| CPC G06Q 20/3829 (2013.01) [G06Q 20/023 (2013.01); G06Q 20/10 (2013.01); G06Q 20/40 (2013.01)] | 15 Claims |
|
1. A method for processing payment transactions via a network comprising:
receiving an authentication request associated with a user account from a transaction origination point system, wherein the transaction origination point system comprises one or more of a mobile wallet, a bill payment website, a mobile bill payment application, a teller station, a kiosk, an in-branch access terminal, or a funds transfer website, wherein the authentication request comprises a data element populated with snips wherein each snip is labeled with a tag wherein each of the tags indicates a length of the data element, wherein a plurality of the snips are obfuscated;
sending an account identification request comprising the snips to a financial institution system based on the authentication request;
validating the snips in the account identification request, wherein validating the snips comprises gathering corresponding data to the snips from a financial account of the financial institution system, obfuscating the gathered corresponding data in the same way that the plurality of the snips are obfuscated, comparing the gathered corresponding data with the snips to determine if they match, and validating the snips if there is a match;
receiving an account validation response from the financial institution system reflecting the match between the snips and data associated with the financial account, wherein the account validation response comprises a bit map that indicates which snips match data associated with the financial account;
determining that the user account is associated with the financial account if the bit map reflects that a majority number of snips match data associated with the financial account;
associating the financial account and the user account based on the validation response;
generating a participant authentication key based on the association between the financial account and the user account, wherein the participant authentication key comprises financial institution information;
generating a payment instruction key based on the financial account, using the participant authentication key as a key of the payment instruction key;
encrypting the payment instruction key using a key exchange key; and
sending the encrypted payment instruction key to the transaction origination point system;
generating an application request cryptogram;
receiving a transaction request, comprising the application request cryptogram, from the transaction origination point;
deriving the participant authentication key and the payment instruction key based on the application request cryptogram;
validating the application request cryptogram using the payment instruction key;
sending the transaction request to the financial institution;
receiving a transaction request response from the financial institution, the response approving or denying the transaction request; and
forwarding the transaction request response to the transaction origination point.
|