| CPC G06Q 20/401 (2013.01) [G06Q 20/027 (2013.01); G06Q 20/3674 (2013.01); G06Q 20/3821 (2013.01); G06Q 20/4016 (2013.01)] | 20 Claims |
|
1. A method comprising:
before a user enters a restricted physical area, receiving, by a payment processing computer, from a gate access device or an access host computer coupled to the gate access device, a first authorization request message for an access transaction, the first authorization request message comprising an account identifier from a portable consumer device associated with the user, a cryptogram from the portable consumer device, and a first transaction amount data field, the first transaction amount data field indicating that the first authorization request message is for authentication by virtue of being empty or including a value of zero;
before the user enters the restricted physical area, determining, by the payment processing computer, to not transmit the first authorization request message to an issuer computer based on the first authorization request message not being a standard authorization request message as indicated by the first transaction amount data field being empty or including the value of zero;
before the user enters the restricted physical area, determining, by the payment processing computer, an authentication result based on the account identifier and the cryptogram, wherein determining the authentication result comprises:
performing, by the payment processing computer, a fraud analysis on the first authorization request message to generate a fraud score, wherein the authentication result includes the fraud score;
before the user enters the restricted physical area, generating, by the payment processing computer, a first authorization response message comprising the authentication result;
before the user enters the restricted physical area, transmitting, by the payment processing computer, to the gate access device or the access host computer, the first authorization response message comprising the authentication result, thereby causing actuation of a gate device when the authentication result is positive such that the user can physically enter the restricted physical area;
after the user enters the restricted physical area, receiving, by the payment processing computer, from the gate access device or the access host computer coupled to the gate access device after causing the actuation of the gate device, a second authorization request message for the access transaction, the second authorization request message comprising the account identifier and a second transaction amount data field, the second transaction amount data field including an amount for the access transaction;
after the user enters the restricted physical area, transmitting, by the payment processing computer, to the issuer computer, the second authorization request message;
after the user enters the restricted physical area, receiving, by the payment processing computer, from the issuer computer, a second authorization response message for the access transaction indicating that the access transaction is authorized; and
after the user enters the restricted physical area, transmitting, by the payment processing computer, to the gate access device or the access host computer, the second authorization response message.
|