US 12,282,902 B2
Computer transaction security with delegated decisions
Ritesh Gadewar, San Ramon, CA (US); Hariharan Venkatachalam, Dublin, CA (US); Radha Krishna Thakkalapally, Pleasanton, CA (US); and Tory Hebert, New Iberia, LA (US)
Assigned to Marqeta, Inc., Oakland, CA (US)
Filed by Marqeta, Inc., Oakland, CA (US)
Filed on May 30, 2023, as Appl. No. 18/325,854.
Application 18/325,854 is a continuation of application No. 17/125,033, filed on Dec. 17, 2020, granted, now 11,704,632.
Prior Publication US 2023/0306385 A1, Sep. 28, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. G06Q 20/02 (2012.01); G06F 9/54 (2006.01); G06Q 20/12 (2012.01); G06Q 20/34 (2012.01); G06Q 20/38 (2012.01); G06Q 20/40 (2012.01); H04L 9/40 (2022.01)
CPC G06Q 20/02 (2013.01) [G06F 9/54 (2013.01); G06Q 20/12 (2013.01); G06Q 20/351 (2013.01); G06Q 20/354 (2013.01); G06Q 20/385 (2013.01); G06Q 20/388 (2013.01); G06Q 20/40145 (2013.01); G06Q 20/405 (2013.01); H04L 63/0838 (2013.01); H04L 63/0861 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A computer-implemented method, comprising:
receiving, at an access control server and from a payment computing network, a first authentication request message to authenticate a transaction associated with a digital electronic payment account, wherein the first authentication request message is from a plurality of authentication request messages that are concurrently processed in real-time;
determining, by the access control server, which is a three-domain secure (3DS) certified service provider using a 3DS authorization protocol, to delegate a 3DS challenge decision of the transaction to a card program computing device within an issuer domain, wherein the card program computing device is a non-3DS certified service provider, and wherein the access control server provides the card program computing device with a limited period of time to determine the 3DS challenge decision and respond with a determination;
based on determining to delegate the 3DS challenge decision to the card program computing device as a non-3DS certified service provider, transmitting transaction information to the card program computing device along with a decision request message to authenticate the transaction by determining whether to challenge the transaction with additional authentication measures;
receiving, at the access control server, an indication to challenge the transaction in response to the decision request message;
providing, by the access control server, a challenge request that includes an additional authentication measure to a computing device associated with the digital electronic payment account; and
in response to receiving authentication of the additional authentication measure, transmitting an authentication response message to the payment computing network in real-time specifying that the transaction is authenticated.