US 12,229,772 B2
Transaction authentication method, server and system using two communication channels
David Naccache, Paris (FR); Marc Beunardeau, Paris (FR); Aisling Connolly, Paris (FR); Rémi Geraud, Paris (FR); and Hiba Koudoussi, Paris (FR)
Assigned to BANKS AND ACQUIRERS INTERNATIONAL HOLDING, (FR)
Appl. No. 17/784,861
Filed by BANKS AND ACQUIRERS INTERNATIONAL HOLDING, Paris (FR)
PCT Filed Dec. 11, 2020, PCT No. PCT/FR2020/052398
§ 371(c)(1), (2) Date Jun. 13, 2022,
PCT Pub. No. WO2021/116627, PCT Pub. Date Jun. 17, 2021.
Claims priority of application No. 1914346 (FR), filed on Dec. 13, 2019.
Prior Publication US 2023/0009385 A1, Jan. 12, 2023
Int. Cl. G06Q 20/40 (2012.01); G06Q 20/38 (2012.01); G06Q 40/02 (2023.01)
CPC G06Q 20/401 (2013.01) [G06Q 20/386 (2020.05); G06Q 40/02 (2013.01)] 16 Claims
OG exemplary drawing
 
1. A two-factor transaction authentication method using two data communication channels for a user using a first terminal connected to at least one bank transaction server, including a processing unit, via a first communication channel and a second terminal connected to the at least one bank transaction server via a second communication channel that is at least logically distinct from the first communication channel, the method comprising:
a first step during which the first terminal sends transaction information for a transaction to the at least one bank transaction server comprising at least a transaction amount (TA), and an identification (ID) of a bank account and/or of a bank card to be debited,
a second step during which the bank transaction server, via instructions executing on the processing unit, calculates a length (L) for a verification code (AC) depending on the transaction amount (TA), generates the verification code (AC) having a number of digits corresponding to the length (L) calculated by the bank transaction server, determines the second terminal according to the identification (ID) of the bank account and/or of the bank card to be debited, then sends, firstly, a confirmation request requesting the verification code to the first terminal via the first communication channel and, secondly, the verification code to the second terminal via the second communication channel,
a third step during which the user copies the verification code (AC) received on the second terminal in the confirmation request received by the first terminal and returns said request thus filled in with the copied code (AC′) to the bank transaction server using the first terminal via the first communication channel, and
a fourth step during which the bank transaction server, via instructions executing on the processing unit, receives the copied code (AC′) from the first terminal via the first communication channel and compares the verification code (AC) with the copied code (AC′) and sends to the first terminal a transaction validation message, indicative of the transaction being executed, if the codes are identical or a transaction invalidation message, indicative of the transaction being cancelled, if the codes are different.