US20110187642A1 - Interaction Terminal - Google Patents

Images

Classifications

• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F1/00—Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
  • G06F1/16—Constructional details or arrangements
  • G06F1/1613—Constructional details or arrangements for portable computers
  • G06F1/1633—Constructional details or arrangements of portable computers not specific to the type of enclosures covered by groups G06F1/1615 - G06F1/1626
  • G06F1/1684—Constructional details or arrangements related to integrated I/O peripherals not covered by groups G06F1/1635 - G06F1/1675
  • G06F1/1694—Constructional details or arrangements related to integrated I/O peripherals not covered by groups G06F1/1635 - G06F1/1675 the I/O peripheral being a single or a set of motion sensors for pointer control or gesture input obtained by sensing movements of the portable computer
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
  • G06F21/31—User authentication
  • G06F21/40—User authentication by quorum, i.e. whereby two or more security principals are required
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/08—Payment architectures
  • G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
  • G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
  • G06Q20/322—Aspects of commerce using mobile devices [M-devices]
  • G06Q20/3224—Transactions dependent on location of M-devices
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/38—Payment protocols; Details thereof
  • G06Q20/389—Keeping log of transactions for guaranteeing non-repudiation of a transaction
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/38—Payment protocols; Details thereof
  • G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/38—Payment protocols; Details thereof
  • G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
  • G06Q20/401—Transaction verification
  • G06Q20/4016—Transaction verification involving fraud or risk level assessment in transaction processing
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/38—Payment protocols; Details thereof
  • G06Q20/42—Confirmation, e.g. check or permission by the legal debtor of payment
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04W—WIRELESS COMMUNICATION NETWORKS
  • H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
  • H04W12/08—Access security
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04W—WIRELESS COMMUNICATION NETWORKS
  • H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
  • H04W12/60—Context-dependent security
  • H04W12/68—Gesture-dependent or behaviour-dependent

Definitions

• Payor wishes to transfer money to another person or entity (“payee”).
• the payor physically transfers cash funds to the payee.
• the payor transfers money to the payee, using a check. If the payee is a merchant, the payor may use a credit card, debit card, or other portable consumer device by presenting that card or portable consumer device to the merchant.
• Embodiments of the invention are directed to systems, apparatuses and methods for conducting a financial transaction, payment transaction, or any money transfer transaction.
• One embodiment of the invention is directed to a method of conducting a financial transaction between a first device and a second device.
• the first device comprises a first processor and a first accelerometer coupled to the first processor
• the second device comprises a second accelerometer and a second processor coupled to the second accelerometer.
• the second device is in a fixed position, but may be moveable.
• the method comprises determining when the first device moves towards and makes contact with, the second device. After determining when the first device makes contact with the second device, further processing related to a financial transaction is performed.
• the second device is an interaction terminal that communicates with mobile devices after interacting.
• One embodiment of the invention is directed to a method of conducting a financial transaction.
• the method comprises receiving first interaction data from a mobile device and receiving second interaction data from an interaction terminal.
• the mobile device comprises a first processor and a first motion sensor coupled to the first processor.
• the interaction terminal comprises a second motion sensor and a second processor coupled to the second motion sensor.
• the method further comprises determining whether the mobile device physically interacted with the interaction terminal with a server computer using interaction data from the mobile device and the interaction terminal. If the mobile device and the interaction terminal make contact, an authorization request message to a first issuer is initiated.
• the first issuer may approve or not approve the authorization request message, and the transaction is completed or denied accordingly.
• One embodiment of the invention is directed to a method of conducting a financial transaction.
• the method comprises receiving first interaction data from a mobile device, receiving second interaction data from an interaction terminal, and determining whether the mobile device physically interacted with the interaction terminal with a server computer using sensor data from the mobile device and the interaction terminal.
• the mobile device comprises a first processor and a first motion sensor coupled to the first processor.
• the interaction terminal comprises a second motion sensor and a second processor coupled to the second motion sensor. If the mobile device makes physical contact with the interaction terminal, the transmission of an authorization request message to a first issuer is initiated. Then, an issuer approves or does not approve the authorization request message by sending an authorization response message.
• the interaction terminal may be used in financial transactions and comprises a first processor, a first sensor coupled to the first processor, and a non-transitory computer readable medium coupled to the first processor.
• the computer readable medium includes code for implementing a method comprising generating first interaction data with the first sensor, initiating comparison of first interaction data with second interaction data to determine whether the interaction terminal and the mobile device physically interacted.
• Second interaction data is generated by a mobile device comprising a second sensor coupled to a second processor. If the interaction terminal and the mobile device physically interacted, initiating the transmission of an authorization request message to a first issuer. Then, an issuer approves or does not approve the authorization request message by sending an authorization response message.
• FIG. 1 is a high level diagram illustrating one embodiment of a system in accordance with the present disclosure.
• FIG. 2 is a high level diagram illustrating one embodiment of a remote server computer in accordance with the present disclosure.
• FIGS. 3A-C are high level diagrams illustrating various embodiments of communications between devices and a remote server computer in accordance with the present disclosure.
• FIG. 4 is a high level flow diagram illustrating one embodiment of a method of processing a transaction in accordance with the present invention.
• FIG. 5 is a high level flow diagram illustrating one embodiment of a method of using a mobile device in a financial transaction in accordance with the present invention.
• FIG. 6 is a high level diagram illustrating an embodiment of an interaction terminal computer in accordance with the present disclosure.
• FIGS. 7A-B are high level diagrams illustrating embodiments of a mobile device and an interaction terminal in accordance with the present disclosure.
• FIGS. 8A-C depict exemplary user interfaces according to one embodiment of the present disclosure.
• FIG. 9 shows a block diagram of a device in accordance with the present disclosure.
• FIG. 10 shows a block diagram of a computer apparatus in accordance with the present disclosure.
• Embodiments of the present invention are directed to systems, apparatuses and methods for using a mobile device with an accelerometer to conduct a financial transaction by making contact with an interaction terminal thereby generating interaction data that is representative of the physical contact between the mobile device and the interaction terminal.
• the mobile device may be a mobile phone.
• the interaction terminal may be a point of sale terminal or access point device.
• the interaction terminal may be stationary (i.e., in a fixed position), and may also be moveable (i.e., capable of being moved to another fixed positions).
• An interaction terminal may be stationary.
• “stationary” means that the interaction terminal is in a fixed position. Although it may be stationary, an interaction terminal also may moveable so that it can be moved to a different fixed position (e.g., 10 feet away, 100 feet away, or at a different geographic location altogether). For example, a stationary interaction terminal could be moved from one checkout line in a store to another checkout line in the same store, from one airport line to another airport line, from one vending machine to another vending machine, etc. Therefore, interaction terminals of the present disclosure may be moved or reinstalled at a different position or location and still be considered “stationary” or “fixed.”
• the terms “stationary” and “fixed,” as used herein, do not limit the ability of the interaction terminal (or component thereof) to move in smaller increments in response to an external force or impact, such as a tap or bump from a human being. While an interaction terminal may be firmly positioned at a particular location, there may be play in the interaction terminal, a stand for the interaction terminal, or an attachment element for the interaction terminal. That is, the interaction terminal can move, flex, spring back, or recoil in small magnitudes and still be considered stationary.
• the interaction terminal body may be generally immobile, but a part of the interaction terminal moves, flexes, or recoils. For example, the interaction terminal (or part thereof) may move, flex, or recoil a small distance, ranging from a fraction of an inch (i.e., anything greater than zero) to a foot or more.
• a mobile device with an accelerometer physically contacts an interaction terminal with an accelerometer.
• the interaction terminal recoils slightly and generates interaction data (e.g., accelerometer data, location data, time data, etc.) representative of the physical interaction between the mobile device and the interaction terminal.
• a server computer determines, based on interaction data, that the mobile device and the interaction terminal made physical contact.
• a processor associated with the interaction terminal may determine, based on interaction data, that the mobile device and the interaction terminal made physical contact.
• communications may be initiated between the devices.
• Communications may be related to processing a payment transaction.
• the payment processing may include the sending of an authorization request message and authorization response message through a payment processing network.
• VisaNetTM may be used to process a Visa transaction between the operators of a mobile device and an interaction terminal.
• One embodiment of the invention is directed to a method of using a first device and a second device to conduct a financial transaction.
• the first device comprises a first processor and a first accelerometer coupled to the first processor.
• the second device comprises a second accelerometer and a second processor coupled to the second accelerometer.
• the first and second devices may comprise a computer readable medium coupled to the processor.
• the second device may be a point of sale (POS) terminal, automated teller machine (ATM), electronic cash register (ECR), kiosk, ticket kiosk, vending machine, magnetic stripe reader device, or personal computer.
• POS point of sale
• ATM automated teller machine
• ECR electronic cash register
• kiosk ticket kiosk
• vending machine magnetic stripe reader device
• magnetic stripe reader device or personal computer.
• the second device may be in a fixed position. Although the second device is in a fixed position (e.g., at a checkout line or entrance), it may be moveable. Attachment elements of the second device may permit the second device to be moved easily with few or no tools and/or little effort.
• the interaction terminal may have a flexible element allowing all or part of the interaction terminal to move or recoil in response to an external physical force or impact. When the flexible element of the interaction terminal permits movement that is measureable by the motion sensor, interaction data may be generated and stored.
• the flexible element may be a base element that couples the interaction terminal to a particular fixed location.
• the base element may flex so that the body of the interaction terminal moves and pivots in response to an external force.
• the fulcrum of the pivot may be distal end of the attachment element.
• the flexible element may be a interaction contact surface coupled to the body of the interaction terminal. The contact surface may move or depress in response to an external force or impact. When the contact surface of the interaction terminal permits movement that is measureable by the motion sensor, interaction data may be generated.
• the method comprises determining when a first device moves towards and makes contact with a second device using first accelerometer data from the first device and second accelerometer data from the second device.
• the first device may be associated with a first transaction account issued by the first issuer.
• the second device may be associated with a second transaction account issued by the second issuer.
• the second device is operated by a merchant and the merchant has an acquiring bank.
• the method may further include determining when a first device makes physical contact with a second device using time data from at least one of the first or second device. For example, according to embodiments of the present invention, it can be determined that at a particular time (12:01 pm) on a particular date (Nov. 25, 2010), the first device made physical contact with the second device. Therefore, the method may use time data.
• Time data includes information about when the device started and stopped moving, as recorded by the accelerometer, as well as the duration of the acceleration and the rate of change in acceleration values.
• Time data may include timestamps or timestamp data, which is a numeric value that represents a time that an event occurred. For example, at 12:01 p.m., the first device accelerated above a predetermined threshold, and the second device accelerated above a predetermined threshold.
• time data is also used for fraud or risk analysis. For example, fraud risk may be higher at certain times of day. Multiple unsuccessful transactions may indicate fraud. Multiple transaction for small amounts of money within a short period of time may indicated fraud, such as skimming.
• the method may further include receiving location data from at least one of the first or second device.
• Location data may be GPS data or any other data that describes the location of a device at a given time (e.g., WiFi positioning or cellular network positioning).
• location data may describe the coordinates of a point of sale device, which may then be compared to location data describing the location of a mobile device. If the location data describing the location of the point of sale device and the mobile device are substantially similar, it can be determined that the devices interacted. Tolerances for the location data may vary with the location technology used. GPS may allow for average median error of 0-25 meters.
• WiFi and cellular data positing may have higher average median error (50 m-1 km). In embodiments, where average median error for location data is high, other interaction data may be used to resolve conflicts among a plurality of devices and their respective interaction data.
• Location data may be used to determine whether the first device and the second device interacted.
• location data is also used for fraud or risk analysis. For example, some areas may present a higher risk of fraud, and location may be used to access risk. In other embodiments, multiple transaction within a small geographic area may indicate fraud. This is especially true where numerous transactions occur in a similar location for small amounts of money over time, which could indicate skimming. Therefore, location data may be used to mitigate risk and reduce fraud.
• the method may also comprise performing further processing after determining when the first device makes contact with the second device.
• a first financial account is associated with the mobile device and a second financial account is associated with the interaction terminal.
• the further processing relates to a financial transaction and may include initiating the sending of an authorization request message and the receipt of an authorization response message.
• an authorization message may be sent to the first issuer from an acquiring bank associated with the second device.
• the payment amount is debited from the first transaction account.
• Further processing can relate to an access transaction, whereby one party wishes to gain access to a secured or restricted area and another party wishes to control access to the secured or restricted area.
• An access transaction and a financial transaction may be combined so that both access and payment for access are completed after a single physical interaction.
• One embodiment of the invention is directed to a method of conducting a financial transaction.
• the mobile device comprises a first processor and a first motion sensor coupled to the first processor.
• the interaction terminal comprises a second motion sensor and a second processor coupled to the second motion sensor.
• the method comprises receiving first interaction data from a mobile device and receiving second interaction data from an interaction terminal.
• a non-transitory computer readable medium may be coupled to the first and second processors.
• a server may comprise the computer readable medium.
• the method further comprises determining whether the mobile device physically interacted with the interaction terminal with a server computer using first and second interaction data. Any combination of interaction data may be analyzed, including time data, location data, or accelerometer data. In addition to being used to recognize an interaction between a mobile device and an interaction terminal, interaction data may be used in fraud prevention or risk analysis. If the mobile device and the interaction terminal make physical contact with each other, an authorization request message is sent to a first issuer. The first issuer approves or does not approve the authorization request message.
• the interaction terminal comprises a first processor, a first sensor coupled to the first processor, and a non-transitory computer readable medium coupled to the first processor.
• the computer readable medium includes code for generating first interaction data with the first sensor and initiating comparison of first interaction data with second interaction data to determine whether the interaction terminal and the mobile device physically interacted.
• the second interaction data is generated by a mobile device comprising a second sensor coupled to a second processor. If the interaction terminal and the mobile device physically interacted with the interaction terminal, the transmission of an authorization request message to a first issuer is initiated. Then, an issuer approves or does not approve the authorization request message.
• the interaction terminal may be a point of sale (POS) terminal, automated teller machine (ATM), electronic cash register (ECR), kiosk, ticket kiosk, vending machine, magnetic stripe reader device, personal computer, or other electronic device.
• POS point of sale
• ATM automated teller machine
• ECR electronic cash register
• kiosk ticket kiosk
• vending machine magnetic stripe reader device
• personal computer or other electronic device.
• an interaction terminal may be incorporated into any of these devices.
• the first and second sensor can be an accelerometer.
• the second sensor comprises a pressure sensor.
• the interaction terminal may further comprise a housing that contains the first sensor, first processor, and non-transitory computer readable medium.
• the housing may have a coupling element so that the interaction terminal can be coupled to an object at a fixed location.
• the coupling element may be flexible so that when physical contact is made with the interaction terminal, the interaction terminal can move and the accelerometer can sense acceleration.
• the housing may have a interaction contact surface that moves or depresses in response to an external force
• FIG. 1 is a high level diagram illustrating one embodiment of a system 100 capable of performing the disclosed method.
• the system 100 includes a payor device 101 , an interaction terminal (payee device) 102 , a communications network 110 , a remote server computer 120 , a payment processing network 130 , account issuers 140 and 150 , and an acquirer 160 .
• the terms “payor” and “payee” are used here to depict the party that is making a payment and the party that is receiving a payment, respectively.
• Mobile device 101 may be used in financial transactions and may be linked to the transaction account.
• the components illustrated in FIG. 1 and recited above can be in operative communication with each other via communication channels, depicted as arrows 103 , 105 , 107 , 109 , 111 , 121 , 131 , and 133 .
• mobile device 101 and interaction terminal 102 can be in any suitable form.
• Mobile device 101 and interaction terminal 102 may be linked to transaction accounts and may contain a computer readable medium.
• the computer readable medium may embody a program containing code to perform embodiments of the invention. Any device that is capable of sensing motion and sending/receiving information to communications network 110 and linked to a financial account would be suitable.
• interaction data After moving the mobile device towards the interaction terminal, the interaction terminal is “bumped.”
• the processors and the accelerometers in the mobile device and interaction terminal can provide acceleration data, time data (e.g., timestamps), and/or geo-location data (e.g., GPS coordinates) to a remote server computer indicating that they have been intentionally moved and that operators of those devices intend for those devices to interact with each other. Collectively, this data is referred to as “interaction data.”
• interaction data represents the characteristics of an interaction, or attempted interaction, between devices.
• Interaction data may include accelerometer data. Accelerometer data may include numeric values representing the magnitude and direction of the acceleration as a vector quantity.
• Interaction data further may include time data (e.g., the duration or length of time a device was still or near motionless or the length of time a device was continuously moving).
• Interaction data may further include the geographic location of the device at the time of an interaction or attempted interaction.
• Interaction data may include data from motion sensors or pressure sensors in addition to, or in lieu of, accelerometer data from an accelerometer.
• an accelerometer is used to measure the acceleration that mobile device 101 and interaction terminal 102 experience relative to freefall.
• Single- and multi-axis models can detect the magnitude and direction of the acceleration as a vector quantity.
• Accelerometers can also be used to sense orientation, vibration and shock.
• Exemplary devices could be smart phones, Personal Digital Assistants (PDA), tablet computers, and the like.
• Micro-machined accelerometers are increasingly present in portable electronic devices and video game controllers. Thus, portable devices with accelerometers and processors are commercially available.
• An application may run on the mobile device 101 and/or interaction terminal 102 .
• the application or program may be an application downloaded from an application store, music store, or an online marketplace.
• the application may be installed on the mobile device 101 or interaction terminal 102 before the device/terminal is sent to end users.
• the application When the application is started, it may connect to the remote server computer 120 .
• the connection to the remote server computer 120 may occur only when the application needs to communicate with the server computer.
• Software on the mobile device may store other interaction data and other sensor data.
• the interaction data may be sent to the remote server computer 120 via communication channels 103 and 105 .
• the mobile device 101 and interaction terminal 102 communicate with remote server computer 120 through communications network 110 .
• the mobile device 101 and interaction terminal 102 may also communicate with payment processing network 130 via communications network 110 .
• encryption may be used to securely transmit the data. Accelerometer data or other interaction data may be used as a seed for the encryption algorithm.
• the mobile device 101 and interaction terminal 102 may communicate with the remote server computer 120 and/or payment processing network 130 through any suitable communications channel (e.g., 103 , 105 , 111 , and 121 ).
• One exemplary communications network 110 would be communications through the Internet.
• Other examples of a communications channel could include wired and wireless networks (e.g., WiFi) or local and wide area networks.
• Communication networks 110 may be a cellular data network (e.g., Edge, 3G, 4G, etc.).
• the mobile device 101 and interaction terminal 102 can send and receive messages and data through communication channels 103 and 105 to communications network 110 .
• Remote server computer 120 is in operative communication with communications network 110 via communication channel 111 .
• Remote server computer 120 uses interaction data as input to a pairing algorithm designed to match interactions of different devices.
• Remote server computer 120 receives and monitors accelerometer data from devices 101 and 102 .
• a pairing algorithm attempts to match the data from two interaction attempts by different devices.
• An interaction attempt is a movement of a device above a predetermined threshold of movement (or acceleration) made by the operator of the device to start communications with another device.
• the pairing algorithm allows the remote server computer 120 to match interaction data between any two devices in the world that tap, bump, or otherwise interact with each other.
• the pairing algorithm takes numerous input (accelerometer data, time data, location information, and other data representative of the interaction event) from the mobile device 101 and interaction terminal 102 .
• the pairing algorithm may examine location data first.
• the algorithm may examine timestamp data first.
• the algorithm may examine accelerometer measurements first.
• the interaction data from the mobile device may be examined substantially at the same time and the different type of interaction data may be assigned a differing weight. Location information and/or timestamp data may be more conclusive in determining whether the mobile device and the interaction terminal were bumped together than accelerometer measurements. In this case, the location information and/or timestamp data may be given more precedence in the pairing algorithm.
• the remote server computer may “connect” the mobile device and the interaction terminal so that they can directly communicate with each other. That is, when the remote server computer 120 determines that the mobile device 101 and interaction terminal 102 have interacted with each other, the server computer 120 may “pair” the two devices. At this point, remote server computer 120 acts as a conduit (via 103 , 105 , and 111 ) for communication between the mobile device and the interaction terminal. Communications sent through communication channels 103 , 105 , and 111 may be encrypted or otherwise secured. Alternatively, mobile device 101 and interaction terminal 102 may connect directly and may use a session key communicated by the server computer.
• the remote server computer 120 may send an authorization request message to the payment processing network 130 via communication channel 121 .
• the server computer may initiate the authorization request message by transmitting the payment information to the payment processing network 130 , which then generates the authorization request message.
• the interaction terminal 102 may be operated by a merchant, and the merchant may have an acquiring bank.
• the authorization request message may be sent to the payment processing network 130 by acquirer 160 via communication channel 107 .
• Acquiring bank (or “acquirer”) 160 forwards the authorization request to the payment processing network 130 via 109 .
• the authorization request message is then forwarded by the payment processing network 130 to the issuer 140 of the transaction account associated with mobile device 101 .
• issuer 140 may then authorize or decline the transaction.
• the transaction may be approved or declined due to a number of factors (e.g., the creditworthiness of the consumer, the risk of fraud, etc).
• the issuer 140 generates an authorization response message, indicating whether or not the current transaction is authorized, and sends this back to the payment processing network 130 .
• interaction terminal 102 may then provide the authorization response message for the payor.
• the response message may be displayed by mobile device 101 (payor) or interaction terminal 102 (payee).
• a transaction receipt which may be itemized, may be sent to at least one of the mobile device 101 or interaction terminal 102 .
• the transaction receipt may be sent via email, text message, or an application alert.
• the authorization request message is sent to the issuer 140 of the transaction account associated with the mobile device 101 .
• the payor may specify the transaction account from which funds should be withdrawn. Then, the payor may send this information to the payment processing network 130 via communication channel 103 and remote server computer 120 .
• the payment processing network 130 may then receive the account information provided by the payor, and determine the issuer that issued the transaction account. In one embodiment, the issuer can be determined based on the account number.
• the issuer 140 sends an authorization response message back to the payment processing network 130 to indicate whether or not the current transaction is authorized.
• the payment processing network 130 then forwards the authorization response message back to the interaction terminal 102 via remote server computer 120 .
• Issuer 140 holding the payor's transaction account, may receive the request for the transfer of funds from the payor's transaction account. After verifying that the account is valid, and that sufficient funds or credit exists to make the payment, issuer 140 may respond ( 131 ) to the payment processing network 130 , indicating that the transaction may proceed.
• a clearing process is a process of exchanging financial details between an acquirer and an issuer to facilitate posting to a consumer's account and reconciliation of the consumer's settlement position. Clearing and settlement can occur simultaneously.
• a payment authorization request message may include a payor personal account number (PAN), risk score, fraud protection data, payee PAN, transaction ID, transaction details, and payor and payee information.
• a payor PAN includes account number information of the payor.
• the payment authorization request message may also include a risk score, indicating the credit risk of the payor. The risk score may be used by the receiving financial institution to make a determination of whether to accept or deny the transaction.
• Transaction details may include transaction amount, merchant category code, service code, or other information. Transaction details may also be used to calculate a risk score.
• the authorization request message may also include additional information such as the card verification value or expiration date. Transaction details may further include information about the funds transfer such as amount of funds transfer, currency, exchange rate, etc. Even though the payment authorization message is described as including certain information, one skilled in the art will realize that other types of information in lieu of or in addition to the information described may be included in the authorization request message.
• the payment processing network 130 may include data processing subsystems, networks, and operations used to support and deliver authorization services, exception file services, and clearing and settlement services.
• An exemplary payment processing system may include VisaNetTM.
• Payment processing systems such as VisaNetTM are able to process credit card transactions, debit card transactions, and other types of commercial transactions.
• VisaNetTM in particular, includes a VIP system (Visa Integrated Payments system) which processes authorization requests and a Base II system which performs clearing and settlement services.
• the payment processing network 130 may include a server computer.
• a server computer is typically a powerful computer or cluster of computers.
• the server computer can be a large mainframe, a minicomputer cluster, or a group of server computers functioning as a unit.
• the server computer may be a database server computer coupled to a Web server computer.
• the payment processing network 130 may use any suitable wired or wireless network, including the Internet.
• the payment processing network 130 may then request a transfer of funds from the issuer 140 that has issued the payor's transaction account. After verifying that the account is valid, and that sufficient funds or credit exists to make the payment, the issuer 140 may respond ( 131 ) to the payment processing network 130 indicating that the transaction may proceed. Upon receipt of the message indicting that the transaction may proceed ( 131 ), the payment processing network 130 may receive funds from the payor's transaction account. In one embodiment, the received funds may be temporarily stored in a generic holding account at the payment processing network 130 prior to being transferred to the issuer of the payee's account. In another embodiment, the funds may be temporarily stored in a holding account that is associated with the issuer 150 of the payee's account, but not specifically associated with the payee's account.
• the interaction terminal 102 may be associated with an issuing bank 150 , where deposits or credits can be made to an account at the issuing bank 150 .
• the payment processing network 130 may then push the funds received from the payor's transaction account into the account specified by the payee.
• the payment processing network may send a message to the issuer 150 of the account specified by the payee requesting that the funds received be transferred from the account in which they are being held temporarily, into the account that the payee has specified.
• the payment processing network 130 is capable of this transaction because it contains payment authorization, clearing, and settlement services.
• the issuer 150 may send a response message 133 to the payment processing network 130 indicating the successful transaction.
• the payment processing network 130 may send a message 132 to the payee indicating that the funds have been received and deposited into the specified account.
• the payment processing network 130 is capable of requesting funds directly from the issuer because, as mentioned above, it contains payment authorization, clearing, and settlement services.
• mobile device 101 and interaction terminal 102 could be associated with any number of transaction accounts that are issued by any number of issuers.
• mobile device 101 may be associated with a credit card account maintained by one issuer and a debit card account maintained by a different issuer. This would allow a user to choose which transaction account to use in the transaction. Therefore, a user could make all payments with a credit account and receive all payments directly into a checking account.
• device 102 may be linked to multiple transaction accounts from multiple issuers and/or an acquirer. In some embodiments, the mobile 101 and interaction terminal 102 may both be associated with transaction accounts issued by the same issuer.
• FIG. 2 depicts an embodiment of the remote server computer 120 which may be in operative communication with the communications network (not shown) and payment processing network (not shown).
• Remote server computer 120 may include an accelerometer analysis unit 210 , location analysis unit 220 , time analysis unit 230 , identification unit 240 , and payment unit 250 , which may be used alone or in combination to resolve or “match” devices that have interacted with each other (e.g., when a mobile device 101 makes intentional physical contact with an interaction terminal 102 ).
• Units within the server computer are coupled to a processor.
• databases may be associated with the remote server computer 120 and/or in operative communication through communication channels 265 , 275 , and 285 , which may be wired or wireless connections.
• databases 260 , 270 , and 280 are part of the remote server computer.
• Accelerometer analysis unit 210 compares accelerometer data from a plurality of devices (e.g., mobile devices 101 and interaction terminals 102 ). Accelerometer data may include the magnitude and direction of the acceleration. Accelerometer data may also include orientation data (such as pitch, yaw, and roll and/or cardinal direction). From the accelerometer data, the accelerometer analysis unit 210 can determine whether a mobile device and an interaction terminal intentionally have interacted with each other. For example, if the absolute value of the magnitude of the measured acceleration of a mobile device and an interaction terminal is equal, or substantially equal, the accelerometer analysis unit 210 can determine with relative certainty that the mobile device and the interaction terminal have interacted together.
• accelerometer analysis unit 210 can determine with relative certainty that the mobile device and the interaction terminal were “bumped” together if the accelerometer data of the mobile device and the interaction terminal are substantially equal and opposite. Physical principles, including the conversation of momentum may be used calculated expected accelerometer data.
• Location analysis unit 220 may be used to help further resolve conflicts from interaction data generated by the mobile device 101 and the interaction terminal 102 .
• the location analysis unit compares location data from a plurality of devices (e.g., 101 , 102 ) and determines whether any two devices are sufficiently close when acceleration (above a predetermined threshold) occurred to indicate a likelihood that two devices have interacted with each other.
• Location data is obtained through GPS units residing in devices (e.g., 101 , 102 ).
• Cellular tower data may also be used to determine the location of a device.
• interaction data from numerous devices is sent to the remote server computer for comparison and analysis.
• Location data may be used to supplement accelerometer data in order to determine whether two devices have interacted. For example, if two devices with substantially similar acceleration data were also within 100 feet of each other according to location data, there is a high probability that the devices have intentionally interacted with each other.
• Time analysis unit 230 may be used to help further resolve conflicts from interaction data generated by mobile device 101 and interaction terminal 102 .
• the time analysis unit compares time data from a plurality of devices and determines whether any two devices accelerated at the same, or substantially the same, time. Time data is obtained from devices. Time data may include a timestamp indicating when acceleration (above a predetermined threshold) started or stopped as well as the duration of the device's movement. For example, the server computer may determine with greater certainty that devices with similar acceleration data have interacted with each other if the time data from the respective devices is also similar (e.g., acceleration within 5 seconds after adjustments for differences in clocks and time zones).
• Identification unit 240 may be used to identify the mobile device 101 or interaction terminal 102 associated with any given interaction data.
• a mobile device or an interaction terminal may be identified by its phone number, SIM card numbers, serial number, or hardware ID.
• Identification unit 240 may look up enrollment information or account information associated with a device by querying accounts database 260 or enrollment database 270 .
• Enrollment information for a plurality of users is stored in the enrollment database 270 .
• Enrollment information may include information about the enrolled device (e.g., phone number, SIM card numbers, serial number, or hardware ID) and information about the enrolled customer (e.g., name, financial account associated with customer, etc.).
• Accounts database 260 may store transaction account information.
• Transaction account information includes payment account information from at least one issuer.
• Payment unit 250 aggregates and formats payment information (e.g., payor, payee, payment amount, etc.) after remote server computer 120 has determined that a mobile device and an interaction terminal have interacted and the users of those devices intend to conduct a financial transaction. In some embodiments, payment unit 250 aggregates payor information, payee information, and a payment amount. Payment unit 250 may create an authorization request message using this information. In other embodiments, payment unit 250 forwards payment information to a payment processing network, thereby initiating an authorization request message.
• payment information e.g., payor, payee, payment amount, etc.
• some or all of the elements 210 through 250 may be contained in or associated with the interaction terminal (payee device) 102 . That is, any element of the remote server computer 120 may be included in the interaction terminal 102 .
• FIG. 1 the mobile device 101 and interaction terminal 102 do not directly communicate with each other, but communicate with each other via a central server computer.
• FIGS. 3A-C show various embodiments of the communication flows contemplated by embodiments of the present invention.
• the mobile device 101 and interaction terminal 102 may be any type of device with an accelerometer.
• Communications network 110 depicted in FIG. 1 , is not shown for the purposes of this illustration. However, one of skill in the art would understand that the mobile device 101 and interaction terminal 102 communicate with remote server computer 120 via a communications network.
• FIG. 3A shows a system whereby a remote server computer 120 provides both the mobile device 101 and interaction terminal 102 with session keys, and the mobile device 101 and interaction terminal 102 can communicate directly with each other as long as the session keys are active.
• Session keys may be based, in part, on the accelerometer data from one or both of the mobile device 101 and interaction terminal 102 .
• launch of applications on the mobile device 101 and interaction terminal 102 may automatically initiate a request for the session keys.
• Mobile devices 101 may “bump” interactive terminal 102 to communicate. This causes first interaction information to be sent from mobile device 101 to remote server computer 120 via connection 335 and second interaction information to be sent from interactive terminal 102 to remote server computer 120 via connection 340 .
• Remote server computer 120 determines, based on interaction information, that the operators of the two devices want to exchange information. Session keys may be sent by remote server computer 120 to mobile device 101 and interaction terminal 102 via connections 330 , 345 . While session keys are active, mobile device 101 and interaction terminal 102 may directly exchange information through wireless links 320 and 325 (e.g., RF and/or infrared).
• wireless links 320 and 325 e.g., RF and/or infrared
• FIG. 3B shows a system including the mobile device 101 and interaction terminal 102 that communicate through wireless links 350 and 355 and through the interaction terminal 102 , which communicates with a remote server computer 120 via connections 360 and 365 .
• mobile device 101 could communicate with the remote server computer 120 through interaction terminal 102 .
• the communication through remote server computer 120 could also occur via mobile device 101 .
• Accelerometer data, time-stamp data, etc. can be sent from mobile device 101 to the remote server computer 120 via interaction terminal 102 (or alternatively via mobile device 101 ).
• the processor in the interaction terminal 102 can send any suitable interaction data to the remote server computer 120 after mobile device 101 and interaction terminal 102 have interacted with each other.
• the server computer may receive both the account number from the first device and a transaction amount from the interaction terminal along with the accelerometer data, timestamp, and/or geo-location data from both the first and second devices.
• the remote server computer could then initiate, format, and send an authorization request message to the issuer, and the issuer can approve or deny the request (as described above).
• An authorization response message may then be sent by the issuer to the mobile device and/or interaction terminal.
• the server computer can send the payment account number to the interaction terminal for payment processing.
• the account number may have been sent by the first device to the server computer after mobile device 101 and interaction terminal 102 “bumped,” or the remote server computer may have retrieved the account number from a database after determining that mobile device 101 and interaction terminal 102 bumped.
• the interaction terminal may then format an authorization request message comprising the transaction amount and a merchant code, and this may be sent to the issuer (via an acquirer and a payment processing network) of the account number for approval.
• an authorization response message indicating approval of the transaction (or denial) may be sent to mobile device 101 or interaction terminal 102 .
• a clearing and settling process between the issuer, acquirer, and payment processing network can occur.
• FIG. 3C shows a system including mobile device 101 and interaction terminal 102 communicating with each other without the use of an intermediate remote server computer 120 . This may occur, for example, after the remote server computer determines that the mobile device 101 and interaction terminal 102 have interacted with each other and paired the devices.
• the mobile device 101 and interaction terminal 102 may communicate with each other through wireless links 310 and 315 (e.g., RF and/or infrared).
• Embodiments of the invention can be implemented in different ways. Also, in embodiments of the invention, it is possible to send information from a remote server computer to the first and second devices before they interact with each other or “bump” into each other. It is also possible to send information (e.g., coupons, receipts) to the first and second devices after they interact with each other or “bump” each other.
• information e.g., coupons, receipts
• FIG. 4 is a high level flow diagram illustrating one embodiment of a method of resolving interaction data from a plurality of devices and conducting a financial transaction between a mobile device 101 and an interaction terminal 102 that have interacted.
• the method in FIG. 4 can be described with reference to FIGS. 1 and 2 .
• remote server computer 120 receives accelerometer, location, and time data from mobile devices 101 and interaction terminal 102 (in FIG. 1 ).
• time analysis unit 230 (in FIG. 2 ) compares the time data from device 101 with time data from the interaction terminal 102 . If the time data matches, or is substantially the same, the location analyzer unit 220 compares the location data from device 101 with location data from interaction terminal device 102 (step 405 ). If the time data does not match, remote server computer 120 returns to state 401 and monitors and receives accelerometer, location, and time data from various mobile devices and interaction terminals.
• the accelerometer analysis unit compares the accelerometer data from the mobile device 101 with accelerometer data from interaction terminal 102 (step 407 ). If the location data does not match, remote server computer 120 returns to state 401 and monitors and receives accelerometer, location, and time data from various mobile devices and interaction terminals.
• remote server computer 120 can determine with sufficient certainly that the mobile device 101 and interaction terminal 102 intended to interact (step 409 ). If the accelerometer data does not match, remote server computer 120 returns to state 401 and monitors and receives accelerometer, location, and time data from various mobile devices and interaction terminals.
• the receipt and analysis of data illustrated in steps 401 , 403 , 405 , and 407 may be completed in any suitable order or substantially simultaneously. For example, analysis of the accelerometer data (step 407 ) may be completed before analysis of time data (step 403 ).
• remote server computer 120 may receive payment amount, payor information, and payee information. In some embodiments, step 411 can occur before a determination is made that the mobile device and the interaction terminal have interacted (e.g., step 411 may occur before step 409 or 401 ).
• remote server computer 120 initiates an authorization request message.
• remote server computer 120 receives a confirmation from the payments processing network.
• remote server computer 120 sends a confirmation to at least one of the mobile device and the interaction terminal. The confirmation may include a receipt. Other specific details of this method are described above.
• FIG. 5 is a high level flow diagram illustrating one embodiment of a method of using a mobile device to conduct a financial transaction between two devices that have interacted.
• the user of mobile device 101 moves the mobile device 101 towards the interaction terminal 102 (operated or controlled by a payee, such as a merchant), making physical contact with the interaction terminal.
• the interaction terminal 102 may flex, recoil, or move, thereby generating interaction data.
• Mobile devices 101 and interaction terminal 102 record accelerometer, location, time, and identification data representative of the respective device's movement.
• step 510 interaction data is sent to the remote server computer 120 .
• step 515 the remote server computer 120 determines whether user of mobile device 101 and operator of interaction terminal 102 intended to conduct a payment transaction, such as the purchase of goods or services.
• step 520 the remote server computer 120 initiates the sending of an authorization request message to payment processing network 130 .
• the payee device may be in operative communication with an acquiring bank 160 .
• Acquiring bank 160 may initiate the sending of the authorization request message to the payment processing network 130 .
• the payment processing network 130 forwards the authorization request message to the issuer 150 .
• the payment processing network 130 requests funds from the issuer 150 .
• the issuer 150 sends the authorization response message to the payment processing network 130 .
• the payment processing network sends the message to withdraw funds from the payor account and deposit funds into the payee account.
• FIG. 6 illustrates an embodiment of an interaction terminal according to the disclosure of the present invention.
• the interaction terminal 102 may be attached to, or integrated as part of, any of the following devices: an automated teller machine (ATM), a point of sale (POS) terminal, an electronic cash register (ECR), a kiosk, a ticket kiosk, a vending machine, a magnetic stripe reader device, a personal computer, or any other device where consumer payment devices, such as credit or debit cards, are accepted for payment or to conduct other financial transactions.
• ATM automated teller machine
• POS point of sale
• ECR electronic cash register
• kiosk a ticket kiosk
• vending machine a vending machine
• magnetic stripe reader device such as credit or debit cards
• Interaction terminal 102 may have an attachment member 620 for coupling the housing of the interaction terminal 102 to an object where the interaction terminal is positioned.
• the interaction terminal may be positioned near a checkout line or any other type of line, secured door, gate, turnstile at any number of venues or establishments, such as sports stadiums or arenas, theatres, music halls and amphitheatres, museums, amusement parks, public transit terminals, or toll roads/bridges/booths.
• the interaction terminal 102 may be in a fixed position, but it may be moveable to accommodate changing circumstances.
• the attachment member 620 may be rigid to hold the interaction terminal upright yet flexible so that when physical contact is made with the interaction terminal the interaction terminal may move, recoil, or flex.
• Attachment member may comprise a base portion 640 , which may couple the interaction terminal 102 to a particular fixed location. Fasteners or adhesives may be used in conjunction with the attachment member 620 the base portion 640 .
• the amount of flexibility/rigidity allows a sufficient range of movement so that the motion sensor (such as an accelerometer) within the interaction terminal can generate measurable interaction data.
• attachment member 620 may flex so that the interaction terminal 102 pivots around a fulcrum. In some embodiments, the fulcrum is located approximately at the base member 640 .
• the interaction terminal 102 may comprise a housing 630 that contains or is coupled to various electronic components. Although not shown in FIG. 6 , the interaction terminal may have any of the components and units described with respect to FIG. 2 and FIG. 9 .
• interaction terminal may have all or some of the elements that comprise the remote server computer 120 such as an accelerometer analysis unit 210 , location analysis unit 220 , a time analysis unit 230 , an identification unit 240 , and a payment unit 250 . These units may be used alone or in combination to resolve or “match” mobile devices that have interacted with the interaction terminal (e.g., when a mobile device 101 makes intentional physical contact with an interaction terminal 102 ).
• the interaction terminal may contain or be associated with the databases illustrated in FIG. 2 ( 260 , 270 , 280 ).
• Interaction terminal 102 includes a sensor, which may be an accelerometer. In other embodiments, the sensor may be a pressure sensor.
• the motion/pressure sensor generates interaction data representative of the physical interaction the interaction terminal experience relative to external objects. That is, the motion/pressure sensor generates interaction data in response to physical contact from mobile devices.
• Interaction terminal 102 may have an interaction contact surface 610 where users of mobile devices can physically contact the device, causing interaction data to be generated by the mobile device and the interaction terminal.
• the interaction contact surface 610 may be coupled to the sensor.
• the interaction contact surface 610 may be made of any suitable material.
• the interaction contact surface may be hard plastic or may be rubberized. In some embodiments it comprises the same material as the housing for the interaction terminal and may be an integral piece of the interaction terminal. In other embodiments, it comprises a material different from the housing of the interaction terminal.
• Interaction contact surface 610 may move or depress in response to an external force or impact from a user.
• the contact surface of the interaction terminal permits movement that is measureable by the motion sensor and interaction data may be generated.
• Interaction terminal may include a user interface.
• there is no user interface visible to customers in interaction terminal 102 and the customer uses the user interface on his or her mobile device 101 (not shown) to input and output data.
• FIGS. 7A-B show a mobile device being used with an interaction terminal according to an embodiment of the present invention.
• FIG. 7A depicts an exemplary user interface of an application running on mobile device 101 .
• the user interface of the mobile device 101 may include any suitable instructions and buttons for the user to press.
• the user interface of device 101 instructs the user to “Tap sales terminal to checkout.”
• interaction terminal 102 is the “sales terminal” referred to on the user interface of mobile device 101 . Tapping the sale terminal generates interaction data that is used to pair the mobile device and the interaction terminal, as described herein.
• a user of a mobile device 101 bumps a point of sale terminal to quickly pay for items at a fast food restaurant or other merchant.
• a user of a mobile device 101 may physically contact with an interaction terminal 102 at a fast food restaurant or vending machine.
• an interaction terminal 102 at a fast food restaurant or vending machine.
• communications are initiated between the mobile device and the interaction terminal.
• the communications are related to items for sale at the establishment (e.g., a menu or a price list).
• the user of device 101 uses the mobile device to order the items desired, submit the order, and pay.
• the payment transaction may be processed using the interaction data, as described above.
• a user of a mobile device 101 makes physical contact with an access point at toll booth.
• communications are initiated between the mobile device and the access point.
• the communications may be related to an access transaction and a payment transaction.
• Access transactions between two devices with accelerometers are described in U.S. App. No. ______ (Attorney Docket No. 016222-056930US), titled “Access Using a Mobile Device with an Accelerometer” and filed on ______. This application is hereby incorporated by reference in their entirety for all purposes.
• An “access transaction” is a transaction whereby one party wishes to gain access to a secured or restricted area and another party wishes to control access to the secured or restricted area. In some embodiments, access is granted only where payment is made for the desired access. The payment transaction may be processed using the interaction data as described above. After payment for the desired access is made, access may be granted to the restricted area.
• FIG. 7B depicts a mobile device 101 making physical contact with interaction terminal 102 .
• the remote server computer 120 in FIG. 1
• processor in the interaction terminal determines that the mobile device 101 and the interaction terminal 102 interacted (i.e., steps 401 - 409 in FIG. 4 )
• mobile device 101 and interaction terminal 102 communicate information, such as the amount of payment to be made.
• the user interface of the mobile device asks the user of mobile device 101 to confirm the payment amount of “$9.99.” Other prompts for user input may be presented.
• the user interface could prompt the user to enter information or select options (e.g., from a drop down menu or the like), such as the payment account to use to fund the transaction, purchase of additional products or services, contact information, etc.
• Information may also be sent to the mobile device 101 for reference and/or storage (e.g., directions, manuals, rebate information, warranty information, etc.).
• Sending information between two devices with accelerometers are described in US App. No. ______ (Attorney Docket No. 016222-056940US), titled “Information Access Device and Data Transfer” and filed on ______. This application is hereby incorporated by reference in their entirety for all purposes.
• the user interface may prompt the user of mobile device 101 to digitally “sign” a transaction.
• the prompt might specify that the user shake the mobile device (or otherwise move the device beyond a predetermined threshold for a predetermined amount of time, e.g., 1-5 seconds), to sign or verify the transaction. Accelerometer data from this shake movement would be stored on the mobile device and/or a backend server.
• the user may be required to enter a previously defined “motion password” to confirm the identity of the user or that the user is authorized to use the device.
• a motion password is created by the user before the mobile device is used in a transaction using an accelerometer in the device to create unique authentication data representative of the user's movement.
• the user “enters” (i.e., performs) the previously defined motion password by moving the device in the predefined pattern and the accelerometer in the mobile device records the data representative of the movement.
• the accelerometer data generated by unique movement is used to authenticate the user in a manner similar to entering a signature of one's name, PIN, or a username/password.
• the user may have created a motion password in a set up process.
• the user may set up his device and authentication data using any combination of a mobile device, personal computer, or access point.
• the user is prompted to create a digital signature that is representative of a unique movement of the user moving the device.
• the motion password can be any combination of movement and pauses in movement.
• the accelerometer records accelerometer data representative of the movement, which is stored for future reference and comparison.
• the user interface of a software application running on the device prompts the user to enter the pre-set motion password.
• the accelerometer records the acceleration data, which is then compared to the accelerometer data from the pre-set motion password. If the data matches, the transaction may continue.
• the accelerometer data representative of the unique movement may include several data points. Accelerometer data may include direction of the movement. That is, it may include information indicating whether the device was moved left or right or up or down, or combinations thereof. Accelerometer data may include magnitude of acceleration. Accelerometer data may include time measurements (e.g., if a user holds the device still for an amount of time before, after, or in between other movements).
• accelerometer data can be used to provide a unique signature by bumping another device a predetermined number of times in a predetermined manner. For example, a person can take his device and can: a) bump the phone against a terminal a first time; b) wait for 1 second; c) bump the terminal a second time; d) wait for three seconds, and e) bump the terminal a third time.
• This unique pattern can be indicative of a particular signature of a particular person.
• a person could use a device, such as 101 , at an ATM in order to authenticate himself to the ATM.
• a device such as 101
• the user could bump a contact surface at the ATM to start an interaction and identify himself to the ATM.
• the ATM may then prompt the user to move his device in a unique way.
• the user then moves the device according to the unique movement chosen by the user during setup. For example, the user might move the device up very fast (e.g., greater than 10 meters per second per second), left slowly (e.g., less than 0.5 meters per second per second), follow up three brief shakes (e.g., up, down, up within a 1 second period of time).
• the device's user interface may ask the user to orient the phone in a specific way in the user's hand that would not be visible to a bystander. For example, the user interface may prompt the user to turn the device upside down when performing the unique pattern. In some embodiments, the user interface may prompt the user to perform a short series of physical movements.
• a person could use a device at a POS terminal in order to complete a transaction.
• the digital signature is used in lieu of entering in a PIN at a POS terminal.
• FIGS. 8A-C illustrate the user interface used for registering the phone.
• FIG. 8A shows the “Welcome” screen where the user can choose to register mobile phone 101 .
• FIG. 8B shows data entry fields that may be used in some embodiments.
• the enrollment database 270 stores this information in a lookup table. Other information may be stored in the enrollment database 270 or accounts database 260 .
• FIG. 8C confirms the information entered in FIG. 8C has been accepted and that the Visa account ending in 0123 has been associated with the mobile device 101 .
• the user of mobile device 101 may associate additional financial accounts with the mobile device 101 by selecting the “Add Another Visa Account” button.
• enrollment database 270 ( FIG. 2 ) is updated with device information from mobile device 101 and transaction account information from accounts database 260 .
• FIGS. 6A-B , 7 A-B, and 8 A-C show various buttons or keys (“Help,” “Main Menu,” “Cancel,” etc.).
• buttons or keys (“Help,” “Main Menu,” “Cancel,” etc.).
• devices 101 and 102 are depicted as mobile phones, the devices can be any mobile device with an accelerometer.
• FIG. 9 shows a diagram of some components in an exemplary mobile device or interaction terminal.
• Mobile device 101 and interaction terminal 102 may include one or more of the features shown in FIG. 9 .
• an exemplary POS device may also include a network interface as well as a reader (e.g., a card reader such as a magnetic stripe reader) for reading data from contactless or contact based cards or phones.
• a reader e.g., a card reader such as a magnetic stripe reader
• An exemplary mobile device 32 in the form of a phone may comprise a computer readable medium and a body.
• FIG. 9 shows a number of components, and the mobile devices according to embodiments of the invention may comprise any suitable combination or subset of such components.
• the computer readable medium 32 ( b ) may be present within the body (not shown), or may be detachable from it.
• the body may be in the form of a plastic substrate, housing, or other structure.
• the computer readable medium 32 ( b ) may be a memory that stores data and may be in any suitable form including a magnetic stripe, a memory chip, uniquely derived keys, encryption algorithms, etc.
• the memory also preferably stores information such as financial information, transit information (e.g., as in a subway or train pass), access information (e.g., as in access badges), etc.
• Financial information may include information such as bank account information, bank identification number (BIN), credit or debit card number information, account balance information, expiration date, consumer information such as name, date of birth, etc. Any of this information may be transmitted by the mobile device 32 .
• Information in the memory may also be in the form of data tracks that are traditionally associated with credits cards.
• Such tracks include Track 1 and Track 2.
• Track 1 International Air Transport Association
• Track 2 (“American Banking Association”) is currently most commonly used. This is the track that is read by ATMs and credit card checkers.
• the ABA American Banking Association designed the specifications of this track and all world banks must abide by it. It contains the cardholder's account, encrypted PIN, plus other discretionary data.
• the mobile device 32 may further include a contactless element 32 ( g ), which is typically implemented in the form of a semiconductor chip (or other data storage element) with an associated wireless transfer (e.g., data transmission) element, such as an antenna.
• Contactless element 32 ( g ) is associated with (e.g., embedded within) mobile device 32 and data or control instructions transmitted via a cellular network may be applied to contactless element 32 ( g ) by means of a contactless element interface (not shown).
• the contactless element interface functions to permit the exchange of data and/or control instructions between the mobile device circuitry (and hence the cellular network) and an optional contactless element 32 ( g ).
• Contactless element 32 ( g ) is capable of transferring and receiving data using a near field communications (“NFC”) capability (or near field communications medium) typically in accordance with a standardized protocol or data transfer mechanism (e.g., ISO 14443 /NFC).
• NFC near field communications
• Near field communications capability is a short-range communications capability, such as RFID, Bluetooth, infra-red, or other data transfer capability that can be used to exchange data between the mobile device 32 and an interrogation device.
• the mobile device 32 is capable of communicating and transferring data and/or control instructions via both a cellular network and a near field communications line or network.
• the mobile device 32 may also include a processor 32 ( c ) (e.g., a microprocessor) for processing the functions of the mobile device 32 and a display 32 ( d ) to allow a consumer to see phone numbers and other information and messages.
• the mobile device 32 may further include input elements 32 ( e ) to allow a consumer to input information into the device, a speaker 32 ( f ) to allow the consumer to hear voice communication, music, etc., and a microphone 32 ( i ) to allow the consumer to transmit her voice through the mobile device 32 .
• the mobile device 32 may also include an antenna 32 ( a ) for wireless data transfer (e.g., data transmission), and an accelerometer 32 ( h ) which can provide acceleration data to the processor 32 ( c ).
• FIGS. 1-3 and 6 - 7 may operate or use one or more computer apparatuses to facilitate the functions described herein.
• Any of the elements in FIG. 1 e.g., the devices 101 , 102 , the remote server computer 120 , the payment processing network 130 , the issuers 140 , 150 , the acquirer 160 , etc.
• FIG. 10 Examples of such subsystems or components are shown in FIG. 10 , which may illustrate parts of a computer apparatus.
• the subsystems shown in FIG. 10 are interconnected via a system bus 775 . Additional subsystems such as a printer 774 , keyboard 778 , fixed disk 779 (or other memory comprising computer readable media), monitor 776 , which is coupled to display adapter 782 , and others are shown. Peripherals and input/output (I/O) devices, which couple to I/O controller 771 , can be connected to the computer system by any number of means known in the art, such as serial port 777 . For example, serial port 777 or external interface 781 can be used to connect the computer apparatus to a wide area network such as the Internet, a mouse input device, or a scanner.
• I/O input/output
• system bus allows the central processor 773 to communicate with each subsystem and to control the execution of instructions from system memory 772 or the fixed disk 779 , as well as the exchange of information between subsystems.
• the system memory 772 and/or the fixed disk 779 may embody a computer readable medium.
• any of the software components or functions described in this application may be implemented as software code to be executed by a processor using any suitable computer language such as, for example, Java, C++ or Perl, using, for example, conventional or object-oriented techniques.
• the software code may be stored as a series of instructions, or commands on a computer readable medium, such as a random access memory (RAM), a read only memory (ROM), a magnetic medium such as a hard-drive or a floppy disk, or an optical medium such as a CD-ROM.
• RAM random access memory
• ROM read only memory
• magnetic medium such as a hard-drive or a floppy disk
• optical medium such as a CD-ROM.
• Any such computer readable medium may reside on or within a single computational apparatus, and may be present on or within different computational apparatuses within a system or network.
• the present invention may use existing payment card infrastructure that is used to process debit and credit card transactions.
• Debit and credit cards offer protections against fraud, solutions to mitigate risk, and the ability to issue chargeback for unauthorized purchases. Additionally, debit and credit card are nearly universally accepted at merchants, thus making embodiments of the invention more universally acceptable.
• the location of the merchant can be compared against the location of the mobile device. If the locations do not match, this may indicate a fraudulent transaction.
• Location data just before the transaction can be compared to the location data during the transaction to see if the location data is consistent with the device actually being present at the location of the transaction (as opposed to characteristics of the device being cloned).
• Time data may also be used to detect fraud. If the server computer detects repeated, unsuccessful interaction data from a device, a risk score indicating a higher amount of risk can be assigned to the device generating repeated, unsuccessful interaction data because this might be indicative of a fraudster trolling for financial information.
• an authorization message is beneficial because it allows financial institutions to make informed decisions about whether to authorize or deny a transaction. Since the authorization message, in some embodiments of the present invention, includes unique transaction data (acceleration, time, and/or location data), financial institutions have more data upon which to base their risk mitigation decisions.
• Embodiments of the present invention allow a mobile device belonging to a user to act as the user interface. Therefore, in some embodiments, an interaction terminal is not required to have its own user interface, reducing costs and complexity of the interaction terminal hardware. From the consumer's perspective, the consumer may feel more comfortable entering payment or personal information into his or her own mobile device. This enhances security and privacy. Also, customers are more familiar with the user interfaces of their mobile devices than the user interfaces of various terminals provided by merchants, banks, etc. Customers will be able to use mobile devices more readily since they are familiar with the user interface.
• Embodiments of the present invention increase checkout speed, decrease transaction time, lower abandonment, and reduce lines. This offers the advantage of increased speed in a checkout line. Embodiments of the present invention promote speed and convenience. Amount of money spent (or ticket size) may be increased because of the speed and convenience of embodiments of the present invention.
• Embodiments of the present invention offer increased security because sensitive data is not transmitted to over RF, where the sensitive data may be more prone to interception (in transmission from the mobile device to the interaction terminal using RF). Rather, sensitive data can be transmitted more securely using network connections and encryption.

Landscapes

• Engineering & Computer Science (AREA)
• Business, Economics & Management (AREA)
• Accounting & Taxation (AREA)
• Theoretical Computer Science (AREA)
• General Physics & Mathematics (AREA)
• Physics & Mathematics (AREA)
• Computer Security & Cryptography (AREA)
• Strategic Management (AREA)
• General Business, Economics & Management (AREA)
• Finance (AREA)
• Computer Hardware Design (AREA)
• Computer Networks & Wireless Communication (AREA)
• General Engineering & Computer Science (AREA)
• Development Economics (AREA)
• Human Computer Interaction (AREA)
• Economics (AREA)
• Signal Processing (AREA)
• Software Systems (AREA)
• Telephonic Communication Services (AREA)
• Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
• Mobile Radio Communication Systems (AREA)
• Telephone Function (AREA)

Abstract

Description

Claims (20)

Priority Applications (1)

Applications Claiming Priority (2)

Publications (1)

Family

ID=44067219

Family Applications (6)

Family Applications After (5)

Country Status (4)

Cited By (59)

Families Citing this family (207)

Citations (42)

Family Cites Families (13)

• 2010
  • 2010-11-23 US US12/953,368 patent/US20110187642A1/en not_active Abandoned
  • 2010-11-23 US US12/953,371 patent/US8907768B2/en active Active
  • 2010-11-23 US US12/953,372 patent/US10095276B2/en active Active
  • 2010-11-23 US US12/952,811 patent/US8761809B2/en active Active
  • 2010-11-24 WO PCT/US2010/058014 patent/WO2011066395A2/en active Application Filing
  • 2010-11-24 AU AU2010324763A patent/AU2010324763B2/en active Active
  • 2010-11-24 WO PCT/US2010/058016 patent/WO2011066397A2/en active Application Filing
  • 2010-11-24 WO PCT/US2010/058005 patent/WO2011066387A2/en active Application Filing
  • 2010-11-24 WO PCT/US2010/057997 patent/WO2011066381A2/en active Application Filing
  • 2010-11-24 CA CA2781713A patent/CA2781713A1/en not_active Abandoned
• 2014
  • 2014-07-23 US US14/338,930 patent/US9176543B2/en active Active
• 2018
  • 2018-08-22 US US16/108,917 patent/US10824207B2/en active Active

Patent Citations (43)