ,  G06Q20/10

Abstract: An electronic payment card processing system and method includes at least one host computing device having at least one processor in communication with a memory device and a multi-party payment processing system and network for processing payment card transactions. The at least one host computing device retrieves delivery data for a purchased item associated with at least one disputed charge by a cardholder of a payment card transaction that was previously approved through the multi-party payment processing system, and analyzes the retrieved delivery data to determine a basis for the at least one disputed charge including whether the at least one disputed charge is friendly fraud.