| CPC G06Q 20/3821 (2013.01) [G06Q 20/38215 (2013.01); G06Q 20/3829 (2013.01); G06Q 20/389 (2013.01); G06Q 20/40 (2013.01); G06Q 20/4018 (2013.01); G06Q 20/409 (2013.01)] | 19 Claims |
|
1. A method of transaction authentication, the method comprising:
receiving, from a merchant in a first transaction, first data comprising authentication data and second data identifying the first transaction and including a characteristic of the first transaction, the characteristic of the first transaction comprising a transaction identifier or a time and date of the first transaction, and data identifying a specific authentication process in which the merchant authenticates a card holder, wherein the first transaction is between the merchant and the card holder, wherein the merchant is unauthorized to store the first data;
responsive to receiving the first data and the second data, generating a cryptographically signed token corresponding to the first transaction by cryptographically signing the second data such that the cryptographically signed token comprises cryptographically signed (1) the characteristic of the first transaction comprising the transaction identifier or the time and date of the first transaction, and (2) data identifying the specific authentication process;
transmitting the cryptographically signed token to the merchant, the merchant thereafter storing the cryptographically signed token;
receiving, from the merchant, data corresponding to a second transaction and the cryptographically signed token, wherein the data corresponding to the second transaction is devoid of the first data and any additional authentication data;
authenticating the cryptographically signed token by cryptographically validating the cryptographically signed token using a public key of a public key certificate, wherein a successful authentication of the cryptographically signed token confers confidence that the first transaction has genuinely occurred and was successfully authenticated since the cryptographically signed token was generated using data identifying the specific authentication process associated with the first transaction, thereby
determining that an authenticated association exists between the second transaction and the first transaction based on the successful authentication of the cryptographically signed token using the public key; and
authorizing the second transaction when the authenticated association exists between the second transaction and the first transaction.
|