-
公开(公告)号:US20150127547A1
公开(公告)日:2015-05-07
申请号:US14514290
申请日:2014-10-14
CPC分类号: G06Q20/382 , G06Q20/12 , G06Q20/20 , G06Q20/367 , G06Q20/385 , G06Q20/40 , G06Q20/4016
摘要: Embodiments of the invention are directed to methods, apparatuses, computer readable media and systems for providing, along with a token, a token assurance level and data used to generate the token assurance level. At the time a token is issued, one or more Identification and Verification (ID&V) methods may be performed to ensure that the token is replacing a PAN that was legitimately used by a token requestor. A token assurance level may be assigned to a given token in light of the type of ID&V that is performed and the entity performing the ID&V. Different ID&Vs may result in different token assurance levels. An issuer may wish to know the level of assurance and the data used in generating the level of assurance associated with a token prior to authorizing a payment transaction that uses the token.
摘要翻译: 本发明的实施例涉及用于向令牌提供令牌保证级别和用于生成令牌保证级别的数据的方法,装置,计算机可读介质和系统。 在发出令牌时,可以执行一个或多个识别和验证(ID&V)方法以确保令牌正在替换令牌请求者合法使用的PAN。 根据执行的ID&V的类型和执行ID&V的实体,可以将令牌保证级别分配给给定的令牌。 不同的ID和Vs可能会导致不同的令牌保证级别。 在授权使用令牌的支付交易之前,发行人可能希望知道用于生成与令牌相关联的保证级别的保证级别和数据。
-
公开(公告)号:US20150140960A1
公开(公告)日:2015-05-21
申请号:US14546955
申请日:2014-11-18
申请人: Glenn Leon Powell , John F. Sheets , Igor Karpenko
发明人: Glenn Leon Powell , John F. Sheets , Igor Karpenko
CPC分类号: G06Q20/40 , G06Q20/322 , G06Q20/3221 , G06Q20/3229 , G06Q20/3672 , G06Q20/3829 , H04L12/1457 , H04L12/1464 , H04M15/48 , H04M15/75 , H04M15/751 , H04M15/755 , H04M15/7556 , H04M15/8044 , H04M17/02 , H04W4/12 , H04W4/24 , H04W4/50 , H04W12/04 , H04W12/06
摘要: Embodiments of the present invention are directed to systems, methods, and apparatus for allowing an issuer to initiate account provisioning on a mobile device without interacting with an accountholder. The issuer may initiate the process by sending a provisioning information request message to a mobile device with a secure element. The mobile device may recognize the provisioning request message and gather the requisite provisioning information without requiring user input. The provisioning information may include information associated with the secure element of the mobile device. The mobile device may then send a provisioning request message to a provisioning system. The provisioning request message may include the requisite provisioning information to allow the provisioning system to provision the financial account on the secure element of the mobile device.
摘要翻译: 本发明的实施例涉及用于允许发行者在移动设备上发起账户配置而不与账户持有者交互的系统,方法和装置。 发行者可以通过向具有安全元素的移动设备发送供应信息请求消息来发起该过程。 移动设备可以识别供应请求消息并且收集必需的供应信息而不需要用户输入。 配置信息可以包括与移动设备的安全元件相关联的信息。 然后,移动设备可以向供应系统发送供应请求消息。 供应请求消息可以包括必要的供应信息,以允许供应系统在移动设备的安全元件上配置金融帐户。
-
公开(公告)号:US20160277380A1
公开(公告)日:2016-09-22
申请号:US15072636
申请日:2016-03-17
申请人: Kim Wagner , John F. Sheets , Mark Nelsen , Jing Jin
发明人: Kim Wagner , John F. Sheets , Mark Nelsen , Jing Jin
CPC分类号: G06Q20/4016 , G06Q20/3224 , H04L63/08 , H04L63/0861 , H04W12/06 , H04W12/08
摘要: When a user enters a resource provider location with a portable communication device, the portable communication device provides an indication to a transaction processing system that the portable communication device is currently at the resource provider location. At a later time when the user conducts a transaction with a portable transaction device, the fact that the user's portable communication device had been detected at the resource provider a short time ago is taken into account as a positive indicator that the transaction is not fraudulent. By verifying that both the portable communication device and the portable transaction device are present at the resource provider, the risk of approving a fraudulent transaction from a stolen portable transaction device can be reduced.
摘要翻译: 当用户使用便携式通信设备进入资源提供商位置时,便携式通信设备向交易处理系统提供便携式通信设备当前在资源提供商位置的指示。 在用户与便携式交易设备进行交易的稍后时间,将用户的便携式通信设备在资源提供商不久前被检测到的事实被考虑作为交易不是欺诈的肯定指示。 通过验证便携式通信设备和便携式交易设备是否存在于资源提供商处,可以减少从被盗的便携式交易设备批准欺诈交易的风险。
-
公开(公告)号:US20130290136A1
公开(公告)日:2013-10-31
申请号:US13899496
申请日:2013-05-21
申请人: John F. Sheets , Kim R. Wagner
发明人: John F. Sheets , Kim R. Wagner
IPC分类号: G06Q30/06
CPC分类号: G06Q30/0609 , G06Q20/40145 , G06Q20/4016 , H04L63/20
摘要: Embodiments of the invention provide strong user authentication on a consumer device without requiring the user to go through a formal registration process with the issuer or processing network. Certain embodiments allow the use of any biometric technology (e.g., fingerprint scan, iris scan, voice recognition, etc.) supported by their consumer device (e.g., smart phone, tablet computer, personal computer) to authenticate the user. Additionally, the consumer device provides unforgeable evidence of the biometric match in the form of a biometric digital artifact to provide proof to a processing network that the match occurred. The processing network maintains a history of these authenticated transactions and biometric digital artifacts and as more and more non-fraudulent authenticated transactions occur over time, a higher level of trust (i.e., lower risk) is associated with the consumer device, biometric registration process, and the user.
摘要翻译: 本发明的实施例在消费者设备上提供强用户认证,而不需要用户通过与发行者或处理网络的正式注册过程。 某些实施例允许使用其消费者设备(例如,智能电话,平板电脑,个人计算机)支持的任何生物特征技术(例如,指纹扫描,虹膜扫描,语音识别等)来认证用户。 另外,消费者设备以生物特征数字假象的形式提供生物特征匹配的不可伪造的证据,以向匹配发生的处理网络提供证据。 处理网络维护这些认证交易和生物识别数字工件的历史,随着越来越多的非欺诈性认证交易随时间发生,更高级别的信任(即较低风险)与消费者设备,生物特征注册过程, 和用户。
-
公开(公告)号:US20170046696A1
公开(公告)日:2017-02-16
申请号:US15338017
申请日:2016-10-28
申请人: GLEN LEON POWELL , John F. Sheets , Igor Karpenko
发明人: GLEN LEON POWELL , John F. Sheets , Igor Karpenko
CPC分类号: G06Q20/40 , G06Q20/322 , G06Q20/3221 , G06Q20/3229 , G06Q20/3672 , G06Q20/3829 , H04L12/1457 , H04L12/1464 , H04M15/48 , H04M15/75 , H04M15/751 , H04M15/755 , H04M15/7556 , H04M15/8044 , H04M17/02 , H04W4/12 , H04W4/24 , H04W4/50 , H04W12/04 , H04W12/06
摘要: Embodiments of the present invention are directed to systems, methods, and apparatus for allowing an issuer to initiate account provisioning on a mobile device without interacting with an accountholder. The issuer may initiate the process by sending a provisioning information request message to a mobile device with a secure element. The mobile device may recognize the provisioning request message and gather the requisite provisioning information without requiring user input. The provisioning information may include information associated with the secure element of the mobile device. The mobile device may then send a provisioning request message to a provisioning system. The provisioning request message may include the requisite provisioning information to allow the provisioning system to provision the financial account on the secure element of the mobile device.
摘要翻译: 本发明的实施例涉及用于允许发行者在移动设备上发起账户配置而不与账户持有者交互的系统,方法和装置。 发行者可以通过向具有安全元素的移动设备发送供应信息请求消息来发起该过程。 移动设备可以识别供应请求消息并且收集必需的供应信息而不需要用户输入。 配置信息可以包括与移动设备的安全元件相关联的信息。 然后,移动设备可以向供应系统发送供应请求消息。 供应请求消息可以包括必要的供应信息,以允许供应系统在移动设备的安全元件上配置金融帐户。
-
公开(公告)号:US20160094991A1
公开(公告)日:2016-03-31
申请号:US14935091
申请日:2015-11-06
申请人: Glenn Powell , John F. Sheets
发明人: Glenn Powell , John F. Sheets
CPC分类号: H04W12/06 , G06Q20/32 , G06Q20/40 , G06Q20/405 , H04L63/0428 , H04W12/0023 , H04W12/0027 , H04W12/04 , H04W12/0608
摘要: A method and system for provisioning access data in a second application on a mobile device using a first application on the mobile device. Authentication data may be input into the first application, and an authentication code may be requested from a remote server. The authentication code may include access data to be provisioned, in encrypted form. After the authentication code is received by the first application in the mobile device, it can pass the authentication code to a second application that initiates an access data provisioning process.
摘要翻译: 一种在移动设备上使用移动设备上的第一应用在第二应用中提供访问数据的方法和系统。 验证数据可以被输入到第一应用中,并且可以从远程服务器请求认证码。 验证码可以包括以加密形式提供的访问数据。 在移动设备中的第一应用程序接收到认证码之后,它可以将认证码传递给发起访问数据提供处理的第二应用。
-
公开(公告)号:US20150254670A1
公开(公告)日:2015-09-10
申请号:US14717863
申请日:2015-05-20
申请人: John F. Sheets , Kim Wagner
发明人: John F. Sheets , Kim Wagner
IPC分类号: G06Q20/40
CPC分类号: G06Q20/4016 , G06Q20/04 , G06Q20/401 , G06Q20/403 , G06Q2220/00
摘要: A merchant conducting a transaction on an account forms transaction data with a sensitive data field. To obscure the account prior to transmitting information about the transaction, for each character in the sensitive data field, a combined character is formed with a character of a generated pad. A replacement character is formed by a modulus operation on the combined character and is stored in the corresponding position in the sensitive data field. A transmission containing the sensitive data field with replacement characters is delivered to the merchant's acquirer. Subsequently, a first transmission is received for another transaction from a merchant that contains transaction data upon an account and a sensitive data field. Using the sensitive data field, an attempt is made to retrieve a transaction data record that contains data from a previous transaction that includes the account upon which the previous transaction was conducted. The sensitive data field, which is encrypted as the corresponding account upon which the previous transaction was conducted, was encrypted by a character-by-character modulo operation using a generated pad. If the transaction data record is retrieved, a second transmission is sent that contains a fraud notification of the attempt to conduct a transaction upon the encrypted account in the sensitive data field. If there is no retrieval of the transaction data record, a third transmission containing a no-fraud notification is sent.
-
公开(公告)号:US08078536B2
公开(公告)日:2011-12-13
申请号:US12982662
申请日:2010-12-30
申请人: John F. Sheets
发明人: John F. Sheets
IPC分类号: G06Q40/00
CPC分类号: G06Q20/403 , G06Q20/10 , G06Q20/102 , G06Q20/108 , G06Q20/24 , G06Q20/40 , G06Q40/00 , G06Q40/025
摘要: Disclosed herein is a method of providing one or more transaction card services to a holder of a transaction card, the method comprising receiving a registration code from the holder, wherein the registration code is associated with the issuer of the transaction card and with the transaction card, determining the issuer of the transaction card based on at least a portion of the registration code, transmitting the registration code to the issuer of the transaction card, receiving account information from the issuer, wherein the account information is associated with the registration code and with the transaction card, displaying at least a portion of the account information to the holder, receiving a verification value corresponding to the account information from the holder, and if the verification value is valid, permitting the holder to select one or more services in which to enroll.
-
公开(公告)号:US20100180326A1
公开(公告)日:2010-07-15
申请号:US12354242
申请日:2009-01-15
申请人: John F. Sheets , Simon Hurry
发明人: John F. Sheets , Simon Hurry
IPC分类号: H04L9/32
CPC分类号: H04L9/3226 , G06Q20/20 , G06Q20/3278 , G06Q20/382 , G06Q20/3825 , G06Q20/385 , H04L9/3236 , H04L63/083 , H04L63/12 , H04L2209/56 , H04L2209/805
摘要: A method for securely authenticating a user of a consumer device at an access device comprising the following steps. First, a dynamic data element and a first set of transactional information is sent to the consumer device from the access device. Next, the consumer device creates an authentication code as a function of at least the dynamic data element, a subset of the first set of transactional information, and a password. The authentication code, along with other data, is then sent from the consumer device back to the access device. The access device then uses the authentication code to send an authentication request message to the service provider of the user. The service provider then attempts to authenticate the user by recreating the authentication code and comparing the recreated authentication code with the authentication code received from the access device.
摘要翻译: 一种用于在访问设备处安全地认证消费者设备的用户的方法,包括以下步骤。 首先,将动态数据元素和第一组事务信息从访问设备发送到消费者设备。 接下来,消费者设备根据至少动态数据元素,第一组事务信息的子集和密码来创建认证码。 认证码与其他数据一起从消费者设备发送回接入设备。 然后,接入设备使用认证码向用户的服务提供商发送认证请求消息。 然后,服务提供商尝试通过重新创建认证码并将重新创建的认证码与从接入设备接收的认证码进行比较来认证用户。
-
公开(公告)号:US07254706B2
公开(公告)日:2007-08-07
申请号:US09893465
申请日:2001-06-29
申请人: Dominique Gougeon , Serge Le Crom , John F. Sheets
发明人: Dominique Gougeon , Serge Le Crom , John F. Sheets
IPC分类号: H04L29/00
CPC分类号: G07F7/1008 , G06Q20/341 , G06Q20/40975 , H04L9/0897 , H04L9/3234 , H04L9/3247 , H04L9/3263
摘要: Protection of private keys used to digitally sign files to be downloaded to a terminal is accomplished by storing the private keys in smartcards, and arranging a secure processor unit embedded in the smartcard to perform all signing operations requiring access to the keys so that the keys never leave the card. In addition, access to the signing operations is protected by multiple PINs, which may be distributed to multiple individuals and/or used to establish different signing authorization levels associated with different types of files.
摘要翻译: 用于将要下载到终端的文件进行数字签名的私钥的保护是通过将私钥存储在智能卡中来实现的,并且将嵌入在智能卡中的安全处理器单元布置成执行需要访问密钥的所有签名操作,使得密钥从不 离开卡 此外,对签名操作的访问由多个PIN保护,多个PIN可以分发给多个个人和/或用于建立与不同类型的文件相关联的不同签名授权级别。
-
-
-
-
-
-
-
-
-
搜索结果
30 条记录 (耗时 0.034 秒)
