| CPC G06Q 20/4016 (2013.01) [G06Q 20/3224 (2013.01)] | 16 Claims |
|
1. A computer-implemented method comprising:
obtaining, by a mobile device, first location information associated with the mobile device via a positioning system on the mobile device;
generating, by the mobile device, a request for dynamic data, the request including the first location information, the dynamic data being an encryption key that changes over time;
transmitting, by the mobile device, the request to a server computer;
receiving, by the mobile device, the dynamic data from the server computer;
storing, by the mobile device, the dynamic data;
generating, by the mobile device, a cryptogram including transaction data using the dynamic data, the transaction data corresponding to a transaction using the mobile device and a terminal device, and including second location information associated with the mobile device at a time of the transaction, wherein the cryptogram is encrypted using the dynamic data; and
transmitting, by the mobile device and to the terminal device, the cryptogram, wherein the terminal device thereafter transmits an authorization request message that includes the transaction data and the cryptogram to the server computer, and wherein the server computer thereafter:
decrypts the cryptogram to obtain the second location information associated with the mobile device at the time of the transaction, determines a distance-to-time ratio threshold for a user associated with the transaction, and determines a confidence level for the transaction based at least in part on comparing the first location information, the second location information, and the distance-to-time ratio threshold, wherein the distance-to-time ratio threshold is specific to the user and determined based on past transactions for the user with the mobile device.
|