EP3332370A1 - Systèmes et procédés permettant une authentification à interaction à l'aide de dispositifs de balise sans fil dynamiques - Google Patents
Systèmes et procédés permettant une authentification à interaction à l'aide de dispositifs de balise sans fil dynamiquesInfo
- Publication number
- EP3332370A1 EP3332370A1 EP16833948.9A EP16833948A EP3332370A1 EP 3332370 A1 EP3332370 A1 EP 3332370A1 EP 16833948 A EP16833948 A EP 16833948A EP 3332370 A1 EP3332370 A1 EP 3332370A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- transaction
- identifier
- wireless beacon
- user device
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
- G06Q20/3224—Transactions dependent on location of M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
Definitions
- the disclosed embodiments generally relate to systems and methods for device interaction authentication using mobile devices and wireless beacon devices.
- some embodiments of the present disclosure relate to such wireless beacon devices using dynamic identifiers to securely identify mobile devices and securely authenticate transactions.
- Typical mobile applications on a device limit the number, type, or value of device interactions. For example, a user may have only three tries to authenticate with a web site before being "locked out" for submitting the wrong information. Additionally, traditional technologies may also limit the number, type, or value of transactions initiated through the use of mobile applications on a device such as a smart phone or tablet. Also, certain transactions still require physical interfaces with a machine, such as a computer terminal, ATM, or the like.
- customers may be required to carry cards, USB devices, or other devices, with them.
- some typical identification systems are unable to conduct private transactions in a private location. For example, allowing a customer to initiate a transaction using a smartphone, tablet or computer from a private location (such as their own home, office, car, etc.), rather than requiring him or her to enter their information at a public device, creates a more secure authentication experience.
- allowing a customer to conduct a transaction without swiping a card allows the customer to avoid the risk of exposing his or her information to skimmers or other fraudulent devices.
- giving the customer the option of using the smaller screen of a smart phone or tablet allows the customer to feel secure that the smaller form factor of the smartphone or tablet allows them to keep their personal information (account number, pin, balances, types of accounts, etc.) private from other people "looking over their shoulder" when it is displayed on a screen.
- the disclosed embodiments provide more security than prior art beacon devices, preventing malicious users from spoofing identifiers of the devices. For example, because customers are required to conduct less physical interaction at a transaction device (e.g., no card swipe, no pin entry, no selection of account and amount, etc.), the time the customer is at the device is greatly reduced.
- the disclosed embodiments also provide for higher levels of security and reduce the chance of loss of security or information.
- Certain disclosed embodiments provide improved systems and methods for detecting, identifying, and authenticating a transaction conducted using a mobile device and a transaction device. For example, certain disclosed embodiments may enable the conducting of a broader range of transactions through mobile channels, such as a mobile application on a mobile device, without having to physically enter information on a transaction device or provide the information to an individual such as a teller. Certain disclosed embodiments may provide services that are valuable to both consumers and financial service providers. For example, aspects of the disclosed embodiments may provide a user with a process for conducting transactions from a mobile channel without the need to provide information such as a username a PIN to a machine or teller, which may save time and effort for the user and limit the exposure of customer data and personal information. Moreover, certain aspects of the disclosed embodiments may attract new customers and encourage current customers to use the service provider's accounts and services more often. The embodiments herein comprise technical solutions to these problems.
- aspects of the disclosed embodiments also save computational resources by avoiding processing costs associated with electronic transactions. Instead of processing all transactions initiated by any user, authenticating a transaction before processing it will save on resources and processing time. Other computational resources can be saved, especially at a transaction device, by enabling the user to initiate the transaction even before approaching the transaction device. This unique arrangement of transaction devices and other devices (such as mobile devices) to accomplish the transaction uses fewer computational resources at the transaction device, because less time is spent using the transaction device to accomplish the transaction.
- the disclosed embodiments may provide systems and methods for authenticating transactions performed at a transaction device.
- An example method may comprise steps performed by at least one processor at a server separate from the transaction device.
- the steps may comprise, for example, generating and storing a first identifier and sending the first identifier to a beacon device associated with a transaction device over a network.
- the steps may further comprise receiving, from a user device separate from the transaction device and the server, a transaction request comprising a proposed identifier and information related to a transaction.
- the steps may further comprise determining whether there is a match between the first identifier and the proposed identifier, and, based on a determination that there is a match, authorizing the transaction.
- the disclosed embodiments also include systems and methods for authenticating a transaction performed at a user device and a transaction device.
- An example method may comprise steps performed by at least one processor at the user device. The steps may comprise displaying, on the user device, a user interface requesting information related to the transaction and receiving input comprising the information. The steps may further comprise polling, by the user device, for one or more beacon devices and determining one or more identifiers associated with the beacon devices, transmitting the one or more identifiers to a service provider device, and receiving information authorizing or declining the transaction.
- computer- readable media that store instructions that, when executed by a processor(s), causes the processor(s) to perform operations consistent with one or more disclosed methods.
- Systems are also provided comprising one or more hardware devices (such as a user device, transaction device, and/or server) each of which are configured and/or programmed to perform operations consistent with one or more disclosed methods
- FIG. 1 is a block diagram of an exemplary system, consistent with disclosed embodiments.
- FIG. 2 is a block diagram of an exemplary computer system, consistent with disclosed embodiments.
- FIG. 3A is a flowchart of an exemplary process for updating a beacon device, consistent with disclosed embodiments.
- FIG. 3B is a flowchart of an exemplary process for authorizing a transaction at a mobile device using a beacon device, consistent with disclosed embodiments.
- FIG. 4 is a block diagram of an exemplary embodiment of the system in FIG. 1 , consistent with disclosed embodiments.
- a user device may determine identifiers associated with one or more wireless beacons in proximity to a transaction device (such as a kiosk, a computer terminal, a point-of-sale, or an Automated Teller Machine) to the device (e.g., within some set distance such as three meters, one meter, 20 centimeters, etc.) and send the one or more identifiers to a service provider device.
- the service provider device may maintain a database that establishes a relationship between at least one identifier and at least one wireless beacon device. The relationship may be based on the service provider device generating and sending the identifier to the wireless beacon device over a network (or vice versa). Based on the service provider device searching the database, the service provider device may determine whether or not to authorize the transaction.
- the present disclosure is usable in numerous systems that employ wireless beacon devices to authenticate transactions.
- embodiments of the present disclosure may be usable in systems such as those described in pending U.S. Patent Application No. 14/680,857 (filed April 7, 2015), U.S. Patent Application No. 14/680,842 (filed April 7, 2015), U.S. Provisional Application No. 62/102,857 (filed January 13, 2015), or U.S. Provisional Application No. 61/976,703 (filed April 8, 2014), each of which is incorporated herein by reference in their entireties.
- FIG. 1 shows a diagram of an exemplary system 100, consistent with disclosed embodiments.
- system 100 may include a user device 1 10, a service provider device 120, a transaction device 130, a network 140 to facilitate communication among the components of system 100, and a wireless beacon device 150.
- the components and arrangement of the components included in system 100 may vary.
- system 100 may further include other components that perform or assist in the performance of one or more processes consistent with the disclosed embodiments.
- the components and arrangements shown in Figure 1 are not intended to limit the disclosed embodiments, as the components used to implement the disclosed processes and features may vary.
- System 100 may include one or more user devices 1 10.
- a user may operate a user device 1 10, which may be a desktop computer, laptop, tablet, smartphone, multifunctional watch, pair of multifunctional glasses, tracking device, or any suitable device with computing capability.
- User device 1 10 may include one or more processor(s) and memory device(s) known to those skilled in the art.
- user device 1 10 may include memory device(s) that store data and software instructions that, when executed by one or more processor(s), perform operations consistent with the disclosed embodiments.
- user device 1 10 may have a transaction application installed thereon, which may enable user device 1 10 to communicate with service provider device 120, transaction device 130, or wireless beacon device 150, via network 140 or via other means (e.g., a local wireless connection such as a Bluetooth connection).
- user device 1 10 may be a smartphone or tablet or the like that executes a stored mobile application that performs various electronic transactions, such as authentication operations (e.g., logging into a computer system), banking operations (e.g., funds transfer, purchase, or cash withdrawal), or the like.
- user device 1 10 may connect to service provider device 120 through use of browser software stored and executed by user device 1 10.
- User device 1 10 may be configured to execute software instructions to allow a user to access information stored in service provider device 120, such as, for example, financial information related to recent purchase transactions, financial discounts, financial statements, account information, rewards program information and the like. Additionally, user device 1 10 may be configured to execute software instructions that initiate and conduct transactions with service provider device 120 and/or transaction device 130, such as, for example, transactions such as logging into or authenticating with a website or computer, cash withdrawals, wire transfers, PIN resets, or call center transactions.
- service provider device 120 such as, for example, financial information related to recent purchase transactions, financial discounts, financial statements, account information, rewards program information and the like.
- user device 1 10 may be configured to execute software instructions that initiate and conduct transactions with service provider device 120 and/or transaction device 130, such as, for example, transactions such as logging into or authenticating with a website or computer, cash withdrawals, wire transfers, PIN resets, or call center transactions.
- User device 1 10 may perform one or more operations consistent with the disclosed embodiments.
- User device 1 10 may be operated by a user.
- the user may be a customer of a financial service provider (e.g., one operating service provider device 120).
- a financial service provider may maintain a financial service account (e.g., checking account, savings account, debit card account, or credit card account) for the user of user device 1 10.
- User device 1 10 (and/or other items, such as a card, a token, a key fob, or the like) may access such an account to facilitate the purchase of goods, services, or information.
- user device 1 10 and the financial service account may initiate the withdrawal of cash from an ATM (e.g., transaction device 130), contact a customer call center, transfer or wire money, or reset their debit account PIN.
- an ATM e.g., transaction device 130
- user device 1 10 may detect wireless beacon device 150.
- user device 1 10 may "poll” or “scan” to detect one or more identifiers emitted by wireless beacon device 150, using one or more wireless protocols (e.g., Near Field Communication (NFC), BLUETOOTHTM, BLUETOOTH LETM (BLE), Radio-Frequency Identification (RFID)).
- wireless beacon device 150 may broadcast one or more identifiers (e.g., 128-bit identifiers) to enable user device 1 10 to determine the number of identity of each wireless beacon device 150, authenticate with transaction device 130 and/or service provider device 120, or the like.
- User device 1 10 may operate in a variety of modes to detect wireless beacon device 150, such as a “Near” mode (e.g., detecting all beacons within three meters of user device 1 10) or an “Immediate” mode (e.g., detecting only beacons within one meter of user device 1 10), and may alternate between these modes in order to determine which beacon devices are closest to user device 1 10.
- a Near mode e.g., detecting all beacons within three meters of user device 1
- an “Immediate” mode e.g., detecting only beacons within one meter of user device 1 10
- a detection and identification system 100 may include a service provider (SP) device 120.
- SP device 120 may be a system associated with a website, such as a secure data storage website that stores and provides data to users.
- SP device 120 may also be a system associated with a financial service provider (not shown), such as a bank, a credit card company, a lender, brokerage firm, or any other type of financial service entity that generates, provides, manages, and maintains financial service accounts, etc. for one or more users.
- a financial service provider not shown
- a bank such as a bank, a credit card company, a lender, brokerage firm, or any other type of financial service entity that generates, provides, manages, and maintains financial service accounts, etc. for one or more users.
- SP device 120 may be one or more computing systems that are configured to execute software instructions stored on one or more memory devices to perform one or more operations consistent with the disclosed embodiments.
- SP device 120 may include one or more memory device(s) storing data and software instructions, and one or more processor(s) configured to use the data and execute the software instructions to perform server-based functions and operations known to those skilled in the art.
- SP device 120 may include one or more general purpose computers, mainframe computers, or any combination of these types of components.
- SP device 120 may be configured as a particular apparatus, system, and the like based on the storage, execution, and/or implementation of the software instructions that cause a processor to perform one or more operations consistent with the disclosed embodiments.
- SP device 120 may be standalone, or it may be part of a subsystem, which may be part of a larger system.
- SP device 120 may represent distributed servers that are remotely located and communicate over a public network (e.g., network 140) or a dedicated network, such as a LAN, for a financial service provider.
- SP device 120 may include or may access one or more storage devices configured to store data and/or software instructions used by one or more processors of SP device 120 to perform operations consistent with disclosed embodiments.
- SP device 120 may include memory 230 configured to store one or more software programs that performs several functions when executed by a processor. The disclosed embodiments are not limited to separate programs or computers configured to perform dedicated tasks.
- SP device 120 may include memory that stores a single program or multiple programs.
- SP device 120 may execute one or more programs located remotely from SP device 120.
- SP device 120 may access one or more remote programs stored in memory included with a remote component that, when executed, perform operations consistent with the disclosed embodiments.
- SP device 120 may include server software that generates, maintains, and provides services associated with financial account management. In other aspects, SP device 120 may connect separate server(s) or similar computing devices that generate, maintain, and provide services associated with financial data for a financial service provider associated with SP device
- SP device 120 may be configured to generate and send one or more identifiers (e.g., 128-bit unique or semi-unique identifiers) to wireless beacon device 150.
- SP device 120 may also be connected to a database (such as database 240, described below with respect to Fig. 2) and may store generated identifiers and/or permanent identifiers associated with one or more wireless beacon devices 150.
- the database may also include other information, such as a location of wireless beacon device 150, a description or identifier associated with transaction device 120 that the wireless beacon device 150 is associated with, a physical description of wireless beacon device 150 or its location, a model number or serial number of wireless beacon device 150, or the like.
- System 100 may also include one or more transaction devices 130.
- Transaction device 130 may be implemented as, for example, a computer terminal, a secured door, an information terminal, a kiosk, an ATM, or the like.
- Transaction device 130 may include one or more memory device(s) that store data that may be used for performing one or more processes consistent with the disclosed embodiments.
- transaction device 130 may include one or more memory device(s) storing data and software instructions, and one or more processor(s) configured to use the data and execute the software instructions to perform computing functions and operations known to those skilled in the art.
- transaction device 130 may additionally, or alternatively, include one or more servers or other types of computer devices, which may be configured to execute software instructions stored in memory to perform one or more processes consistent with the disclosed embodiments.
- transaction device 130 may be configured as a particular apparatus, system, and the like based on the storage, execution, and/or implementation of the software instructions that cause a processor to perform one or more operations consistent with the disclosed embodiments.
- a transaction device 130 may be standalone, or it may be part of a subsystem, which may be part of a larger system.
- transaction device 130 may represent distributed servers that are remotely located and communicate over a public network (e.g., network 140) or a dedicated network, such as a LAN.
- a third party may operate the components associated with transaction device 130.
- transaction device 130 may be a part or subpart of SP device 120.
- Network 140 may comprise any type of computer networking arrangement used to exchange data.
- network 1 0 may be one or more of the Internet, a private data network, a virtual private network over a public network, a Wi-Fi network, a LAN or WAN network, and/or other suitable connections that may enable information exchange among various components of the system 100.
- Network 140 may also include a public switched telephone network ("PSTN") and/or a wireless cellular network.
- PSTN public switched telephone network
- Network 140 may be a secured network or unsecured network.
- one or more components of system 100 may communicate directly through a dedicated communication link(s), such as links between user device 1 10, service provider device 120, transaction device 130, and wireless beacon device 150.
- network 140 may include a direct communication network. Direct communications may use any suitable technologies, including, for example,
- BLUETOOTHTM BLUETOOTH LE TM (BLE), Wi-Fi. near field communications (NFC), or other suitable communication methods that provide a medium for transmitting data between separate devices.
- user device 1 10 and transaction device 130 may connect and communicate through a direct communications network.
- Wireless beacon device 150 may be implemented as a "beaconing" device that broadcasts data using a wireless protocol.
- Wireless beacon device 1 50 may broadcast data using protocols such as BLUETOOTHTM, BLUETOOTH LETM (BLE), Wi-Fi, near field communications (NFC), or the like.
- wireless beacon device 150 comprises at least one network adapter.
- the at least one network adapter may comprise a wireless network adapter or a wired network adapter.
- Wireless beacon device 150 may be connected to network 140 using a wired connection (e.g., an Ethernet or fiber optic connection to a modem or router) via the at least one network adapter.
- wireless beacon device 150 may additionally or alternatively be connected to network 140 using a wireless connection via the at least one network adapter.
- Wireless beacon device 150 may also comprise a wireless transmitter.
- Wireless beacon device 150 may also be configured to broadcast data using a wireless protocol (e.g., BLUETOOTHTM, BLE, Wi-Fi, or NFC) via one of the at least one network adapters.
- a wireless protocol e.g., BLUETOOTHTM, BLE, Wi-Fi, or NFC
- Wireless beacon device 150 may comprise one or more memory devices (e.g., flash memory) that store one or more identifiers.
- wireless beacon device 150 may store a permanent identifier that uniquely or semi-uniquely (e.g., an identifier that is unique to all devices created by the manufacturer of wireless beacon device 150 that may not be universally unique) identifies wireless beacon device 150 as well as one or more other temporary/rolling identifiers.
- wireless beacon device 150 may receive a temporary identifier that is valid for a period of time (e.g., 60 seconds) from SP device 120.
- Wireless beacon device 150 may store the temporary identifier in memory (e.g., by overwriting a previously recorded temporary identifier).
- wireless beacon device 150 may broadcast both of a permanent identifier and a temporary identifier.
- one or more identifiers may be stored in a database accessible to SP device 120.
- the database may also include other information, such as a location of wireless beacon device 150, a description or identifier associated with transaction device 120 that the wireless beacon device 150 is associated with, a physical description of wireless beacon device 150 or its location, a model number or serial number of wireless beacon device 150, or the like.
- system 100 may process, transmit, provide, and receive information consistent with the disclosed embodiments.
- FIG. 2 shows a diagram of an exemplary computing system 200 illustrating a computing system configuration that may be associated with user device 1 10, service provider device 120, or transaction device 130, consistent with disclosed embodiments.
- computing system 200 may include one or more processors 210, one or more memories 230, and one or more input/output (I/O) devices 220.
- computing system 200 may take the form of a server, general purpose computer, a mainframe computer, laptop, smartphone, mobile device, or any combination of these components.
- computing system 200 may be configured as a particular apparatus, system, and the like based on the storage, execution, and/or implementation of the software instructions that cause a processor to perform one or more operations consistent with the disclosed embodiments.
- Computing system 200 may be standalone, or it may be part of a subsystem, which may be part of a larger system.
- Processor 210 may include one or more known processing devices, such as a microprocessor from the PentiumTM or XeonTM family manufactured by IntelTM, the TurionTM family manufactured by AMDTM, or any of various processors manufactured by Sun Microsystems. Processor 210 may constitute a single core or multiple core processor that executes parallel processes
- processor 210 may be a single core processor configured with virtual processing technologies. In certain embodiments, processor 210 may use logical processors to simultaneously execute and control multiple processes. Processor 210 may implement virtual machine technologies, or other known technologies to provide the ability to execute, control, run, manipulate, store, etc. multiple software processes, applications, programs, etc. In another embodiment, processor 210 may include a multiple-core processor arrangement (e.g., dual, quad core, etc.) configured to provide parallel processing functionalities to allow computing system 200 to execute multiple processes simultaneously.
- processor arrangement e.g., dual, quad core, etc.
- processor arrangements could be implemented that provide for the capabilities disclosed herein. The disclosed embodiments are not limited to any type of processor(s) configured in computing system 200.
- Memory 230 may include one or more storage devices configured to store instructions used by processor 210 to perform functions related to the disclosed embodiments.
- memory 230 may be configured with one or more software instructions, such as program(s) 236 that may perform one or more operations when executed by processor 210.
- the disclosed embodiments are not limited to separate programs or computers configured to perform dedicated tasks.
- memory 230 may include a program 236 that performs the functions of computing system 200, or program 236 could comprise multiple programs.
- processor 210 may execute one or more programs located remotely from computing system 200.
- user device 1 10, service provider device 120, or transaction device 130 may, via computing system 200 (or variants thereof), access one or more remote programs that, when executed, perform functions related to certain disclosed embodiments.
- Processor 210 may further execute one or more programs located in database 240.
- programs 236 may be stored in an external storage device, such as a cloud server located outside of computing system 200, and processor 210 may execute programs 236 remotely.
- Programs executed by processor 210 may cause processor 210 to execute one or more processes related to financial services provided to users including, but not limited to, logging into or authenticating with a website or computer, processing credit and debit card transactions, checking transactions, fund deposits and withdrawals, transferring money between financial accounts, lending loans, processing payments for credit card and loan accounts, processing orders for certified funds, processing orders for new or reissue debit cards, and processing ATM cash withdrawals.
- Memory 230 may also store data that may reflect any type of information in any format that the system may use to perform operations consistent with the disclosed embodiments.
- Memory 230 may store instructions to enable processor 210 to execute one or more applications, such as server applications, an authentication application, network communication processes, and any other type of application or software.
- the instructions, application programs, etc. may be stored in an external storage (not shown) in communication with computing system 200 via network 140 or any other suitable network.
- Memory 230 may be a volatile or non-volatile, magnetic, semiconductor, tape, optical, removable, non-removable, or other type of storage device or tangible (i.e., non-transitory) computer- readable medium.
- Memory 230 may include transaction data 232.
- Transaction data 232 may include information related to financial transactions initiated by a user.
- transaction data may include a user identifier and a transaction type.
- the user identifier may be a username, a password, a unique identifier of user device 1 10, a credit or debit card number, an account number, or other data useful in identifying the user initiating the transaction.
- the transaction type may include an indicator of the type of transaction the user is initiating.
- transaction data 232 may be stored in database 240 or in an external storage (not shown) in communication with computing system 200 via network 140 or any other suitable network.
- Memory 230 may further include customer data 234.
- Customer data 234 may include information about particular customers of the service provider.
- Customer data 234 may also include user device identification information, such as, for example, a phone number, email address, IP address,
- customer data 234 may include clients' account information, debit or credit card information, history of purchase transactions, financial statements, credit score, risk profile, username and password, debit card PIN, home and work locations, authentication data, or the like.
- customer data 234 may be stored in database 240 or in an external storage (not shown) in communication with computing system 200 via network 140 or any other suitable network.
- Processor 210 may analyze transaction data 232 in reference to customer data 234. For example, processor 210 may analyze transaction data to determine which client with information stored in client information 234 is initiating the financial transaction. Processor 210 may access the particular user's customer information to determine their account information, debit or credit card information, history of purchase transactions, financial statements, credit score, risk profile, username and password, debit card PIN, home and work locations, authentication data, or the like.
- I/O devices 220 may be one or more device that is configured to allow data to be received and/or transmitted by computing system 200.
- I/O devices 220 may include one or more digital and/or analog communication devices that allow computing system 200 to communicate with other machines and devices, such as other components of system 100 shown in Figure 1 .
- computing system 200 may include interface components, which may provide interfaces to one or more input devices, such as one or more keyboards, mouse devices, and the like, which may enable computing system 200 to receive input from an operator of SP device 120 (not shown).
- Computing system 200 may also contain one or more database(s) 240.
- computing system 200 may be communicatively connected to one or more database(s) 240.
- Computing system 200 may be communicatively connected to database(s) 240 through network 140.
- Database 240 may include one or more memory devices that store information and are accessed and/or managed through computing system 200.
- database(s) 240 may include OracleTM databases, SybaseTM databases, or other relational databases or non-relational databases, such as Hadoop sequence files, HBase, or Cassandra.
- the databases or other files may include, for example, data and information related to the source and destination of a network request and the data contained in the request, etc.
- Database 240 may include computing components (e.g., database management system, database server, etc.) configured to receive and process requests for data stored in memory devices of database(s) 240 and to provide data from database 240.
- Database 240 may also include other information, such as a location of wireless beacon device 150, a description or identifier associated with transaction device 120 that the wireless beacon device 150 is associated with, a physical description of wireless beacon device 150 or its location, a model number or serial number of wireless beacon device 150, or the like. (In some embodiments, this data may additionally or alternatively be stored in memory 230.)
- SP device 120 may include at least one computing system 200. Further, although sometimes discussed here in relation to SP device 120, it should be understood that variations of computing system 200 may be used by other components of system 100, including transaction device 130 and user device 1 10.
- Computing system 200 may be a single server or may be configured as a distributed computer system including multiple servers or computers that interoperate to perform one or more of the processes and functionalities associated with the disclosed embodiments.
- transaction device 130 and/or user device 1 10 may include the same or similar configuration and/or components of computing system 200.
- computing system 200 when implemented in transaction device 130, may include hardware and/or software installed therein for performing one or more processes disclosed herein.
- Figure 3A is a flowchart of an exemplary process 300 for updating a beacon device, consistent with disclosed embodiments.
- Process 300 begins with steps 301 or 302.
- a user e.g., a consumer, client, authorized user, cardholder, etc.
- user device 1 10 may utilize user device 1 10 to initialize an application and/or a transaction.
- user device 1 10 may receive a user click on an icon on a display of user device 1 10 in order to initialize an application for authenticating a transaction such as a log-in process, a purchase, or an ATM withdrawal, and send a transaction request to service provider device 120.
- transaction device 130 may initialize the transaction. For example, if transaction device 130 is a computer terminal, initializing the transaction may comprise the user attempting to log in or otherwise authenticating to use transaction device 130. As another example, if transaction device 130 is an ATM, initializing the transaction may comprise the user inserting a card and entering a PIN or other password on transaction device 130. After initializing the transaction in step 302, transaction device 130 may send one or more details about the transaction (e.g., a possible identity of the user or user device 1 10 or a transaction request) to service provider device 120, which receives it in step 311.
- details about the transaction e.g., a possible identity of the user or user device 1 10 or a transaction request
- user device 1 10 may initialize an application (as in step 301) in response to a signal from transaction device 130, service provider device 120, or another device.
- steps 304 and 309 may, in some embodiments, operate continuously and independently of steps 301 and 302.
- wireless beacon device 150 broadcasts one or more identifiers over a wireless channel.
- the identifiers may comprise one or more of a permanent identifier (uniquely or semi-uniquely identifying wireless beacon device 150) or a temporary identifier (e.g., one that is generated by or received from service provider device 120).
- service provider device 120 may generate a new identifier for use by wireless beacon device 150.
- service provider device 120 may generate a number or series of numbers (e.g., 128 bits) as a temporary identifier for wireless beacon device 150.
- SP device 120 may generate the identifier using, for example, a pseudo-random number generator and may send the identifier to wireless beacon device 150.
- wireless beacon device 150 may generate an identifier without receiving one from SP device 120.
- both SP device 120 and wireless beacon device 150 may utilize the same pseudo-random number generator having the same seed value, then both devices can generate the same identifier at the same time, thus obviating any need for a connection between the devices.
- wireless beacon device 150 may receive a generated identifier from SP device 120.
- wireless beacon device 150 may reprogram a broadcast function on wireless beacon device 150 to broadcast the received identifier. For example, wireless beacon device 150 may overwrite a location in memory storing the current identifier using the identifier received in step 306.
- user device 1 10 may determine beacon identifiers associated with one or more wireless beacon device(s) 150. For example, user device 1 10 may listen on known frequencies in order to determine one or more identifiers being broadcast by wireless beacon device 150.
- user device 110 may determine the relative strengths of each determined signal containing an identifier. For example, user device 110 may record the strength of each distinct signal that contains a different identifier. Signal strength (which may be measured in in dBm or Decibel- milliwatts) may indicate the relative distances between particular wireless beacon devices 150 and user device 110. For example, if a first identifier is received with a first signal at -25 dBm and a second identifier is received with a second signal at -55 dBm, user device 1 10 may record that a first wireless beacon device (emitting at -25 dBm) is likely closer to user device 110 than a second wireless beacon device.
- Signal strength (which may be measured in in dBm or Decibel- milliwatts) may indicate the relative distances between particular wireless beacon devices 150 and user device 110. For example, if a first identifier is received with a first signal at -25 dBm and a second identifier is received with a second signal at -55
- User device 1 10 may operate in multiple modes of operation in order to determine which beacon devices are close to user device 1 10 and which are not. For example, if multiple wireless beacon devices 150 are implemented using BLE (Bluetooth Low Energy), user device 1 10 may initially operate in "Near” mode (e.g., detecting all beacons within three meters of user device 1 10) and may switch to "Immediate” mode (e.g., detecting only beacons within one meter of user device 1 10). User device 1 10 may then determine the wireless beacon device closest to user device 1 10 based on the identifiers received in each mode.
- BLE Bluetooth Low Energy
- user device 1 10 may generate a list of detected beacon devices.
- the list may be ordered by determined signal strengths or by some other order (e.g., whether the beacon device was detected in Near mode vs. Immediate mode).
- the list of detected beacon devices may comprise only a single beacon device, such as the beacon device 150 that user device 1 10 determines is closest.
- User device 1 10 may also send a location associated with user device 1 10 to SP device 120. For example, user device 1 10 may utilize a GPS device to determine a current location of user device 1 10 and may send it to SP device 120. This list (and any associated location information) may be received by SP device 120 in step 3 13.
- FIG. 3B is a flowchart of an exemplary process 320 for authorizing a transaction at a mobile device using a beacon device, consistent with disclosed embodiments.
- Process 320 begins at step 321.
- SP device 120 may determine whether one or more of the beacons on the list received in step 313 is included in a database (e.g., database 240 in Fig. 2). This determination may include comparing temporary and/or permanent identifiers on the list with identifiers in database 240 and may include comparing location information received in step 313 with location information related to the beacons whose identifiers were received in step 313 (e.g., location of the beacons associated with received identifiers).
- process 320 may continue to step 325A where SP device 120 may generate and send information approving the transaction to user device 1 10 and/or transaction device 130. If there is no such match (step 323; No), process 320 may continue to step 325B where SP device 120 may generate and send information declining the transaction to user device 1 10 and/or transaction device 130.
- a match e.g., a received identifier is in database 240 and received location information matches location information stored in association with the identifier in database 240
- process 320 may continue to step 325A where SP device 120 may generate and send information approving the transaction to user device 1 10 and/or transaction device 130. If there is no such match (step 323; No), process 320 may continue to step 325B where SP device 120 may generate and send information declining the transaction to user device 1 10 and/or transaction device 130.
- user device 1 10 and/or transaction device 130 may take steps to prevent the transaction from completing.
- user device 1 10 may instruct the user to get closer to a particular transaction device 130, may instruct the user to retry the transaction, or may initiate fraud sequences such as disabling user device 1 10 (e.g., in case the identifier received in step 313 is known to be a fraudulent identifier or user device 1 10 has been stolen).
- transaction device 130 may similarly instruct the user to retry the transaction or may initiate fraud sequences such as disabling transaction device 130.
- user device 1 10 and/or transaction device 130 may take steps to finish the transaction. For example, if the user utilized user device 1 10 to initiate a log-in procedure by entering a username or password on user device 1 10, user device 1 10 may display a one-time use password and transaction device 130 may prompt the user to enter the one-time use password in order to finish the log-in procedure. As another example, if the user utilized user device 110 to initiate a cash withdrawal procedure having a particular amount of money, transaction device 130 may prompt the user to merely insert an ATM card, after which transaction device 130 will deliver the requested amount of money to the user.
- FIG 4 is a block diagram of an exemplary embodiment 400 of the system in Figure 1 , consistent with disclosed embodiments.
- Embodiment 400 includes user device 1 10, SP device 120, network 140, and transaction devices 130A-130D and respective wireless beacon devices 150A-150D.
- each transaction device is associated with a respective wireless beacon device.
- each transaction device is located a short distance from each wireless beacon device, but is not directly connected to the respective wireless beacon device.
- Wireless beacon devices 150A-150D may be connected to network 140 using a wired connection (not shown) such as dedicated or non-dedicated link (e.g., a cable modem, DSL line, T-l connection, fiber-optic connection, or an Ethernet connection to a router).
- a wired connection such as dedicated or non-dedicated link (e.g., a cable modem, DSL line, T-l connection, fiber-optic connection, or an Ethernet connection to a router).
- user device 1 10 is closest to wireless beacon device 150A.
- service provider device 120 may authorize the transaction at the transaction device associated with the wireless beacon device closest to user device 1 10, which in embodiment 400 is transaction device 130A.
- a wireless beacon device may be "associated" with a particular transaction device in that it is the closest wireless beacon device to the transaction device, identified as being the wireless beacon device for the transaction device, or otherwise assigned to the transaction device. The user may insert a card or enter a username on transaction device 13 OA in order to complete the transaction.
- transaction device 130A may display to the user a message indicating that the transaction is processing.
- transaction device 130A may contain a screen or other display.
- messages such as those reflecting the results of authentication operations may be displayed to the user via the screen or display of transaction device 130A.
- transaction device 130A may display to the user a message indicating that the transaction is complete.
- transaction devices 130B-130D may not display any messages to the user because they are not performing any procedures for the user.
- some or all of the logic for the above-described techniques may be implemented as a computer program or application or as a plugin module or sub component of another application.
- the described techniques may be varied and are not limited to the examples or descriptions provided.
- applications may be developed for download to mobile communications and computing devices, e.g., laptops, mobile computers, tablet computers, smart phones, etc., being made available for download by the user either directly from the device or through a website.
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Telephonic Communication Services (AREA)
Abstract
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201562201775P | 2015-08-06 | 2015-08-06 | |
PCT/US2016/045833 WO2017024245A1 (fr) | 2015-08-06 | 2016-08-05 | Systèmes et procédés permettant une authentification à interaction à l'aide de dispositifs de balise sans fil dynamiques |
Publications (2)
Publication Number | Publication Date |
---|---|
EP3332370A1 true EP3332370A1 (fr) | 2018-06-13 |
EP3332370A4 EP3332370A4 (fr) | 2019-03-20 |
Family
ID=57944020
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP16833948.9A Withdrawn EP3332370A4 (fr) | 2015-08-06 | 2016-08-05 | Systèmes et procédés permettant une authentification à interaction à l'aide de dispositifs de balise sans fil dynamiques |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP3332370A4 (fr) |
CA (1) | CA2994833A1 (fr) |
WO (1) | WO2017024245A1 (fr) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019234699A1 (fr) | 2018-06-08 | 2019-12-12 | Reliance Jio Infocomm Limited | Système et procédé de localisation pour paiement sans fil |
US20230073560A1 (en) * | 2021-09-08 | 2023-03-09 | Capital One Services, Llc | System and method for beacon-based action validation |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB0113630D0 (en) * | 2001-06-05 | 2001-07-25 | Koninkl Philips Electronics Nv | Payment authorisation through beacons |
WO2009031159A2 (fr) * | 2007-06-20 | 2009-03-12 | Mchek India Payment Systems Pvt. Ltd. | Procédé et système pour authentification sécurisée |
US8645213B2 (en) * | 2010-01-15 | 2014-02-04 | Ebay, Inc. | Transactions associated with a mobile device |
PL2709071T3 (pl) * | 2012-09-17 | 2015-08-31 | Kapsch Trafficcom Ag | Sposób, radiolatarnia i urządzenie pokładowe do generowania transakcji opłat za parkowanie |
US9307355B2 (en) * | 2013-06-27 | 2016-04-05 | Bluecats Australia Pty Limited | Location enabled service for enhancement of smart device and enterprise software applications |
GB201312398D0 (en) * | 2013-07-10 | 2013-08-21 | Powa Technologies Ltd | Electronic transaction validation |
US9445220B2 (en) * | 2013-09-06 | 2016-09-13 | Paypal, Inc. | Systems and methods for enabling additional devices to check in to bluetooth low energy (BLE) beacons |
US20150120504A1 (en) * | 2013-10-25 | 2015-04-30 | Michael Todasco | Systems and methods for completion of item delivery and transactions using a mobile beacon |
-
2016
- 2016-08-05 EP EP16833948.9A patent/EP3332370A4/fr not_active Withdrawn
- 2016-08-05 WO PCT/US2016/045833 patent/WO2017024245A1/fr active Application Filing
- 2016-08-05 CA CA2994833A patent/CA2994833A1/fr not_active Abandoned
Also Published As
Publication number | Publication date |
---|---|
WO2017024245A1 (fr) | 2017-02-09 |
CA2994833A1 (fr) | 2017-02-09 |
EP3332370A4 (fr) | 2019-03-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11829988B2 (en) | Systems and methods for transacting at an ATM using a mobile device | |
US11087297B1 (en) | Systems and methods for financial operations performed at a contactless ATM | |
US9864987B2 (en) | Account provisioning authentication | |
US10467604B1 (en) | ATM transaction with a mobile device | |
CN108780546B (zh) | 在动态数据交易中的位置验证 | |
US10922675B2 (en) | Remote transaction system, method and point of sale terminal | |
US10706400B1 (en) | Systems and methods for financial operations performed at a contactless ATM | |
US20180204214A1 (en) | Systems and methods for transaction authentication using dynamic wireless beacon devices | |
US11861600B2 (en) | Systems and methods for providing card interactions | |
CN115907763A (zh) | 向消费者提供支付凭证 | |
US10395244B1 (en) | Systems and methods for providing card interactions | |
US20160063481A1 (en) | System and Method of Electronic Authentication at a Computer Initiated Via Mobile | |
WO2016088087A1 (fr) | Accès de tiers à un compte financier | |
AU2016403410B2 (en) | Access credential management device | |
US11564102B2 (en) | Fraudulent wireless network detection with proximate network data | |
US20210049568A1 (en) | Method and System for Large Transfer Authentication | |
WO2017024245A1 (fr) | Systèmes et procédés permettant une authentification à interaction à l'aide de dispositifs de balise sans fil dynamiques | |
US20200380506A1 (en) | Systems and methods for financial authentication hotspot | |
KR101472813B1 (ko) | 인증 시스템 및 인증 방법 | |
US20240086917A1 (en) | Fraud mitigation using pre-authorization authentication and verification | |
KR102015861B1 (ko) | 은행 업무 관리 서버, 은행 업무 처리 시스템, 및 이를 이용한 계좌 개설 방법 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20180220 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
DAV | Request for validation of the european patent (deleted) | ||
DAX | Request for extension of the european patent (deleted) | ||
A4 | Supplementary search report drawn up and despatched |
Effective date: 20190214 |
|
RIC1 | Information provided on ipc code assigned before grant |
Ipc: G06Q 20/40 20120101ALI20190208BHEP Ipc: G06Q 20/32 20120101AFI20190208BHEP |
|
17Q | First examination report despatched |
Effective date: 20200416 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN WITHDRAWN |
|
18W | Application withdrawn |
Effective date: 20200803 |