US 12,481,993 B2
Systems and methods for performing financial transactions using active authentication
Rudolph Christian Wolfs, Fort Myers Beach, FL (US); and David A. Pinski, Merion Station, PA (US)
Assigned to CAPITAL ONE SERVICES, LLC, McLean, VA (US)
Filed by Capital One Services, LLC, McLean, VA (US)
Filed on Nov. 3, 2022, as Appl. No. 17/980,106.
Application 17/980,106 is a continuation of application No. 13/085,754, filed on Apr. 13, 2011, granted, now 11,514,451.
Claims priority of provisional application 61/452,880, filed on Mar. 15, 2011.
Prior Publication US 2023/0059316 A1, Feb. 23, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. G06Q 20/40 (2012.01); G06Q 20/10 (2012.01); G06Q 20/20 (2012.01); G06Q 20/32 (2012.01); G06Q 20/38 (2012.01); G06Q 20/42 (2012.01)
CPC G06Q 20/4012 (2013.01) [G06Q 20/1085 (2013.01); G06Q 20/20 (2013.01); G06Q 20/3278 (2013.01); G06Q 20/3829 (2013.01); G06Q 20/385 (2013.01); G06Q 20/401 (2013.01); G06Q 20/425 (2013.01)] 14 Claims
OG exemplary drawing
 
1. A system comprising:
an automated teller machine (ATM);
one or more processors; and
memory in communication with the one or more processors, wherein the one or more processors are configured to:
receive a first request from a user device of a user, the first request associated with a first transaction;
generate a first personal identification number (PIN) and a single-use transaction key, the single-use transaction key comprising a random alpha-numeric string that is valid for a limited period of time and is unique to the first transaction, wherein the first PIN and the single-use transaction key are different;
store at least a first portion of the single-use transaction key;
transmit the first PIN to the user device;
receive a first PIN attempt from the user device;
determine whether the first PIN attempt matches the first PIN;
responsive to determining the first PIN attempt matches the first PIN, transmit the single-use transaction key to the user device;
receive a second request associated with a withdrawal from the ATM, the second request comprising at least a second portion of the single-use transaction key;
determine whether the received second portion of the single-use transaction key matches the stored first portion of the single-use transaction key and the received second portion is received before the limited period of time has expired;
responsive to determining the stored first and received second portions of the single-use transaction key do not match, or that the received second portion was not received before the limited period of time has expired, decline the second request; and
responsive to determining the stored first and received second portions of the single-use transaction key match, and that the received second portion was received before the limited period of time has expired, authorize the second request by transmitting an authorization message to the ATM.