SYSTEM AND METHOD FOR DISTRIBUTED REAL TIME AUTHORIZATION OF PAYMENT TRANSACTIONS
Systems and methods enable the real-time authorization of payment transactions initiated by personal and mobile computing devices. In one embodiment, a financial account server associated with a payment recipient, or payee, is configured to receive a payment data envelope from a payee computing device. The payment data envelope can further include information that allows for the authentication of the payee and payer identities as well as payment restrictions or instructions. The payee financial account server processes the payment data envelope and transmits the envelope to a financial account server associated with the payer. The payer financial server authenticates the payer identification, authorizes the payment transaction, and transmits a transaction status message to the payee financial server, which in turn transmits the message to the payee computing device.
Latest Bank of the Ozarks Patents:
- Systems and methods for issuance of provisional financial accounts to mobile devices
- System and Method for Distributed Real Time Authorization of Payment Transactions
- System and method for distributed real time authorization of payment transactions
- Securely integrating third-party applications with banking systems
- Electronic device stand
This divisional application claims priority from pending U.S. nonprovisional application Ser. No. 14/227,770 filed Mar. 27, 2014, the entirety of which is incorporated herein.
TECHNICAL FIELD AND BACKGROUNDThe present invention relates generally to the field of payment transactions, and more particularly, to systems and methods for distributed, real-time authorization of payment transactions initiated by a mobile device. The systems and methods are capable performing the functions of existing centralized card networks in a unique and efficient manner, and the systems and methods further permit the implementation of the many features and advantages offered by modern computing devices when conducting payment transactions.
Traditional payment transactions between a merchant and a consumer often use credit or debit cards that are processed by a card reader or other point of sale (“POS”) device. The POS device reads static, preprogramed information from a magnetic strip on the card and transmits the information to an issuing bank through an acquirer (merchant) bank and a centralized card network (e.g., VISA™ or MASTERCARD™). The issuing bank approves or declines the transaction and, if approved, transmits a payment to the acquirer bank through the card network. The issuing bank also transmits an approval or decline notice to the POS device that is routed through the card network and the acquirer bank. The card network typically subtracts an interchange fee before routing the payment to the acquirer bank.
Traditional methods of conducting payment transactions have the disadvantage that the information exchanged cannot be customized for each transaction, and the methods are not capable of taking advantage of opportunities provided by recent advances in computing and mobile technology. To illustrate, it is now possible to initiate payment transactions using personal computers or cellular “smartphones” that are capable of transmitting and receiving a variety of useful information during a payment transaction, such as coupon codes, payment instructions, and additional security features for authenticating a consumer's identity (e.g., biometric information or machine gesture recognition).
It would, therefore, be advantageous to provide payment transaction systems and methods that are capable of processing customizable payment transactions initiated and conducted by computing devices. It would also be advantageous to provide distributed payment transaction systems and methods that permit direct communication between financial service providers, such as acquirer and issuing banks, without the need to route payment transactions through a centralized card network that deducts interchange fees.
The systems and methods of the present invention enable the new generation of payment transactions initiated and performed by computing devices and address the requirements needed to bring the such innovations to market by providing a low-cost, highly scalable, and resilient distributed banking and payment platform capable of performing real-time authorization of payment transactions initiated by mobile and other computing devices.
SUMMARYAccording to one embodiment of the invention, a method and system of authorizing payment transactions is provided. The method includes receiving, by a first server associated with a payee financial account, a payment data envelope transmitted by a payee computing device. The payment data envelope includes payer data, encrypted payee data, and payment instructions. The payee financial account server decrypts the encrypted payee data, verifies the payee identity by comparing the payee data in the received payment data envelope to payee data stored in a database, and then transmits the payment data envelope to a second financial server associated with the payer. The payee financial server then receives a transaction status message from the payer financial server indicating whether the payment transaction was authorized.
In another aspect of the invention, the payer data includes a payer account alias that is transmitted by the payee financial account server to a routing key and management server. In return, the payee financial account server receives, from the routing key and management server, routing information for transmitting the payment data envelope to the payer financial account server.
According to another embodiment of the invention, a method and system includes receiving, by a first server associated with a payer financial account, a first payment data envelope transmitted by a second server associated with a payee financial account. The payment data envelope includes encrypted payer data, payee data, and payment instructions. The payer financial account server decrypts the encrypted payee data and verifies the payer identity by comparing the payer data in the first payment data envelope to payer data stored in a database. The payer financial account server also determines a whether the payment is authorized or declined. The payer financial server then generates a transaction status message that is transmitted to the payee financial account server.
In one aspect of the invention, the payee data includes a payee account alias that is transmitted by the payer financial account server to a routing key and management server. In return, the payer financial account server receives, from the routing key and management server, routing information for transmitting the transaction status message to the payee financial account server.
Another aspect of the invention provides for the receipt of a second payment data envelope containing payer data transmitted by an identity management server associated with the payer and/or generated by a payer computing device. The payer financial account server verifies the payer identity by: (1) comparing the payer data in the second payment data envelope to payer data stored in a database; and (2) comparing the payer data in the first payment data envelope to the payer data in the second payment data envelope.
In yet another aspect of the invention, the encrypted payer data comprises cancellable biometric information.
In one embodiment of the invention, the payer financial account server authorizes a payment transaction by determining whether data in the payment data envelope complies with one or more payment restrictions associated with the payer and stored in a database on the server. Payment restrictions may include, for instance: a predetermined upper limit on the payment amount; a geographic limitation on the location where the payer can initiate a payment transaction; a limitation on the types of products for which a payer can initiate a payment transaction; and/or a limitation on the identity of the payment recipient for whom the payer can initiate a payment transaction.
One embodiment of the invention includes a system with a first processor associated with a payee financial account and a second processor associated with a payer financial account. Each processor is coupled to data storage device that includes non-transitory computer-readable medium with computer-readable code for instructing the processors. When executed, the computer-readable code instructs the first processor to store payee data to a first data storage device. The first processor then associates the payee data with payee transaction data. The first processor receives a first payment data envelope associated with a payment transaction from a payee device. The first payment data envelope includes a payee alias, a payee shared secret, and crypto data, including encrypted payee data and encrypted payee transaction data. The first processor decrypts the encrypted payee data from the payment data envelope using the payee shared secret and retrieves the stored payee data using the decrypted payee transaction data. The first processor compares the decrypted payee data with the retrieved payee data. Based on the comparison, the first processor verifies the identity of the payee, and based on the verification, generates an IP address request message that includes a payer alias. The first processor transmits the IP address request message and the payer alias to an RKM server. In return, the first processor receives a second server IP address from the RKM server. The second server IP address is used to transmit the first payment data envelope to the second processor.
In another aspect of the invention, the first payment data envelope includes an instruction data array, and the second processor generates a transaction status message with a transaction flag having a value of authorized or declined. The transaction status message is transmitted from the second processor to the first processor. When the first processor receives a transaction status message with a transaction flag of authorized, the first processor creates a temporary database record of the payment transaction that is used to update a payee account balance. When the first processor receives a transaction status message with a transaction flag of declined, the first processor transmits the first payment data envelope to alternate consumer account server based on the instruction data array.
Another embodiment of the invention also includes a system with a first processor associated with a payee financial account and a second processor associated with a payer financial account. Each processor is coupled to data storage device that includes non-transitory computer-readable medium with computer-readable code for instructing the processors. When executed, the computer-readable code instructs the second processor to store to a second data storage device, a consumer PIN and biometric information. The second processor associates the consumer PIN and biometric information with consumer payment information. The second processor receives a first payment data envelope associated with a payment transaction from the first processor. The first payment data envelope includes a payee alias, a consumer shared secret and crypto data including encrypted biometric data, encrypted PIN, and encrypted payment information. The second processor decrypts the encrypted consumer PIN, biometric information and payment information from the first payment data envelope using the consumer shared secret. The second processor retrieves the stored consumer PIN and biometric information using the decrypted payment information and compares the decrypted consumer PIN and biometric information with the retrieved consumer PIN and biometric information. Based on the comparison, the second processor validates the payment transaction, and based on the validation, generates a transaction status message corresponding to the validation. The second processor transmits the payee alias to the RKM server and receives a first IP address for the first processor. The second processor utilizes the IP address to transmit the transaction status message to the first processor.
In another feature of the invention, the system processors are further configured to perform operations that include the second processor receiving a second payment data envelope from an identity management server and storing payer data to a second data storage device. The second processor associates the payer data with the consumer payment information. As part of authorizing the payment transaction, the second processor verifies the payer identity by comparing payer data in the first payment data envelope with payer data in the second payment data envelope. Alternatively, as part of authorizing the payment transaction, the second processor can retrieve payment data and verify the payer identity by comparing payer data in the second payment data envelope with the retrieved payer data.
Yet another embodiment utilizes the second processor to store one or more payment restrictions to the second data storage device and associate the one or more payment restrictions with the payer. The second processor determines whether data in the first payment data envelope or a second payment data envelope complies with the one or more payment restrictions. Payment restrictions may include, for instance: a predetermined upper limit on the payment amount; a geographic limitation on the location where the payer can initiate a payment transaction; a limitation on the types of products for which a payer can initiate a payment transaction; and/or a limitation on the identity of the payment recipient for whom the payer can initiate a payment transaction.
Other embodiments utilize a first payment data envelope that includes payment instructions that are used to determine the amount paid as part of the payment transaction. The payment information can include, for instance, the cost of goods or services along with a gratuity amount to be added to the cost amount or include a discount amount that should be subtracted from the transaction cost amount. The second processor uses the payment instructions and payment information to determine the final payment amount that is then included in the transaction status message transmitted to the first processor by the second processor.
Features, aspects, and advantages of the present invention are better understood when the following detailed description of the invention is read with reference to the accompanying figures, in which:
The present invention will now be described more fully hereinafter with reference to the accompanying drawings in which exemplary embodiments of the invention are shown. However, the invention may be embodied in many different forms and should not be construed as limited to the representative embodiments set forth herein. The exemplary embodiments are provided so that this disclosure will be both thorough and complete and will fully convey the scope of the invention and enable one of ordinary skill in the art to make, use, and practice the invention.
Disclosed herein are systems and methods for distributed, real-time authorization of payment transactions. Although the embodiments described herein are generally described with reference to exemplary commercial transactions where a consumer purchases goods or services from a merchant, those skilled in the art will recognize that the systems and methods are applicable to payment transactions generally. Payment transaction types can include, but are not limited to, sales of goods or services, cancellations, product returns or refunds, credit-based transactions, and promotions.
As used herein, the term “payee” generally describes an individual or entity receiving payment during a transaction, such as a merchant, vendor, retailer, or other seller of goods and services. The term “payer” is intended to generally describe a person or entity that makes a payment during a transaction, such as a purchaser of products or services. The term “payer” may be used interchangeably with the terms “consumer” or “purchaser.” Those skilled in the art will recognize that the roles of a payer and payee in any transaction can be reversed as happens when, for example, a customer returns a product to a merchant for a refund.
As shown in
The IdM service 106 can include one or more network computing device, such as a server, as well as one or more personal computing devices. Similarly, the payee computing device 102 can be an autonomous device, or it can be networked to a payee computing system (not shown) that includes one or more network computing devices, such as a server, as well as other payee computing devices. A payee computing device can be associated with one or more merchants, such as when an individual person operates two separate businesses and utilizes the same payee computing device to process payment transactions for both businesses. Alternatively, a single merchant may utilize multiple payee computing devices, such as a retailer with numerous sales associates who each utilize a separate payee computing device to process payment transactions.
The system shown in
Any suitable computing device can be used to implement the consumer computing device 101, the payee computing device 102, or the components of the FSP computer system 200. The consumer computing device 101, the payee computing device 102, and the computing devices of the FSP system 200 can include a processor that communicates with a number of peripheral subsystems via a bus subsystem. These peripheral subsystems may include a memory subsystem (e.g., random access memory), a storage subsystem (e.g., optical, mangnetic, or solid-state storage), user input and output subsystems (e.g., a keyboard, mouse, computer monitor, touch-screen display, microphone, or speaker), a networking subsystem, and a communication subsystem. By processing instructions stored on a storage device or in memory, the processors may perform one or more steps of the methods described herein.
In a preferred embodiment, the consumer computing device 101 and the payee computing device 102 are portable electronic devices that include one or more integrated software applications configured to provide, among other features, a user interface configured to facilitate payment transactions and two-way communication with other electronic devices. The consumer computing device 101 and the payee computing device 102 can be any type of suitable portable electronic device, including, for example, a cellular phone, a tablet computer, or a laptop computer. The portable electronic device can also be an application-specific device configured for processing payments, such as a merchant checkout terminal, debit/credit card reader, or virtual wallet.
The software applications integrated with the consumer and payee computing devices 101 & 102 are a program, function, routine, applet, or similar module that performs operations on the computing devices to implement the steps of the methods disclosed herein. For example, the application integrated with the consumer computing device 101 may be one or more of a digital wallet application, a coupon application, a merchant loyalty account application, or any other suitable application configured for processing payment transactions. The application integrated with the payee computing device 102 may be a mobile checkout application, a debit/credit card reader application, or any other suitable point of sale application configured for processing payment transactions. The consumer computing device application and the payee computing device application provide a user interface that outputs data and information to, and accept inputs from, a user. Types of data and information processed by the applications include text, images, audio, video, or any other form of information that can exist in a computer-based environment. The user interface can include various display screens that output data to a user as well as functions for accepting user inputs and commands, such as text boxes, pull-down menus, radio buttons, scroll bars, or other suitable functions known to one of ordinary skill in the art.
The integrated software applications interface with a communication subsystem to provide for a secure connection with other electronic devices. Possible connections include a local area network, a wide area network, an intranet, an Internet connection, a mobile telephone network, a personal area network, or any other suitable connection. The one or more communication subsystems may include a wireless communication system configured to communicate through radio frequency (“RF”), WI-FI (e.g., wireless local area network products based on the Institute of Electrical and Electronics Engineers 802.11 standards), near field communications (“NFC”), Bluetooth, or Low Energy Bluetooth. In one example, a consumer has the ability to make purchases with the consumer computing device 101 by using NFC to wirelessly establish a secure link with the payee computing device 102, which can be connected to (i) a payee computer system configured to facilitate commercial transactions, and (ii) a FSP computer system 200.
A consumer is able to link multiple personal financial accounts to the consumer computing device 101, including checking and savings accounts, credit card accounts, store-specific charge accounts, and electronic funding service accounts (e.g., PAYPAL™). In this manner, a consumer is able to utilize applications integrated with the consumer computing device to purchase goods and services using any of the linked financial accounts. The integrated application can also provide other functions permitting the consumer to receive account balance information, make withdrawals, or deposit funds, among other features.
The consumer computing device 101 and payee computing device 102 include a secure element 109 to ensure confidentiality of sensitive consumer or payee data (e.g., credit card or bank account numbers) during transmission between electronic devices. The secure element 109 exists within a removable smart chip or a secure digital card or is embedded within a fixed chip on the computing device. The secure element 109 includes an integrated software application that performs the functions described herein. The secure element 109 is capable of storing encrypted consumer or payee data 313 & 332 and allowing only trusted applications to access the data. In this manner, the secure element 109 permits software applications to interact with certain functions in the secure element 109 while protecting sensitive data stored in the element 109.
In an exemplary embodiment, the secure element 109 generates an account alias 312 & 331 for sensitive consumer or payee data; though, the account alias 312 & 331 could also be entered by the consumer or provided by a merchant. The alias 312 & 331 is passed to the software applications and transmitted between devices rather than the unencrypted consumer data. The aliases 312 & 331 are identifiers for sensitive consumer or payee data that cannot be used to make a payment without valid crypto data 313 & 332 that corresponds to the aliases 312 & 331. The aliases 312 & 331 do not need to be stored securely because payments made with an alias are not accepted unless the corresponding crypto data 313 & 332 is also supplied.
In the embodiment shown in
Those of ordinary skill in the art will recognize that the above-described embodiments are not intended to be limiting, and the system and methods described herein can be implemented using other suitable means for establishing a secure connection, such as public/private key encryption, digital signature authentication, or the Wi-Fi Protected Access 2 standard, among others. Further, in embodiments where the payee is making a payment to the consumer, such as during the return of merchandise to a merchant, skilled artisans will recognize that the process is reversed, and the payee generates crypto data 332 using a shared secret 333 that operates on a payee alias 331. The payee shared secret 333 can be the same or different from the consumer shared secret 314. In the case of public/private key encryption, the public key will be transmitted as a shared secret 314 & 333 in the payment envelope 301.
In one or more embodiments, when a consumer initiates a request to make a payment transaction using sensitive consumer data, the financial server determines whether the combination of the alias 312 and crypto data 313 are valid using the shared secret 314 that is known to the secure element 109 and the financial server. The financial server uses the shared secret 314 to verify the alias 312 and the crypto data 313. The financial server receives the alias 312 from the consumer computing device 101 via the payee computing device 102 and combines the alias 312 with other information, as described above. The financial server can then generate the same crypto data 313 using the shared secret 314 and received data and compare the result with the received crypto data 313. If the comparison indicates that the values are the same, then the payment transaction is authorized and proceeds as normal. Otherwise, the transaction can be denied or authorization can be withheld pending the receipt of additional information.
Similarly, if a payee initiates a request to make a payment transaction using sensitive payee data, the financial server determines whether the combination of the payee alias 331 and payee crypto data 332 are valid using the shared secret 333. The financial server receives the alias 331 from the payee computing device 102 via the consumer computing device 101 and combines the payee alias 331 with other information. The financial server can then verify the transaction by generating the same payee crypto data 332 using the payee shared secret 333 and received data and comparing the result with the received payee crypto data 332.
The flow of data during a consumer payment transaction according to one embodiment is illustrated in
The consumer computing device 101 displays the transaction information to the consumer and requests payment transaction authorization and payment instructions. In authorizing the payment transaction, the consumer optionally specifies payment instructions. As an example, the consumer can specify a gratuity amount; a discount code; the personal financial account from which the payment should be withdrawn or credited; whether payment should be performed in installments amounts, and if so, the duration and amount of the payments; a merchant rating; or any nonstandard payment instructions capable of being processed by the payee and/or FSP computer system 200.
Before transmitting 203a payment instructions to the payee computing device 102, the consumer computing device 101 can optionally communicate 202 with an IdM service 106 associated with the consumer. The IdM service 106 is an account that permits authentication of the consumer's identity and management of the consumer's preferences or other information. Examples include, but are not limited to, social media accounts, employer accounts, or merchant loyalty accounts. The IdM service 106 provides information to the consumer that is relevant to the payment transaction, such as merchant ratings; cost comparisons; and payment transaction rules, restrictions, or controls. The IdM service 106 can also provide information useful for ensuring the security of the transaction, such as cancellable biometric data, a personal identification number (“PIN”), gesture recognition information, federated identification information, or geographic restrictions on where payment transactions can be authorized.
To illustrate, a consumer may have an IdM service account with his or her employer that utilizes an unique user identification and password and that is associated with an employer-issued credit card for the payment of business expenses. The employer account may include preferences, available discounts, or payment restrictions. Thus, the consumer can be informed of whether the employer has a discount available through a particular merchant or whether the employer limits purchasing authorization to particular merchants, products, geographic locations, or spending limits.
After receiving authorization and payment instructions from the consumer, a software application integrated with the consumer computing device 101 generates a secure payment envelope 301 that is stored to a database on the consumer computing device 101. The secure payment envelope 301 contains a variety of information to facilitate authentication of the consumer and payee identities, authorization of the payment transaction, and the security of the data transmitted. An exemplary payment envelope 301 generated by the consumer computing device 101 is illustrated in
In the event that the payee computing device 102 or one or more components of the FSP computer system 200 are not configured to process payment transactions using the inventive systems and methods disclosed herein, the secure payment envelope 301 may include additional information to facilitate authorization of the payment transaction through traditional means, as shown in
At 203a & 203b, the consumer computing device 101 transmits the payment envelope 301 and the consumer's payment transaction authorization to the payee computing device 102 as well as to the IdM service 106. The IdM service 106 can in turn transmit 207 the payment envelope 301 to the consumer financial server 105 to update the consumer's account and facilitate authorization of the payment transaction, as described in more detail below. Alternatively, the consumer computing device 101 can bypass the IdM service 106 and transmit the payment envelope 301 directly to the consumer financial server 105.
In processing the payment envelope 301, the payee computing device 102 appends payee data to the envelope, as illustrated in
The payee computing device 102 can further append nonsensitive transaction data 306, such as a payer identification 342 or terminal data 341 identifying the payee name, location, and merchant classification. The nonsensitive transaction data 306 could be utilized by the consumer's FSP or IdM service 106 to track the consumer's spending habits. To illustrate, a family can have multiple members utilizing a single checking account where each family member has a separate consumer computing device 101 with an unique payer identification 342. If a parent shares an account with a child, and the child uses a consumer computing device 101 three times in a month and purchases (i) $25 in movie tickets, (ii) $50 of gasoline, and (iii) $25 in fast food, the payer identification 342 and merchant categories 341 (i.e., terminal data) can be appended to the payment envelope 301 as nonsensitive data 306 during each payment transaction. This information is stored to a database on the consumer financial server 105 or IdM service 106 and can be displayed to the parent as a pie chart showing that half of the child's expenditures went to dining and entertainment and half went to transportation.
Turning again to
Upon receiving the payment envelope 301, the payee financial server 103 retrieves the payee data from the payment envelope 301, including the payee account alias 331 and the payee crypto data 332. The payee financial server unencrypts the payee crypto data 332 using the shared secret 314/333. The payee identity and transaction are authenticated by, for example, comparing payee and transaction information contained in the received payment envelope 301 with information stored on the payee financial server 103. A payment request record is created and stored to a database on the payee financial server 103.
The payment envelope 301 is routed from the payee financial server 103 to the consumer financial server 105 using information in the consumer account alias 312. As show in in step 205, the payee financial server 103 can optionally obtain from a RKM server 104 additional information useful for communicating with the consumer financial server 105, such as an Internet Protocol (“IP”) address for the consumer financial server 105 or a session “token” or “cookie.” A token is a packet of data that contains information identifying a series of related message exchanges and that can facilitate routing and authentication of the transmitted messages. As an example, if the account alias 312 is a routing number for a personal financial account, the payee financial server 102 can transmit the routing number to the RKM server 104 and receive in return the IP address of the consumer financial server 105 or a token for establishing a secure communication session. The payee financial server 103 can save the IP address, token, or other routing information to a database for faster processing until the token expires and the communication session with the consumer financial server 105 ends.
After the secure payment envelope 301 is transmitted 206 to the consumer financial server 105, the consumer financial server 105 retrieves the consumer data from the payment envelope 301, including the payee account alias 312 and the consumer crypto data 313. The consumer financial server 105 unencrypts the payee crypto data 313 using the shared secret 314, and a payment request record is created and stored to a database on the consumer financial server 105. The consumer's identity is authenticated and the payment transaction authorized by comparing data from the received payment envelope 301 with consumer or transaction data stored on the consumer financial server 105. If the consumer and transaction data stored on the consumer financial server 105 matches the data contained in the payment envelope 301, then the payment transaction is authorized and proceeds as normal. Otherwise, the payment authorization can be denied or authorization can be withheld pending the receipt of additional information. If the payment transaction is authorized, the consumer financial server 105 will memo post the payment transaction by creating a temporary database record of the payment transaction in the consumer's financial account for which a complete posting to update the consumer account balance will be done as part of an end-of-day batch processing.
In one embodiment, the consumer financial server 105 authenticates the consumer identity and authorizes the payment transaction by retrieving 207 a copy of the payment envelope 301 or other consumer or transaction data stored in a database on the IdM service 106 and comparing this information with the payment envelope 301 received from the payee financial server 103. If the consumer and transaction data stored with the IdM service 106 matches the data contained in the payment envelope 301 received from the payee financial server 103, then the identity of the consumer is authenticated and the payment transaction is authorized. Authentication through the IdM service 106 is optional and can be performed in addition to, or instead of, the authentication and authorization performed by comparing data from the received payment envelope 301 with consumer or transaction data stored in a database on the consumer financial server 105.
The consumer's identity can be authenticated using cancellable biometrics, a preselected personal identification number (“PIN”), machine gesture recognition, or any other secure and independently known consumer data or combination of such data. The payment transaction can be authorized or declined based on a variety of factors, including, for example: (1) whether the consumer identity was properly authenticated; (2) whether the amount of the payment request exceeds the available account balance; and (3) whether the transaction complies with any rules, restrictions, or controls associated with the consumer's account.
Authentication of the consumer identity and authorization of a payment transaction can be better understood with reference to the following simplified example. When establishing a personal checking account or IdM service account, a consumer can provide biometric information, like a fingerprint, as well as conventional security information, like a PIN. Biometric information can be secured by making it “cancellable,” which refers to a systematic and repeatable distortion of the biometric information through known techniques, like salting or noninvertible transforms. The consumer can also set one or more rules or restrictions governing the authorization of payment transactions, such as permitting authorization only within the zip code in which the consumer lives. The distorted biometric information is securely stored in a secure element 109 of the consumer computing device 101, the consumer financial server 105, and/or the IdM service 106. The PIN is also stored in a database on the consumer financial server 105 and can optionally be stored on the consumer computing device 101 or IdM service 106 or input by a consumer during a payment transaction.
When authorizing a payment transaction through the consumer computing device 101, the cancellable fingerprint data, PIN, and checking account number are encrypted using the shared secret 314 and stored in the crypto data 313 of the payment envelope 301. The routing number of the checking account is stored in the consumer account alias 312 of the payment envelope 301. The payment envelope 301 is transmitted 203a to the payee computing device 102 and the IdM service 106, and the IdM service 106 transmits the payment envelope 301 to the consumer financial server 105.
The payee computing device 102 appends to the payment envelope 301 nonsensitive data, such as the geolocation of the payee computing device 103. The payee computing device 102 transmits 204 the secure payment envelope 301 to the payee financial server 103, which then transmits 206 the payment envelope 301 to the consumer financial server 105. To properly route the payment envelope 301, the payee financial server 103 transmits 205 the alias 312 (checking account routing number) to the RKM server 104, which returns an IP address for the appropriate consumer financial server 105.
The consumer financial server 105 unencrypts the crypto data 313 using the shared secret 314, and compares the received cancellable biometric data and PIN to the cancellable biometric data and PIN stored on the consumer financial server 105 and associated with the consumer's checking account. The consumer financial server 105 performs an additional security check by comparing the cancellable biometric data and PIN received from the payee financial server 103 to the cancellable biometric data and PIN received from the IdM service 106. The consumer financial server 105 also compares the geolocation data contained in the terminal data 341 of the payment envelope 301 to the geographic zip code restrictions associated with the consumer's account and stored in a database on the consumer financial server 105. The payment transaction is authorized if: (1) the cancellable biometric data and PIN received from the payee financial server 103 matches the corresponding data stored on the consumer financial server 105 and received from the IdM service 106; and (2) the zip code stored in the nonsensitive terminal data 341 of the payment envelope 301 matches the geographic zip code restriction set by the consumer.
After verifying the consumer identity and payment transaction, the consumer financial server 105 generates a transaction status message indicating the status of the payment transaction—i.e., that the payment transaction is authorized, declined, or that authorization is withheld pending the receipt of further information. In 209, the transaction status message is transmitted to the payee financial server 103. The transaction status message can also be transmitted to the IdM service 106 and/or the consumer computing device 101. In 208, the consumer financial server 105 can optionally obtain from the RKM server 104 information useful for communicating with the payee financial server 103, such as an IP address or a session token.
If the payment transaction is authorized, the payee financial server 103 will memo post the payment transaction by creating a temporary database record of the payment transaction in the payee's account. In the event that the payment transaction is not authorized, the payee financial server 103 can route the payment envelope 301 to an alternate consumer financial account server listed in the instruction data array 315. If the alternate consumer financial account also declines the payment transaction, or if no alternate payment accounts are identified, then the transaction is denied or authorization is withheld pending the receipt of additional information. In 210, the payee financial server 103 transmits the transaction status message to the payee computing device 102, which then transmits 211 the transaction status message and possibly a receipt to the consumer computing device 101 for display to the consumer.
Those skilled in the art will recognize that the embodiment illustrated in
The flexibility of the present systems and methods allows them to accommodate a variety of payment systems and POS devices. To illustrate, if a merchant is capable of processing anonymous payments, the consumer computing device 101 can transmit the payment envelope 301 and payment request to an IdM service 106 and/or directly to the consumer financial server 105, as shown in
Another exemplary embodiment capable of processing anonymous payments is depicted in
In yet another embodiment illustrated in
Skilled artisans will appreciate that the present systems and methods are capable of accommodating the use of multiple payee financial servers as well as multiple consumer financial servers, as illustrated in
Although the foregoing description provides embodiments of the invention by way of example, it is envisioned that other embodiments may perform similar functions and/or achieve similar results. Any and all such equivalent embodiments and examples are within the scope of the present invention.
Claims
1. A system for authorizing payment transactions comprising:
- a first processor associated with a payee, the first processor coupled to a first data storage device including non-transitory computer-readable medium with computer-readable code for instructing the first processor; and
- a second processor associated with a payer, the second processor coupled to a second data storage device including non-transitory computer-readable medium with computer-readable code for instructing the second processor;
- wherein when the computer-readable code is executed by the first and second processors, the first and second processors perform operations comprising:
- (a) storing, by a first processor, to the first data storage device, payee data and associating, by the first processor, the payee data with payee transaction data;
- (b) receiving, by the first processor, a first payment data envelope associated with a payment transaction, from a payee device, the first payment data envelope comprising a payee alias, a payee shared secret, and crypto data, including encrypted payee data and encrypted payee transaction data;
- (c) decrypting, by the first processor, the encrypted payee data from the payment data envelope using the payee shared secret, retrieving, by the first processor, the stored payee data using the decrypted payee transaction data and comparing, by the first processor, the decrypted payee data with the retrieved payee data;
- (d) verifying, by the first processor, a payee identity based on the comparison;
- (e) based on verifying the payee identity, generating by the first processor an IP address request message comprising a payer alias;
- (f) transmitting, by the first processor, based on the verification of the payee identity, the IP address request message to an RKM server;
- (g) receiving, by the first processor, a second-processor IP address from the RKM server; and
- (h) transmitting, by the first processor, the first payment data envelope to the second processor using the second-processor IP address.
2. The system of claim 1 wherein the first payment data envelope further comprises an instruction data array and the processors are further configured to perform the operations of:
- (a) receiving, by the first processor, from the second processor, a transaction status message having a transaction flag with a value of authorized or declined, wherein: (i) when the transaction flag has a value of authorized, the first processor creates a temporary database record of the payment transaction that is used to update a payee account balance; and (ii) when the transaction flag has a value of declined, the first processor transmits the first payment data envelope to a third processor based on the instruction data array.
3. A system for authorizing payment transactions comprising:
- a first processor associated with a payee, the first processor coupled to a first data storage device including non-transitory computer-readable medium with computer-readable code for instructing the first processor; and
- a second processor associated with a payer, the second processor coupled to a second data storage device including non-transitory computer-readable medium with computer-readable code for instructing the second processor;
- wherein when the computer-readable code is executed by the first and second processors, the first and second processors perform operations comprising:
- (a) storing, by the second processor, to the second data storage device, a consumer PIN and biometric information and associating, by the second processor, the consumer PIN and biometric information with consumer payment information;
- (b) receiving, by the second processor, a first payment data envelope associated with a payment transaction, from a payee device, the first payment data envelope comprising a payee alias, a consumer shared secret and crypto data including encrypted biometric data, encrypted PIN, and encrypted payment information;
- (c) decrypting, by the second processor, the encrypted consumer PIN, biometric information and payment information from the first payment data envelope using the consumer shared secret, retrieving, by the second processor, the stored consumer PIN and biometric information using the decrypted payment information and comparing, by the second processor, the decrypted consumer PIN and biometric information with the retrieved consumer PIN and biometric information;
- (d) validating, by the second processor, the payment transaction based on the comparison;
- (e) based on validating the payment transaction, generating, by the second processor, a transaction status message corresponding to the validation;
- (f) transmitting, by the second processor, the alias of the payee to an RKM server;
- (g) receiving, by the second processor, an IP address from the RKM server; and
- (h) transmitting, by the second processor, the transaction status message to the first processor using the IP address.
4. The system of claim 3, wherein the processors are further configured to perform the operations comprising:
- (a) receiving, by the second processor, a second payment data envelope from an identity management server;
- (b) storing, by the second processor, payer data to the second data storage device and associating, by the second processor, the payer data with the consumer payment information; and wherein
- (c) the step of authorizing, the payment transaction further comprises the operations of (i) retrieving, by the second processor, the payer data, (ii) verifying a payer identity by comparing, by the second processor, payer data in the first payment data envelope with payer data in the second payment data envelope.
5. The system of claim 3, wherein the processors are further configured to perform the operations comprising:
- (a) receiving, by the second processor, a second payment data envelope from an identity management server;
- (b) storing, by the second processor, payer data to the second data storage device and associating, by the second processor, the payer data with the consumer payment information; and wherein
- (c) the step of authorizing the payment transaction further comprises the operations of (i) retrieving, by the second processor, the payer data, (ii) verifying a payer identity by comparing, by the second processor, payer data in the second payment data envelope with the retrieved payer data.
6. The system of claim 3, wherein the processors are further configured to perform the operations comprising:
- (a) storing, by the second processor, one or more payment restrictions to the second data storage device;
- (b) associating, by the second processor, the one or more payment restrictions with the payer; and
- (c) determining, by the second processor, whether data in the first payment data envelope or a second payment data envelope complies with the one or more payment restrictions.
7. The system of claim 6, wherein the one or more payment restrictions comprise a predetermined upper limit on the payment amount.
8. The system of claim 6, wherein the one or more payment restrictions comprise a geographic limitation on the location of the payment transaction.
9. The system of claim 6, wherein the one or more payment restrictions comprise a limitation on the types of products subject to a payment transaction.
10. The system of claim 3, wherein:
- (a) the first payment data envelope further comprises payment instructions;
- (b) the payment information comprises a cost amount; and
- (c) the second processor is further configured to perform the operations of (i) determining a payment amount based on the payment instructions and the cost amount, and (ii) incorporating the payment amount into the transaction status message.
11. The system of claim 10, wherein the payment instructions include a gratuity amount and determining the payment amount comprises the operation of adding the gratuity amount to the cost amount.
12. The system of claim 10, wherein the payment instructions include a discount amount and determining the payment amount comprises the operation of subtracting the discount amount from the cost amount.
Type: Application
Filed: Jul 7, 2017
Publication Date: Oct 26, 2017
Applicant: Bank of the Ozarks (Little Rock, AR)
Inventors: Marcio deOliveira (Sarasota, FL), Trevor Burgess (St. Petersburg, FL), Nikolai Samteladze (St. Petersburg, FL)
Application Number: 15/643,483