Title of Invention	A PORTABLE PROXIMITY CONSUMER DEVICE FOR PERFORMING A CONTACTLESS COMMUNICATION OF SENSITIVE DATA
Abstract	A method and system for using a secured account number for processing proximity types of wireless financial transactions associated with portable consumer proximity devices is disclosed. In one embodiment, the method includes receiving a proximity type of wireless financial transaction request along with a secured account number from a portable proximity consumer device such as a contactless smart card, converting the secured account number to the user's real account number, and transmitting the financial transaction request along with the user's real account number to the issuer of the user's real account number for authorization and processing.

Title of Invention

A PORTABLE PROXIMITY CONSUMER DEVICE FOR PERFORMING A CONTACTLESS COMMUNICATION OF SENSITIVE DATA

Abstract

A method and system for using a secured account number for processing proximity types of wireless financial transactions associated with portable consumer proximity devices is disclosed. In one embodiment, the method includes receiving a proximity type of wireless financial transaction request along with a secured account number from a portable proximity consumer device such as a contactless smart card, converting the secured account number to the user's real account number, and transmitting the financial transaction request along with the user's real account number to the issuer of the user's real account number for authorization and processing.

Full Text	(e.g., pocket-sized). For example, \ht portable proximity consumer device 102 may include smart cards, ordinary credit or debit cards (with a magnetic stripe and without a microprocessor), a key chain device, key Fob, etc. Other examples of contactless portable proximity consumer devices 102 include cellular phones, personal digital assistants (PDAs), pagers, payment cards, security cards, access cards, smart media, transponders, and the like. Such portable proximity consumer devices 102 can have one or more antennas 106 coupled to wireless transmission devices that can transmit and/or receive signals and data through a wireless communication medium. {0035) The payment processing system 120 may include data processing subsystems, networks, and operations used to support and deliver authorization services, exception file services, and clearing and settlement services. An exemplary patent processing system 120 may include Visage Payment processing systems such as are able to process credit card transactions, debit card transactions, and other types of commercial transactions. Tisanes in particular, includes a single message system (SMS) that automatically authorizes and provides enough information to automatically clear and settle a financial transaction, and/or a VIP system (Visa Integrated Payments system) which processes authorization requests and a Base II system, which performs clearing and settlement services. [00361 The payment processing system 120 may include a computer. A server computer is typically a powerful computer or cluster of computers. For example, the shiver computer can be a large mainframe, a mirucomputer cluster, or a group of servers functioning as a unit. In one example, the server computer may be a database coupled to a web server. The payment processing system 120 may use any suitable wired or wireless network, including the Internet, (0037} In one embodiment, the proximity reader device 110 is capable of wirelessly receiving a secured account number from a portable proximity consumer device 102. For example, as illustrated in FIG. 1, the secured account number "2468 0246 8024 1214" may be wirelessly transmitted from an aftermath 106 of the portable proximity consumer device 102 to an antenna 109 coupled to a wireless transceiver of the proximity reader device 110 during a financial transaction by a consumer (e.g. user of a portable proximity consumer device). As described above, the contact reader 114 is capable of receiving a user's real account number from the portable proximity consumer device 102. For example, for a credit/debit smart card, the contact reader 114 is capable of retrieving information from a magnetic stripe, or by hand (e,g., by an operator of the contact reader 114). Illustratively, the contact reader 114 is capable of reading the user's real account number '1234 5678 9012 1214" from the magnetic stripe 108, and/or an operator may enter the user's real account number "1234 5678 9012 1214" into the contact reader 114 by hand. [0038] The secured account number may be derived from the user's real account number using any suitable algorithm. For example, one exemplary algorithm multiplies the first twelve numbers of the user's real card number by two and then takes the last digit of the new number, e.g., 1234 5678 9012 1214, to convert the user's real account number to a secured account number, e.g. 2468 0246 8024 1214. hi this example, the algorithm may leave a single digit in each digit location. As illustrated above, when the number five is multiplied by two, the algorithm drops the resultant one of the "10" to leave the zero. Of course, other algorithms may be used. Any such algorithms preferably leave the last four digits of the real account number unaltered. Typical credit card receipts mask the first series of numbers of a user's account number, but exposes the last four digits. By not altering the last four digits, the consumer does not know whether a secured account number or the real account number is used in a particular transaction. This is advantageous, as it avoids confusion on the part of the consumer and may deter fraudulent activities related to the retrieval of receipts. [00391 The resultant secured account number may be stored in a database along with the real account number in a lookup table Avid other corresponding secured and real account numbers. The database may be accessible to the acquirer 116, bayonet processing system 120, and/or the issuer 130. The database is preferably accessible to at least one of the payment processing system 120 and/or the issuer 130, since the issuer 130 authorizes or does not authorize the user's transaction. (0040] The secured account numbers may be preloaded into the user's portable proximity consumer device 102. The one or more algorithms may be used at any time, e.g., prior to manufacturing, during the manufacturing’s or during processing of the consumer portable proximity device 102, to generate the secured account numbers. For example, the algorithm may be used when generating real account numbers, during production of the portable proximity consumer device 102, during account number activation, or when preparing to preload the secured account numbers into the portable proximity consumer devices 102, etc- [0041] It is desirable to "preload" the secured account number into a memory in the portable proximity consumer device 102. As noted above, encryption techniques are known. However, such encryption techniques require the use of lengthy computer programs that need to be stored on the portable proximity consumer device. Such lengthy computer programs occupy valuable space in the memory of the portable proximity consumer device 102. By using a preloaded secured account number that resembles a real account number, a relatively small amount of space is used in the memory)' of the portable proximity consumer device 102. Additionally, the software and the hardware associated with the proximity reader device 110 and/or the contact card reader 114 need not be altered since the secured account number has the same form as the real account number. [0042] In one operational embodiment, during a consumer purchase transaction, an authorization request message including a secured account number is wirelessly transmitted from the portable proximity consumer device 102 to the proximity reader device 110. For example, a consumer can purchase an article of clothing with a contactless smart card. The authorization request message including the secured account number and a POS transaction type identifier (indicative that the transaction was a wireless type of proximity transaction,) is received by the merchant 112 and is transmitted to the acquirer 116. The acquirer 116 then transmits, among other information; the authorization request message including the secured account number, POS transaction type identifier to the payment processing system 120 for processing thereof. \|0043] In one embodiment, the POS transaction type identifier may be an alphanumeric indicator, symbol, and the h'ke. It may indicate that transaction that was conducted was a proximity financial transaction, and was not a contact-type transaction. For example, the POS transaction t)^e identifier may be a conventional number used in the credit card industry such as "POS entry code 9V\ or could be a modified version of a standard indicator such as a modified international standards organization (ISO) indicator. After a server computer at processing system 120 receives the authorization request message, the payment processing system 120 identifies the transmitted account number as a secured account number and uses the POS transaction type identifier to identify the transaction as a wireless transaction. If the secured account number is baud and if the transaction is identified as a wireless transaction, then the payment processing system 120 converts the secured account number to the user's real account number. The real account number is then transmitted to the issuer 130 for payment authorization, [0044] The real account number includes the real account number's BIN (bank identification number) so the transaction processing system 120 knows which particular issuer is supposed to receive the authorization request message. Generally, a BIN corresponds to the first six digits of the user's real account number (e.g., a credit or debit account number). These first six digits identify which network the portable proximity consumer device 102 is associated with as well as which issuer 130 issued the portable proximity consumer device 102. If the transaction is authorized by the issuer 130, the payment processing system 120 transmits an authorization response message along with the secured account number (or real account number) back to the acquirer 116. The acquirer 116 sends the authorization response message to the merchant 112. A printer (not shown) at the merchant 112 may then print a receipt showing only the last four digits of the secured account number, e.g.> i214. As noted above, since the last four digits are the same for both the secured account number and the user's real account number, the user is unaware of any account number differences between the secured account number and the user's real account number. While four digits are illustrated, one skilled in the art will recognize that any alphanumeric indicator, symbol^ or indicia, common to both the secured account number and the user's real account number may be used within the scope of the present invention. For example, in some embodiments, the secured account number and the real account number may have two or more common numbers. [0045] Two software engines are illustrated in FIG. T They include a secured account engine 122 and an optional fraud detection engine 124. Various other software engines may also be included in the system to perform the methods according to embodiments of the invention. Although the two software engines 122, 124 are shown as being directly accessible to the payment processing system 120, they may also or alternatively be directly accessible to the proximity reader device J10, the merchant 112, the acquirer 116, and the issuer 130. The secured account engine 122 is preferably directly accessible or within the payment processing system 120. If the secured account number is converted at the payment processing system 120, the payment processing system 120 will be able to route the authorization request message to the appropriate issuer 130. In addition, if the software for converting the secured account niimber into the real account number is at the payment processing system 120, expensive equipment upgrades need not occur at the acquirer 116 or merchant 112. (0046) When a secured account number is received by the secured account engine 122, the secured account engine 122 converts the secured account number to the user's real account number. In one embodiment, the secured account engine 122 compares the secured account number to a purity of secured account numbers to fad the user's real account number (e.g., in a lookup table). Alternatively, one or more algorithms may be operated to convert the secured account number to the user's real account number. A suitable algorithm may be the reverse program of the algorithm used to convert the real account number to the secured account number (as described above). [0047] If the payment processing system 120 receives an authorization request message including a secured account number that does not have the transaction type identifier (e.g., POS 91), or other indicator, indicating a proximity transaction, then the optional fraud detection engine 124 may be capable of one or more proactive and non-proactive responses. For example, one non-proactive response is simply to deny the transaction. An authorization response message may be sent from the issuer 130 to the merchant 112 that indicates that the transaction is not authorized. One example of a proactive response is to alert legal authorities that a fraudulent activity is taking place, hi one embodiment, when the secured account number is received by the payment processing system 120 without the POS proximity transaction indicator, then the issuer 130 is notified. The issuer 130 checks the user's real account for unusual activity (e.g., large purchases when a consumer usually does not make large purchases). If unusual activity is detected, then the payment processing system 120 and/or the issuer 130 may suspend the secured account number until verification is made that the secured account number was not stolen. In this case, the use of the secured account number and/or the real account number can be temporarily suspended pending an investigation. If it is determined that the user's secured account number was obtained and used by an unauthorized person, then the payment processing system 120 may reissue a new portable proximity consumer device to the real user. For example, similar to conventional procedures for lost or stolen account numbers, part of the verification process may be for the payment processing system 120 to issue an alert to the merchant 112 to keep the portable proximity consumer device 102, or to have the user contact the isstier 130 to verify the unauthorized transaction. [0048] FIG. 2 is a high-level block diagram illustrating one embodiment of a data processing circuit 104 for use with a portable proximity consumer device 102. The data processing circuit 104 may be virtually any type of integrated circuit and/or data processing system such as a microprocessor, field programmable gate array (FPGA), application specific integrated circuit (ASIC),"and the like, that may be configured to perform embodiments of the present invention to advantage. In one embodiment, data processing circuit 104 includes a Central Processing Unit (CPU) 202, a wireless communication module or transceiver circuit 206, and a first memory 210, and ail optional second memory 220 in communication therewith via a bus 208. CPU 202 may be under the control of an operating system that may be disposed in first memory 210, Virtually any operating system or portion thereof supporting the configuration functions disclosed herein may be used. h\ one embodiment, CPU 202 may be hardwired logic circuitry, and the like, adapted to operate data processing circuit 104. [0049] The wireless communication module 206 may be designed to receive wireless interrogation signals and transmit communication signals to the proximity reader device 110 via the wireless transmission module 106. Any number of wireless communication devices well known in the art may be used to accomphsh the reception and transmission of data between the proximity reader device 110 and the portable proximity consumer device 102, For example, the wireless communication module 206 may be funned from a wireless receiver in combination with a wireless transmitter. The wireless communication module 206 may use any viable communication link such as ISO 14443, Bluetooth, 802.1 Ix, cellular network, RF, and the like. In other words, virtually any wireless transceiver system that is sized accordingly and capable of coimnunicating with contactless reader 110 may be used. [0050] The first memory 210 can be a non-volatile or volatile memory such as a random access memory that has sufficient space to hold the necessary programming and data structures of the mention. While first memory 210 is shown as a single entity, it should be understood that first memory 210 may in fact comprise a plurality of modules, and that first memory' 210 may exist at multiple levels, from high speed registers and caches to lower speed but larger direct random access memory (DRAM) chips. In one embodiment, first memory 210 may include a secured account program 212 and secured account number storage 214. The secured account program 212 may use any one of a number of different programming languages. For example, the program code can be written in PLC code (e.g.. ladder logic), a higher-level language such as C, C++, Java, or a number of other languages. While secured account program 212 may be a standalone program, it is contemplated that secured account program’s 212 may be combined with other programs. [0051] The secured account program 212 when executed on CPU 202, provides a secured account number to the proximity reader device 110 from the secured account number storage 214. In one embodiment, the secured account program 212 is configured to retrieve a secured account number from the secured account storage 214. The secured account program 212 instructs the CPU 202 to wirelessly transmit the secured account number, among other data such as available credit, user data, and the like, to the proximity reader device 110 via the wireless communication module 206, [0052] In one embodiment, data processing circuit 104 may optionally include a second memory 220. The second memory 220 is capable of storing the user's real account number in a real account number storage 222, Preferably, in the case were data processing circuit 104 stores both the secured account number and the user's real account number, the user's real account number is accessible only via a physical contact connection. For example, the user’s real account number may be accessed via an electrical connection with data processing circuit 104. In an alternate embodiment, similar to conventional credit/debit cards the user's real account number may be encoded onto the magnetic stripe 108. In this configuration, the user's real account number is accessible using conventional contact readers 114 capable of reading magnetic stripes. [0053] In preferred embodiments, the first and second memories use different data storage technologies. For example, the first and second memories may be selected from optical, magnetic, or electronic storage media, and may be different. For example, the first memory may be use an electronic storage medium (e.g., a memory chip), while the second memory may use a magnetic storage medium (e.g., a magnetic stripe 108). [0054] FIG. 3 is a highly-level flow diagram illustrating one embodiment of a method 300 of performing a secured account number transaction process. The method 300 may be entered into at step 301 when, for example, a proximity reader device 110 wirelessly interrogates a portable proximity consumer device 102. At step 302, a user initiates the creation of an authorization request message to, for example, purchase goods or services from a merchant 112 (e.g., the user is attempting to purchase a piece of clothing using the portable proximity consumer device 102), bypassing the portable proximity consumer device 102 close to the proximity reader device 110. The proximity reader device 110 wirelessly interrogates the portable proximity consumer device 102. At step 304, the portable proximity consumer device 102 responds to valid interrogation protocols (e.g., fetch account number instructions, fetch user DD instructions, etc.) by wirelessly transmitting information to the proximity reader device 110. The information may include a secured account number along with other data, such as an expiration date of the user's account. The proximity reader device 110 then creates an authorization request message including the secured account number, merchant ID, POS transaction type identifier, and the purchase amount, and it is transmitted from the merchant 112 to the acquirer 116 at step 304. For example, the merchant 112 may transmit the secured account number, the merchant ED, the POS transaction type, the user's identification, the expiration date, and the like to the acquirer 116. At step 306, the acquirer 116 transmits the information received from the acquirer 116 to the payment processing system 120. [0055] At step 308, the secured account number is converted to the user's real account number. For example, as described above, when a secured account number is received by the payment processing system 120, a secured account engine 122 converts the secured account number to the user's real account number, hi one embodiment, the secured account engine 122 may search a database of secured account numbers to find the user's real account number. Alternatively, a conversion algorithm may be used to convert the secured account number to the user's real account number. [0056] If the real account number is not found, at step 309, the method 300 proceeds to step 316 and, for example, issues a transaction invalid protocol to the payment processing system 120. For example, if the real account number is not found, the payment processing system 120 may alert the issuer 130, the acquirer 116, and/or the merchant 112 that the transaction is not authorized. Conceivably, after attempting to use the contactless authorization, the user, being unaware of the secured account number, may reattempt the transaction using the user's real account number via entry by an operator or by using a contact reader 114. [0057] At step 310, if the secured account number is vend, the authorization request message including the user's real account number, the merchant ID, the POS transaction t)T3e, and the purchase amount along with other transaction data to the issuer 130. For example, the payment processing system 120 may transmit the user's real account number, the secured account number, and the POS transaction type, along with other transaction data to the issuer 130. At step 312 if the transaction is not authorized, e.g. the user does not have sufficient credit for the purchase, the method 300 proceeds to step 316. However, if the transaction is authorized, e.g., the issuer 130 has authorized the transaction, the method 300 proceeds to step 313. Then at step 313, an authorization response message is sent to the merchant 112 informing the merchant 112 and the user whether or not the transaction is authorized. At step 314, the transaction is cleared and settled using conventional procedures. For example, at the end of the day, a nominal clearing and settlement process can take place at step 314. At step 318 the method 300 ends. [0058] FIG. 4 is a high-level flow diagram illustrating one embodiment of a method 400 of performing a financial transaction involving a secured account number. The method 400 may be entered into at step 401 when, for example, when a merchant 112 transmits a purchase authorization request to a payment processing system 120. At step 402, a secured account number is received. For example, a payment processing system 120 receives a secured account number and POS transaction type from an acquirer 116. At step 404, the method 400 determines if the secured account number was received from a portable proximity consumer device 102 wirelessly communicating with a proximity reader device 110. In one embodiment, the method 400 uses a POS transaction type identifier to determine if the secured account number was received either using a proximity transaction, or was received via another means, such as an Internet merchant portal, or by hand entry into terminal of a proximity reader device 110 or a contact reader 114, and the like. If the secured account number was not received via a proxhnity reader device 110, then the method 400 proceeds to step 406 and initiates a fraud protocol. For example, the fraud protocol may be used for tracking the transaction by authorities, instructing the payment processing system 120 to deny the transaction, and/or sending a status report to the issuer indicative of the fact that the secured account number has been acquired by unauthorized users. If at step 404 the method 400 determines that the secured account number and the POS transaction t)^e are correct, the method 400 proceeds to step 408. The method 400 converts the secured account number to the user's real account number at step 408. For example, the patent processing system 120 may perform algorithms to convert the secured account number to the user's real account number some of which are described herein. At step 410 the user's real account number and other verification data such as expiration date and customer identification are transmitted to an issuer 130 for authorization- Optionally, at step 410 the secured account number is also transmitted to the issuer 130. The method 400 ends at step 414. {0059J The method shown in FIG, 4 may be combined with any of the steps in the method shown in FIG. 3. The method may also be conducted by the secured account engine 122, the payment processing system 120, or any other suitable entity. [0060] Any of the above described steps may be embodied as computer code on a computer readable medium. The computer readable medium may reside on one or more computational apparatuses and may use any suitable data storage technology. [0061] The present invention can be implemented in the form of control logic in software or hardware or a combination of both. The control logic may be stored in an information storage medium as a plurality of instructions adapted to direct an information processing device to person a set of steps disclosed in embodiment of the present invention. Based on the disclosure and teachings provided herein, a person of ordinary skill in the art will appreciate other ways and/or methods to implement the present invention. (0062] The above description is illustrative but not restrictive. Many variations of the invention will become apparent to those skilled in the art upon review of the disclosure. The scope of the invention should, therefore, be determined not with reference to the above description, but instead should be determined with reference to the pending claims along with their full scope or equivalents. [0063] A recitation of *'a", 'an" or "the" is intended to mean "one or more' unless specifically indicated to the contrary. [0064] All patents, patent applications, publications, and descriptions mentioned above are herein incorporated by reference in their entirety for all purposes. None is admitted to be prior art. I WHAT IS CLAIMED IS: 1. A method comprising: receiving an authorization request message, wherein the authorization request message includes a secured account number, wherein the authorization request message originated I’m a wireless interaction between a portable proximity consumer device including a real account number, a wireless transmission module, and a memory pre-loaded with the secured account number, and a proximity reader device comprising a second wireless transmission module^ wherein the secured account number is associated with the real account number, and wherein the secured account number was wirelessly transmitted from the first wireless transmission module in the portable proximity consumer device to the second wireless transmission module in the proximity reader device; and detonating the real account number using the secured account number after receiving the authorization request message including the secured account number. 2. The method of claim 1 wherein the secured account number is only wirelessly transmitted to the proximity reader device when there is a wireless financial transaction and wherein the real account number is used for non-wireless financial transactions. 3. The method of claim ). further comprising sending an authorization response message after the real account number is determined using the secured account number. 4. The method of claim L wherein the real account number is a user's credit card account number, bank account number, or debit card account number. 5. The method of claim 1, wherein the authorization request message comprises a wireless transaction type identifier. 6. The method of claim 1, further wherein the authorization request message was previously encrypted. 7. The method of claim 1, wherein the portable proximity consumer device is in the form of a card, and wherein the card has a magnetic stripe comprising the real account number. 8. A computer readable medium comprising code for performing the method of claim 1. 9. A sender computer adapted to perform the method of claim 1. 10. The method of claim I, further comprising pre-loading the secured account number into the memory' and pre-loading the real account number into a magnetic storage medium in the portable proximity consumer device. 11. A portable proximity consumer device for performing contact less transactions, the portable proximity consumer device comprising: a wireless transmission module; a first memory comprising a secured account number coupled to the first wireless transmission module; and a second memory wherein the second memory comprising a real account number, wherein the real account number is associated with the secured account number. 12. The portable proximity consumer device of claim 11, wherein the first and second memories use different data storage tedmologies. 13. The portable proximity consumer device of claim 11, wherein the first memory comprises a memory chip and wherein the second memory comprises a magnetic stripe, and wherein the spoilable proximity consumer device is in the form of a card. 14. The portable proximity consumer device of claim 11, wherein the portable proximity consumer device is a financial transaction card. 15. The portable proximity consumer device of claim 11, wherein the contactless transaction comprises a contactless financial transaction. 16. A system for performing payment transactions, the system comprising: a payment processing system capable of converting a secured account number to a user's real account number, wherein in response to the payment processing system receiving a transaction authorization request comprising the secured account number, the payment processing system determines the user's real account number associated with the secured account number, and verifies that the transaction authorization request was associated with a proximity type of wireless transaction, 17. The system of claim 16, wherein the wireless transaction comprises a proximity type of financial transaction. 18. The system of claim 16, wherein the wireless transaction is wirelessly received from a portable proximity consumer device comprising the secured account number and the user's real account number. 19. The system of claim 16, wherein the payment processing system comprises code to convert the secured account number to the user's real account number, 20. The system of claim 16, wherein the transaction authorization request comprises a transaction indicator indicative of whether the transaction authorization request was received via the proximity type of wireless transaction. 21. The system, of claim 16, wherein the payment processing system comprises code to issue an alert if the secured account number was not received through a proximity type of wireless transaction with a portable proximity consumer device comprising the secured account number. 22. A method of conducting wireless financial transactions, the method comprising; receiving an authorization request message that includes a secured account number and a transaction identifier, wherein the authorization request message originated from a portable consumer device comprising the secured account number and a real account number; and determining the real account number using the secured account number when the transaction identifier is indicative that the secured account number originated from a wireless transaction with the portable consumer device, 23. The method of claim 22, wherein the real account number is usable for non-wireless financial transactions. 24. The method of claim 22, further comprising generating an alert when the transaction identifier is indicative that the secured account number originated from a non-wireless transaction. 25. The method of claim 22, further comprising: generating an alphanumeric output that includes a predetermined sequence of alphanumeric characters designated to be common to both the secured account number and the real account number; and masking or eliminating other alphanumeric characters of the alphanumeric output not designated the predetermined sequence. 26. The method of claim 22, wherein receiving an authorization request message comprises; transmitting the authorization request message to an acquirer; transmitting the authorization request message from the acquirer to a payment processing system; with the payment processing system that the secured account number is associated with a wireless transaction; when verified that the secured account number is associated with the wireless transaction, sending the authorization request message along with the real account number to an issuer for authorization; and when the financial transaction is authorized, transmitting an authorization message from the issuer to the payment processing system, acquirer, and merchant. 27. The method of claim 22, wherein detonating the real account number comprises querying a database of secured account numbers, wherein each of the secured account numbers is associated with a respective real account number. 28. The method of claim 22, wherein determining the real account number comprises processing the secured account number with an algorithm configured to convert the secured account number to the real account number.

Full Text

(e.g., pocket-sized). For example, \ht portable proximity consumer device 102 may include smart cards, ordinary credit or debit cards (with a magnetic stripe and without a microprocessor), a key chain device, key Fob, etc. Other examples of contactless portable proximity consumer devices 102 include cellular phones, personal digital assistants (PDAs), pagers, payment cards, security cards, access cards, smart media, transponders, and the like. Such portable proximity consumer devices 102 can have one or more antennas 106 coupled to wireless transmission devices that can transmit and/or receive signals and data through a wireless communication medium.
{0035) The payment processing system 120 may include data processing subsystems, networks, and operations used to support and deliver authorization services, exception file services, and clearing and settlement services. An exemplary patent processing system 120 may include Visage Payment processing systems such as are able to process credit card transactions, debit card transactions, and other types of commercial transactions. Tisanes in particular, includes a single message system (SMS) that automatically authorizes and provides enough information to automatically clear and settle a financial transaction, and/or a VIP system (Visa Integrated Payments system) which processes authorization requests and a Base II system, which performs clearing and settlement services.
[00361 The payment processing system 120 may include a computer. A server computer is typically a powerful computer or cluster of computers. For example, the shiver computer can be a large mainframe, a mirucomputer cluster, or a group of servers functioning as a unit. In one example, the server computer may be a database coupled to a web server. The payment processing system 120 may use any suitable wired or wireless network, including the Internet,
(0037} In one embodiment, the proximity reader device 110 is capable of wirelessly receiving a secured account number from a portable proximity consumer device 102. For example, as illustrated in FIG. 1, the secured account number "2468 0246 8024 1214" may be wirelessly transmitted from an aftermath 106 of the portable proximity consumer device 102 to an antenna 109 coupled to a wireless transceiver of the proximity reader device 110 during a financial transaction by a consumer (e.g. user of a portable proximity consumer device). As described above, the contact reader 114 is capable of receiving a user's real account number from the portable proximity consumer device 102. For example, for a credit/debit smart card, the contact reader 114 is capable of retrieving information from a magnetic stripe, or by hand

(e,g., by an operator of the contact reader 114). Illustratively, the contact reader 114 is capable of reading the user's real account number '1234 5678 9012 1214" from the magnetic stripe 108, and/or an operator may enter the user's real account number "1234 5678 9012 1214" into the contact reader 114 by hand.
[0038] The secured account number may be derived from the user's real account number using any suitable algorithm. For example, one exemplary algorithm multiplies the first twelve numbers of the user's real card number by two and then takes the last digit of the new number, e.g., 1234 5678 9012 1214, to convert the user's real account number to a secured account number, e.g. 2468 0246 8024 1214. hi this example, the algorithm may leave a single digit in each digit location. As illustrated above, when the number five is multiplied by two, the algorithm drops the resultant one of the "10" to leave the zero. Of course, other algorithms may be used. Any such algorithms preferably leave the last four digits of the real account number unaltered. Typical credit card receipts mask the first series of numbers of a user's account number, but exposes the last four digits. By not altering the last four digits, the consumer does not know whether a secured account number or the real account number is used in a particular transaction. This is advantageous, as it avoids confusion on the part of the consumer and may deter fraudulent activities related to the retrieval of receipts.
[00391 The resultant secured account number may be stored in a database along with the real account number in a lookup table Avid other corresponding secured and real account numbers. The database may be accessible to the acquirer 116, bayonet processing system 120, and/or the issuer 130. The database is preferably accessible to at least one of the payment processing system 120 and/or the issuer 130, since the issuer 130 authorizes or does not authorize the user's transaction.
(0040] The secured account numbers may be preloaded into the user's portable proximity consumer device 102. The one or more algorithms may be used at any time, e.g., prior to manufacturing, during the manufacturing’s or during processing of the consumer portable proximity device 102, to generate the secured account numbers. For example, the algorithm may be used when generating real account numbers, during production of the portable proximity consumer device 102, during account number activation, or when preparing to preload the secured account numbers into the portable proximity consumer devices 102, etc-

[0041] It is desirable to "preload" the secured account number into a memory in the portable proximity consumer device 102. As noted above, encryption techniques are known. However, such encryption techniques require the use of lengthy computer programs that need to be stored on the portable proximity consumer device. Such lengthy computer programs occupy valuable space in the memory of the portable proximity consumer device 102. By using a preloaded secured account number that resembles a real account number, a relatively small amount of space is used in the memory)' of the portable proximity consumer device 102. Additionally, the software and the hardware associated with the proximity reader device 110 and/or the contact card reader 114 need not be altered since the secured account number has the same form as the real account number.
[0042] In one operational embodiment, during a consumer purchase transaction, an authorization request message including a secured account number is wirelessly transmitted from the portable proximity consumer device 102 to the proximity reader device 110. For example, a consumer can purchase an article of clothing with a contactless smart card. The authorization request message including the secured account number and a POS transaction type identifier (indicative that the transaction was a wireless type of proximity transaction,) is received by the merchant 112 and is transmitted to the acquirer 116. The acquirer 116 then transmits, among other information; the authorization request message including the secured account number, POS transaction type identifier to the payment processing system 120 for processing thereof.
|0043] In one embodiment, the POS transaction type identifier may be an alphanumeric indicator, symbol, and the h'ke. It may indicate that transaction that was conducted was a proximity financial transaction, and was not a contact-type transaction. For example, the POS transaction t)^e identifier may be a conventional number used in the credit card industry such as "POS entry code 9V\ or could be a modified version of a standard indicator such as a modified international standards organization (ISO) indicator. After a server computer at processing system 120 receives the authorization request message, the payment processing system 120 identifies the transmitted account number as a secured account number and uses the POS transaction type identifier to identify the transaction as a wireless transaction. If the secured account number is baud and if the transaction is identified as a wireless transaction, then the payment processing system 120 converts the secured account

number to the user's real account number. The real account number is then transmitted to the issuer 130 for payment authorization,
[0044] The real account number includes the real account number's BIN (bank identification number) so the transaction processing system 120 knows which particular issuer is supposed to receive the authorization request message. Generally, a BIN corresponds to the first six digits of the user's real account number (e.g., a credit or debit account number). These first six digits identify which network the portable proximity consumer device 102 is associated with as well as which issuer 130 issued the portable proximity consumer device 102. If the transaction is authorized by the issuer 130, the payment processing system 120 transmits an authorization response message along with the secured account number (or real account number) back to the acquirer 116. The acquirer 116 sends the authorization response message to the merchant 112. A printer (not shown) at the merchant 112 may then print a receipt showing only the last four digits of the secured account number, e.g.> i214. As noted above, since the last four digits are the same for both the secured account number and the user's real account number, the user is unaware of any account number differences between the secured account number and the user's real account number. While four digits are illustrated, one skilled in the art will recognize that any alphanumeric indicator, symbol^ or indicia, common to both the secured account number and the user's real account number may be used within the scope of the present invention. For example, in some embodiments, the secured account number and the real account number may have two or more common numbers.
[0045] Two software engines are illustrated in FIG. T They include a secured account engine 122 and an optional fraud detection engine 124. Various other software engines may also be included in the system to perform the methods according to embodiments of the invention. Although the two software engines 122, 124 are shown as being directly accessible to the payment processing system 120, they may also or alternatively be directly accessible to the proximity reader device J10, the merchant 112, the acquirer 116, and the issuer 130. The secured account engine 122 is preferably directly accessible or within the payment processing system 120. If the secured account number is converted at the payment processing system 120, the payment processing system 120 will be able to route the authorization request message to the appropriate issuer 130. In addition, if the software for converting the secured account niimber into the real account number is at the payment

processing system 120, expensive equipment upgrades need not occur at the acquirer 116 or merchant 112.
(0046) When a secured account number is received by the secured account engine 122, the secured account engine 122 converts the secured account number to the user's real account number. In one embodiment, the secured account engine 122 compares the secured account number to a purity of secured account numbers to fad the user's real account number (e.g., in a lookup table). Alternatively, one or more algorithms may be operated to convert the secured account number to the user's real account number. A suitable algorithm may be the reverse program of the algorithm used to convert the real account number to the secured account number (as described above).
[0047] If the payment processing system 120 receives an authorization request message including a secured account number that does not have the transaction type identifier (e.g., POS 91), or other indicator, indicating a proximity transaction, then the optional fraud detection engine 124 may be capable of one or more proactive and non-proactive responses. For example, one non-proactive response is simply to deny the transaction. An authorization response message may be sent from the issuer 130 to the merchant 112 that indicates that the transaction is not authorized. One example of a proactive response is to alert legal authorities that a fraudulent activity is taking place, hi one embodiment, when the secured account number is received by the payment processing system 120 without the POS proximity transaction indicator, then the issuer 130 is notified. The issuer 130 checks the user's real account for unusual activity (e.g., large purchases when a consumer usually does not make large purchases). If unusual activity is detected, then the payment processing system 120 and/or the issuer 130 may suspend the secured account number until verification is made that the secured account number was not stolen. In this case, the use of the secured account number and/or the real account number can be temporarily suspended pending an investigation. If it is determined that the user's secured account number was obtained and used by an unauthorized person, then the payment processing system 120 may reissue a new portable proximity consumer device to the real user. For example, similar to conventional procedures for lost or stolen account numbers, part of the verification process may be for the payment processing system 120 to issue an alert to the merchant 112 to keep the portable proximity consumer device 102, or to have the user contact the isstier 130 to verify the unauthorized transaction.

[0048] FIG. 2 is a high-level block diagram illustrating one embodiment of a data processing circuit 104 for use with a portable proximity consumer device 102. The data processing circuit 104 may be virtually any type of integrated circuit and/or data processing system such as a microprocessor, field programmable gate array (FPGA), application specific integrated circuit (ASIC),"and the like, that may be configured to perform embodiments of the present invention to advantage. In one embodiment, data processing circuit 104 includes a Central Processing Unit (CPU) 202, a wireless communication module or transceiver circuit 206, and a first memory 210, and ail optional second memory 220 in communication therewith via a bus 208. CPU 202 may be under the control of an operating system that may be disposed in first memory 210, Virtually any operating system or portion thereof supporting the configuration functions disclosed herein may be used. h\ one embodiment, CPU 202 may be hardwired logic circuitry, and the like, adapted to operate data processing circuit 104.
[0049] The wireless communication module 206 may be designed to receive wireless interrogation signals and transmit communication signals to the proximity reader device 110 via the wireless transmission module 106. Any number of wireless communication devices well known in the art may be used to accomphsh the reception and transmission of data between the proximity reader device 110 and the portable proximity consumer device 102, For example, the wireless communication module 206 may be funned from a wireless receiver in combination with a wireless transmitter. The wireless communication module 206 may use any viable communication link such as ISO 14443, Bluetooth, 802.1 Ix, cellular network, RF, and the like. In other words, virtually any wireless transceiver system that is sized accordingly and capable of coimnunicating with contactless reader 110 may be used.
[0050] The first memory 210 can be a non-volatile or volatile memory such as a random access memory that has sufficient space to hold the necessary programming and data structures of the mention. While first memory 210 is shown as a single entity, it should be understood that first memory 210 may in fact comprise a plurality of modules, and that first memory' 210 may exist at multiple levels, from high speed registers and caches to lower speed but larger direct random access memory (DRAM) chips. In one embodiment, first memory 210 may include a secured account program 212 and secured account number storage 214. The secured account program 212 may use any one of a number of different programming languages. For example, the program code can be written in PLC code (e.g..

ladder logic), a higher-level language such as C, C++, Java, or a number of other languages. While secured account program 212 may be a standalone program, it is contemplated that secured account program’s 212 may be combined with other programs.
[0051] The secured account program 212 when executed on CPU 202, provides a secured account number to the proximity reader device 110 from the secured account number storage 214. In one embodiment, the secured account program 212 is configured to retrieve a secured account number from the secured account storage 214. The secured account program 212 instructs the CPU 202 to wirelessly transmit the secured account number, among other data such as available credit, user data, and the like, to the proximity reader device 110 via the wireless communication module 206,
[0052] In one embodiment, data processing circuit 104 may optionally include a second memory 220. The second memory 220 is capable of storing the user's real account number in a real account number storage 222, Preferably, in the case were data processing circuit 104 stores both the secured account number and the user's real account number, the user's real account number is accessible only via a physical contact connection. For example, the user’s real account number may be accessed via an electrical connection with data processing circuit 104. In an alternate embodiment, similar to conventional credit/debit cards the user's real account number may be encoded onto the magnetic stripe 108. In this configuration, the user's real account number is accessible using conventional contact readers 114 capable of reading magnetic stripes.
[0053] In preferred embodiments, the first and second memories use different data storage technologies. For example, the first and second memories may be selected from optical, magnetic, or electronic storage media, and may be different. For example, the first memory may be use an electronic storage medium (e.g., a memory chip), while the second memory may use a magnetic storage medium (e.g., a magnetic stripe 108).
[0054] FIG. 3 is a highly-level flow diagram illustrating one embodiment of a method 300 of performing a secured account number transaction process. The method 300 may be entered into at step 301 when, for example, a proximity reader device 110 wirelessly interrogates a portable proximity consumer device 102. At step 302, a user initiates the creation of an authorization request message to, for example, purchase goods or services from a merchant 112 (e.g., the user is attempting to purchase a piece of clothing using the portable proximity

consumer device 102), bypassing the portable proximity consumer device 102 close to the proximity reader device 110. The proximity reader device 110 wirelessly interrogates the portable proximity consumer device 102. At step 304, the portable proximity consumer device 102 responds to valid interrogation protocols (e.g., fetch account number instructions, fetch user DD instructions, etc.) by wirelessly transmitting information to the proximity reader device 110. The information may include a secured account number along with other data, such as an expiration date of the user's account. The proximity reader device 110 then creates an authorization request message including the secured account number, merchant ID, POS transaction type identifier, and the purchase amount, and it is transmitted from the merchant 112 to the acquirer 116 at step 304. For example, the merchant 112 may transmit the secured account number, the merchant ED, the POS transaction type, the user's identification, the expiration date, and the like to the acquirer 116. At step 306, the acquirer 116 transmits the information received from the acquirer 116 to the payment processing system 120.
[0055] At step 308, the secured account number is converted to the user's real account number. For example, as described above, when a secured account number is received by the payment processing system 120, a secured account engine 122 converts the secured account number to the user's real account number, hi one embodiment, the secured account engine 122 may search a database of secured account numbers to find the user's real account number. Alternatively, a conversion algorithm may be used to convert the secured account number to the user's real account number.
[0056] If the real account number is not found, at step 309, the method 300 proceeds to step 316 and, for example, issues a transaction invalid protocol to the payment processing system 120. For example, if the real account number is not found, the payment processing system 120 may alert the issuer 130, the acquirer 116, and/or the merchant 112 that the transaction is not authorized. Conceivably, after attempting to use the contactless authorization, the user, being unaware of the secured account number, may reattempt the transaction using the user's real account number via entry by an operator or by using a contact reader 114.
[0057] At step 310, if the secured account number is vend, the authorization request message including the user's real account number, the merchant ID, the POS transaction t)T3e, and the purchase amount along with other transaction data to the issuer 130. For example, the payment processing system 120 may transmit the user's real account number, the secured

account number, and the POS transaction type, along with other transaction data to the issuer 130. At step 312 if the transaction is not authorized, e.g. the user does not have sufficient credit for the purchase, the method 300 proceeds to step 316. However, if the transaction is authorized, e.g., the issuer 130 has authorized the transaction, the method 300 proceeds to step 313. Then at step 313, an authorization response message is sent to the merchant 112 informing the merchant 112 and the user whether or not the transaction is authorized. At step 314, the transaction is cleared and settled using conventional procedures. For example, at the end of the day, a nominal clearing and settlement process can take place at step 314. At step 318 the method 300 ends.
[0058] FIG. 4 is a high-level flow diagram illustrating one embodiment of a method 400 of performing a financial transaction involving a secured account number. The method 400 may be entered into at step 401 when, for example, when a merchant 112 transmits a purchase authorization request to a payment processing system 120. At step 402, a secured account number is received. For example, a payment processing system 120 receives a secured account number and POS transaction type from an acquirer 116. At step 404, the method 400 determines if the secured account number was received from a portable proximity consumer device 102 wirelessly communicating with a proximity reader device 110. In one embodiment, the method 400 uses a POS transaction type identifier to determine if the secured account number was received either using a proximity transaction, or was received via another means, such as an Internet merchant portal, or by hand entry into terminal of a proximity reader device 110 or a contact reader 114, and the like. If the secured account number was not received via a proxhnity reader device 110, then the method 400 proceeds to step 406 and initiates a fraud protocol. For example, the fraud protocol may be used for tracking the transaction by authorities, instructing the payment processing system 120 to deny the transaction, and/or sending a status report to the issuer indicative of the fact that the secured account number has been acquired by unauthorized users. If at step 404 the method 400 determines that the secured account number and the POS transaction t)^e are correct, the method 400 proceeds to step 408. The method 400 converts the secured account number to the user's real account number at step 408. For example, the patent processing system 120 may perform algorithms to convert the secured account number to the user's real account number some of which are described herein. At step 410 the user's real account number and other verification data such as expiration date and customer identification are transmitted to

an issuer 130 for authorization- Optionally, at step 410 the secured account number is also transmitted to the issuer 130. The method 400 ends at step 414.
{0059J The method shown in FIG, 4 may be combined with any of the steps in the method shown in FIG. 3. The method may also be conducted by the secured account engine 122, the payment processing system 120, or any other suitable entity.
[0060] Any of the above described steps may be embodied as computer code on a computer readable medium. The computer readable medium may reside on one or more computational apparatuses and may use any suitable data storage technology.
[0061] The present invention can be implemented in the form of control logic in software or hardware or a combination of both. The control logic may be stored in an information storage medium as a plurality of instructions adapted to direct an information processing device to person a set of steps disclosed in embodiment of the present invention. Based on the disclosure and teachings provided herein, a person of ordinary skill in the art will appreciate other ways and/or methods to implement the present invention.
(0062] The above description is illustrative but not restrictive. Many variations of the invention will become apparent to those skilled in the art upon review of the disclosure. The scope of the invention should, therefore, be determined not with reference to the above description, but instead should be determined with reference to the pending claims along with their full scope or equivalents.
[0063] A recitation of *'a", 'an" or "the" is intended to mean "one or more' unless specifically indicated to the contrary.
[0064] All patents, patent applications, publications, and descriptions mentioned above are herein incorporated by reference in their entirety for all purposes. None is admitted to be prior art.

I
WHAT IS CLAIMED IS:
1. A method comprising:
receiving an authorization request message, wherein the authorization request message includes a secured account number, wherein the authorization request message originated I’m a wireless interaction between a portable proximity consumer device including a real account number, a wireless transmission module, and a memory pre-loaded with the secured account number, and a proximity reader device comprising a second wireless transmission module^ wherein the secured account number is associated with the real account number, and wherein the secured account number was wirelessly transmitted from the first wireless transmission module in the portable proximity consumer device to the second wireless transmission module in the proximity reader device; and
detonating the real account number using the secured account number after receiving the authorization request message including the secured account number.
2. The method of claim 1 wherein the secured account number is only wirelessly transmitted to the proximity reader device when there is a wireless financial transaction and wherein the real account number is used for non-wireless financial transactions.
3. The method of claim ). further comprising sending an authorization response message after the real account number is determined using the secured account number.
4. The method of claim L wherein the real account number is a user's credit card account number, bank account number, or debit card account number.
5. The method of claim 1, wherein the authorization request message comprises a wireless transaction type identifier.
6. The method of claim 1, further wherein the authorization request message was previously encrypted.
7. The method of claim 1, wherein the portable proximity consumer device is in the form of a card, and wherein the card has a magnetic stripe comprising the real account number.

8. A computer readable medium comprising code for performing the method of claim 1.
9. A sender computer adapted to perform the method of claim 1.
10. The method of claim I, further comprising pre-loading the secured account number into the memory' and pre-loading the real account number into a magnetic storage medium in the portable proximity consumer device.
11. A portable proximity consumer device for performing contact less transactions, the portable proximity consumer device comprising:
a wireless transmission module;
a first memory comprising a secured account number coupled to the first wireless transmission module; and
a second memory wherein the second memory comprising a real account number, wherein the real account number is associated with the secured account number.
12. The portable proximity consumer device of claim 11, wherein the first and second memories use different data storage tedmologies.
13. The portable proximity consumer device of claim 11, wherein the first memory comprises a memory chip and wherein the second memory comprises a magnetic stripe, and wherein the spoilable proximity consumer device is in the form of a card.
14. The portable proximity consumer device of claim 11, wherein the portable proximity consumer device is a financial transaction card.
15. The portable proximity consumer device of claim 11, wherein the contactless transaction comprises a contactless financial transaction.

16. A system for performing payment transactions, the system comprising:
a payment processing system capable of converting a secured account number
to a user's real account number, wherein in response to the payment processing system receiving a transaction authorization request comprising the secured account number, the payment processing system determines the user's real account number associated with the secured account number, and verifies that the transaction authorization request was associated with a proximity type of wireless transaction,
17. The system of claim 16, wherein the wireless transaction comprises a proximity type of financial transaction.
18. The system of claim 16, wherein the wireless transaction is wirelessly received from a portable proximity consumer device comprising the secured account number and the user's real account number.
19. The system of claim 16, wherein the payment processing system comprises code to convert the secured account number to the user's real account number,
20. The system of claim 16, wherein the transaction authorization request comprises a transaction indicator indicative of whether the transaction authorization request was received via the proximity type of wireless transaction.
21. The system, of claim 16, wherein the payment processing system comprises code to issue an alert if the secured account number was not received through a proximity type of wireless transaction with a portable proximity consumer device comprising the secured account number.

22. A method of conducting wireless financial transactions, the method
comprising;
receiving an authorization request message that includes a secured account number and a transaction identifier, wherein the authorization request message originated from a portable consumer device comprising the secured account number and a real account number; and
determining the real account number using the secured account number when the transaction identifier is indicative that the secured account number originated from a wireless transaction with the portable consumer device,
23. The method of claim 22, wherein the real account number is usable for non-wireless financial transactions.
24. The method of claim 22, further comprising generating an alert when the transaction identifier is indicative that the secured account number originated from a non-wireless transaction.
25. The method of claim 22, further comprising:
generating an alphanumeric output that includes a predetermined sequence of
alphanumeric characters designated to be common to both the secured account number and the real account number; and
masking or eliminating other alphanumeric characters of the alphanumeric output not designated the predetermined sequence.

26. The method of claim 22, wherein receiving an authorization request
message comprises;
transmitting the authorization request message to an acquirer;
transmitting the authorization request message from the acquirer to a payment processing system;
with the payment processing system that the secured account number is associated with a wireless transaction;
when verified that the secured account number is associated with the wireless transaction, sending the authorization request message along with the real account number to an issuer for authorization; and
when the financial transaction is authorized, transmitting an authorization message from the issuer to the payment processing system, acquirer, and merchant.
27. The method of claim 22, wherein detonating the real account number
comprises querying a database of secured account numbers, wherein each of the secured
account numbers is associated with a respective real account number.
28. The method of claim 22, wherein determining the real account number
comprises processing the secured account number with an algorithm configured to convert
the secured account number to the real account number.

Documents:

http://ipindiaonline.gov.in/patentsearch/GrantedSearch/viewdoc.aspx?id=XCI2dWDtwISOW0jdbv5aGQ==&loc=egcICQiyoj82NGgGrC5ChA==

« Previous Patent

Next Patent »

Patent Number

269725

Indian Patent Application Number

1693/CHENP/2008

PG Journal Number

45/2015

Publication Date

06-Nov-2015

Grant Date

03-Nov-2015

Date of Filing

03-Apr-2008

Name of Patentee

VISA U.S.A. INC.

Applicant Address

123 MISSION STREETSAN FRANCISCO, CALIFORNIA 94105

Inventors:

#	Inventor's Name	Inventor's Address
1	GAUTHIER, PATRICK	941 EICHLER DRIVE MOUNTAIN VIEW CA 94040
2	MAW, BRIAN	1910 BAYVIEW AVENUE BELMONT, CA 94002
3	FAITH, PATRICK	2810 JONES GATE COURT PLEASANTON, CA 94566
4	PATTERSON, BARBARA	193 SOUTHCLIFF AVENUE SOUTH SAN FRANCISCO CA 94080

PCT International Classification Number

G06K 5/00

PCT International Application Number

PCT/US06/34612

PCT International Filing date

2006-09-05

PCT Conventions:

#	PCT Application Number	Date of Convention	Priority Country
1	11/398,887	2006-04-05	U.S.A.
2	60/714,635	2005-09-06	U.S.A.