US 12,217,262 B2
Time based risk management mechanisms
Yuexi Chen, San Francisco, CA (US)
Assigned to Visa International Service Association, San Francisco, CA (US)
Appl. No. 17/299,468
Filed by Visa International Service Association, San Francisco, CA (US)
PCT Filed Dec. 3, 2018, PCT No. PCT/US2018/063572
§ 371(c)(1), (2) Date Jun. 3, 2021,
PCT Pub. No. WO2020/117186, PCT Pub. Date Jun. 11, 2020.
Prior Publication US 2022/0027917 A1, Jan. 27, 2022
Int. Cl. G06Q 20/00 (2012.01); G06F 1/12 (2006.01); G06Q 20/34 (2012.01); G06Q 20/40 (2012.01)
CPC G06Q 20/4016 (2013.01) [G06F 1/12 (2013.01); G06Q 20/341 (2013.01)] 9 Claims
OG exemplary drawing
 
1. A method comprising:
maintaining, by a smart card comprising an authentication component communicatively coupled to a clock component, time stamp information provided by an external clock and time units generated by the clock component, and not corresponding to a standard time format, wherein the smart card is free of a display, wherein the smart card comprises a battery component coupled to the clock component and configured to store a charge for providing a current to the clock component;
in response to conducting an interaction with an access device, receiving, by the smart card, first time information from the access device;
converting, by the smart card and via the authentication component, the time units from the clock component to a standard time format using a conversion ratio unique to the smart card;
determining, by the smart card, second time information based at least in part on the converted time units from the clock component and the time stamp information, wherein determining the second time information comprises:
calculating a difference between a first set of the time units from the clock component that were generated during initialization of the smart card and a second set of the time units from the clock component that corresponds to a time period associated with the interaction,
converting the difference to the standard time format, and
adding the second time information to the time stamp information of the smart card to obtain the second time information;
comparing, by the smart card, the second time information to the first-time information from the access device;
maintaining, by the smart card, one or more time limit policies that are associated with potentially fraudulent interactions, the one or more time limit policies specified by an authorizing computer, the one or more time limit policies including identifying a first time period between interactions for the smart card; and identifying a second time period corresponding to a user verification of a user associated with the smart card, the interactions including presenting, by the smart card, authentication data to log into an account with a merchant website;
determining, by the authentication component of the smart card, an authentication plan for the interaction based at least in part on: (1) the comparison of the second time information to the first time information, and (2) the one or more time limit policies; and
implementing, by the authentication component of the smart card, the authentication plan by instructing communication with the access device when the authentication plan requires user authentication, or communication with the authorizing computer when the authentication plan requires including requesting authentication of the user associated with the smart card via the authorizing computer, and declining the interaction based at least in part on a third time period between the second time information and the first time information from the access device exceeding a threshold.