System And Method For Validating A Relationship Between A User And A User Account At A Financial Institution
A system and method for validating a relationship between a user and a user account at a financial institution includes a data communication device, a memory, a processor coupled to the memory, and an account validation module executable by the processor. The account validation module generates a verification identifier for storage in the memory and is provided to the user, and subsequently receives a user initiated financial transaction involving the user account at the financial institution. The received financial transaction includes a comparison identifier supplied by the user. The account validation module determines whether the comparison identifier corresponds to the verification identifier for purposes of validating the relationship between the user and the user account maintained at the financial institution.
This application is a continuation of U.S. patent application Ser. No. 12/275,397 filed Nov. 21, 2008, the entirety of which is incorporated herein by reference.
FIELD OF THE INVENTIONThe present invention relates to data processing systems, and more particularly relates to a system and method of validating a relationship between a user and a user account at a financial institution.
BACKGROUND OF THE INVENTIONInternet-based payment service providers use payment systems (hereinafter referred to as ‘payment systems’ for the sake of brevity) that allow account holders (users) to transfer funds from accounts being maintained at their financial institutions, and perform financial transactions online with the transferred funds. For example, payment systems enable users to purchase goods and services online from the stored funds, and may also provide money market and brokerage services. However, as with other online services, there is the possibility of use of such user account for money laundering and other potentially illegal and unauthorized activity. Accordingly, it is important to implement security features that ensure that the transfer of funds to and from such accounts is legitimate, authorized, auditable and traceable.
Therefore, it would be desirable to provide a system and method of ensuring that a user account being maintained at a financial institution legitimately belongs to the user.
SUMMARY OF THE DISCLOSUREIn a first aspect, the present invention provides a system for validating a relationship between a user and a user account at a financial institution that includes a data communication device, a memory, a processor coupled to the memory, and an account validation module executable by the processor. The account validation module is adapted to generate a first verification identifier for storage in the memory, provide a second verification identifier corresponding to the first verification identifier to the user, receive a user initiated financial transaction involving the user account at the financial institution, the received financial transaction including a comparison identifier supplied by the user, and determine if the comparison identifier corresponds to the stored first verification identifier for purposes of validating the relationship between the user and the user account maintained at the financial institution.
In another aspect, the present invention provides a method of validating a relationship between a user and a user account at a financial institution that includes providing a verification identifier to a user, receiving a user initiated financial transaction involving the user account at the financial institution, the received financial transaction including a comparison identifier, and determining whether the received comparison identifier corresponds to the verification identifier provided to the user for purposes of validating the relationship between the user and the user account maintained at the financial institution.
In yet another aspect, the present invention provides a system for validating a relationship between a user and a user account at a financial institution that includes a data communication device, a memory, a processor coupled to the memory, and an account validation module executable by the processor. The account validation module is adapted to: (1) receive, from the user, user profile data containing a first account identifier of the user account, (2) generate a verification identifier, provide the verification identifier to the user, (3) receive a user initiated financial transaction involving the user account at the financial institution, the received financial transaction including a comparison identifier supplied by the user and a second account identifier, and (4) validate the relationship between the user and the user account maintained at the financial institution if the received comparison identifier corresponds to the generated verification identifier and the received second account identifier corresponds to the first account identifier contained in the received user profile data.
According to the present invention, a user establishes an internal account with a payment service provider, providing user profile data to the payment system which the payment system stores in a user profile record to identify the account. The user profile record, which is maintained securely, includes information identifying an account at a financial institution (other than the payment system) that the user may employ to transfer funds to or from the payment service provider. The financial institution may be a bank, a credit card facility or any other institution at which the user maintains a financial account. For example, a user may have an account at XYZ bank; the user profile record will then include the routing information of the XYZ bank and the user's account number at the XYZ bank.
When the internal user account is established at the payment service, the payment system generates a unique verification identifier associated with the account, and then sends the verification identifier or a corresponding verification identifier to the user. To ensure that the user has control of the user account at the financial institution, the payment service requests the user to perform a financial transaction with the user account (e.g., transfer $50 from the financial institution to the internal account maintained at the payment service) by including the verification identifier in the transaction.
Subsequently, when a financial transaction is received from the financial institution attempting to transfer funds into the user's internal account, the payment system validates that the user has a pre-existing relationship with the financial institution as a security measure. Specifically, the user directs the financial institution to include the verification identifier it has received previously from the payment system with the transaction along with the user's account information at the financial institution. Upon receipt of financial transaction, the payment system uses the received identifier as an index to locate the user's profile record. The payment system then determines whether financial account information included in the financial transaction matches the financial information in the user's profile record, indicating that the user has a relationship with the financial institution. If the relationship is validated, the verification identifier is no longer required to be included in further financial transactions between the financial institution and the payment system. However, the verification identifier may be included in further financial transactions for purposes of revalidation or as a steering mechanism to direct deposits to the appropriate user account.
The user 104 maintains a financial account at a financial institution 108. The financial institution 108 may be a bank, credit card facility, money market account or any other institution which holds financial accounts. The user 104 has control over the financial account at the financial institution 108 and can direct the financial institution 108 to transfer funds from the financial account by various means (e.g., check, credit or debit card, wire instruction, online interface, etc.) in a financial transaction. The financial institution 108 may communicate the financial transaction to the payment system 102 via a secure link 110, which may be proprietary, using known communication methods. For example, if the financial institution 108 is a bank, the financial transaction may be implemented using a direct entry (DE) file communicated by direct inter-bank transfer or through intermediary entities such as the Automated Clearing House (ACH). To support online communications, the financial institution 108 may also be connected to the Internet 106.
It is to be appreciated that while the system 100 of
Referring now to
It is to be appreciated that the computer 200 may comprise any computer such as a personal computer, minicomputer, workstation or mainframe, or a combination thereof. While the computer 200 is shown, for illustration purposes, as a single computer unit, the system may comprise a group/farm of computers which can be scaled depending on the processing load and database size.
In a following step 308, the user registration module 216 creates a user profile record associated with the new internal account (i.e., with the new unique account number) to store the received user profile data. The user profile record 400 may be stored as part of a database 220 of user profile records. An exemplary user profile record 400 according to an embodiment of the present invention is shown in
Referring again to
In step 316, the user registration module 216 sends payee bank information of the payment system 102 to the user 104 (i.e., the account information of the payment system at a bank), enabling the user 104 to direct a money transfer from the user's financial institution 108 to the bank account of the payment system 102 and thereby to the internal user account at the payment system 102.
After the matching module 218 receives the financial transaction, in step 506, the matching module 218 queries the user profile records 220 for a corresponding verification identifier, for example, by performing the same hash used to derive the stored verification identifier on the comparison identifier and then comparing the hashed result with the stored verification identifier in the user profile record 400. It is noted that in embodiments in which the verification identifier that is sent to the user 104 and the stored verification identifier are the same, that a hashing process is not performed. If the user 104 has not registered with the payment system 102, in step 508, the matching module 218 causes a message indicating a denial of the transfer to the financial institution 108. After step 508, the method ends in step 518. If it is determined in step 506 that the user 104 has registered with the payment system 102, the comparison identifier will correspond to the stored verification in the user profile record database, and, in step 510 the corresponding user profile record is returned as the output of the query. In step 512, the matching module 218 then determines whether the second financial account information included in the financial transaction matches the first financial account information stored in the user profile record 400. More specifically, it is determined whether all items match, i.e., whether the first and second financial account information match exactly as to the name of the financial institution, the routing number, and the user account number. If the first and second financial account information match, in step 514, the matching module 218 validates the relationship between the user 104 and the financial institution 108 and the verification flag 438 in the user profile record 400 is set (e.g., to a check, “yes”, etc.). In step 516, the matching module 218 transfers the deposit to the internal user account at the payment system 102, and updates the balance information in the user profile record 400, and then the method ends in step 518. If it is determined that the first and second financial account information do not match in step 512, the method branches to step 508, and the matching module 218 causes a transfer denial message to be sent to the financial institution 108.
Once the relationship between the user 104 and a financial institution 108 has been validated, further financial transactions sent from the financial institution 108 to the payment system 102 do not require a verification identifier to be included (however, as noted, the verification identifier may be included in further transactions for purposes of revalidation or as a steering mechanism); when a subsequent financial transaction from a financial institution 108 is received, the matching module 218 can query the user profile records 220 using the routing number and account number of the financial institution 108 and thereby determine that the verification flag 438 associated with the routing and account number has been set, indicating that the user/financial institution relationship has already been validated. In an alternative embodiment, the payment system 102 may initiate subsequent transactions as directed by the user and ‘pull’ transfers from validated financial institutions. Since both the user and the relationship of the user 104 to the financial institution 108 are trusted, pull transactions performed in this manner do not present significant security risks.
The foregoing specific embodiments represent just some of the ways of practicing the present invention. Many other embodiments are possible within the spirit of the invention. Accordingly, the scope of the invention is not limited to the foregoing specification, but instead is given by the appended claims along with their full range of equivalents.
Claims
1. A method of establishing a trusted relationship for completing a series of electronic transactions, comprising:
- storing user profile data in a memory of a payment system, the user profile data relating to an account of a user with the payment system;
- generating a verification identifier at the payment system, wherein a first copy of the verification identifier is provided to the user, and wherein a second copy of the verification identifier is stored at the payment system;
- receiving a transaction request at the payment system that identifies the account of the user and that includes the first copy of the verification identifier, wherein the transaction request is received over a network from a second system, and wherein the first copy of the verification identifier is supplied to the second system by the user for inclusion in the transaction request;
- matching the received first copy of the verification identifier with the stored second copy of the verification identifier;
- storing verification information in the memory of the payment system in association with the user profile data based on a successful match between the received first copy of the verification identifier and the stored second copy of the verification identifier; and
- using the stored verification information to complete subsequent transaction requests from the second system relating to the account of the user, wherein the subsequent transaction requests do not require a copy of the verification identifier.
2. The method of claim 1, wherein the transaction request pertains to a financial transaction and the second system is a banking system at a financial institution.
3. The method of claim 1, wherein the user profile data includes account information relating to a user account at the second system.
4. The method of claim 3, wherein the stored account information in the user profile data is matched with information included in the transaction request for further verification.
5. The method of claim 3, wherein the account information includes a routing number and an account number.
6. The method of claim 1, wherein the stored verification information is a verification flag that is set by the payment system.
7. A method of establishing a trusted relationship for performing financial transactions with a financial institution, comprising:
- storing user profile data in a memory of a payment system, the user profile data relating to an account of a user with the payment system;
- storing financial account information in the memory of the payment system in association with the user profile data, the financial account information relating to a user account maintained at a financial institution;
- receiving a user initiated financial transaction request at the payment system that identifies the user account at the financial institution, wherein the financial transaction request is received over a network from a financial institution and includes verification information for verifying a relationship between the user and the user account at the financial institution;
- completing the financial transaction request based at least in part on the verification information; and
- completing one or more subsequent user initiated transaction requests involving the user account at the financial institution, wherein the one or more subsequent user initiated transaction requests do not require verification information.
8. The method of claim 7, wherein the verification information includes a verification identifier.
9. The method of claim 8, wherein the verification identifier received with the financial transaction request is compared with a copy of the verification identifier stored in the memory of the payment system to verify the relationship.
10. A payment service system for making payments from a payment service account associated with a user, comprising:
- a communication device;
- a memory;
- a processor coupled with the memory and communication device; and
- an account validation module executable by the processor and configured to: store user profile data in the memory that relates to the payment service account; generate a verification identifier, wherein a first copy of the verification identifier is provided to the user, and wherein a second copy of the verification identifier is stored in the memory; receive a transaction request that identifies the payment service account and that includes the first copy of the verification identifier, wherein the transaction request is received over a network from a second system, and wherein the first copy of the verification identifier is supplied to the second system by the user for inclusion in the transaction request; match the received first copy of the verification identifier with the stored second copy of the verification identifier; and store verification information in the memory in association with the user profile data based on a successful match between the received first copy of the verification identifier and the stored second copy of the verification identifier;
- the payment service system being configured to complete subsequent transaction requests from the second system relating to the payment service account of the user, wherein the subsequent transaction requests do not require a copy of the verification identifier.
11. The payment service system of claim 10, wherein the transaction request pertains to a financial transaction and the second system is a banking system at a financial institution.
12. The payment service system of claim 10, wherein the user profile data includes account information relating to a user account at the second system.
13. The payment service system of claim 12, wherein the stored account information in the user profile data is matched with information included in the transaction request for further verification.
14. The payment service system of claim 12, wherein the account information includes a routing number and an account number.
15. The payment service system of claim 10, wherein the stored verification information is a verification flag.
16. A payment service system for making payments from a payment service account associated with a user, comprising:
- a communication device;
- a memory;
- a processor coupled with the memory and communication device; and
- an account validation module executable by the processor and configured to: store user profile data in the memory, the user profile data relating to the payment service account; store financial account information in the memory in association with the user profile data, the financial account information relating to a user account maintained at a financial institution; and receive a user initiated financial transaction request that identifies the user account at the financial institution, wherein the financial transaction request is received over a network from a financial institution and includes verification information for verifying a relationship between the user and the user account at the financial institution;
- the payment service system being configured to complete the financial transaction request based at least in part on the verification information; and
- the payment service system being further configured to complete one or more subsequent user initiated transaction requests involving the user account at the financial institution, wherein the one or more subsequent user initiated transaction requests do not require verification information.
17. The payment service system of claim 16, wherein the verification information includes a verification identifier.
18. The payment service system of claim 16, wherein the verification identifier received with the financial transaction request is compared with a copy of the verification identifier stored in the memory of the payment system to verify the relationship.
Type: Application
Filed: Oct 19, 2010
Publication Date: Feb 10, 2011
Inventors: Jeffrey William Perlman (Lindfield), Sofia Walsh (Wareemba), Gregory Kenneth Storey (Caringbah)
Application Number: 12/907,355
International Classification: G06Q 40/00 (20060101); G06Q 20/00 (20060101);