[go: up one dir, main page]

WO2003025868A1 - A method and system for reducing the risk of credit card fraud - Google Patents

A method and system for reducing the risk of credit card fraud Download PDF

Info

Publication number
WO2003025868A1
WO2003025868A1 PCT/AU2002/001269 AU0201269W WO03025868A1 WO 2003025868 A1 WO2003025868 A1 WO 2003025868A1 AU 0201269 W AU0201269 W AU 0201269W WO 03025868 A1 WO03025868 A1 WO 03025868A1
Authority
WO
WIPO (PCT)
Prior art keywords
credit card
receiving
address
person
telephone
Prior art date
Application number
PCT/AU2002/001269
Other languages
French (fr)
Inventor
Hans Pandeya
Original Assignee
Interline Networks Pty Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AUPR7726A external-priority patent/AUPR772601A0/en
Priority claimed from AUPS0920A external-priority patent/AUPS092002A0/en
Application filed by Interline Networks Pty Ltd filed Critical Interline Networks Pty Ltd
Publication of WO2003025868A1 publication Critical patent/WO2003025868A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation

Definitions

  • This invention relates to a method and system for reducing the risk of credit card fraud.
  • a person opens a credit card account they are usually required to prove their identity by providing evidence in the form of a passport, drivers licence or birth certificate or the like. They are also required to authenticate an address to be associated with the account and usually must prove that they are connected with the address by providing examples of correspondence that they have received at that address such as bank statements or utility bills.
  • the persons connection with the address is verified by mailing the credit card to this address . Thereafter, this authenticated address is used as the mailing address for mail order products that are purchased using the credit card. This system ensures that, even if the credit card is used fraudulently, any goods ordered will be despatched to the true account holder.
  • Some services may be purchased which do not need to be provided at the address of a credit card holder.
  • certain internet based vendors offer services in return for payment.
  • the services may be used at a website and do not involve any delivery to a physical postal address.
  • the above mechanism does not assist in preventing fraudulent use.
  • a user may wish to purchase credit on an account set up with an internet vendor for the purpose of sending SMS messages from a website, or gambling at an online casino.
  • These vendors may accept payment by credit card for these services.
  • a fraudulent user could pay for these services by providing details of a live credit card account of which they are not the account holder .
  • the present invention provides a method of reducing credit card fraud including the steps of receiving credit card information including a credit card number from a person wishing to make a transaction; receiving a telephone call and verifying that the caller is the person who supplied the credit card information; receiving authentication information by way of the telephone call; and using the authentication information to retrieve a previously authenticated address for the person.
  • a previously authenticated address is obtained for the person making the transaction. This acts as a safeguard against fraudulent transaction because should it transpire that the credit card number provided by the person was fraudulent such as for instance by not being their credit card, they can subsequently be located using the previously authenticated address.
  • a previously authenticated address is an address that has been previously authenticated as being connected with the person.
  • the address may be authenticated such as by the person proving that they live at the address or otherwise have access to the address by providing items of mail received at that address such as utility bills, by providing evidence in the form of official correspondence received at that address or by providing evidence that they have received correspondence at that address sent by the organisation wishing to authenticate the address .
  • the step of verifying that the caller is the person who supplied the credit information may include the step of receiving the credit card information from the person making the telephone call. If the person provides the credit card information during the telephone call then it can be deduced that the person providing the credit card information is the same person that is making the telephone call.
  • the step of verifying that the caller is the person who supplied the credit card information may include the step of providing the person who supplied the credit card information with a security code; receiving a security code from the caller and matching the received security code with a supplied security code.
  • the matching of security codes provides a simple way of correlating a person making a telephone call with the details they previously provided. Further, it ensures that they had access to the provided security code.
  • the step of receiving authentication information by way of the telephone call may include the step of receiving caller line identification information transmitted with the telephone call.
  • the step of receiving authentication information by way of the telephone call may include the step of receiving a user name and password from the caller.
  • the method may further include the step of verifying that the previously authenticated address is substantially the same as an address associated with the credit card number; and accepting the transaction only if the verification is successful.
  • the method may further include the step of verifying that the previously authenticated address is substantially the same as an address associated with the telephone account that was used to make the telephone call; and accepting the transaction only if the verification is successful .
  • An address is substantially the same as another address if it identifies the same physical location. For instance, if two addresses differ only in respect that one contains the term "street” and the other the abbreviation "st" then they identify the same physical location.
  • the step of verifying that the previously authenticated address is substantially the same as an address associated with the telephone account further includes the step of providing the previously authenticated address to a telephone account database controller and receiving an indication of whether a telephone address stored in the telephone database is substantially the same as the previously authenticated address .
  • the credit card information includes an address associated with the credit card number.
  • the step of receiving the credit card information is done by way of the person interacting with a computer user interface .
  • the computer user interface is provided at an internet website.
  • the present invention provides a system for reducing credit card fraud including means for receiving credit card information including a credit card number from a person wishing to make a transaction; means for receiving a telephone call and verifying that the caller is the person who supplied the credit card information; means for receiving authentication information by way of the telephone call; and means for using the authentication information to retrieve a previously authenticated address for the person.
  • the means for verifying that the caller is the person who supplied the credit card information may include means for providing the person who supplied the credit card information with a security code; means for receiving a security code from the caller and means for matching the received security code with a supplied security code.
  • the means for receiving authentication information by way of the telephone call may include means for receiving caller line identification information transmitted with the telephone call.
  • the means for receiving authentication information by way of the telephone call may include means for receiving a user name and password from the caller.
  • the system may further include means for verifying that the previously authenticated address is substantially the same as an address associated with the credit card number; and means for accepting the transaction only if the verification is successful.
  • the system may further include means for verifying that the previously authenticated address is substantially the same as an address associated with the telephone account that was used to make the telephone call; and means for accepting the transaction only if the verification is successful.
  • the means for verifying that the previously authenticated address is substantially the same as an address associated with the telephone account further includes means for providing the previously authenticated address to a telephone account database controller and means for receiving an indication of whether a telephone address stored in the telephone database is substantially the same as the previously authenticated address.
  • the credit card information may include an address associated with the credit card number.
  • the means for receiving the credit card information may include a computer user interface.
  • the computer user interface may be provided at an internet website.
  • the present invention provides a computer program providing instructions for controlling a computing system to carry out a method according to the first aspect of the invention.
  • the present invention provides a computer readable medium providing a computer program according to the third aspect of the invention.
  • Figure 1 is a schematic view of an embodiment of a system for reducing the risk of credit card fraud according to the present invention
  • Figure 2 is a flow chart illustrating the steps of an embodiment of a method of reducing the risk of credit card fraud according to the present invention.
  • a system 10 including receiving means, in this example embodied in server 12.
  • the server can receive credit card details from a person 14 wishing to make a transaction over the internet 16.
  • the person 14 can view an interface included in an internet website displayed on user interface 18.
  • the software code required to display the interface is stored on server 12. This code may alternatively be stored on another computer connected to the internet .
  • the person 14 has a telephone 24 which may be used to dial in to telephone gateway 26.
  • This telephone may be either of a traditional land line telephone or a mobile telephone .
  • the server 12 has access to a database of credit card information 20 and a database of telephone information 22.
  • the credit card database would typically be operated and maintained by the credit card company responsible for the particular card. Indeed, a variety of credit card databases operated by various credit card companies are preferably accessible by the system. Similarly, the database of telephone information would typically be operated and maintained by a telephone company.
  • Both the credit card database and the database of telephone information include details of previously authenticated addresses associated with the respective credit card and telephone accounts.
  • the system of the invention would typically be operated by a checking entity that performs security checks on behalf of a merchant. Operation of the system will now be described with reference to the method illustrated by Figure 2.
  • the person 14 that desires to make a transaction provides their credit card information, including the address of the credit card, using the website interface. These details are received by receiving means embodied in server 12.
  • receiving means embodied in server 12 retrieves a previously authenticated credit card address associated with the credit card number from credit card database 20.
  • verifying means embodied in server 12 verifies that the address provided in the credit card information is substantially the same as the previously authenticated address obtained from credit card database 20. This is done using a software routine running on server 12 which applies an algorithm to compare the two addresses that allows for minor variations in address format. For example, the term “street” is taken to match the common abbreviation "st". If the addresses do not match then the method returns to step 28. If they do match the method proceeds to step 32.
  • providing means embodied in server 12 provides a security code to person 14 by causing the security code to be displayed on their user interface. Further, the person is instructed to dial a telephone number, also provided by display on the user interface.
  • the person uses telephone 24 to dial into gateway 26..- Gateway 26 identifies the originating telephone number of the telephone call from the caller line identification information that is transmitted at the time the telephone call is placed. The person is instructed by voice prompts to provide the security code with which they were provided at step 32. This may be done by manual entry using the telephone keypad, or by voice recognition techniques .
  • Receiving means embodied in server 12 receives the security code that the person 14 provides .
  • matching means embodied in server 12 matches the security code provided by person 14 with a security code previously provided by the system. If the security code does not match the method returns to step 34. If the security code does match the method proceeds to step 38.
  • verifying means embodied in server 12 verifies that a telephone address stored in telephone database 22 and associated with the originating telephone number is substantially the same as the credit card address. This may be done by obtaining the telephone address from the database and comparing the addresses in the same manner as the previously described comparison of credit card addresses . Some telephone companies will not give out a telephone address when provided with only a telephone number. They may, however, confirm whether a provided address is substantially the same as an address stored in their telephone database and associated with a particular telephone number. If the addresses are substantially the same the method proceeds to step 42 and the transaction is accepted. If the addresses are not substantially the same the method proceeds to step 44 and the transaction is denied.
  • a person dialling into gateway 26 using a mobile telephone additional verification may be made to allow for the fact that it is relatively easy to set up a mobile telephone account with a fraudulent address such as in the case of a pre-paid mobile telephone account where the mobile phone operator does not require the person to authenticate their address at the time of setting up their account. For this reason, the system may require that a person who wishes to call in using a mobile telephone previously authenticates an address associated with that mobile telephone number. This can be done by providing copies of correspondence received at that address . The authenticated address is then retrieved and used as the telephone address for the purposes of assessing the transaction.
  • the present invention has particular application for authenticating purchases for services which are not rendered at the address associated with the credit card. However, there is no reason why it could not be applied to authenticating purchases for physical goods being delivered to an address, for added security.
  • the method and system of the invention can be used to authenticate purchases of :
  • the above described method and system provide an improved way of reducing the risk of credit card fraud by verifying that a person is associated with an address associated with a credit card.
  • the system is not limited to databases including previously authenticated addresses relating to credit card or telephone accounts . Any database including previously authenticated address information can be used where that database includes details of the person.
  • the system is operated for employees of a company and the company database of employee information is used to provide previously authenticated addresses.
  • the validation information that is obtained from the person is their user name and password for accessing the company employee database.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A method of reducing credit card fraud including the steps of receiving credit card information including a credit card number from a person (14) wishing to make a transaction (28); receiving a telephone call and verifying that the caller is the person (14) who supplied the credit card information (32); receiving authentication information by way of the telephone call (34); and using the authentication information to retrieve a previously authenticated address for the person (38). By this method, a previously authenticated address (38) is obtained for the person (14) making the transaction. This acts as a safeguard against fraudulent transactions because should it transpire that the credit card number provided by the person (14) was not their credit card number, they can subsequently be located using the previously authenticated address (38).

Description

A METHOD AND SYSTEM FOR REDUCING THE RISK OF CREDIT CARD
FRAUD Technical Field
This invention relates to a method and system for reducing the risk of credit card fraud.
Background to the Invention
At the time a person opens a credit card account, they are usually required to prove their identity by providing evidence in the form of a passport, drivers licence or birth certificate or the like. They are also required to authenticate an address to be associated with the account and usually must prove that they are connected with the address by providing examples of correspondence that they have received at that address such as bank statements or utility bills. Once the creditworthiness of the person at the given address has been checked and the person has been approved, the persons connection with the address is verified by mailing the credit card to this address . Thereafter, this authenticated address is used as the mailing address for mail order products that are purchased using the credit card. This system ensures that, even if the credit card is used fraudulently, any goods ordered will be despatched to the true account holder. Some services may be purchased which do not need to be provided at the address of a credit card holder. For instance, certain internet based vendors offer services in return for payment. The services may be used at a website and do not involve any delivery to a physical postal address. Thus, the above mechanism does not assist in preventing fraudulent use. For instance, a user may wish to purchase credit on an account set up with an internet vendor for the purpose of sending SMS messages from a website, or gambling at an online casino. These vendors may accept payment by credit card for these services. A fraudulent user could pay for these services by providing details of a live credit card account of which they are not the account holder .
There is a need for an arrangement which would ameliorate the above problem.
Summary of the Invention In a first aspect the present invention provides a method of reducing credit card fraud including the steps of receiving credit card information including a credit card number from a person wishing to make a transaction; receiving a telephone call and verifying that the caller is the person who supplied the credit card information; receiving authentication information by way of the telephone call; and using the authentication information to retrieve a previously authenticated address for the person. By the above method, a previously authenticated address is obtained for the person making the transaction. This acts as a safeguard against fraudulent transaction because should it transpire that the credit card number provided by the person was fraudulent such as for instance by not being their credit card, they can subsequently be located using the previously authenticated address.
A previously authenticated address is an address that has been previously authenticated as being connected with the person. The address may be authenticated such as by the person proving that they live at the address or otherwise have access to the address by providing items of mail received at that address such as utility bills, by providing evidence in the form of official correspondence received at that address or by providing evidence that they have received correspondence at that address sent by the organisation wishing to authenticate the address .
The step of verifying that the caller is the person who supplied the credit information may include the step of receiving the credit card information from the person making the telephone call. If the person provides the credit card information during the telephone call then it can be deduced that the person providing the credit card information is the same person that is making the telephone call.
The step of verifying that the caller is the person who supplied the credit card information may include the step of providing the person who supplied the credit card information with a security code; receiving a security code from the caller and matching the received security code with a supplied security code. The matching of security codes provides a simple way of correlating a person making a telephone call with the details they previously provided. Further, it ensures that they had access to the provided security code.
The step of receiving authentication information by way of the telephone call may include the step of receiving caller line identification information transmitted with the telephone call.
The step of receiving authentication information by way of the telephone call may include the step of receiving a user name and password from the caller.
The method may further include the step of verifying that the previously authenticated address is substantially the same as an address associated with the credit card number; and accepting the transaction only if the verification is successful. The method may further include the step of verifying that the previously authenticated address is substantially the same as an address associated with the telephone account that was used to make the telephone call; and accepting the transaction only if the verification is successful .
An address is substantially the same as another address if it identifies the same physical location. For instance, if two addresses differ only in respect that one contains the term "street" and the other the abbreviation "st" then they identify the same physical location.
If it can be verified that the person has previously authenticated an address that is the same as an address associated with either a telephone account to which the person has access or that is the same as an address associated with the credit card then this indicates that the person is in some way connected with the address. This reduces the risk of accepting a transaction from an unauthorised person. Optionally, the step of verifying that the previously authenticated address is substantially the same as an address associated with the telephone account further includes the step of providing the previously authenticated address to a telephone account database controller and receiving an indication of whether a telephone address stored in the telephone database is substantially the same as the previously authenticated address . Some telephone companies do not give out addresses associated with telephone numbers upon request. They may, however, advise whether a supplied address is the same, or substantially the same, as an address stored in a telephone database which is under their control.
Optionally, the credit card information includes an address associated with the credit card number.
Optionally, the step of receiving the credit card information is done by way of the person interacting with a computer user interface . Optionally, the computer user interface is provided at an internet website.
In a second aspect the present invention provides a system for reducing credit card fraud including means for receiving credit card information including a credit card number from a person wishing to make a transaction; means for receiving a telephone call and verifying that the caller is the person who supplied the credit card information; means for receiving authentication information by way of the telephone call; and means for using the authentication information to retrieve a previously authenticated address for the person.
The means for verifying that the caller is the person who supplied the credit card information may include means for providing the person who supplied the credit card information with a security code; means for receiving a security code from the caller and means for matching the received security code with a supplied security code.
The means for receiving authentication information by way of the telephone call may include means for receiving caller line identification information transmitted with the telephone call.
The means for receiving authentication information by way of the telephone call may include means for receiving a user name and password from the caller. The system may further include means for verifying that the previously authenticated address is substantially the same as an address associated with the credit card number; and means for accepting the transaction only if the verification is successful.
The system may further include means for verifying that the previously authenticated address is substantially the same as an address associated with the telephone account that was used to make the telephone call; and means for accepting the transaction only if the verification is successful. •
Optionally, the means for verifying that the previously authenticated address is substantially the same as an address associated with the telephone account further includes means for providing the previously authenticated address to a telephone account database controller and means for receiving an indication of whether a telephone address stored in the telephone database is substantially the same as the previously authenticated address.
The credit card information may include an address associated with the credit card number.
The means for receiving the credit card information may include a computer user interface.
The computer user interface may be provided at an internet website.
In a third aspect the present invention provides a computer program providing instructions for controlling a computing system to carry out a method according to the first aspect of the invention.
In a fourth aspect the present invention provides a computer readable medium providing a computer program according to the third aspect of the invention.
Brief Description of the Drawings
An embodiment of the present invention will now be described, by way of example only, with reference to the accompanying drawings, in which:
Figure 1 is a schematic view of an embodiment of a system for reducing the risk of credit card fraud according to the present invention; and Figure 2 is a flow chart illustrating the steps of an embodiment of a method of reducing the risk of credit card fraud according to the present invention.
Detailed Description of the Preferred Embodiment Referring to Figure 1, a system 10 is shown including receiving means, in this example embodied in server 12. The server can receive credit card details from a person 14 wishing to make a transaction over the internet 16. The person 14 can view an interface included in an internet website displayed on user interface 18. The software code required to display the interface is stored on server 12. This code may alternatively be stored on another computer connected to the internet .
The person 14 has a telephone 24 which may be used to dial in to telephone gateway 26. This telephone may be either of a traditional land line telephone or a mobile telephone .
The server 12 has access to a database of credit card information 20 and a database of telephone information 22. The credit card database would typically be operated and maintained by the credit card company responsible for the particular card. Indeed, a variety of credit card databases operated by various credit card companies are preferably accessible by the system. Similarly, the database of telephone information would typically be operated and maintained by a telephone company.
Both the credit card database and the database of telephone information include details of previously authenticated addresses associated with the respective credit card and telephone accounts.
The system of the invention would typically be operated by a checking entity that performs security checks on behalf of a merchant. Operation of the system will now be described with reference to the method illustrated by Figure 2. Initially, at step 28 the person 14 that desires to make a transaction provides their credit card information, including the address of the credit card, using the website interface. These details are received by receiving means embodied in server 12. At step 30, retrieving means embodied in server 12 retrieves a previously authenticated credit card address associated with the credit card number from credit card database 20.
At step 32, verifying means embodied in server 12 verifies that the address provided in the credit card information is substantially the same as the previously authenticated address obtained from credit card database 20. This is done using a software routine running on server 12 which applies an algorithm to compare the two addresses that allows for minor variations in address format. For example, the term "street" is taken to match the common abbreviation "st". If the addresses do not match then the method returns to step 28. If they do match the method proceeds to step 32.
At step 32, providing means embodied in server 12 provides a security code to person 14 by causing the security code to be displayed on their user interface. Further, the person is instructed to dial a telephone number, also provided by display on the user interface.
At step 34, the person uses telephone 24 to dial into gateway 26..- Gateway 26 identifies the originating telephone number of the telephone call from the caller line identification information that is transmitted at the time the telephone call is placed. The person is instructed by voice prompts to provide the security code with which they were provided at step 32. This may be done by manual entry using the telephone keypad, or by voice recognition techniques . Receiving means embodied in server 12 receives the security code that the person 14 provides . At step 36, matching means embodied in server 12 matches the security code provided by person 14 with a security code previously provided by the system. If the security code does not match the method returns to step 34. If the security code does match the method proceeds to step 38.
At step 38, verifying means embodied in server 12 verifies that a telephone address stored in telephone database 22 and associated with the originating telephone number is substantially the same as the credit card address. This may be done by obtaining the telephone address from the database and comparing the addresses in the same manner as the previously described comparison of credit card addresses . Some telephone companies will not give out a telephone address when provided with only a telephone number. They may, however, confirm whether a provided address is substantially the same as an address stored in their telephone database and associated with a particular telephone number. If the addresses are substantially the same the method proceeds to step 42 and the transaction is accepted. If the addresses are not substantially the same the method proceeds to step 44 and the transaction is denied. In the case of a person dialling into gateway 26 using a mobile telephone, additional verification may be made to allow for the fact that it is relatively easy to set up a mobile telephone account with a fraudulent address such as in the case of a pre-paid mobile telephone account where the mobile phone operator does not require the person to authenticate their address at the time of setting up their account. For this reason, the system may require that a person who wishes to call in using a mobile telephone previously authenticates an address associated with that mobile telephone number. This can be done by providing copies of correspondence received at that address . The authenticated address is then retrieved and used as the telephone address for the purposes of assessing the transaction.
The present invention has particular application for authenticating purchases for services which are not rendered at the address associated with the credit card. However, there is no reason why it could not be applied to authenticating purchases for physical goods being delivered to an address, for added security.
The method and system of the invention can be used to authenticate purchases of :
• Applying credit to an account at an internet based service which allows users to transfer money by email
• Airline tickets being picked up at check-in
• Paying for parking
It can be seen that the above described method and system provide an improved way of reducing the risk of credit card fraud by verifying that a person is associated with an address associated with a credit card. - li lt will be appreciated that, although described with reference to a transaction occurring over the internet, the invention is not limited to that use and can be used for transactions made over the telephone. The system is not limited to databases including previously authenticated addresses relating to credit card or telephone accounts . Any database including previously authenticated address information can be used where that database includes details of the person. In one embodiment the system is operated for employees of a company and the company database of employee information is used to provide previously authenticated addresses. The validation information that is obtained from the person is their user name and password for accessing the company employee database.
It will be appreciated that, although the specific embodiment of the method described above is carried out using computer systems, in other embodiments some human involvement may be used to perform the invention such as call centre operators.
It will be appreciated that the above described embodiment is carried out using a combination of computer hardware and software. Any suitable computing system can be used such as networked computers or computers connected by dedicated connections.
Any reference to prior art contained herein is not to be taken as an admission that the information is common general knowledge, unless otherwise indicated.
Finally, it is to be appreciated that various alterations or additions may be made to the parts previously described without departing from the spirit or ambit of the present invention.

Claims

CLAIMS :
1. A method of reducing credit card fraud including the steps of: receiving credit card information including a credit card number from a person wishing to make a transaction; receiving a telephone call and verifying that the caller is the person who supplied the credit card information; receiving authentication information by way of the telephone call; and using the authentication information to retrieve a previously authenticated address for the person.
2. A method according to claim 1 wherein the step of verifying that the caller is the person who supplied the credit information further includes the step of receiving the credit card information from the person making the telephone call.
3. A method according to claim 1 wherein the step of verifying that the caller is the person who supplied the credit card information further includes the step of providing the person who supplied the credit card information with a security code; receiving a security code from the caller and matching the received security code with a supplied security code.
4. A method according to any preceding claim wherein the step of receiving authentication information by way of the telephone call further includes the step of receiving caller line identification information transmitted with the telephone call.
5. A method according to any preceding claim wherein the step of receiving authentication information by way of the telephone call further includes the step of receiving a user name and password from the caller.
6. A method according to any preceding claim wherein further including the steps of verifying that the previously authenticated address is substantially the same as an address associated with the credit card number; and accepting the transaction only if the verification is successful.
7. A method according to any one of claims 1 to 5 further including the steps of verifying that the previously authenticated address is substantially the same as an address associated with the telephone account that was used to make the telephone call; and accepting the transaction only if the verification is successful.
8. A method according to claim 7 wherein the step of verifying that the previously authenticated address is substantially the same as an address associated with the telephone account further includes the steps of providing the previously authenticated address to a telephone account database controller and receiving an indication of whether a telephone address stored in the telephone database is substantially the same as the previously authenticated address .
9. A method according to any preceding claim wherein the credit card information includes an address associated with the credit card number.
10. A method according to any preceding claim wherein the step of receiving the credit card information is done by way of the person interacting with a computer user interface.
11. A method according to claim 10 wherein the computer user interface is provided at an internet website.
12. A system for reducing credit card fraud including: means for receiving credit card information including a credit card number from a person wishing to make a transaction; means for receiving a telephone call and verifying that the caller is the person who supplied the credit card information; means for receiving authentication information by way of the telephone call; and means for using the authentication information to retrieve a previously authenticated address for the person.
13. A system according to claim 12 wherein the means for verifying that the caller is the person who supplied the credit card information includes means for providing the person who supplied the credit card information with a security code; means for receiving a security code from the caller and means for matching the received security code with a supplied security code.
14. A system according to either claim 12 or claim 13 wherein the means for receiving authentication information by way of the telephone call includes means for receiving caller line identification information transmitted with the telephone call.
15. A system according to any one of claims 12 to 14 wherein the means for receiving authentication information by way of the telephone call includes means for receiving a user name and password from the caller.
16. A system according to any one of claims 12 to 15 further including means for verifying that the previously authenticated address is substantially the same as an address associated with the credit card number; and means for accepting the transaction only if the verification is successful.
17. A system according to any one of claims 12 to 15 further including means for verifying that the previously authenticated address is substantially the same as an address associated with the telephone account that was used to make the telephone call; and means for accepting the transaction only if the -verification is successful.
18. A system according to claim 17 wherein the means for verifying that the previously authenticated address is substantially the same as an address associated with the telephone account further includes means for providing the previously authenticated address to a telephone account database controller and means for receiving an indication of whether a telephone address stored in the telephone database is substantially the same as the previously authenticated address.
1 . A system according to any one of claims 12 to 18 wherein the credit card information . includes an address associated with the credit card number.
20. A system according to any one of claims 12 to wherein the means for receiving the credit card information includes a computer user interface.
21. A system according to claim 20 wherein the computer user interface is provided at an internet website.
22. A computer program providing instructions for controlling a computing system to carry out a method according to any one of claims 1 to 11.
23. A computer readable medium providing a computer program according to claim 22. Dated this 17th day of September 2002 INTERLINE NETWORKS PTY LTD
By their Patent Attorneys GRIFFITH HACK
PCT/AU2002/001269 2001-09-17 2002-09-17 A method and system for reducing the risk of credit card fraud WO2003025868A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
AUPR7726 2001-09-17
AUPR7726A AUPR772601A0 (en) 2001-09-17 2001-09-17 Transaction method
AUPS0920 2002-03-07
AUPS0920A AUPS092002A0 (en) 2002-03-07 2002-03-07 A method and system for reduing the risk of credit card fraud

Publications (1)

Publication Number Publication Date
WO2003025868A1 true WO2003025868A1 (en) 2003-03-27

Family

ID=25646801

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU2002/001269 WO2003025868A1 (en) 2001-09-17 2002-09-17 A method and system for reducing the risk of credit card fraud

Country Status (1)

Country Link
WO (1) WO2003025868A1 (en)

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1615183A1 (en) * 2004-07-07 2006-01-11 Streamboys B.V. Internet payment verification method and system
EP1897051A2 (en) * 2005-06-27 2008-03-12 The 41st Parameter, Inc. Method and system for identifying users and detecting fraud by use of the internet
US8826393B2 (en) 2006-03-31 2014-09-02 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US8862514B2 (en) 2004-03-02 2014-10-14 The 41St Parameter, Inc. Method and system for identifying users and detecting fraud by use of the internet
US9060012B2 (en) 2007-09-26 2015-06-16 The 41St Parameter, Inc. Methods and apparatus for detecting fraud with time based computer tags
US9112850B1 (en) 2009-03-25 2015-08-18 The 41St Parameter, Inc. Systems and methods of sharing information through a tag-based consortium
US9390384B2 (en) 2008-07-01 2016-07-12 The 41 St Parameter, Inc. Systems and methods of sharing information through a tagless device consortium
US9521551B2 (en) 2012-03-22 2016-12-13 The 41St Parameter, Inc. Methods and systems for persistent cross-application mobile device identification
US9633201B1 (en) 2012-03-01 2017-04-25 The 41St Parameter, Inc. Methods and systems for fraud containment
US9703983B2 (en) 2005-12-16 2017-07-11 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
US9754256B2 (en) 2010-10-19 2017-09-05 The 41St Parameter, Inc. Variable risk engine
US9990631B2 (en) 2012-11-14 2018-06-05 The 41St Parameter, Inc. Systems and methods of global identification
US10091312B1 (en) 2014-10-14 2018-10-02 The 41St Parameter, Inc. Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups
US10417637B2 (en) 2012-08-02 2019-09-17 The 41St Parameter, Inc. Systems and methods for accessing records via derivative locators
US10453066B2 (en) 2003-07-01 2019-10-22 The 41St Parameter, Inc. Keystroke analysis
US10902327B1 (en) 2013-08-30 2021-01-26 The 41St Parameter, Inc. System and method for device identification and uniqueness
US10999298B2 (en) 2004-03-02 2021-05-04 The 41St Parameter, Inc. Method and system for identifying users and detecting fraud by use of the internet
US11301585B2 (en) 2005-12-16 2022-04-12 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
US11314838B2 (en) 2011-11-15 2022-04-26 Tapad, Inc. System and method for analyzing user device information

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1991006915A1 (en) * 1989-10-30 1991-05-16 Postal Buddy Corporation Change of address system and method of using same
US5193114A (en) * 1991-08-08 1993-03-09 Moseley Donald R Consumer oriented smart card system and authentication techniques
US5311594A (en) * 1993-03-26 1994-05-10 At&T Bell Laboratories Fraud protection for card transactions
US5802156A (en) * 1996-06-05 1998-09-01 David Felger Method for billing and controlling fraud in providing pay information services
US5991372A (en) * 1997-09-02 1999-11-23 Northern Telecom Limited Method and apparatus for facilitating financial transactions within a communications system
WO2001009854A1 (en) * 1999-08-03 2001-02-08 Clay Smith Craig Mark A system for inhibiting fraud in relation to the use of negotiable instruments
WO2001052205A1 (en) * 2000-01-12 2001-07-19 Seaglade Developments Limited A processing method and apparatus

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1991006915A1 (en) * 1989-10-30 1991-05-16 Postal Buddy Corporation Change of address system and method of using same
US5193114A (en) * 1991-08-08 1993-03-09 Moseley Donald R Consumer oriented smart card system and authentication techniques
US5311594A (en) * 1993-03-26 1994-05-10 At&T Bell Laboratories Fraud protection for card transactions
US5802156A (en) * 1996-06-05 1998-09-01 David Felger Method for billing and controlling fraud in providing pay information services
US5991372A (en) * 1997-09-02 1999-11-23 Northern Telecom Limited Method and apparatus for facilitating financial transactions within a communications system
WO2001009854A1 (en) * 1999-08-03 2001-02-08 Clay Smith Craig Mark A system for inhibiting fraud in relation to the use of negotiable instruments
WO2001052205A1 (en) * 2000-01-12 2001-07-19 Seaglade Developments Limited A processing method and apparatus

Cited By (55)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11238456B2 (en) 2003-07-01 2022-02-01 The 41St Parameter, Inc. Keystroke analysis
US10453066B2 (en) 2003-07-01 2019-10-22 The 41St Parameter, Inc. Keystroke analysis
US11683326B2 (en) 2004-03-02 2023-06-20 The 41St Parameter, Inc. Method and system for identifying users and detecting fraud by use of the internet
US10999298B2 (en) 2004-03-02 2021-05-04 The 41St Parameter, Inc. Method and system for identifying users and detecting fraud by use of the internet
US8862514B2 (en) 2004-03-02 2014-10-14 The 41St Parameter, Inc. Method and system for identifying users and detecting fraud by use of the internet
EP1615183A1 (en) * 2004-07-07 2006-01-11 Streamboys B.V. Internet payment verification method and system
EP3617979A1 (en) * 2005-06-27 2020-03-04 The 41st Parameter, Inc. Method and system for identifying users and detecting fraud by use of the internet
EP1897051A4 (en) * 2005-06-27 2012-01-25 41St Parameter Inc Method and system for identifying users and detecting fraud by use of the internet
EP1897051A2 (en) * 2005-06-27 2008-03-12 The 41st Parameter, Inc. Method and system for identifying users and detecting fraud by use of the internet
US10726151B2 (en) 2005-12-16 2020-07-28 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
US12079368B2 (en) 2005-12-16 2024-09-03 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
US9703983B2 (en) 2005-12-16 2017-07-11 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
US11301585B2 (en) 2005-12-16 2022-04-12 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
US11727471B2 (en) 2006-03-31 2023-08-15 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US9754311B2 (en) 2006-03-31 2017-09-05 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US10535093B2 (en) 2006-03-31 2020-01-14 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US11195225B2 (en) 2006-03-31 2021-12-07 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US10089679B2 (en) 2006-03-31 2018-10-02 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US9196004B2 (en) 2006-03-31 2015-11-24 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US12093992B2 (en) 2006-03-31 2024-09-17 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US8826393B2 (en) 2006-03-31 2014-09-02 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US9060012B2 (en) 2007-09-26 2015-06-16 The 41St Parameter, Inc. Methods and apparatus for detecting fraud with time based computer tags
US9390384B2 (en) 2008-07-01 2016-07-12 The 41 St Parameter, Inc. Systems and methods of sharing information through a tagless device consortium
US10616201B2 (en) 2009-03-25 2020-04-07 The 41St Parameter, Inc. Systems and methods of sharing information through a tag-based consortium
US9948629B2 (en) 2009-03-25 2018-04-17 The 41St Parameter, Inc. Systems and methods of sharing information through a tag-based consortium
US12132719B2 (en) 2009-03-25 2024-10-29 The 41St Parameter, Inc. Systems and methods of sharing information through a tag-based consortium
US9112850B1 (en) 2009-03-25 2015-08-18 The 41St Parameter, Inc. Systems and methods of sharing information through a tag-based consortium
US11750584B2 (en) 2009-03-25 2023-09-05 The 41St Parameter, Inc. Systems and methods of sharing information through a tag-based consortium
US9754256B2 (en) 2010-10-19 2017-09-05 The 41St Parameter, Inc. Variable risk engine
US11314838B2 (en) 2011-11-15 2022-04-26 Tapad, Inc. System and method for analyzing user device information
US11886575B1 (en) 2012-03-01 2024-01-30 The 41St Parameter, Inc. Methods and systems for fraud containment
US11010468B1 (en) 2012-03-01 2021-05-18 The 41St Parameter, Inc. Methods and systems for fraud containment
US12153666B1 (en) 2012-03-01 2024-11-26 The 41St Parameter, Inc. Methods and systems for fraud containment
US9633201B1 (en) 2012-03-01 2017-04-25 The 41St Parameter, Inc. Methods and systems for fraud containment
US11683306B2 (en) 2012-03-22 2023-06-20 The 41St Parameter, Inc. Methods and systems for persistent cross-application mobile device identification
US10021099B2 (en) 2012-03-22 2018-07-10 The 41st Paramter, Inc. Methods and systems for persistent cross-application mobile device identification
US10341344B2 (en) 2012-03-22 2019-07-02 The 41St Parameter, Inc. Methods and systems for persistent cross-application mobile device identification
US9521551B2 (en) 2012-03-22 2016-12-13 The 41St Parameter, Inc. Methods and systems for persistent cross-application mobile device identification
US12058131B2 (en) 2012-03-22 2024-08-06 The 41St Parameter, Inc. Methods and systems for persistent cross-application mobile device identification
US10862889B2 (en) 2012-03-22 2020-12-08 The 41St Parameter, Inc. Methods and systems for persistent cross application mobile device identification
US11301860B2 (en) 2012-08-02 2022-04-12 The 41St Parameter, Inc. Systems and methods for accessing records via derivative locators
US10417637B2 (en) 2012-08-02 2019-09-17 The 41St Parameter, Inc. Systems and methods for accessing records via derivative locators
US12002053B2 (en) 2012-08-02 2024-06-04 The 41St Parameter, Inc. Systems and methods for accessing records via derivative locators
US11410179B2 (en) 2012-11-14 2022-08-09 The 41St Parameter, Inc. Systems and methods of global identification
US10853813B2 (en) 2012-11-14 2020-12-01 The 41St Parameter, Inc. Systems and methods of global identification
US9990631B2 (en) 2012-11-14 2018-06-05 The 41St Parameter, Inc. Systems and methods of global identification
US11922423B2 (en) 2012-11-14 2024-03-05 The 41St Parameter, Inc. Systems and methods of global identification
US10395252B2 (en) 2012-11-14 2019-08-27 The 41St Parameter, Inc. Systems and methods of global identification
US10902327B1 (en) 2013-08-30 2021-01-26 The 41St Parameter, Inc. System and method for device identification and uniqueness
US11657299B1 (en) 2013-08-30 2023-05-23 The 41St Parameter, Inc. System and method for device identification and uniqueness
US12045736B1 (en) 2013-08-30 2024-07-23 The 41St Parameter, Inc. System and method for device identification and uniqueness
US10728350B1 (en) 2014-10-14 2020-07-28 The 41St Parameter, Inc. Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups
US11240326B1 (en) 2014-10-14 2022-02-01 The 41St Parameter, Inc. Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups
US10091312B1 (en) 2014-10-14 2018-10-02 The 41St Parameter, Inc. Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups
US11895204B1 (en) 2014-10-14 2024-02-06 The 41St Parameter, Inc. Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups

Similar Documents

Publication Publication Date Title
US20190005505A1 (en) Verification methods for fraud prevention in money transfer receive transactions
US20100179906A1 (en) Payment authorization method and apparatus
KR101309594B1 (en) A system and method for verifying a user's identity in electronic transactions
EP1708473B1 (en) A-computer accounting system with a lock using in a bank and the corresponding method used for secure payment by phone
US7383988B2 (en) System and method for locking and unlocking a financial account card
US7082416B2 (en) Method of using prepaid cash card for making purchases on the world wide web
AU2002357839B2 (en) Method for receiving electronically transferred funds using an automated teller machine
WO2003025868A1 (en) A method and system for reducing the risk of credit card fraud
US20090265273A1 (en) Transaction authorization
MX2009001277A (en) Money transfer transactions via pre-paid wireless communication devices.
MXPA05011481A (en) Systems and methods for verifying identities in transactions.
MXPA04009725A (en) System and method for secure credit and debit card transactions.
WO2007047901A2 (en) Credit fraud prevention systems and methods
KR20100054757A (en) Payment transaction processing using out of band authentication
US20040139014A1 (en) Anti-fraud remote cash transaction system
EP2965279A1 (en) Tokenized payment service registration
NZ538320A (en) Electronic fund transfer method for increasing security in electronic transactions, in particular the online electronic transfer of money
US20040054624A1 (en) Procedure for the completion of an electronic payment
EP1134707A1 (en) Payment authorisation method and apparatus
EP1200944B1 (en) A method and apparatus for inhibiting fraud in relation to the use of negotiable instruments
WO2011058376A1 (en) Payment authentication system and processing method
JP2001266034A (en) Transaction system and transaction management device
GB2360383A (en) Payment authorisation
JP3454785B2 (en) Card payment merchant terminal, card payment service system, and card validity display method in card payment
JP2001243391A (en) Credit card settlement system

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BY BZ CA CH CN CO CR CU CZ DE DM DZ EC EE ES FI GB GD GE GH HR HU ID IL IN IS JP KE KG KP KR LC LK LR LS LT LU LV MA MD MG MN MW MX MZ NO NZ OM PH PL PT RU SD SE SG SI SK SL TJ TM TN TR TZ UA UG US UZ VC VN YU ZA ZM

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ UG ZM ZW AM AZ BY KG KZ RU TJ TM AT BE BG CH CY CZ DK EE ES FI FR GB GR IE IT LU MC PT SE SK TR BF BJ CF CG CI GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP