[go: up one dir, main page]

WO2015167671A1 - Secure system and method of virtually making payments at a point of sale - Google Patents

Secure system and method of virtually making payments at a point of sale Download PDF

Info

Publication number
WO2015167671A1
WO2015167671A1 PCT/US2015/019773 US2015019773W WO2015167671A1 WO 2015167671 A1 WO2015167671 A1 WO 2015167671A1 US 2015019773 W US2015019773 W US 2015019773W WO 2015167671 A1 WO2015167671 A1 WO 2015167671A1
Authority
WO
WIPO (PCT)
Prior art keywords
payment
card
sale
account
merchant
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/US2015/019773
Other languages
French (fr)
Inventor
Nir STEEL
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of WO2015167671A1 publication Critical patent/WO2015167671A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/085Payment architectures involving remote charge determination or related payment systems
    • G06Q20/0855Payment architectures involving remote charge determination or related payment systems involving a third party
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/204Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/227Payment schemes or models characterised in that multiple accounts are available, e.g. to the payer
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3274Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3276Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being read by the M-device
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/363Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes with the personal data of a user
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes

Definitions

  • a payment card is a physical card that is tied to a payment account that can be used to make purchases.
  • Typical payment cards may include credit cards, charge cards, debit cards, ATM cards, store value cards, or gift cards.
  • a payment card can be presented instead of cash to make the purchase.
  • Payment cards are typically plastic cards with a magnetic strip. This magnetic strip holds data regarding the account the payment card is tied to. When payment is to be made, a user or the cashier swipes the card on a magnetic strip reader and that data is transmitted to the issuer and either declined or approved for payment. In cases where the magnetic strip cannot be read by the reader, a cashier or in cases of internet purchases, a user, may also transmit the account number found on the front of the card to the payment card issuer to determine whether or not payment is approved. Some payment cards may include an RFID tag, microchip, or other transponder but by in large magnetic strips are the preferred method of transmitting data for approval of payment, especially in the United States.
  • Certain cards may also have PIN codes associated with them that must be entered prior to use.
  • PIN codes associated with them that must be entered prior to use.
  • the issue with these security measures is that a consumer is continually entering sensitive information into a merchant system that can be prone to being compromised and information may be stolen. Further, merchants continually have direct access and the ability to store payment account information of their purchasers. The issue with merchants having direct access to capture and store account numbers and related data is that there have been some fairly large instances of their security being breached and the information stored on purchasers is compromised causing damage to both consumers and merchants.
  • a point of sale requires the actual card number to be used. At times a purchase may be very small but be made with a credit card account that has thousands of dollars in credit tied to the account. This very same card number and associated account data is then prone to fraud by a variety of techniques employed by those interested in stealing the data.
  • the described invention solves this issue by preventing the card number and account data from being shared when used and also verifies the fund recipient or merchant.
  • EMV card special chipped payment card
  • These cards are equipped with an embedded microprocessor chip that is able to encrypt transaction data differently for each purchase.
  • These cards are usually also accompanied by a prompt for a PIN code, but that may not always be the case.
  • EMV cards are more secure than the magnetic strip payment card because the transaction information is coded differently for each use. This makes it much harder for a thief to steal the card information than it is when using a magnetic strip payment card because that strip contains static, unchanging information.
  • Mobile payment options have been developed to allow users to use an electronic device for payment as opposed to a physical credit card.
  • These systems such as Google Wallet, Apple Pay, and Softcard allow a user to store certain credit cards in an electronic device and then access them at times of payment.
  • payment option are limited to participating banks who issue the payment cards, inquirers and participating merchants equipped with near field communication terminals. This accounts for only 2% of merchants in North America, making in unusable at the vast majority of credit and debit card accepting merchants. Additional limitations include that it cannot be used for voice phone purchases and internet sites. However, some of these systems also still require that a merchant have direct access to an account holder's information.
  • this invention has developed a system and method of virtually carrying payment cards that provide increased security and does not allow a merchant direct account access to sensitive information about the consumer. Further, it allows a consumer to maintain privacy and give less access of personal information to merchants. This invention also does not require that new hardware and in some
  • software be provided by merchants.
  • This invention is a solution that solves those objectives by tying one physical card to multiple accounts stored on a secure third party server or on a digital device that does not allow a merchant access to capture account numbers or associated data when a purchase occurs.
  • This invention also achieves those objectives by allowing a user to optionally pay a merchant directly through a barcode, RF signal, or other electronic means of communication linked to a secure third party server instead of the user providing account details directly to a merchant.
  • This invention relates to a system and method of purchasing using mobile payment at a point of sale through a secure third party server.
  • This invention relates to a user designating one physical card as a multi "master" card whereby it can be used in a traditional sense to access multiple accounts for choice of payment allowing a user to carry fewer cards.
  • This invention also relates to a manner of payment wherein a merchant holds a unique
  • identification account that can be accessed by a user for payment through a mobile payment portal hosted by a third party.
  • This invention requires that a traditional, physical payment card must first be converted into a virtual payment card. As discussed above, there are options in prior art that can do this. One way to do this is to capture the image of the front side and back side of the payment card. It is anticipated that a user will commonly use a mobile phone equipped with a camera to do this but any camera or any other device equipped with a camera, including but not limited to a personal computer, tablet, or personal digital device, may be able to capture the image so long as this image is then able to be viewed electronically on a digital device. It is equally anticipated that these numbers may also be manually entered. Once that image is captured, the card and corresponding account are verified and saved to a third party server that is accessible by the user through an account or application.
  • a user can repeat this process as many times as needed to associate all necessary accounts to this application.
  • a user will then present the mobile device for payment at a point of sale where the card is identified by the merchant through a means for capturing data and an inquiry is sent by the merchant to the payment card issuer for approval of a sale.
  • This invention is anticipated to build upon this manner of payment in another embodiment.
  • a user can present the mobile device linked to payment card accounts and the merchant identify a payment card through the mobile device for payment but instead of gathering information from consumer, this action will trigger a communication with a third party server for access to linked stored payment accounts.
  • a payment account is selected and at this point the third party server will communicate with the payment card issuer and receive communication regarding whether or not that sale is approved.
  • the third party server will communicate that information to the merchant. It is important to note that account selection can be made at the point of sale with the merchant or on the electronic device.
  • a merchant will be able to read a mobile device presenting payment card information via a bar code scanner or other types of reading and communication devices. Since merchants typically identify goods with barcodes, identifying a payment card in this manner does not require the addition of hardware in most settings. It only requires the addition of certain software equipped to process this type of transaction. In one preferred embodiment, a user may encounter a setting where a merchant is not yet equipped to handle virtual payment and a traditional, physical payment card is needed to complete a purchase at a point of sale. One common such setting is at a gas station where a consumer typically handles the payment of gasoline at the pump and not with a merchant who has access to a bar code reader or other similar identifying means.
  • a user will have the option to designate one physical card as a multi master card.
  • a user may tie several accounts to one physical, payment card.
  • an American Express payment card may be designated as the multi master card and be tied to a Visa payment card account and a bank account and the information is then saved on the secure third party server and accessible by the user through an account or application software that is able to access the third party server' s information.
  • a user While it is anticipated that a user will utilize the application to link the payment accounts, one skilled in the art will also recognize that the user may also link accounts at enabled financial institutions or point of sale locations offering the multi card system linkage.
  • this multi-master card manner of payment involves a scenario whereby the secure third party server recognizes the merchant when the multi, master card is selected or used.
  • the card when the card is used it instructs the point of sale to send information to a secured party server detailed information about the merchant and communicates that information to the third party server. That information relating to the merchant may include details about the purchase, the merchant payment identification code, or other relevant purchase details.
  • the user of the multi-master card can initiate payment to that merchant through the third party server. The user selects an account as described above but instead of the merchant requesting the payment, the user/consumer can instantly pay the merchant at the point of sale through the third party server.
  • the server will use the authorization received from the user' s account and will forward payment to a merchant account associated with its identification on the third party server. This manner of payment further removes the merchant from gathering information about a consumer because instead of a consumer's information being read, only the merchant information is being read by the action of swiping the multi-master card. No data about the consumer is being transmitted except whether payment has been made or not.
  • the multi, master card is preferred, this can also work with traditional payment cards.
  • the physical card associated as the multi master card does not have to be an active payment card. It is simply a prompt to the secure third party server that a user wishes to complete a payment and needs access to stored verified accounts.
  • the physical payment card presented may be an active payment card but may also be expired, cancelled or a "dummy" card.
  • a phone number or other designated number or pin code may also link a stored account which can be used to complete payment.
  • the point of sale will relay this number to the server holding the linked accounts and sends an electronic instruction to the account holder's digital device requiring him to enter his or her passcode in order to access the app and receive a onetime code to use to complete the purchase
  • the server communicates with the digital device an upon password verification the server will send an instant one time purchase pin-code.
  • the code is entered at the point of sale which relates back the pin for verification to the secured server.
  • the server Upon verification the server will send the point of sale or digital device all payment options stored by the account user for selection.
  • the server will process the card for approval from the card issuer and relate that information to the point of sale indicating if the card was approved or declined.
  • the approval may also be obtained through a merchant processor.
  • multi master card cannot be swiped but a user still wishes to use this multi master card.
  • a user can enter the card number from the multi, master card and the same steps as described above after a card swipe can be followed.
  • Another circumstance may be in the instance of phone orders.
  • a user can provide the multi master card number to a merchant and the same steps described above after a card swipe can be followed. Either of these actions will automatically or by the users' selection (of a user indicating to merchant by phone) trigger a request at the point of sale or digital device to the secure third party server that the user needs to select a desired payment account he/she wishes to access.
  • this multi-master card or master phone number may have additional cards or phone numbers tied to it. These cards /and/or phone numbers are not the "master" card but are cards and/or phone numbers that can be used by someone other than the account holder. These additional cards allow an account holder to share access to payment accounts with other authorized persons.
  • the account holder could also set certain limits on these additional cards and/or employ other safeguards on the cards to prevent over-use of the additional cards. These limits or safeguards would be managed and maintained through the secure third party server and could be accessed through the application.
  • payment between accounts may be desired. This can mean payments between bank accounts or payments between bank accounts and payment card accounts as examples. However, any payment between accounts can be anticipated. This can be accomplished by the user accessing their account on the third party server and authorizing such payments. The accounts then receive communications from the secure third party server. One skilled in the art will recognize that the user can access the server via an application or webpage.
  • any of the above embodiments may be further equipped with security features, such as requiring a Personal Identification Number (PIN code) or other similar feature.
  • PIN code Personal Identification Number
  • a merchant may also require a signature that matches either what is displayed on a mobile device or on the multi master card. Any number of security features can be enacted.
  • One preferred security feature relates to how card data and PIN code entry is captured and transmitted.
  • Existing systems utilize a PIN code have a fixed data entry location, (i.e. the familiar numerical keypad arrangement).
  • the payment card and the security code associated with the payment card is captured by the point of sale hardware and then transmitted to the inquirer.
  • This setup makes it fairly easy for a thief or a hacker to tap, "listen" and capture card data and the security code.
  • This invention utilizing a preferred security feature, is based on preselected security means that is only identifiable by the end user. It is based on dynamic data, either in a standalone setup or in preset hardware configurations.
  • the numerical keypad arrangement is not a fixed arrangement and is downloaded (transmitted) and assigned by the secured server for each purchase.
  • This unique numerical arrangement is displayed by the point of sale, however there is no correspondence between the numerical values displayed and the keypad arrangement.
  • the numerical setup and algorithm is encoded and known only to the security server, the point of sale and display work as a medium to relate data between the secured server and end user.
  • each position would always represent the same numerical value of the selected digit (0- 9)
  • the device would record that digit selection and transmit it for verification.
  • a hacker may simply tap into the hardware by various means and "listen”, (record) the numerical pin as entered and captured by the point of sale. This would now not be possible as each number entered and transmitted to the server is not the actual preselected security pin code of the card, so if the data entry of the pin is captured it would be the wrong number and cannot be used to authorize a transaction.
  • the point of sale hardware is not confined by hardware preset designs and function, as in a computer tabled or a more versatile programmable point of sale display.
  • the server may transmit a new screen data for each sale with more flexibility and at times less data to be recorded.
  • the display can be programmed as desired and have the user pick up his / hers security identification means, this could be a number, a picture, color or any similar identifying data.
  • the display image is encoded in sections and each purchase encodes and sets differently. The image is only displayed on the screen and there is no relationship to the data entry at the point of sale, once the screen selections are made the corresponding layout locations will only be identified and transmitted to the server for decoding of positioning data.
  • this invention is able to covert the payment account details into a unified numerical value assigned to means of identification, such as a barcode, which is dictated by a software algorithm that can simply be installed by merchants at their point of sale. This is unlike other systems that read barcodes or other identifying means and relay the information to a server which then converts those identifying means to data.
  • a known unified numerical value recognized by a standard algorithm makes this system standalone and does not require additional software or servers. It is merely a way to capture the credit card data instead of running the actual card on a magnetic strip or similar data capturing terminal.
  • a user takes a picture of the card or enters the payment account information into an application or website.
  • the application or website then converts each number of the credit card to a known identifiable data, such as a barcode based on the unified software algorithm.
  • the card is then saved along with the barcode.
  • the payment account user presents the barcode and the merchant which is captures that information at the point of sale by using a means for identifying the data.
  • the data is captured and the point of sale software converts the data to numerical values which is the actual credit card number and data, then the software simply relays the data entry to the point of sale which then runs the card for approval using it traditional merchant processing.
  • the data is always encoded and decoded with the same encoding algorithm, thereby making the system universal and not server dependable. Any user running the means for identifying data at a point of sale equipped with the converting software could easily capture the card data and then instruct the point of sale to run the card for approval.
  • the last four numbers of a credit card may be omitted from the barcode, so at a time of purchase the point of sale will instruct the user to enter the
  • Another preferred embodiment of this invention falls on the merchant side of the purchasing process which gives a consumer even more protection against fraud because this aspect allows the consumer to control the information that is sent to a merchant.
  • a merchant applies for an account with the secure third party server. This account holds certain information about the merchant that is needed for the merchant to receive payments.
  • the merchant is assigned a means for identification. While a barcode may be a preferred means for identification, one skilled in the art will recognize that any similar format is acceptable, such as an RF signal, audio tone, or any similar means of communication. That means for identification now holds all information relating to the merchant and how the merchant can or prefers to receive payment.
  • the consumer When a consumer wishes to complete a sale, the consumer opens his account typically through an application on a digital device which is linked to a , secure third party server and selects a manner of payment. Once a payment type is selected, the consumer can read the means for identification to pay. It is anticipated that the means for reading the means for identification to pay may be a scanner, digital reader, digital translator, digital camera or other similar devices. The reading means will be enabled by the application hosted on the digital device in which the consumer is using. This action of reading the means for identification retrieves the merchant information from the secure third party server and directs payment from the consumer to the merchant directly. Once the merchant receives indication that payment has been sent, then the sale is complete.
  • the merchant barcode can be static or can change. In cases where the barcode is contains additional information, it may also contain information about a particular sale, not only the total cost, but also a list of purchases, warranties on products purchased, invoice number, and any other information the merchant wishes to link.
  • the barcode may be displayed in a variety of manners. It may be on a merchant computer, it may be printed on receipts given to diners at restaurants, or any other manner in merchant wishes to display its payment information. In situations where more than one merchant may be identifiable, then the barcode may link multiple merchants for payment and then direct individual payments to a merchant after payment is complete.
  • both the merchant identifier (consumer) and merchant identification may occur on the same computer. It is common that a consumer will wish to make an online purchase.
  • a merchant may display means for identification on a consumers' personal computer, tablet or phone in the payment portal.
  • a consumers' personal computer can be enabled to read this means for identification. Once that personal computer has read that means for identification, the process described above begins in order to receive approval of payment. The difference is that this process has both sides of payment occurring on one computer instead of a merchant displaying a barcode and then a consumer reading that barcode, each using a separate electronic device.
  • This preferred embodiment automatically sends payment to a merchant without the consumer sharing sensitive account information with the merchant. All of the relevant data is sent automatically through a secure third party server when the barcode or means for identification and verified payment is made. This is a benefit to both consumers and merchants as the merchant no longer has the burden of protecting sensitive account information and the consumer has an added layer of privacy and security because no information is shared with a merchant.
  • the secure third party server may offer a user certain payment card offers offered by a merchant or other payment card issuer.
  • the benefit of the secure third party user making this offer is that the merchant is again separated from the user by the secure third party server increasing a user's privacy and security and no down time between when a card expires. A new card can be instantly downloaded to the account user when desired.
  • a consumer After a consumer reads the merchant' s means for identification, it does need to be transmitted to a third party server. If a user is using a mobile phone as the digital device then this may be transmitted through mobile phone service. However, it may also be transmitted through wired or wireless internet or other known manners of communication from a digital device to a remote third party server.
  • Fig. 1 is a prior art depiction of storing a physical payment card on a digital device as a verified payment account.
  • Fig. 2 is a prior art depiction of a a user presenting the stored verified card for payment wherein a merchant scans information regarding the users payment account, that information is sent to a third party server and verified for payment.
  • Fig. 3 depicts a flow chart of receiving approval for payment using a third party server to gather consumer information for approval of payment rather than having the merchant gather that information.
  • Fig. 4 is a flow chart detailing the steps involved in selecting one payment card account as the multi, master payment card which links multiple payment card accounts to one physical payment card.
  • Fig. 5 is a flowchart detailing the multi, master card being used at a point of sale which prompts on the merchant end for the consumer to select a manner of payment; the multi, master card is selected wherein this selection instructs what payment account data is sent and routed for approval through the secure third party server.
  • Fig. 6 is a flowchart detailing the mobile linkage to multiple accounts.
  • Fig. 7 is a flowchart detailing the process of using the multi, master card for payment.
  • Fig. 8 is a flowchart detailing the process of a merchant applying for a means for identification that holds identifying merchant payment information.
  • Fig. 9 is a flowchart detailing the process of using a merchant barcode for payment.
  • Fig. 10 depicts a flowchart detailing the process of a payment card used at a point of sale, wherein the multi master card option is utilized and transmitted through the third party server for approval.
  • Fig. 11 depicts a flowchart of the process of both the merchant identification and merchant identifier running on the same computer or system.
  • Fig. 12 A depicts an arrangement of a preferred security feature where an encoded numerical arrangement assignment in relation to fixed buttons at a point of sale.
  • Fig. 12B depicts another arrangement of the preferred security feature having a credit card terminal with fixed buttons and a numerical encoded arrangement.
  • Fig. 12C depicts another arrangement of the preferred security feature having touch screen capability and security code entry is represented by a color selection.
  • Fig. 12D depicts another arrangement of the preferred security feature utilizing a tablet computer at the point of sale and the encoded data is represented by pictures.
  • Fig. 12E depicts another arrangement of the preferred security feature having a point of sale terminal where the encoded data is entered by a keypad.
  • Fig. 12F depicts another arrangement of the preferred security feature having a touch screen where the keypad is virtual and displays the encoded numbers based on location and assigned numerical value.
  • Fig. 12G depicts a flowchart outlining the process of this security feature.
  • Fig. 13 depicts a flowchart wherein the payment card has been converted to a barcode representing card numeric values.
  • Fig. 14 depicts the building of a barcode in universal numeric values recognizable by the standalone data capturing software.
  • Fig. 15 depicts a flow chart of the process of selecting an account for payment.
  • Fig. 16 depicts a flow chart of the selecting an account for payment utilizing a PIN code for the transaction.
  • Figs. 1 and 2 depict the known prior art system and process for converting a physical payment card to a mobile payment card stored in a verified manner on a third party server accessible by an application on a digital device.
  • Fig. 4 depicts the process of a user designating one payment account tied to a physical card as the multi, master card 8.
  • a user will store payment accounts 3a, 3b, 3c and 3d in an application on a digital device 2 per prior art systems. Once the payment accounts 3a, 3b, 3c and 3d are stored, one payment account 3b is selected on the application screen as the multi master card. This selection is then saved on the third party server 6.
  • the multi, master card 8 as seen in Fig. 5 is presented.
  • This card 8 is used at a point of sale like a traditional card would be used.
  • This action automatically or by user selection prompts the point of sale 5 to inquire as to which payment account is to be used.
  • Some common selections include credit, debit and EBT. This selection is transmitted to the secure third party server 6.
  • the server then communicates with the consumer by way of a prompt the user. The user then must select which payment account 3a, 3b, 3c and 3d to use for access. 3a as being selected for payment at the point of sale 5. This selection is then transmitted to the third party server 6 which in turn communicates with that payment account's 3a issuer 10 to seek approval for payment. If approval is received, this will be communicated to the point of sale 12b. If declined then the user has an option to use a different card stored on the server. If declined then the user has an option to use a different card stored on the server.
  • Fig. 6 depicts the point of sale 5 scanning a virtual version of the multi, master card accessing multiple accounts. Scanning is seen via barcode 14a but any means for communication and identification is anticipated. This will send a signal to the server 6 and either prompts a user or the point of sale 5 for an account selection. Once an account 3a is selected, this communicates with the server 6 to seek approval of payment. Either or both the point of sale 5 or user's electronic device 2 will receive indication of payment decline or approval 12b or 12a, respectively.
  • a point of sale/merchant 20 applies for an account that can receive payment.
  • a secure server 6 then issues an approved point of sale/merchant 5 with means for identification 14b.
  • Figs. 8 and 9 depict this means for identification 14b as a barcode.
  • a consumer When a consumer wishes to make a purchase at a point of sale 5, he or she presents a digital device 2 that is capable of reading the means for identification 14b. As seen in Fig. 9, the barcode 14b is scanned and registered merchant information from the server is sent to the consumer and the purchase is reflected on the screen on the digital device 2. A user selects a manner of payment 3a, 3b, 3c and 3d and this information is transmitted to the secure server 6. This server then communicates the payment account issuer for approval of payment. If approved, the merchant receives notification for approval 12b as well as on the digital device 2.
  • This invention also describes a unique and preferred security feature as seen in Figs. 12A-12G and 16.
  • This security feature goes beyond the familiar security key pad 44 and allows a user to select a PIN code 57 based on encoded data wherein this data regularly changes.
  • the keypad buttons 42 are assigned a different numerical value than is typical. A user would view the screen and select the fixed button that matches the numbers of the PIN code.
  • Figures 12B-12F detail other possible arrangements of the security feature.
  • FIG 12G details how this security feature is carried out.
  • a payment card 8a is presented at the point of sale 5.
  • the point of sale 5 contacts a server that generates a secure numerical arrangement.
  • the user enters the appropriate PIN code 57 based off the arrangement and sends the data back to the server that translates the entered information and contacts the payment card issuer for verification.
  • the payment card issuer either approves or declines use of the payment card and corresponding PIN code 57 entered.
  • Figs. 13 and 14 detail the embodiment relating to using universal numerical values to convert a payment account number into a manner easily readable by a point of sale 5.
  • a user will need to first convert a payment card 8 (associated payment account) into readable means 14c. To do this, a user will need to convert the payment account numbers 35a and 35b, as an example, into a numeric value readable by the universal software algorithm as seen in Fig. 14. After the payment card 8 has been converted into readable means 14c, a point of sale 5 can read the readable means 14c using a means for identifying data 9. As seen in Fig. 13, this is seen as a scanner 9 and barcode 14c. The point of sale can then process the payment account information to receive either approval or denial of payment 12b.

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

This invention relates to a system and method of purchasing using mobile payment at a point of sale through a secure third party server. This system and method generates a merchant barcode that can be scanned by a user for payment through a mobile payment portal. This invention also relates to a user designating one physical card as a "master" card whereby it can be used in a traditional sense to access multiple accounts for choice of payment allowing a user to carry fewer cards.

Description

Title of the Invention
Secure System and Method of Virtually Making Payments at a Point of Sale
Cross-Reference to Related Applications
This application is related to and claims priority to U.S. Provisional App. No.
61/950,745 entitled Secure System and Method of Virtually Making Payments at a Point of Sale filed on March 10, 2014 and U.S. Provisional App. No. 62/054,626 entitled Secure System and Method of Virtually Making Payments at a Point of Sale filed on September 24, 2014.
Statement regarding federally sponsored research or development
Not Applicable.
Names of the Parties to a Joint Research Agreement
Not Applicable.
Reference to a Compact Disc
Not Applicable.
Background of the Invention
A payment card is a physical card that is tied to a payment account that can be used to make purchases. Typical payment cards may include credit cards, charge cards, debit cards, ATM cards, store value cards, or gift cards. When a purchaser wishes to make a purchase at a point of sale, a payment card can be presented instead of cash to make the purchase.
Payment cards are typically plastic cards with a magnetic strip. This magnetic strip holds data regarding the account the payment card is tied to. When payment is to be made, a user or the cashier swipes the card on a magnetic strip reader and that data is transmitted to the issuer and either declined or approved for payment. In cases where the magnetic strip cannot be read by the reader, a cashier or in cases of internet purchases, a user, may also transmit the account number found on the front of the card to the payment card issuer to determine whether or not payment is approved. Some payment cards may include an RFID tag, microchip, or other transponder but by in large magnetic strips are the preferred method of transmitting data for approval of payment, especially in the United States.
Since payment cards are tied to a financial obligation for consumers, certain safeguards are in place to prevent fraudulent use of cards. Upon receiving a physical payment card, users are required to activate the card by proving to the issuer that the person holding the card is the same person who has an account obligation. After activation, a user must sign the back of the card and then it is preferred that the user sign a receipt at each point of sale so that a cashier may ensure that the signatures are the same. However, with the increasing use of internet sales, consumers also commonly enter account information into a payment portal for payment of goods. This results in a sale where no cashier can agree that the card holder is the same as the account holder. In cases where the physical card is not swiped, then a security code may be required to be entered. Certain cards may also have PIN codes associated with them that must be entered prior to use. The issue with these security measures is that a consumer is continually entering sensitive information into a merchant system that can be prone to being compromised and information may be stolen. Further, merchants continually have direct access and the ability to store payment account information of their purchasers. The issue with merchants having direct access to capture and store account numbers and related data is that there have been some fairly large instances of their security being breached and the information stored on purchasers is compromised causing damage to both consumers and merchants.
Users of payment cards are advised to closely guard the cards and monitor the accounts tied to the card for possible instances of fraud. Those committing payment card fraud are able to access account information by a variety of means and then use account information to make purchases that the account holder may be liable for. This results in large financial losses for consumers, merchants, and payment card issuers. As a result of this, payment card issuers as well as outside third party companies have developed systems to monitor instances of fraud or instances where accounts may be compromised. While these systems are quite good in catching fraudulent situations, they are not fool proof and financial losses still occur. Common problems of credit card fraud may result from lost or stolen payment cards, compromised account information, or other mishandling of account information. It is noted that the majority of fraud and security breaches start when a card is in use. By default, a point of sale requires the actual card number to be used. At times a purchase may be very small but be made with a credit card account that has thousands of dollars in credit tied to the account. This very same card number and associated account data is then prone to fraud by a variety of techniques employed by those interested in stealing the data. The described invention solves this issue by preventing the card number and account data from being shared when used and also verifies the fund recipient or merchant.
Recently, there has been a push to phase the payment cards with magnetic strips out in favor of the special chipped payment card, also known as an EMV card. These cards are equipped with an embedded microprocessor chip that is able to encrypt transaction data differently for each purchase. These cards are usually also accompanied by a prompt for a PIN code, but that may not always be the case. It is generally viewed that EMV cards are more secure than the magnetic strip payment card because the transaction information is coded differently for each use. This makes it much harder for a thief to steal the card information than it is when using a magnetic strip payment card because that strip contains static, unchanging information. However, while these cards have the benefit of being able to encrypt each transaction separately and differently, the major hurdle has been to appeal to merchants to invest in the hardware that can read these cards, Further, there have been reported cases of compromised accounts even with this security feature. Whether a consumer is carrying a magnetic strip payment card or an EMV card, they typically carry multiple payment cards at one time. This gives consumer flexibility in determining which account to make a payment from. While this flexibility is desired carrying multiple cards can be bulky and burdensome as a user continually needs to keep track of all the payment cards. Cards are commonly lost, stolen, or expire causing uncertainty for a consumer. There have been developments, such as the Coin, that have resulted in one physical card storing multiple payment accounts and this will help consumers to have fewer cards to carry. However, having such a physical card is a security risk as the card can be lost or stolen and then improperly used which would compromise all the stored accounts.
Mobile payment options have been developed to allow users to use an electronic device for payment as opposed to a physical credit card. These systems, such as Google Wallet, Apple Pay, and Softcard allow a user to store certain credit cards in an electronic device and then access them at times of payment. However, such payment option are limited to participating banks who issue the payment cards, inquirers and participating merchants equipped with near field communication terminals. This accounts for only 2% of merchants in North America, making in unusable at the vast majority of credit and debit card accepting merchants. Additional limitations include that it cannot be used for voice phone purchases and internet sites. However, some of these systems also still require that a merchant have direct access to an account holder's information.
Because of this, companies such as Level Up have developed processes that link an account holder to a merchant by their third party processing system. Such processes are outlined in US Pat. No. 8,620,790 and U.S. Publication No. US 20130334308. Users utilize mobile payment options through a third party processing system. This allows for lower processing fees and added security for users. While these systems are an improvement over the tradition payment card option, these systems encounter problems as well in that not all merchants are equipped to accept mobile payments.
As a result of these above mentioned problems, this invention has developed a system and method of virtually carrying payment cards that provide increased security and does not allow a merchant direct account access to sensitive information about the consumer. Further, it allows a consumer to maintain privacy and give less access of personal information to merchants. This invention also does not require that new hardware and in some
embodiments, software, be provided by merchants. This invention is a solution that solves those objectives by tying one physical card to multiple accounts stored on a secure third party server or on a digital device that does not allow a merchant access to capture account numbers or associated data when a purchase occurs.. This invention also achieves those objectives by allowing a user to optionally pay a merchant directly through a barcode, RF signal, or other electronic means of communication linked to a secure third party server instead of the user providing account details directly to a merchant.
Brief Summary of the Invention
This invention relates to a system and method of purchasing using mobile payment at a point of sale through a secure third party server. This invention relates to a user designating one physical card as a multi "master" card whereby it can be used in a traditional sense to access multiple accounts for choice of payment allowing a user to carry fewer cards. This invention also relates to a manner of payment wherein a merchant holds a unique
identification account that can be accessed by a user for payment through a mobile payment portal hosted by a third party.
This invention requires that a traditional, physical payment card must first be converted into a virtual payment card. As discussed above, there are options in prior art that can do this. One way to do this is to capture the image of the front side and back side of the payment card. It is anticipated that a user will commonly use a mobile phone equipped with a camera to do this but any camera or any other device equipped with a camera, including but not limited to a personal computer, tablet, or personal digital device, may be able to capture the image so long as this image is then able to be viewed electronically on a digital device. It is equally anticipated that these numbers may also be manually entered. Once that image is captured, the card and corresponding account are verified and saved to a third party server that is accessible by the user through an account or application. A user can repeat this process as many times as needed to associate all necessary accounts to this application. In a typical setting, a user will then present the mobile device for payment at a point of sale where the card is identified by the merchant through a means for capturing data and an inquiry is sent by the merchant to the payment card issuer for approval of a sale.
This invention is anticipated to build upon this manner of payment in another embodiment. Instead of a merchant inquiring as to whether a payment card is approved or credit successfully deducted from an account, a user can present the mobile device linked to payment card accounts and the merchant identify a payment card through the mobile device for payment but instead of gathering information from consumer, this action will trigger a communication with a third party server for access to linked stored payment accounts. A payment account is selected and at this point the third party server will communicate with the payment card issuer and receive communication regarding whether or not that sale is approved. The third party server will communicate that information to the merchant. It is important to note that account selection can be made at the point of sale with the merchant or on the electronic device.
One skilled in the art will recognize that it is known in prior art that a merchant will be able to read a mobile device presenting payment card information via a bar code scanner or other types of reading and communication devices. Since merchants typically identify goods with barcodes, identifying a payment card in this manner does not require the addition of hardware in most settings. It only requires the addition of certain software equipped to process this type of transaction. In one preferred embodiment, a user may encounter a setting where a merchant is not yet equipped to handle virtual payment and a traditional, physical payment card is needed to complete a purchase at a point of sale. One common such setting is at a gas station where a consumer typically handles the payment of gasoline at the pump and not with a merchant who has access to a bar code reader or other similar identifying means. In this case a user will have the option to designate one physical card as a multi master card. Using the application, a user may tie several accounts to one physical, payment card. For example, an American Express payment card may be designated as the multi master card and be tied to a Visa payment card account and a bank account and the information is then saved on the secure third party server and accessible by the user through an account or application software that is able to access the third party server' s information. While it is anticipated that a user will utilize the application to link the payment accounts, one skilled in the art will also recognize that the user may also link accounts at enabled financial institutions or point of sale locations offering the multi card system linkage.
One skilled in the art will recognize that this invention never allows the
merchant/point of sale to capture the payment account information. This information is only stored on the secure third party server and the only information shared is whether the sale is approved or declined. This gives a payment account holder an added layer of security that does not currently exist when using a physical, traditional payment card.
Another preferred embodiment of this multi-master card manner of payment involves a scenario whereby the secure third party server recognizes the merchant when the multi, master card is selected or used. In this scenario, when the card is used it instructs the point of sale to send information to a secured party server detailed information about the merchant and communicates that information to the third party server. That information relating to the merchant may include details about the purchase, the merchant payment identification code, or other relevant purchase details. Once the merchant is recognized on the third party server, the user of the multi-master card can initiate payment to that merchant through the third party server. The user selects an account as described above but instead of the merchant requesting the payment, the user/consumer can instantly pay the merchant at the point of sale through the third party server. The server will use the authorization received from the user' s account and will forward payment to a merchant account associated with its identification on the third party server. This manner of payment further removes the merchant from gathering information about a consumer because instead of a consumer's information being read, only the merchant information is being read by the action of swiping the multi-master card. No data about the consumer is being transmitted except whether payment has been made or not. One skilled in the art will recognize that while the multi, master card is preferred, this can also work with traditional payment cards.
It is important to note that the physical card associated as the multi master card does not have to be an active payment card. It is simply a prompt to the secure third party server that a user wishes to complete a payment and needs access to stored verified accounts. The physical payment card presented may be an active payment card but may also be expired, cancelled or a "dummy" card.
It is further anticipated that a phone number or other designated number or pin code may also link a stored account which can be used to complete payment. When the number is entered, the point of sale will relay this number to the server holding the linked accounts and sends an electronic instruction to the account holder's digital device requiring him to enter his or her passcode in order to access the app and receive a onetime code to use to complete the purchase The server communicates with the digital device an upon password verification the server will send an instant one time purchase pin-code.
The code is entered at the point of sale which relates back the pin for verification to the secured server. Upon verification the server will send the point of sale or digital device all payment options stored by the account user for selection.
At this point the server will process the card for approval from the card issuer and relate that information to the point of sale indicating if the card was approved or declined. The approval may also be obtained through a merchant processor.
There may be situations anticipated wherein the multi master card cannot be swiped but a user still wishes to use this multi master card. For example, in the instance of an online purchase, a user can enter the card number from the multi, master card and the same steps as described above after a card swipe can be followed. Another circumstance may be in the instance of phone orders. A user can provide the multi master card number to a merchant and the same steps described above after a card swipe can be followed. Either of these actions will automatically or by the users' selection (of a user indicating to merchant by phone) trigger a request at the point of sale or digital device to the secure third party server that the user needs to select a desired payment account he/she wishes to access. Once that selection is made the third party server will communicate with the payment card account issuer and received information as to whether or not approval can be granted. After approval is given, the sale is complete. It is also anticipated that this multi-master card or master phone number may have additional cards or phone numbers tied to it. These cards /and/or phone numbers are not the "master" card but are cards and/or phone numbers that can be used by someone other than the account holder. These additional cards allow an account holder to share access to payment accounts with other authorized persons. One skilled in the art will recognize that the account holder could also set certain limits on these additional cards and/or employ other safeguards on the cards to prevent over-use of the additional cards. These limits or safeguards would be managed and maintained through the secure third party server and could be accessed through the application.
One skilled in the art will also recognize that since multiple accounts are tied together, in some instances payment between accounts may be desired. This can mean payments between bank accounts or payments between bank accounts and payment card accounts as examples. However, any payment between accounts can be anticipated. This can be accomplished by the user accessing their account on the third party server and authorizing such payments. The accounts then receive communications from the secure third party server. One skilled in the art will recognize that the user can access the server via an application or webpage.
One skilled in the art will recognize that any of the above embodiments may be further equipped with security features, such as requiring a Personal Identification Number (PIN code) or other similar feature. A merchant may also require a signature that matches either what is displayed on a mobile device or on the multi master card. Any number of security features can be enacted.
One preferred security feature relates to how card data and PIN code entry is captured and transmitted. Existing systems utilize a PIN code have a fixed data entry location, (i.e. the familiar numerical keypad arrangement). The payment card and the security code associated with the payment card is captured by the point of sale hardware and then transmitted to the inquirer. This setup makes it fairly easy for a thief or a hacker to tap, "listen" and capture card data and the security code. This invention, utilizing a preferred security feature, is based on preselected security means that is only identifiable by the end user. It is based on dynamic data, either in a standalone setup or in preset hardware configurations. First, the numerical keypad arrangement is not a fixed arrangement and is downloaded (transmitted) and assigned by the secured server for each purchase. This unique numerical arrangement is displayed by the point of sale, however there is no correspondence between the numerical values displayed and the keypad arrangement. The numerical setup and algorithm is encoded and known only to the security server, the point of sale and display work as a medium to relate data between the secured server and end user.
In one example, when one is prompted to enter their secured PIN code in a normal setup each position would always represent the same numerical value of the selected digit (0- 9), the device would record that digit selection and transmit it for verification. In such a fixed setup a hacker may simply tap into the hardware by various means and "listen", (record) the numerical pin as entered and captured by the point of sale. This would now not be possible as each number entered and transmitted to the server is not the actual preselected security pin code of the card, so if the data entry of the pin is captured it would be the wrong number and cannot be used to authorize a transaction.
In another example, the point of sale hardware is not confined by hardware preset designs and function, as in a computer tabled or a more versatile programmable point of sale display. In this case the server may transmit a new screen data for each sale with more flexibility and at times less data to be recorded. The display can be programmed as desired and have the user pick up his / hers security identification means, this could be a number, a picture, color or any similar identifying data. The display image is encoded in sections and each purchase encodes and sets differently. The image is only displayed on the screen and there is no relationship to the data entry at the point of sale, once the screen selections are made the corresponding layout locations will only be identified and transmitted to the server for decoding of positioning data. The values or images change every time in relation to the positions so even if the positions are recorded they will never represent those numbers or images again. A further embodiment of this invention is anticipated to build upon this manner of payment. Prior art systems, as well as some embodiments of this invention, require that the card is identified by a means of identification such as a barcode and accompanying reader. Those systems require additional software and at times additional hardware for merchants to read a barcodes presented by a customer and a dedicated merchant account with the service provider making its availability to customers very narrow, which is why widespread acceptance of those systems has not been achieved. Instead of requiring additional software, this invention is able to covert the payment account details into a unified numerical value assigned to means of identification, such as a barcode, which is dictated by a software algorithm that can simply be installed by merchants at their point of sale. This is unlike other systems that read barcodes or other identifying means and relay the information to a server which then converts those identifying means to data. Using a known unified numerical value recognized by a standard algorithm makes this system standalone and does not require additional software or servers. It is merely a way to capture the credit card data instead of running the actual card on a magnetic strip or similar data capturing terminal.
To convert a payment account into a readable means identifiable by known systems, a user takes a picture of the card or enters the payment account information into an application or website. The application or website then converts each number of the credit card to a known identifiable data, such as a barcode based on the unified software algorithm. The card is then saved along with the barcode. The payment account user presents the barcode and the merchant which is captures that information at the point of sale by using a means for identifying the data.
The data is captured and the point of sale software converts the data to numerical values which is the actual credit card number and data, then the software simply relays the data entry to the point of sale which then runs the card for approval using it traditional merchant processing.
The data is always encoded and decoded with the same encoding algorithm, thereby making the system universal and not server dependable. Any user running the means for identifying data at a point of sale equipped with the converting software could easily capture the card data and then instruct the point of sale to run the card for approval.
For added layer of security the last four numbers of a credit card may be omitted from the barcode, so at a time of purchase the point of sale will instruct the user to enter the
"missing" last four numbers of his/her card number which is only known to the user.
Additional traditional security measures, such as those discussed above, may also be employed with this embodiment.
Another preferred embodiment of this invention falls on the merchant side of the purchasing process which gives a consumer even more protection against fraud because this aspect allows the consumer to control the information that is sent to a merchant. In this alternate virtual payment function, a merchant applies for an account with the secure third party server. This account holds certain information about the merchant that is needed for the merchant to receive payments. Once the account has been established, the merchant is assigned a means for identification. While a barcode may be a preferred means for identification, one skilled in the art will recognize that any similar format is acceptable, such as an RF signal, audio tone, or any similar means of communication. That means for identification now holds all information relating to the merchant and how the merchant can or prefers to receive payment.
When a consumer wishes to complete a sale, the consumer opens his account typically through an application on a digital device which is linked to a , secure third party server and selects a manner of payment. Once a payment type is selected, the consumer can read the means for identification to pay. It is anticipated that the means for reading the means for identification to pay may be a scanner, digital reader, digital translator, digital camera or other similar devices. The reading means will be enabled by the application hosted on the digital device in which the consumer is using. This action of reading the means for identification retrieves the merchant information from the secure third party server and directs payment from the consumer to the merchant directly. Once the merchant receives indication that payment has been sent, then the sale is complete.
One skilled in the art will recognize that the merchant barcode can be static or can change. In cases where the barcode is contains additional information, it may also contain information about a particular sale, not only the total cost, but also a list of purchases, warranties on products purchased, invoice number, and any other information the merchant wishes to link.
Once skilled in the art will recognize that the barcode may be displayed in a variety of manners. It may be on a merchant computer, it may be printed on receipts given to diners at restaurants, or any other manner in merchant wishes to display its payment information. In situations where more than one merchant may be identifiable, then the barcode may link multiple merchants for payment and then direct individual payments to a merchant after payment is complete.
It may be anticipated that both the merchant identifier (consumer) and merchant identification may occur on the same computer. It is common that a consumer will wish to make an online purchase. At the time of payment, a merchant may display means for identification on a consumers' personal computer, tablet or phone in the payment portal. A consumers' personal computer can be enabled to read this means for identification. Once that personal computer has read that means for identification, the process described above begins in order to receive approval of payment. The difference is that this process has both sides of payment occurring on one computer instead of a merchant displaying a barcode and then a consumer reading that barcode, each using a separate electronic device.
This preferred embodiment automatically sends payment to a merchant without the consumer sharing sensitive account information with the merchant. All of the relevant data is sent automatically through a secure third party server when the barcode or means for identification and verified payment is made. This is a benefit to both consumers and merchants as the merchant no longer has the burden of protecting sensitive account information and the consumer has an added layer of privacy and security because no information is shared with a merchant.
Another service and benefit of this invention is that the secure third party server may offer a user certain payment card offers offered by a merchant or other payment card issuer. The benefit of the secure third party user making this offer is that the merchant is again separated from the user by the secure third party server increasing a user's privacy and security and no down time between when a card expires. A new card can be instantly downloaded to the account user when desired.
After a consumer reads the merchant' s means for identification, it does need to be transmitted to a third party server. If a user is using a mobile phone as the digital device then this may be transmitted through mobile phone service. However, it may also be transmitted through wired or wireless internet or other known manners of communication from a digital device to a remote third party server.
Brief Description of the Several Views of the Drawings
Possible and preferred features of the present invention will now be described with particular reference to the accompanying drawings. However, it is to be understood that the features illustrated in and described with reference to the drawings are not to be construed as limiting on the broad scope of the invention. In the drawings: Fig. 1 is a prior art depiction of storing a physical payment card on a digital device as a verified payment account.
Fig. 2 is a prior art depiction of a a user presenting the stored verified card for payment wherein a merchant scans information regarding the users payment account, that information is sent to a third party server and verified for payment.
Fig. 3 depicts a flow chart of receiving approval for payment using a third party server to gather consumer information for approval of payment rather than having the merchant gather that information.
Fig. 4 is a flow chart detailing the steps involved in selecting one payment card account as the multi, master payment card which links multiple payment card accounts to one physical payment card.
Fig. 5 is a flowchart detailing the multi, master card being used at a point of sale which prompts on the merchant end for the consumer to select a manner of payment; the multi, master card is selected wherein this selection instructs what payment account data is sent and routed for approval through the secure third party server.
Fig. 6 is a flowchart detailing the mobile linkage to multiple accounts.
Fig. 7 is a flowchart detailing the process of using the multi, master card for payment.
Fig. 8 is a flowchart detailing the process of a merchant applying for a means for identification that holds identifying merchant payment information.
Fig. 9 is a flowchart detailing the process of using a merchant barcode for payment.
Fig. 10 depicts a flowchart detailing the process of a payment card used at a point of sale, wherein the multi master card option is utilized and transmitted through the third party server for approval.
Fig. 11 depicts a flowchart of the process of both the merchant identification and merchant identifier running on the same computer or system. Fig. 12 A depicts an arrangement of a preferred security feature where an encoded numerical arrangement assignment in relation to fixed buttons at a point of sale.
Fig. 12B depicts another arrangement of the preferred security feature having a credit card terminal with fixed buttons and a numerical encoded arrangement.
Fig. 12C depicts another arrangement of the preferred security feature having touch screen capability and security code entry is represented by a color selection.
Fig. 12D depicts another arrangement of the preferred security feature utilizing a tablet computer at the point of sale and the encoded data is represented by pictures.
Fig. 12E depicts another arrangement of the preferred security feature having a point of sale terminal where the encoded data is entered by a keypad.
Fig. 12F depicts another arrangement of the preferred security feature having a touch screen where the keypad is virtual and displays the encoded numbers based on location and assigned numerical value.
Fig. 12G depicts a flowchart outlining the process of this security feature.
Fig. 13 depicts a flowchart wherein the payment card has been converted to a barcode representing card numeric values.
Fig. 14 depicts the building of a barcode in universal numeric values recognizable by the standalone data capturing software.
Fig. 15 depicts a flow chart of the process of selecting an account for payment.
Fig. 16 depicts a flow chart of the selecting an account for payment utilizing a PIN code for the transaction.
Detailed Description of the Invention
Figs. 1 and 2 depict the known prior art system and process for converting a physical payment card to a mobile payment card stored in a verified manner on a third party server accessible by an application on a digital device. Turning now to Applicants invention, Fig. 4 depicts the process of a user designating one payment account tied to a physical card as the multi, master card 8. A user will store payment accounts 3a, 3b, 3c and 3d in an application on a digital device 2 per prior art systems. Once the payment accounts 3a, 3b, 3c and 3d are stored, one payment account 3b is selected on the application screen as the multi master card. This selection is then saved on the third party server 6.
As seen in Fig. 7, at a point of sale 5, where a physical card is required, the multi, master card 8 as seen in Fig. 5 is presented. This card 8 is used at a point of sale like a traditional card would be used. This action automatically or by user selection prompts the point of sale 5 to inquire as to which payment account is to be used. Some common selections include credit, debit and EBT. This selection is transmitted to the secure third party server 6.
As seen in Fig. 7, once the multi card 8 is selected and the selection is sent to the server 6, the server then communicates with the consumer by way of a prompt the user. The user then must select which payment account 3a, 3b, 3c and 3d to use for access. 3a as being selected for payment at the point of sale 5. This selection is then transmitted to the third party server 6 which in turn communicates with that payment account's 3a issuer 10 to seek approval for payment. If approval is received, this will be communicated to the point of sale 12b. If declined then the user has an option to use a different card stored on the server. If declined then the user has an option to use a different card stored on the server.
In cases where multiple accounts are linked and communication access is available, Fig. 6 depicts the point of sale 5 scanning a virtual version of the multi, master card accessing multiple accounts. Scanning is seen via barcode 14a but any means for communication and identification is anticipated. This will send a signal to the server 6 and either prompts a user or the point of sale 5 for an account selection. Once an account 3a is selected, this communicates with the server 6 to seek approval of payment. Either or both the point of sale 5 or user's electronic device 2 will receive indication of payment decline or approval 12b or 12a, respectively.
In another preferred embodiment seen in Figs. 8 and 9, a point of sale/merchant 20 applies for an account that can receive payment. A secure server 6 then issues an approved point of sale/merchant 5 with means for identification 14b. Figs. 8 and 9 depict this means for identification 14b as a barcode.
When a consumer wishes to make a purchase at a point of sale 5, he or she presents a digital device 2 that is capable of reading the means for identification 14b. As seen in Fig. 9, the barcode 14b is scanned and registered merchant information from the server is sent to the consumer and the purchase is reflected on the screen on the digital device 2. A user selects a manner of payment 3a, 3b, 3c and 3d and this information is transmitted to the secure server 6. This server then communicates the payment account issuer for approval of payment. If approved, the merchant receives notification for approval 12b as well as on the digital device 2.
This invention also describes a unique and preferred security feature as seen in Figs. 12A-12G and 16. This security feature goes beyond the familiar security key pad 44 and allows a user to select a PIN code 57 based on encoded data wherein this data regularly changes. For example, as seen in Figure 12A, the keypad buttons 42 are assigned a different numerical value than is typical. A user would view the screen and select the fixed button that matches the numbers of the PIN code. Figures 12B-12F detail other possible arrangements of the security feature.
Figure 12G details how this security feature is carried out. A payment card 8a is presented at the point of sale 5. The point of sale 5 contacts a server that generates a secure numerical arrangement. The user enters the appropriate PIN code 57 based off the arrangement and sends the data back to the server that translates the entered information and contacts the payment card issuer for verification. The payment card issuer either approves or declines use of the payment card and corresponding PIN code 57 entered.
Figs. 13 and 14 detail the embodiment relating to using universal numerical values to convert a payment account number into a manner easily readable by a point of sale 5.
Turning to Fig. 13, a user will need to first convert a payment card 8 (associated payment account) into readable means 14c. To do this, a user will need to convert the payment account numbers 35a and 35b, as an example, into a numeric value readable by the universal software algorithm as seen in Fig. 14. After the payment card 8 has been converted into readable means 14c, a point of sale 5 can read the readable means 14c using a means for identifying data 9. As seen in Fig. 13, this is seen as a scanner 9 and barcode 14c. The point of sale can then process the payment account information to receive either approval or denial of payment 12b.
Preferred features of the present invention will now be described with particular reference to the accompanying drawings. However, it is to be understood that the features illustrated in and described with reference to the drawings are not to be construed as limiting on the scope of the invention.
Throughout the specification and claims the word "comprise" and its derivatives are intended to have an inclusive rather than exclusive meaning unless the contrary is expressly stated or the context requires otherwise. That is, the word "comprise" and its derivatives will be taken to indicate the inclusion of not only the listed components, steps or features that it directly references, but also other components, steps or features not specifically listed, unless the contrary is expressly stated or the context requires otherwise. It will be appreciated by those skilled in the art that many modifications and variations may be made to the methods of the invention described herein without departing from the spirit and scope of the invention.

Claims

Claims What is claimed is:
1. The system of designating a payment as a multi, master payment card to complete payments comprising:
at least one payment account; and
an application linked to a secure third party server for verifying and storing a payment account and processing payment at a point of sale.
2. The system of claim 1 further comprising at least one payment card or other means for payment wherein at least one payment card or means for payment is linked to at least one payment account through the secure third party server and accessible through the application or point of sale.
3. The system of claim 2 wherein multiple payment accounts are linked to the payment card through the third party server and accessible through the application and wherein new payment accounts can be downloaded and then linked through the third party server.
4. The system of claim 3 wherein the payment card is presented at a point of sale and any of the multiple payment accounts may be used for payment or wherein the means of payment is at least one symbol, number or value captured by a point of sale.
5. The system of claim 4 wherein the third party server verifies payment can be made by contacting a payment account issuer and receiving information as to whether or not the payment can be complete; said server corresponds payment approval or denial to point of sale.
6. The system of claim 1 wherein a security feature may be enabled.
7. The method of designating a payment card as a multi, master payment gateway card to complete payments, a purchases comprising the steps of: assigning at least one payment account to an account, storage device or payment card;
a digital device; and
an application linked to a secure third party server for verifying a payment account and for processing payment at a point of sale;
wherein the application is accessed through the digital device and the provides the medium for assigning at least one payment account to a payment card; and further comprising the steps of:
presenting the payment card for payment;
selecting the mode of payment at the point of sale or digital device; contacting the third party server for access to linked payment accounts; selecting a payment account for payment;
contacting the third party server for approval of payment;
relaying response of third party server to point of sale to complete payment.
8. The method of claim 7 wherein more than one payment account is linked to the payment card or payment means.
9. The method of claim 7 wherein the steps occur on one digital device.
10. The method of claim 7 further comprising the step of entering a PIN code as security feature or as a way of selecting a payment account.
11. The system of generating a unique merchant identification for payment comprising:
a merchant account assigned means for storage, display, and broadcasting further comprising identifying payment information regarding the merchant within said means for storage, display, and broadcasting;
a digital device linked to payment accounts and having means to read said means for storage, display, and broadcasting; and an application linked to a secure third party server for verifying a payment account and for processing payment at a point of sale;
wherein the digital device hosts an application that supports access to payment accounts.
12. The system of claim 11 wherein the means for storage, display, and broadcasting is digital or tangible, active or passive, and wherein said passive means is the display of a barcode; and wherein said active means is broadcasted data in forms such as an RF signal, audio tone; or other similar means of communicating data.
13. The system of claim 11 wherein the tangible or passive means may be static or may change with each purchase; said barcode further comprises purchase information.
14. The method of generating a unique merchant identification for payment comprising the steps of:
a merchant applying for a payment account on a secure third party server; said third party server assigns a unique means for identification to merchant comprising payment information for the merchant;
wherein the merchant presents the means for identification to a consumer for payment further comprising the steps of:
consumer identifying the means for identification through a means for reading or communication the means for identification;
consumer selects manner of payment through accounts stored on the third party server or digital device;
the third party server accesses the accounts and seeks approval for payment at payment account issuer;
wherein payment is complete when server corresponds to merchant and consumer that payment has been approved.
15. The method of claim 14 wherein the means for identification may be displayed or broadcasted.
16. The method of claim 15 wherein the displayed means is a barcode, or other similar means of communicating data.
17. The method of claim 15 and the broadcasted means is an RF signal, audio tone, or other similar means of communicating data.
18. The method of claim 14 wherein the means for identification may be static or may change with each purchase; said means for identification furtherer comprises purchase information.
19. The method of claim 14 wherein the means for reading the means for identification may be a scanner, digital reader, digital translator, or other similar devices.
20. A method of converting a payment account in known numeric values comprising an application for converting payment account information into known numeric values readable by point of sale means for identifying information.
21. An encoded dynamic security feature comprising downloaded identification features assigned to numeric values and/or fixed data entry selections.
22. The security feature of claim 21 wherein a user recognizes identification features and enters a personal identification code based on the identification features or numeric values assigned to the downloaded identification features.
23. The security feature as in claim 21 wherein the downloaded identification features are randomly generated.
PCT/US2015/019773 2014-03-10 2015-03-18 Secure system and method of virtually making payments at a point of sale Ceased WO2015167671A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201461950745P 2014-03-10 2014-03-10
US61/950,745 2014-03-10
US201462054626P 2014-09-24 2014-09-24
US62/054,626 2014-09-24

Publications (1)

Publication Number Publication Date
WO2015167671A1 true WO2015167671A1 (en) 2015-11-05

Family

ID=54359137

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2015/019773 Ceased WO2015167671A1 (en) 2014-03-10 2015-03-18 Secure system and method of virtually making payments at a point of sale

Country Status (1)

Country Link
WO (1) WO2015167671A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10475031B2 (en) 2016-12-14 2019-11-12 Target Brands, Inc. Conducting secure retail transactions using a mobile wallet system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120209688A1 (en) * 2011-02-15 2012-08-16 Michelle Lamothe Systems and methods for multi-platform transaction card access and management
US20130036048A1 (en) * 2010-01-08 2013-02-07 Blackhawk Network, Inc. System for Payment via Electronic Wallet
US20130048719A1 (en) * 2007-08-06 2013-02-28 Enpulz, L.L.C. Proxy card providing indirect funds access
US20130117178A1 (en) * 2007-10-30 2013-05-09 Matthew James Mullen Payment entity account set up for multiple payment methods
US20130304643A1 (en) * 2001-07-24 2013-11-14 Jpmorgan Chase Bank, N.A. Multiple account advanced payment card and method of routing card transactions

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130304643A1 (en) * 2001-07-24 2013-11-14 Jpmorgan Chase Bank, N.A. Multiple account advanced payment card and method of routing card transactions
US20130048719A1 (en) * 2007-08-06 2013-02-28 Enpulz, L.L.C. Proxy card providing indirect funds access
US20130117178A1 (en) * 2007-10-30 2013-05-09 Matthew James Mullen Payment entity account set up for multiple payment methods
US20130036048A1 (en) * 2010-01-08 2013-02-07 Blackhawk Network, Inc. System for Payment via Electronic Wallet
US20120209688A1 (en) * 2011-02-15 2012-08-16 Michelle Lamothe Systems and methods for multi-platform transaction card access and management

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10475031B2 (en) 2016-12-14 2019-11-12 Target Brands, Inc. Conducting secure retail transactions using a mobile wallet system
US10643211B2 (en) 2016-12-14 2020-05-05 Target Brands, Inc. Conducting secure retail transactions using a mobile wallet system
US10755278B2 (en) 2016-12-14 2020-08-25 Target Brands, Inc. Conducting secure retail transactions using a mobile wallet system

Similar Documents

Publication Publication Date Title
US12437281B2 (en) Methods and systems for wallet enrollment
JP7197631B2 (en) Transaction token issuing authority
US20230274258A1 (en) Fault tolerant token based transaction systems
EP3039627B1 (en) Method for authenticating transactions
US11127009B2 (en) Methods and systems for using a mobile device to effect a secure electronic transaction
US8977234B2 (en) Using low-cost tags to facilitate mobile transactions
US20190066089A1 (en) Secure transactions using digital barcodes
US11379813B2 (en) System and method for point of sale transactions using wireless device with security circuit
GB2478712A (en) Authorisation system
US20190370549A1 (en) Augmented and virtual reality operations system
US20210073748A1 (en) Payment system, payment method, and program
US11893570B1 (en) Token based demand and remand system
WO2015167671A1 (en) Secure system and method of virtually making payments at a point of sale
TWI642012B (en) Matching transaction information for payment
WO2014063192A1 (en) Mobile payments

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15785479

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15785479

Country of ref document: EP

Kind code of ref document: A1