CN108475374B - Payment devices with multiple modes for conducting financial transactions - Google Patents
Payment devices with multiple modes for conducting financial transactions Download PDFInfo
- Publication number
- CN108475374B CN108475374B CN201680060587.2A CN201680060587A CN108475374B CN 108475374 B CN108475374 B CN 108475374B CN 201680060587 A CN201680060587 A CN 201680060587A CN 108475374 B CN108475374 B CN 108475374B
- Authority
- CN
- China
- Prior art keywords
- account
- payment card
- cardholder
- additional
- details
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/357—Cards having a plurality of specified features
- G06Q20/3572—Multiple accounts on card
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3278—RFID or NFC payments by means of M-devices
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4018—Transaction verification using the card verification value [CVV] associated with the card
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0806—Details of the card
- G07F7/0833—Card having specific functional components
- G07F7/084—Additional components relating to data transfer and storing, e.g. error detection, self-diagnosis
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Finance (AREA)
- Computer Security & Cryptography (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Cash Registers Or Receiving Machines (AREA)
Abstract
本发明提供了使用支付卡来安全管理金融交易的支付卡,以及系统和方法。在一个实施方式中,支付卡包括合并到塑料基底中的第一部件,其中第一部件配置为提供与持卡人的有效凭证相关联的第一替代账户的详情。支付卡还包括合并到塑料基底中的至少一个附加部件。每个附加组件配置为提供与持卡人的有效凭证相关联的至少一个附加替代账户的详情。每个替代账户都包括与每个其它替代账户的详情不同的详情。并且,将至少一个替代账户提供给商家以用于与商家进行金融交易。
The present invention provides payment cards, systems and methods for securely managing financial transactions using payment cards. In one embodiment, the payment card includes a first component incorporated into the plastic base, wherein the first component is configured to provide details of a first alternate account associated with the cardholder's valid credentials. The payment card also includes at least one additional component incorporated into the plastic base. Each additional component is configured to provide details of at least one additional alternate account associated with the cardholder's valid credentials. Each alternate account includes details that are different from the details of each other alternate account. And, at least one alternate account is provided to the merchant for financial transactions with the merchant.
Description
相关申请的交叉引用CROSS-REFERENCE TO RELATED APPLICATIONS
本申请要求享有于2015年8月17日提交的美国临时申请No.62/282,991的权益,其全部内容通过引用并入本文中。This application claims the benefit of US Provisional Application No. 62/282,991, filed August 17, 2015, the entire contents of which are incorporated herein by reference.
技术领域technical field
本发明一般地涉及金融服务,更具体地涉及用于处理金融交易的支付设备和系统。The present invention relates generally to financial services, and more particularly to payment devices and systems for processing financial transactions.
背景技术Background technique
二十世纪四十年代末,美国引入诸如信用卡等的塑料支付卡,作为银行最信任客户在不携带大量现金时支付餐费和旅行的一种方式。自那时起,成千上万的银行发行了数以亿计的支付卡。In the late 1940s, the United States introduced plastic payment cards such as credit cards as a way that banks most trusted customers to pay for meals and travel without carrying large amounts of cash. Since then, hundreds of millions of payment cards have been issued by thousands of banks.
然而,传统支付卡系统的安全性受到几种非法行为的威胁。身份盗用、假冒行为、诈骗、未经授权访问账户,以及其它非法行为威胁到整个系统。传统支付卡以及用于授权和处理卡交易的网络很容易被身份盗贼和其他罪犯广泛利用。支付账户诈骗的一种主要形式是在进行电子商务时未经授权地使用支付账户的详情。支付账户诈骗的另一种主要形式是制造假冒卡片并在商家的销售点(point-of-sale,POS)设备上使用。这些形式的诈骗本身是由支付卡自身的制造方式造成的。具体来说,印刷或浮雕在传统塑料卡片上的信用卡号和其它支付账户详情很容易被复制或窃取。另外,信用卡的磁条也可被伪造。事实上,由支付卡诈骗对银行、商家以及消费者造成的损失正在迅速增长。行业内每年因支付卡诈骗损失将近200亿美元。However, the security of traditional payment card systems is threatened by several illegal practices. Identity theft, impersonation, fraud, unauthorized access to accounts, and other illegal practices threaten entire systems. Traditional payment cards and the networks used to authorize and process card transactions are vulnerable to widespread exploitation by identity thieves and other criminals. A major form of payment account fraud is the unauthorized use of payment account details when conducting electronic commerce. Another major form of payment account fraud is the manufacture of counterfeit cards and use at merchants' point-of-sale (POS) devices. These forms of fraud themselves are caused by the way the payment cards themselves are manufactured. Specifically, credit card numbers and other payment account details printed or embossed on traditional plastic cards can be easily copied or stolen. In addition, the magnetic strip of a credit card can also be counterfeited. In fact, the losses to banks, merchants, and consumers caused by payment card fraud are growing rapidly. The industry loses nearly $20 billion annually to payment card fraud.
为了防止假冒和盗用诈骗(这是银行和支付品牌的金融风险的主要来源),主要的卡片发行网络已采用新技术来确保在实体销售点只能使用合法卡片。这些由支付卡行业和卡发行网络联合企业(EMVCo)开发的技术为塑料卡片增加了具有机密存储和计算能力的防篡改电脑微芯片。EMVCo是以EuroPay、MasterCard及Visa命名的支付行业联合企业(EuroPay、MasterCard及Visa是该组织的最初创建者),但是现在也包括AmericanExpress、Discover、JCB以及Union Pay作为权益合伙人。To prevent counterfeiting and misappropriation scams, which are a major source of financial risk for banks and payment brands, major card issuance networks have adopted new technology to ensure that only legitimate cards are used at brick-and-mortar points of sale. These technologies, developed by the Payment Card Industry and Card Issuance Network Consortium (EMVCo), add tamper-resistant computer microchips with confidential storage and computing power to plastic cards. EMVCo is a payments industry conglomerate named after EuroPay, MasterCard and Visa (EuroPay, MasterCard and Visa were the original creators of the organization), but now also includes AmericanExpress, Discover, JCB and Union Pay as equity partners.
这种微芯片机密地存储那些当在商家POS设备进行交易时用于生成特异加密签名所需的信息和程序。在每笔交易时计算过程安全机密地执行在嵌入式微芯片内部,并通过现有的支付网络将结果与支付账户数据一起发送至卡片发行银行,在卡片发行银行采用卡片中存储的相同信息对结果进行验证。存储的信息不会被发行方公开,也不能通过任何现实手段被从微芯片中提取。微芯片嵌入式卡片于是为实体销售点执行的每笔卡交易提供了一次性代码。如果所有商家都使用这种新的机制,那么通过盗用账户数据而伪造卡片的风险就会大大消除。The microchip confidentially stores the information and programs needed to generate a unique cryptographic signature when a transaction is made at the merchant's POS device. The calculation process is performed securely and confidentially inside the embedded microchip for each transaction, and the result is sent to the card issuing bank along with the payment account data through the existing payment network, where the same information stored in the card is used to verify the result. authenticating. The stored information will not be disclosed by the issuer, nor can it be extracted from the microchip by any practical means. The microchip embedded card then provides a one-time code for each card transaction performed at the physical point of sale. If all merchants used this new mechanism, the risk of counterfeiting cards through account data theft would be greatly eliminated.
卡发行方防止诈骗的另一种方式是提供具有近场通信(NFC)部件的卡片。具备NFC部件的卡片允许用户在NFC读取器附近大约10cm范围内刷卡或出示卡片。Another way for card issuers to prevent fraud is to provide cards with Near Field Communication (NFC) components. Cards with NFC components allow the user to swipe or present the card within about 10cm of the NFC reader.
然而,微芯片嵌入式卡片(也称EMV卡或智能卡)以及具备NFC功能的卡片还必须在尚未普及新标准的环境下工作。许多商家尚未采用可激活微芯片卡并读取密码的EMV功能化终端,或尚未采用可读取无线通信信号的NFC读取器。为了保证支付卡能在全球范围内被接受,卡发行方在卡片背面包括了传统的磁条。However, microchip embedded cards (also known as EMV cards or smart cards) and NFC-enabled cards must also work in an environment where the new standard has not yet become widespread. Many merchants have not yet adopted EMV-enabled terminals that can activate microchip cards and read passwords, or NFC readers that can read wireless communication signals. To ensure payment cards are accepted globally, card issuers include a traditional magnetic stripe on the back of the card.
另外,为了实现电子和电话商务,发行方将支付账号印在卡上和/或浮雕在塑料上。这样,不仅可以使用微芯片或NFC部件进行金融交易,也可以通过使用POS刷卡操作在金融交易中使用磁条或在电话,或者互联网交易中使用账号。用于从卡片向商家终端传达账户信息的方法称为模式。换句话说,微芯片卡可在至少四种不同的金融交易模式中使用,例如包括刷磁条模式、使用EMV芯片的各种模式、NFC模式以及手动输入卡号模式。微芯片也可以实现其它模式,这也是为什么可能会有超过四种的不同金融交易模式。Additionally, to enable electronic and telephonic commerce, issuers have payment account numbers printed on cards and/or embossed on plastic. In this way, it is not only possible to use microchips or NFC components for financial transactions, but also to use a magnetic stripe in financial transactions by using a POS swipe operation or use an account number in a telephone, or Internet transaction. The method used to communicate account information from the card to the merchant terminal is called a schema. In other words, the microchip card can be used in at least four different financial transaction modes, including, for example, a magnetic stripe mode, various modes using an EMV chip, an NFC mode, and a manual card number entry mode. Microchips can also implement other models, which is why there may be more than four different models of financial transactions.
如果盗贼遇到新式的EMV或NFC支付卡中的一种,即便仅在短暂片刻内控制该卡片,其也可以在不必顾忌嵌入式芯片和NFC部件的情况下轻易地窃取支付账户的敏感数据。这可以通过从磁条中读取支付数据来实现,从而伪造卡片。盗贼也可通过给卡片拍照并捕获卡号来盗取数据以用于欺诈性电子商务。应当注意的是,磁条数据和印刷数据均不受例如密码这样的数字安全措施的保护。被盗用的数据随后被使用在安全性较低的尚未采用EMV系统的零售店,或者盗贼会上网进行电子商务交易。If a thief encounters one of the newer EMV or NFC payment cards, even for a brief moment in control of the card, he or she can easily steal the sensitive data of the payment account without having to worry about the embedded chip and NFC components. This can be accomplished by reading payment data from a magnetic stripe, thereby counterfeiting the card. Thieves can also steal data for fraudulent e-commerce by taking a picture of the card and capturing the card number. It should be noted that neither the magnetic stripe data nor the printed data are protected by digital security measures such as passwords. The stolen data is then used in less secure retail stores that have not yet adopted an EMV system, or thieves go online to conduct e-commerce transactions.
因此,需要更安全的支付卡。为了防止上述问题,同时为了提高消费者满意度并提高对支付卡的管控体验,本发明针对支付卡、金融网络以及金融交易的授权和处理引入了若干创新元素。Therefore, there is a need for more secure payment cards. In order to prevent the above problems, and at the same time to improve consumer satisfaction and improve the management and control experience of payment cards, the present invention introduces several innovative elements for payment cards, financial networks, and authorization and processing of financial transactions.
发明内容SUMMARY OF THE INVENTION
本公开描述了针对使用支付卡来安全管理金融交易的支付卡、系统以及方法。支付卡可采取例如如下形式:塑料支付卡、虚拟卡、可携带商务设备、嵌入在移动设备中的一个或多个部件、运行在移动设备或计算机上的应用程序,以及其他支付凭证形式。根据一个实施方式,支付卡包括合并到塑料基底内的第一部件,该第一部件配置为提供与持卡人的主要金融账户相关联的第一替代账户的详情。The present disclosure describes payment cards, systems, and methods for securely managing financial transactions using payment cards. Payment cards may take the form of, for example, plastic payment cards, virtual cards, portable commerce devices, one or more components embedded in mobile devices, applications running on mobile devices or computers, and other forms of payment credentials. According to one embodiment, the payment card includes a first component incorporated into the plastic base, the first component configured to provide details of a first alternate account associated with the cardholder's primary financial account.
支付卡还可以包括合并到塑料基底内的附加部件。附加部件配置为提供与持卡人的有效凭证相关联的附加替代账户的详情。第一替代账户包括的详情与第二替代账户的详情不同,并且与所有附加替代账户都不同。将第一、第二或附加替代账户中的至少一个提供给商家以便与商家进行金融交易。The payment card may also include additional components incorporated into the plastic base. The additional component is configured to provide details of additional alternate accounts associated with the cardholder's valid credentials. The first alternate account includes details that are different from the details of the second alternate account, and are different from all additional alternate accounts. At least one of the first, second or additional alternate accounts is provided to the merchant for financial transactions with the merchant.
根据另一实施方式,账户关联设备包括至少一个网络接口,该网络接口配置为经由第一网络与多个商家终端进行通信并且经由安全网络与金融机构进行通信。账户关联设备还包括交易认证模块,该交易认证模块配置为基于由第一商家终端获得的与持卡人拥有的支付卡相关联的第一替代账户的第一组详情,为多个商家终端中的第一商业终端认证第一金融交易。交易验证模块进一步配置为基于由附加商家终端获得的与持卡人拥有的支付卡相关联的附加替代账户的另外一组不同的详情,为多个商家终端中的附加商家终端认证附加金融交易。According to another embodiment, the account association device includes at least one network interface configured to communicate with the plurality of merchant terminals via the first network and with the financial institution via the secure network. The account association device also includes a transaction authentication module configured to, based on the first set of details obtained by the first merchant terminal of the first alternative account associated with the payment card owned by the cardholder, provide a transaction authentication module among the plurality of merchant terminals. The first commercial terminal authenticates the first financial transaction. The transaction verification module is further configured to authenticate additional financial transactions for additional merchant terminals of the plurality of merchant terminals based on a different set of details obtained by the additional merchant terminals for additional alternate accounts associated with the cardholder-owned payment card.
根据又一实施方式,提供了一种用于为支付卡提供安全性的系统。该系统包括分别连接到网络的第一商家终端和附加商家终端。第一商家终端配置为从与持卡人拥有的支付卡相关联的第一组信息中获得第一替代账户的详情。附加商家终端配置为从与该支付卡相关联的另外一组信息中获得附加替代账户的详情。该系统还包括连接到网络的账户关联设备。账户关联设备配置为分别从第一商家终端和附加商家终端接收第一替代账户和附加替代账户的详情。账户关联设备还配置为将第一替代账户和附加替代账户与属于持卡人的有效凭证相关联。此外,账户关联设备管理持卡人保存有效凭证的金融机构与第一和附加商家终端之间的金融交易。第一组信息与另外几组信息不同。According to yet another embodiment, a system for providing security for a payment card is provided. The system includes a first merchant terminal and additional merchant terminals respectively connected to the network. The first merchant terminal is configured to obtain details of the first alternate account from a first set of information associated with a payment card owned by the cardholder. The additional merchant terminal is configured to obtain additional alternate account details from another set of information associated with the payment card. The system also includes an account linking device connected to the network. The account association device is configured to receive details of the first alternate account and the additional alternate account from the first merchant terminal and the additional merchant terminal, respectively. The account association device is also configured to associate the first alternate account and the additional alternate accounts with valid credentials belonging to the cardholder. Additionally, the account linking device manages financial transactions between the financial institution where the cardholder holds valid credentials and the first and additional merchant terminals. The first set of information is different from the other sets of information.
本公开中描述的各种实施方式可以包括附加的系统、方法、特征和优点,这些附加系统、方法、特征和优点可能不一定在本文中明确地公开,但是在本领域普通技术人员通过查阅下文的具体实施方式和附图之后将是显而易见的。旨在使得所有这些系统、方法、特征和优点都囊括在本公开中,并由所附权利要求进行保护。Various embodiments described in this disclosure may include additional systems, methods, features, and advantages that may not necessarily be expressly disclosed herein, but are The detailed description and the accompanying drawings will be apparent later. It is intended that all such systems, methods, features and advantages be included within this disclosure and protected by the appended claims.
附图说明Description of drawings
以下附图中显示的特征和部件是为了强调本发明的一般性原理,并且不需按比例绘制。为一致性和清楚性起见,所有附图中的相应特征和部件均被指定相匹配的附图标记。The features and components shown in the following figures are intended to emphasize the general principles of the invention and are not necessarily drawn to scale. For the sake of consistency and clarity, corresponding features and components have been assigned matching reference numerals throughout the drawings.
图1是显示了根据本发明各个实施例的支付卡系统的框图;1 is a block diagram illustrating a payment card system according to various embodiments of the present invention;
图2A和图2B是分别显示了根据本发明各个实施例的第一支付卡的前视图和后视图的视图;2A and 2B are views showing a front view and a rear view, respectively, of a first payment card according to various embodiments of the present invention;
图3A和图3B是分别显示了根据本发明各个实施例的第二支付卡的前视图和后视图的视图;3A and 3B are views showing a front view and a rear view, respectively, of a second payment card according to various embodiments of the present invention;
图4是显示了根据本发明各个实施例的如图1所示的账户关联设备的框图;FIG. 4 is a block diagram showing the account association device shown in FIG. 1 according to various embodiments of the present invention;
图5是显示了根据本发明各个实施例的如图4所示的用户账户模块的框图。FIG. 5 is a block diagram illustrating the user account module shown in FIG. 4 in accordance with various embodiments of the present invention.
具体实施方式Detailed ways
本发明涉及支付设备,下文称为支付卡,例如塑料支付卡、虚拟卡、可佩带商务设备、嵌入移动设备中的部件、运行于移动设备或电脑上的应用程序以及其它支付凭证。本发明还涉及用于利用支付设备进行金融交易的系统和方法。本发明可包括具有商业可行性的计算服务、移动应用以及网站,并且可结合使用本文描述的支付卡或其它支付设备的金融机构来实施。本发明引入了若干个可用于现有卡片和有效凭证发行方的创新元素,用于防止各种形式的诈骗。本文所使用的术语“有效凭证”是指有效的资金调度工具,其可以是但不限于信用卡、签账卡、直接存款账户、储蓄账户、支票账户、积分卡、礼品卡,或其它卡或设备。The present invention relates to payment devices, hereinafter referred to as payment cards, such as plastic payment cards, virtual cards, wearable commerce devices, components embedded in mobile devices, applications running on mobile devices or computers, and other payment credentials. The present invention also relates to a system and method for conducting financial transactions using a payment device. The present invention may include commercially viable computing services, mobile applications, and websites, and may be implemented in conjunction with financial institutions using the payment cards or other payment devices described herein. The present invention introduces several innovative elements that can be used with existing card and valid credential issuers to prevent various forms of fraud. As used herein, the term "valid credential" refers to a valid funds dispatch tool, which may be, but is not limited to, a credit card, charge card, direct deposit account, savings account, checking account, loyalty card, gift card, or other card or device .
本发明包括可针对不同类型金融交易使用在不同模式下的多模式支付设备。例如,本文所述的支付卡可包括用于完成交易的多种模式。一些模式可包括:涉及嵌入卡中的微芯片的那些模式、涉及近场通信(NFC)部件的那些模式、涉及磁条的那些模式、涉及在在线交易中输入卡号和卡片安全验证值(CVV)的那些模式,和/或其它模式。本发明包括新式减少诈骗的特征、手机应用程序以及用于控制新式减少诈骗特征的相应网站。此外,计算服务可用于为在线商家和零售商家提供服务的授权和处理网络中。The present invention includes a multi-modal payment device that can be used in different modes for different types of financial transactions. For example, the payment cards described herein may include multiple modes for completing transactions. Some modes may include: those involving microchips embedded in cards, those involving Near Field Communication (NFC) components, those involving magnetic stripes, those involving entering card numbers and Card Security Verification Values (CVVs) in online transactions those modes, and/or other modes. The present invention includes a new fraud reduction feature, a mobile phone application, and a corresponding website for controlling the new fraud reduction feature. In addition, computing services can be used in authorization and processing networks that serve online merchants and retail merchants.
目前的支付卡发行做法是将直接对应持卡人实际有效凭证的持卡人唯一主账号(PAN)详情包含在支付卡的所有不同模式中(即包括磁条、EMV芯片、NFC等等)。但是,如本发明所描述的,通过使用替代账号或令牌来代替主账号(PAN),可在商家和发卡行之间插设账户关联设备来增加交易的安全性,或者作为支付处理过程的一部分,可由发卡行来调用该账户关联设备。此处所描述的支付设备系统先于交易授权和处理地在网络中安全地替换了持卡人PAN详情。这样就防止了将持卡人PAN详情披露给商家。Current payment card issuance practices include the cardholder's unique Primary Account Number (PAN) details, which directly correspond to the cardholder's actual valid credentials, in all the different modes of the payment card (ie, including magnetic stripe, EMV chip, NFC, etc.). However, by using an alternate account number or token in place of the primary account number (PAN), as described in this invention, account linking devices can be interposed between the merchant and the card issuer to increase transaction security, or as part of payment processing. In part, the account associated device may be invoked by the card issuer. The payment device system described herein securely replaces cardholder PAN details in the network prior to transaction authorization and processing. This prevents the cardholder PAN details from being disclosed to the merchant.
本发明为每个支付设备使用了多组不同的、匿名且无法预测的替代账户详情。在使用实际支付卡片的示例中,一组替代账户详情可与EMV芯片的一个或多个模式相关联,另一组替代账户详情可与EMV芯片的另一模式相关联,又一组替代账户详情可与NFC部件相关联,再一组替代账户详情则用于磁条,再另一组替代账户详情用于电子商务中,还有另一组用于手动输入。采用多组不同替代账户详情可防止跨模式支付诈骗。The present invention uses multiple sets of distinct, anonymous and unpredictable alternate account details for each payment device. In an example using an actual payment card, one set of surrogate account details could be associated with one or more modes of the EMV chip, another set of surrogate account details could be associated with another mode of the EMV chip, yet another set of surrogate account details Can be associated with the NFC component, yet another set of alternate account details for the magnetic stripe, yet another set of alternate account details for use in e-commerce, and yet another set for manual entry. Using multiple sets of different alternate account details prevents cross-modal payment fraud.
目前的做法是包含在EMV芯片中PAN与包含在磁条中和印刷在卡片上的PAN相同。如此,在多种模式中的任何一种出现的情况下,金融交易都可被接受,这就为跨模式诈骗提供了条件。例如,盗贼可能拦截EMV卡详情然后制造假的磁条卡。又如,盗贼可能会采用卡数据读取器将EMV和磁条账户详情二者都窃取,然后进行未经授权的电子商务交易。然而,本发明不受针对所有模式采用相同PAN的限制。相反,本发明采用对应于多个有效凭证的多组不同的替代账户详细,其中每个替代账户可与不同的模式相关联。通过这种方式可防止跨模式支付诈骗。The current practice is that the PAN contained in the EMV chip is the same as the PAN contained in the magnetic strip and printed on the card. In this way, financial transactions are acceptable in the presence of any of the multiple modes, which provides for cross-modal fraud. For example, a thief might intercept EMV card details and create a fake magnetic stripe card. As another example, a thief might use a card data reader to steal both EMV and magnetic stripe account details, and then conduct an unauthorized e-commerce transaction. However, the present invention is not limited to using the same PAN for all modes. Instead, the present invention employs multiple sets of distinct alternate account details corresponding to multiple valid credentials, where each alternate account may be associated with a different schema. In this way, cross-modal payment fraud is prevented.
应当注意的是,本发明所描述的支付设备可实施为信用卡、借记卡、虚拟卡、可佩带设备、物联网(IoT)设备、嵌入移动设备中的部件和/或应用程序,和/或其它金融凭证。在其它实施例中,本发明所描述的支付设备可适用于在除商业环境以外的其它支付环境中使用的非支付设备。例如,非支付设备(例如,积分卡、移动设备,以及其它非金融凭证)可适用于如下其它功能:用于作为代理凭证来代替电子认证识别(例如用于医疗保险用途、用于驾驶证用途等),以获取访问安全点的权限、为持卡人提供摄影识别以及用于其它用途。进一步地,与替代账户详情相关联的有效凭证可以是支付凭证和/或非支付凭证,例如积分凭证、医疗保险凭证以及其它金融或非金融凭证。It should be noted that the payment devices described herein may be implemented as credit cards, debit cards, virtual cards, wearable devices, Internet of Things (IoT) devices, components and/or applications embedded in mobile devices, and/or other financial documents. In other embodiments, the payment devices described herein may be applicable to non-payment devices used in payment environments other than commercial environments. For example, non-payment devices (eg, loyalty cards, mobile devices, and other non-financial credentials) may be suitable for other functions such as being used as proxy credentials in lieu of electronic authentication identification (eg, for health insurance purposes, for driver's license purposes) etc.) to gain access to security points, provide photographic identification to cardholders, and for other purposes. Further, valid credentials associated with alternate account details may be payment credentials and/or non-payment credentials, such as credit credentials, medical insurance credentials, and other financial or non-financial credentials.
图1的方框图显示了支付卡系统10的实施例,其中金融机构28为客户发行支付卡,例如信用卡或借记卡。在其它实施例中,客户可使用并非支付卡的其它类型的代理凭证,例如移动设备。根据图1的实施例,支付卡系统10包括公共网络12、一个或多个用户设备14、一个或多个商家终端16、一个或多个无线通信天线18、一个或多个移动设备20、以及账户关联设备24。The block diagram of FIG. 1 shows an embodiment of a
术语“商家终端”用于描述实体终端、网站或用于通过发起支付的商家提供功能性的其它装置。商家终端可嵌入POS设备中并且可以像在电商网站处理中一样是“虚拟”的。另外,例如当由于服务而发起重复支付时,商家终端可以是不涉及卡、客户、商家或商品的后台设备。“商家终端”可以代表POS设备、商家在线系统,以及其它由商家拥有/控制以用于进行各种购买模式的机制。商家终端可包括用在采用一种或多种技术(例如EMV芯片、磁条、NFC、电子商务等)的不同支付模式中的任何商家系统。The term "merchant terminal" is used to describe a physical terminal, website, or other device for providing functionality by a merchant that initiates payment. Merchant terminals can be embedded in POS devices and can be "virtual" as in e-commerce website processing. Additionally, the merchant terminal may be a backend device that does not involve cards, customers, merchants, or merchandise, such as when a recurring payment is initiated due to a service. "Merchant terminal" may represent POS devices, merchant online systems, and other mechanisms owned/controlled by the merchant for making various modes of purchase. The merchant terminal may include any merchant system used in different payment modes using one or more technologies (eg, EMV chip, magnetic strip, NFC, e-commerce, etc.).
网络12可包括广域网、互联网、专用网和/或其它可公开访问的网络。此外,网络12可包括与不同商家相关联的局域网。网络12还可以与一个或多个连接至天线18的蜂窝网络连通。Network 12 may include a wide area network, the Internet, a private network, and/or other publicly accessible networks. Additionally, network 12 may include local area networks associated with different businesses. The network 12 may also be in communication with one or more cellular networks connected to the
用户设备14、商家终端16以及天线18可通过一个或多个有线或无线连接部连接至网络12,从而实现各个部件之间的电子通信。无线通信天线18可包括一个或多个蜂窝塔、轨道卫星,或用于与移动设备20通信的其它无线通信集线器。
账户关联设备24可以是服务器、网络服务器、运行在服务器上的软件、硬件装置,或任何适于提供各种交易服务的中间计算设备或器件。账户关联设备24还连接至安全网络26,安全网络26还通过有线或无线连接部连接至一个或多个金融机构28和一个或多个数据库30。安全网络26可以是专用网、局域网、虚拟专用网(VPN)或高级加密的公共网络。账户关联设备24可配置成在数据库30中存储用于将一个或多个替代账户指向于金融机构28某持卡人或客户所拥有的真实账户的信息。
在购买操作中,已被发放支付卡的客户可使用该支付卡为商品或服务付款。可在其中一个商家终端16处向商家出示支付卡。应当注意的是,多个商家终端16可以与相同的商家相关联,以通过不同模式获取账户信息。事实上,多个商家终端16可以与商家所使用的单个设备相关联,以便在单个POS设备上获取信息。相应地,POS设备可以通过使用卡中嵌入芯片的第一模式来从支付卡获取信息,或通过涉及使用NFC部件或卡上磁条的另外模式来获取信息。在例如在线交易或电话交易的其它交易中,印刷和/或浮雕在卡上的卡号可以电子方式输入或由商家接单代表来输入。In a purchase operation, a customer who has been issued a payment card can use the payment card to pay for goods or services. The payment card may be presented to the merchant at one of the
根据其它实施例,相反地,支付卡系统10可配置成用于执行非支付行为的系统。取代执行那些如本文所公开的与金融账户相关的各种功能,非支付系统还可以为不是金融机构的企业实体处理其它类型的凭证。Conversely,
账户关联设备24使用数据库30将任意替代账户数据值与持卡人的有效凭证详情相关联。任意替代账户数据值和有效凭证详情可以由持卡客户在注册由账户关联设备24提供的服务时进行提供。在一个实施例中,持卡客户可以采用其中一种移动设备20上的移动应用程序或者采用用户设备14(其可以是传统的计算机或网络浏览器)通过账户关联设备24提供的网络服务来随时更改关联至替代账户的有效凭证详情。账户关联设备24使多个有效凭证与多个替代账户相关联。有效凭证可以是金融或非金融凭证。在一个实施例中,账户关联设备24使来自发卡金融机构28的有效凭证与多个替代账户相关联。在一个实施例中,账户关联设备24使来自发卡金融机构28以及其它金融或非金融机构的有效凭证与多个替代账户相关联。
账户关联设备24布置在支付卡系统10中,使得账户关联设备24接收到由商家通过其中一个商家终端16呈现的、需要对代表着每个卡的多个替代账户中的一个替代账户进行授权的所有交易。账户关联设备24利用可定制规则引擎将多个替代账户与一个或多个客户有效凭证相关联,该可定制规则引擎对包括当前交易数据(但不限于当前交易数据)在内的一个或多个事实很敏感。当前交易数据例如可包括但不限于商家类别代码、商家ID、交易量、替代账号、服务码,以及卡安全码等。The
账户关联设备24还可通过数据库30访问数据,该数据包括但不限于针对特定替代账户呈现的在先交易、针对与相同持卡客户相关联的另一替代账户呈现的在先交易、针对相同商家或相同商家地点所呈现的在先交易、当交易呈现时持卡客户的主要移动电话的地理位置。所述地理位置可以由例如全球定位系统(GPS)、近距离无线电信号(诸如Wi-FiTM、BluetoothTM、蓝牙低功耗信标、ZigbeeTM、Z-waveTM或它们的组合)以及其它位置感应因素来确定。可与有效凭证相关联的替代账户本身没有余额或已建立信贷,并且不能被用于结算任何交易。The
支付卡系统10可用于为支付卡的使用提供安全。支付卡系统10可包括连接至公共网络12的第一商家终端16,其中第一商家终端16配置成从与持卡人拥有的支付卡相关联的第一组信息获取第一替代账户的详情。支付卡系统10可包括连接至公共网络12的第二商家终端16,其中第二商家终端16配置成从与该支付卡相关联的第二组信息获取第二替代账户的详情。在该实施例中,支付卡系统10还包括连接至公共网络的账户关联设备24。账户关联设备24配置成分别从第一和第二商家终端16接收第一和第二替代账户的详情。账户关联设备24进一步配置成使第一和第二替代账户与属于持卡人的有效凭证相关联。账户关联设备24还管理金融机构28(持卡人从该金融机构28获得有效凭证)与第一和第二商家终端16之间的金融交易。此外,应当注意的是,第一组信息优选地不同于第二组信息。
支付卡系统10还可包括连接至公共网络12的第三商家终端16,其中第三商家终端16可以被配置成从与支付卡相关联的第三组信息,且优选地为不同的第三组信息,获取第三替代账户的详情。在一些实施例中,第一组信息从支付卡上的微芯片获得,第二组信息从嵌入于支付卡的NFC部件获得,第三组信息从支付卡上的磁条获得,第四组信息从印刷和/或浮雕在支付卡上的卡号获得。还可以获得从现在已知的或以后开发的其它不同模式获得的另外几组信息。第一组信息、第二组信息、第三组信息、第四组信息以及其它组信息可由金融机构生成。这些组信息当中的一些可以是手动输入的。The
备选的实施例包括这样一种支付卡系统10,其中支付卡没有印刷和/或浮雕的账号。同样,支付卡可以没有磁条,或没有其它模式中的一种。在这种情况下,持卡人在商家终端使用支付卡时可以仅使用磁条和/或NFC部件,或卡上保留的模式。Alternative embodiments include a
还可以向持卡人传达一组不同的账户详情,以用于进行在线或电话交易。该组不同的账户详情可以通过计算机(例如用户设备14)和/或通过移动设备20邮寄、电子邮件或短消息发送给持卡人。A different set of account details can also be communicated to the cardholder for online or telephone transactions. The different set of account details may be sent to the cardholder via a computer (eg, user device 14 ) and/or via a
在一些实施例中,与持卡人相关联的移动设备20可并入系统10中。商家终端16的其中一个可以是配置成进行在线交易的在线商家设备,移动设备20可配置成存储并检索从账户关联设备24生成的动态验证值(d-CVV)或者计算动态验证值,该动态验证值被发送至或手动输入至在线商家设备。在一些情况下,一个或多个商家终端16可以嵌入到销售点(POS)设备中。In some embodiments, the
与持卡人相关联的用户设备14配置成使持卡人可通过账户关联设备24来管理替代账户和有效凭证。账户关联设备24配置成使持卡人输入注册信息、监控替代账户的活动、开启或禁用以支付卡进行的交易的一种或多种模式、在支付卡丢失或被盗时挂失,以及提供与各种有效凭证相关的信息。例如,账户关联设备24可提供包括一个或多个网页的网站,该网页使得持卡人使用用户设备14就能够导航至该网站。The
图2A和图2B显示了根据本发明各个实施例的第一种支付卡36。图2A显示了支付卡36的正面38,图2B显示了支付卡36的背面40。支付卡36可包括位于支付卡36正面38上的金融机构28名称42、微芯片44、卡号46、客户姓名48以及有效期50。在一些实施例中,卡号46可浮雕在支付卡36上。此外,支付卡36的背面可包括磁条52、签名框54以及卡验证值(CVV)56。支付卡36可进一步包括NFC部件,该NFC部件可嵌在支付卡36的表面下,用于实现非接触式交易。2A and 2B illustrate a
在一个实施例中,支付卡36可以是卡片发行银行根据针对几个全球品牌化支付卡网络的其中之一制定的发行规则来发行的塑料EMV微芯片卡。支付卡36包括预配置和个人化,以便其可用于任何启用EMV的商家POS。In one embodiment,
然而,微芯片44中所包含的账户详情不是主卡持有人的账户详情,而是由卡发行方生成的任意值。这里的账户详情可被称为“替代账户详情”。替代账户详情被用作有效凭证的替代品,但并不用于识别任何特定客户。相反,替代账户详情涉及由卡发行银行生成的但并不与任何特定有效凭证相关联的替代账户。However, the account details contained in the
在图2的实施例中,微芯片44和磁条52包含两个不同替代账户的不同支付账号、有效期以及其它令牌账户详情。简单地说,微芯片44和磁条52看起来代表完全不同的支付账户。用微芯片44在启用EMV的商家处进行的交易将包含与使用相同卡36上的磁条52在商家处进行交易所不同的账户详情。同样,NFC交易可以采用不同于启用EMV模式和磁条模式下的支付账户详情。In the embodiment of Figure 2, the
在一个实施例中,金融机构28为客户提供用于电子商务或电话商务交易的替代账户详情,从而使得该详情不同于针对微芯片44或磁条52的替代账户的详情。应当理解的是,还可以使用传真、电子邮件以及其它形式的电子和电话通信。还应当理解的是,针对通过邮寄进行的交易而言,替代账户详情可以被记录邮购单上。电子商务替代账户详情可以不被印刷或浮雕在支付卡36上,而是单独提供给客户,或者可以印刷或浮雕在支付卡上,这视实施例而定。In one embodiment, the
图3A和图3B显示了根据本发明各个实施例的第二类支付卡60。图3A显示了支付卡60的正面62,图3B显示了支付卡60的背面64。支付卡60可包括位于支付卡60正面的金融机构名称66和微芯片68。应当注意的是,支付卡60没有正常会出现在传统支付卡上的卡号和客户姓名。支付卡60的背面64可以是空白的或者可以简单包括金融机构的名称和地址。背面64因此没有传统的磁条和CVV码。支付卡60不具有预先印刷的卡号、浮雕的账户数据、有效期数据、持卡人姓名,或其它账户数据。通过将卡制成匿名的并且不包括人可读取的账号,可防止从卡的正面和背面常规地窃取账户数据。3A and 3B illustrate a second type of
目前,VisaTM和MasterCardTM包括针对信用卡和借记卡作出的要求在卡上显示持卡人姓名和账号的规则。因此,图3的实施例没有遵从当前的这些规则。但是,本发明所描述的支付卡60可被公开携带而不会有丢失或被偷的危险,因为不能通过目测来获取持卡人姓名和账号。对于在线、邮购、电话和其它类似交易而言,可以在持卡人家中安全存储单独的卡或电子文档。Currently, Visa TM and MasterCard TM include rules for credit and debit cards that require the cardholder's name and account number to be displayed on the card. Therefore, the embodiment of Figure 3 does not comply with these current rules. However, the
在一些实施例中,支付卡36、60可以由塑料基板制成。第一部件(例如微芯片44)可以合并到图2和图3所示的卡的塑料基板内部。第一部件可以配置成提供与持卡人的有效凭证相关联的第一替代账户的详情。图2的支付卡36也可包括合并到塑料基板中的附加部件。这些附加部件配置成提供与持卡人的有效凭证相关联的附加替代账户的详情。第一替代账户包括与第二替代账户的详情不同且与所有附加替代账户都不同的详情。第一替代账户、第二替代账户或附加替代账户中的至少一个被提供(例如,使用商家终端16)至商家,用于与商家进行金融交易。In some embodiments, the
商家配置成通过网络12将至少一个替代账户的详情传达给账户关联设备24。账户关联设备24配置成将替代账户中的至少一个与持卡人的有效凭证之一相关联,其中账户关联设备24进一步配置成管理与持卡人主要金融账户相关联的金融机构28和与商家相关联的商家终端16之间的金融交易。The merchant is configured to communicate details of at least one alternate account to account
根据一些实施例,图2的支付卡36可进一步包括包合并到塑料基板中的附加部件(例如卡号46)。卡号可印刷和/或浮雕在塑料基板上。在备选实施例中,支付卡(例如支付卡60)可以没有印刷或浮雕的卡号、磁条和/或其它模式中的至少一种。According to some embodiments, the
第一替代账户、第二替代账户和附加替代账户可以由销售点(POS)设备(例如商家终端16)从第一部件、第二部件和附加部件读取。为了进行金融交易,一些实施方式可包括使用与持卡人相关联的移动设备20。The first alternate account, the second alternate account, and the additional alternate account may be read from the first component, the second component, and the additional component by a point-of-sale (POS) device (eg, the merchant terminal 16 ). To conduct financial transactions, some embodiments may include the use of the
图4是显示了图1所示的账户关联设备24实施例的框图。在图4的实施例中,账户关联设备24包括安全模块74、一个或多个网页76、用户账户模块78、一个或多个网络接口80以及交易认证模块82。该一个或多个网络接口80配置成实现第一公共网络12上的通信并且还实现安全网络26上的通信。用户账户模块78允许用户或客户执行有关金融账户以及有关如何使用支付卡36、60的许多不同动作。下文参照图5对用户账户模块78进行了更加详细的描述。FIG. 4 is a block diagram showing an embodiment of the
安全模块74可包括用于生成临时动态卡验证值(d-CVV)的随机号码生成器。d-CVV可被发送至移动设备。另外,安全模块74可包括用于加密经由公共网络12传输的数据的加密引擎。账户关联设备24可配置成网络服务器,其允许一个或多个用户从网页76访问信息,并且允许建立安全连接从而实现对诸如客户信息、卡号等敏感信息的传输。交易认证模块82配置成使用支付卡36、60来认证金融交易。The
在一个实施例中,令牌账户详情受使用密钥的加密保护,密钥可由安全模块74提供。在一个实施例中,密钥推导自客户创建的密码。在另一实施例中,密钥反而可取决于其它数据,这包括但不限于移动设备20的身份、账户关联设备24的安全模块74所知道的持卡客户的身份号、持卡客户针对计算机服务所注册的国家、由持卡人的生物认证(例如指纹、虹膜扫描、面部或声音识别)控制的万能密钥,或匹配于一个或多个身体节律的生物节律模式,所述生物节律模式包括但不限于脉搏率、表皮电导率、虹膜尺寸、眨眼率、脑照相术、心电描计术以及其它独立或联合被认为是个体生物标记的其它因素。In one embodiment, the token account details are encrypted using a key, which may be provided by the
普通的塑料卡可仅有一个印刷在卡的正面或背面的三位或四位数的CVV。电子商务网站现在常规地询问这个值以确保客户是自己持有该卡。但是因为CVV是印在卡上的短的号码,其容易随卡账户数据一起被偷。因此,在交易时使用可由安全模块74生成的仅能用于一次交易的动态CVV(d-CVV)可防止这种形式的窃取。在一些实施例中,代替使用生成的仅用于一次交易的d-CVV,d-CVV可应用于与特定商家关联的多笔交易或者可根据其它标准多次使用,这些标准例如是天数范围、一周的某些天、商家的区域码、购买类型等等。根据一些实施例,运行在与持卡人相关联的移动设备20上的移动应用程序可以配置成根据需要来获取d-CVV。备选地,在移动设备20不可用时可使用账户关联设备24提供的网站。因此,在这种情况下,账户关联设备可生成d-CVV。Ordinary plastic cards may have only a three- or four-digit CVV printed on the front or back of the card. E-commerce sites now routinely ask for this value to ensure that the customer is in possession of the card. But because the CVV is a short number printed on the card, it can easily be stolen along with the card account data. Therefore, using a dynamic CVV (d-CVV) that can be generated by the
除了在金融交易过程中的使用,系统10还可备选地应用于非支付用途。例如,系统10可用于以令牌或替代标识符来取代某种形式的标识符。这类标识符可包括社会安全号(在美国)、公共卫生识别号、积分计划,以及那些使用真实号码可能会有泄露、身份盗用或其它诈骗危险的其它形式账号。In addition to use during financial transactions, the
账户关联设备24还可用于对受保护记录集提供限制性交易访问,该受保护记录集例如是医疗记录请求、实验结果、信用调查、执业执照、商业执照,以及使用政府或企业发放的识别账号的其它形式的依赖方调查。
支付卡系统10还可用于一些非支付用途的交易,包括驾驶执照、边境管制文件、建筑物和资源访问卡以及礼品卡。在该实施例中,支付卡30、60在使用用于非支付用途的一种或多种模式的同时,还通过针对不同模式的独立替代账户而使用用于支付交易的一种或多种模式。
在一些实施例中,账户关联设备24可包括至少一个网络接口80,网络接口80配置成通过第一公共网络12与多个商家终端进行通信并通过安全网络26与金融机构28通信。例如,金融机构28可以是为持卡人发行支付卡36、60的银行。账户关联设备24还可包括交易认证模块82,该交易认证模块82配置成:根据与持卡人所持有的支付卡36、60相关联的第一替代账户的第一商家终端所获得的第一组详情,对多个商家终端16中的第一商家终端的第一金融交易进行认证。交易认证模块82可进一步配置成:根据与持卡人所持有的支付卡36、60相关联的第二替代账户的第二商家终端所获得的不同的第二组详情,对多个商家终端16中的第二商家终端的第二金融交易进行认证。In some embodiments,
交易认证模块82可进一步配置成判断替代账户是否对应于持卡人的有效凭证。交易认证模块82还可进一步配置成判断接收到的替代账户详情是否对应于所使用的支付卡模式的预期替代账户详情。交易认证模块82进一步配置成管理金融机构28与第一和第二商家终端16之间的金融交易。交易认证模块82还进一步配置成:根据与持卡人所持有的支付卡36、60的主账户相关联的附加替代账户的附加商家终端所获得的附加组详情,对多个商家终端16中的附加商家终端的附加金融交易进行认证。第一组详情可以从支付卡36、60上的微芯片44获得,第二组详情可以从支付卡36上的磁条52获得,第三组详情可以从印刷和/或浮雕在支付卡36上的卡号46获得。The
网络接口80可进一步配置成通过网络12与跟持卡人相关联的远程设备(例如用户设备14或移动设备20)进行通信。网络接口80可进一步配置成从远程设备14、20接收指令以使持卡人管理与支付卡36、60相关联的主账户,其中管理主账户包括以下至少一种:输入注册信息86、监控94主账户的活动、开启和禁用90以支付卡进行交易的一种或多种模式、举报92支付卡丢失或被盗以及提供88有关第一和第二替代账户的信息。
图5是显示了图4所示的用户账户模块78实施例的框图。在该实施例中,用户账户模块78包括注册模块86、预配置模块88、使能模块90、举报模块92,以及监控模块94。用户可以使用持卡人移动设备上运行的移动应用程序或通过使用持卡人的用户设备14访问账户关联设备24提供的网站来访问用户账户模块78。FIG. 5 is a block diagram showing an embodiment of the
用户账户模块78能使持卡客户建立并管理那些由账户关联设备24代表持卡客户实施的规则。这类规则可对持卡客户知晓的一个或多个事实敏感,这些事实包括但不限于支付值、商家ID、被编码在交易消息中的当地时间和日期、交易时商家的注册地点距离持卡客户移动设备的地理位置的距离、交易的当地货币、发生交易时所在的国家、商家所在的国家、交易是否呈现为磁条交易、EMV交易或是电子商务、电话或邮购交易,以及持卡人的认证方法,这例如但不限于以下一种或多种:向商家POS终端输入个人身份号(PIN)码、签署收据、向移动设备输入密码以及指纹或其它生物识别方法。The
注册模块86可配置成能使持卡人注册附加替代账户和附加有效凭证。使能模块90可用于使持卡人在认证之前能够根据持卡人基于各种标准所预见的各种用途来开启或禁用某些模式或种类的交易,或者能够自己开启或禁用特定交易。使能模块90可用于使持卡人指定在各种可能情况和标准下应从哪个有效凭证中扣除支付费用。举报模块92使用户可以在支付卡36、60丢失或被盗时进行举报。举报模块92的一个实施例能使账户关联设备24以人工或自动方式将相关信息报告给用户或金融机构28,这包括报告跨越替代账户详情和/或支付卡的潜在诈骗活动。监控模块94使用户可以查看先前的交易以监控卡的所有活动。Registration module 86 may be configured to enable cardholders to register additional alternate accounts and additional valid credentials. The enabling
预配置模块88允许用户单独区分多组不同的替代账户详情。传统卡发行系统假定的是在微芯片、磁条以及印刷/浮雕的卡号之间共享某些数据元素。但是,与传统卡发行系统相反,预配置模块88允许使用独立的数据元素来对这些和其它元素的每一者进行预配置。预配置模块88配置成分别识别这些多组不同的替代账户详情,这些替代账户详情存储在卡的预配置步骤期间所传送的通用预配置数据文件中。The
如果持卡人的支付卡36、60丢失或被盗,持卡人可能会遭遇未经授权使用其支付卡。然而,尽管在某些国家盗贼可利用NFC特征来购买低于某花费值(例如$100)的东西,但是通常情况下盗贼不能在没有持卡人PIN码的情况下使用EMV特征,其中持卡人PIN码可利用预配置模块88在预配置过程中输入。另外,由于针对该独立交易模式的账户详情是不同的,使得被盗的卡不能被用于电子或电话商务。If the cardholder's
预配置模块88可进一步包括接收未印刷在支付卡36、60上的持卡人的识别信息。根据一些实施例,预配置模块88可通过要求持卡人的移动设备20和使用支付卡36、60的交易同时存在来制定持卡人使用规则。此外,移动设备20的移动应用程序可用于立即阻止来自由报告模块92举报已被盗的被盗卡的交易。用户账户模块78可将其规则配置成阻止磁条交易,除非持卡人每次使用移动设备20上的移动应用程序解锁这些磁条交易。后一种方法可有效阻止伪造磁条卡的使用。用户账户模块78还可将其规则配置成阻止来自任何和所有不同模式的交易,或者阻止落入某种标准的交易,除非持卡人每次都解锁这些交易。The
在一个实施例中,持卡客户的主要移动设备20上可获得移动应用程序。该移动应用程序可被持卡客户用于在用户关联设备24中登记替代账户或有效凭证,控制有效凭证与被预配置给支付卡的一个或多个替代账户详情之间的预配置或联合。移动应用程序还使得用户能够开启或禁用那些通过任何预配置给塑料支付卡的替代账户发生的交易的授权,举报支付卡已丢失或被盗,以及将支付卡报告为针对敏感或高价值或高风险交易的额外认证因素。In one embodiment, the mobile application is available on the cardholder's primary
移动设备20还可将可以与“出示卡”交易和“未出示卡”交易相关联的替代账户详情存储在存储器中。这些替代账户详情可以存储在存储器中并通过客户向移动设备20中输入密码和/或另一认证因素来被客户调用。作为与电子商务网站进行互动的手段,移动应用程序安全持有电子商务替代账户详情,并且基于通过密码、生物测定和/或其它因素进行适当认证而将其显示给用户。在另一实施例中,替代账户详情由账户关联设备24传输并被移动设备20接收,然后通过客户向移动设备20中输入密码和/或另一认证因素而被客户调用。
本文所描述的实施方式代表多种可能的实施方式和示例,但并非为了将本发明限制为某些特定的实施方式。相反,本领域技术人员可以按照理解对这些实施方式做出各种修改。任何这类修改都将涵盖在本发明的精神和范围之内。The implementations described herein are representative of various possible implementations and examples, but are not intended to limit the invention to certain specific implementations. Rather, various modifications can be made to these embodiments as understood by those skilled in the art. Any such modifications are intended to be within the spirit and scope of the present invention.
Claims (25)
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US201562282991P | 2015-08-17 | 2015-08-17 | |
| US62/282,991 | 2015-08-17 | ||
| PCT/US2016/047329 WO2017031198A1 (en) | 2015-08-17 | 2016-08-17 | Payment devices having multiple modes of conducting financial transactions |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108475374A CN108475374A (en) | 2018-08-31 |
| CN108475374B true CN108475374B (en) | 2022-04-19 |
Family
ID=62164626
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201680060587.2A Expired - Fee Related CN108475374B (en) | 2015-08-17 | 2016-08-17 | Payment devices with multiple modes for conducting financial transactions |
Country Status (2)
| Country | Link |
|---|---|
| EP (1) | EP3338230A4 (en) |
| CN (1) | CN108475374B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109767210B (en) * | 2018-12-28 | 2020-08-04 | 深圳市讯联智付网络有限公司 | System and method for preventing eSe chip life cycle from being terminated unexpectedly |
| US11580550B2 (en) * | 2020-10-14 | 2023-02-14 | Capital One Services, Llc | Printer for selectively printing symbolic information on a medium |
| US20220300318A1 (en) * | 2021-03-17 | 2022-09-22 | Bank Of America Corporation | Electronic system for authorization and use of cross-linked resource instruments |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4443027A (en) * | 1981-07-29 | 1984-04-17 | Mcneely Maurice G | Multiple company credit card system |
| US5276311A (en) * | 1989-03-01 | 1994-01-04 | Hartmut Hennige | Method and device for simplifying the use of a plurality of credit cards, or the like |
| CN1666209A (en) * | 2002-07-15 | 2005-09-07 | 花旗信贷服务公司 | Method and system for a multi-purpose transactional platform |
| US7163153B2 (en) * | 2000-12-06 | 2007-01-16 | Jpmorgan Chase Bank N.A. | Selectable multi-purpose card |
| CN102349082A (en) * | 2009-01-08 | 2012-02-08 | Visa欧洲有限公司 | Payment system |
| CN103548045A (en) * | 2010-12-13 | 2014-01-29 | 高通股份有限公司 | System and method for point of service payment acceptance via wireless communication |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| AU2002327322A1 (en) * | 2001-07-24 | 2003-02-17 | First Usa Bank, N.A. | Multiple account card and transaction routing |
| US20080017720A1 (en) * | 2006-07-06 | 2008-01-24 | Kranzley Arthur D | Multi-use payment card and methods of using same |
| US20090187507A1 (en) * | 2006-12-20 | 2009-07-23 | Brown Kerry D | Secure financial transaction network |
| US8261977B2 (en) * | 2009-03-27 | 2012-09-11 | Mastercard International Incorporated | Methods and systems for using an interface and protocol extensions to perform a financial transaction |
| WO2011005848A2 (en) * | 2009-07-07 | 2011-01-13 | Chenot Richard H | Systems and methods for per-transaction financial card enabled personal financial management |
| US8977569B2 (en) * | 2011-09-29 | 2015-03-10 | Raj Rao | System and method for providing smart electronic wallet and reconfigurable transaction card thereof |
-
2016
- 2016-08-17 EP EP16837748.9A patent/EP3338230A4/en not_active Ceased
- 2016-08-17 CN CN201680060587.2A patent/CN108475374B/en not_active Expired - Fee Related
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4443027A (en) * | 1981-07-29 | 1984-04-17 | Mcneely Maurice G | Multiple company credit card system |
| US5276311A (en) * | 1989-03-01 | 1994-01-04 | Hartmut Hennige | Method and device for simplifying the use of a plurality of credit cards, or the like |
| US7163153B2 (en) * | 2000-12-06 | 2007-01-16 | Jpmorgan Chase Bank N.A. | Selectable multi-purpose card |
| CN1666209A (en) * | 2002-07-15 | 2005-09-07 | 花旗信贷服务公司 | Method and system for a multi-purpose transactional platform |
| CN102349082A (en) * | 2009-01-08 | 2012-02-08 | Visa欧洲有限公司 | Payment system |
| CN103548045A (en) * | 2010-12-13 | 2014-01-29 | 高通股份有限公司 | System and method for point of service payment acceptance via wireless communication |
Also Published As
| Publication number | Publication date |
|---|---|
| EP3338230A1 (en) | 2018-06-27 |
| CN108475374A (en) | 2018-08-31 |
| EP3338230A4 (en) | 2019-04-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12499433B1 (en) | Systems and methods for contactless smart card authentication | |
| US20210073821A1 (en) | Proxy device for representing multiple credentials | |
| US20240273506A1 (en) | Security system incorporating mobile device | |
| US12074974B2 (en) | Method and system for access token processing | |
| US9904800B2 (en) | Portable e-wallet and universal card | |
| US11157895B2 (en) | Payment devices having multiple modes of conducting financial transactions | |
| US20180108008A1 (en) | Digital wallet merchant-specific virtual payment accounts | |
| US20110010289A1 (en) | Method And System For Controlling Risk Using Static Payment Data And An Intelligent Payment Device | |
| US20250053964A1 (en) | Secure contactless credential exchange | |
| EP4282128A1 (en) | Mobile user authentication system and method | |
| CN108475374B (en) | Payment devices with multiple modes for conducting financial transactions | |
| US20250272372A1 (en) | Remote creation of virtual credential bound to physical location | |
| US20020073315A1 (en) | Placing a cryptogram on the magnetic stripe of a personal transaction card | |
| CN108780547B (en) | Proxy device for representing multiple certificates | |
| US12548024B2 (en) | Using unique identifier to supply user profile information | |
| US20240273532A1 (en) | Using unique identifier to supply user profile information | |
| GB2469029A (en) | Internet payment card verification using mobile location |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20220419 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |