System and method for authentication of transactions without car with help of mobile device

FIELD: physics, computation hardware.

SUBSTANCE: invention relates to authentication of the user and performance of payment transaction. Proposed device comprises processor, data carrier connected thereto and including the set of instructions. Execution of said instructions by said processor makes this device authenticate the user by registration of mobile device and communication of mobile device with the user payment account. Mobile device is registered is authenticated with the use of identification data issued by the user and related with payment account. Data initiating the payment transaction is received to define is payment transaction is initiated with the help of mobile device. Proceeding from the mobile device registration authentication payment transaction is authenticated for payment account with the use of mobile device.

EFFECT: higher rate of payment transaction.

41 cl, 6 dwg

 

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority of provisional patent application U.S. No. 61/183631, filed June 3, 2009, the complete disclosure of which is incorporated herein by reference in its entirety.

The LEVEL of TECHNOLOGY

Consumer payment devices such as debit cards or credit cards are used by millions of people around the world to ensure that commercial transactions of various types. In a typical transaction involving the purchase of a product or service in the shopping location of the payment device is presented to the terminal point of sale ("POS terminal"), located at the place of business of the seller. The terminal point of sale can be a card reader or similar device that can access data stored on the payment device, and these data may include, for example, identification data of the user, authentication data or account data. Some or all data read from the payment device are provided to the system or transaction data of the seller and then the back-end side, which is usually a Bank or other institution that manages the account of the seller. Data provided by the serving side, then could�t be provided to the system or network processing fees (e.g., the payment processor that processes data to assist in determining whether the transaction is to be authorized on the network, and assist in performing functions to perform the calculations and settlement account for the transaction. Parts of the transaction-making authorization decisions, payment and settlement transactions also may include interaction and/or data transfer between a system or a network of processing payments and the Bank or institution that issued the payment device to the consumer (the Issuer). Transaction in which the consumer's payment device is presented to the seller or to it makes the access terminal, point of sale, referred to as the "transaction card" as a payment device is in the same physical location where the seller or the terminal.

In addition to the transactions with the card, the consumer initiates a transaction in a situation where a payment device is not in the same physical location where the seller or the terminal, and instead, the data is provided by the communication system to the seller ("transaction without presenting the card"). For example, a transaction without presenting the card, including the purchase of a product or service may be initiated by the consumer after�STV grant payment data from a remote location to the seller on the network, such as the Internet. Transactions of this type are typically initiated using a computing device, such as a personal computer or a portable computer. Transaction without presenting the card can also be initiated or completed by using mobile payment device, such as a mobile phone, in which case the communication with the seller or the data processing system may occur over a cellular network or a wireless connection. Thus, among other ways, payment information for the transaction can be provided using a payment device and the terminal point of sale or may be provided to the seller using a remotely located payment devices.

Given the large number of transactions and amounts involved money, the detection and prevention of fraud is an important aspect of any system transaction processing. To address this problem, payment processors, etc., involved in the authorization of the transaction, usually require that the user has provided one or more forms of authentication or identification prior authorization transaction. In the transaction with the card the seller may simply ask the user another form of identification, such as photo ID (driver's license, passport, etc.), for about�of especiany additional guarantees, that person is authorized to use the payment device.

However, in the case of a transaction without presenting the card (such as the e-Commerce transaction conducted over the Internet, or transaction that is executed using a mobile payment device) the seller may not be so sure that the person who tries to use the payment device, is the person who is authorized to use this device. The remote nature of the transaction makes the document with a photograph or other kind of identification is impractical and unreliable as a means of authenticating the user. In addition, a request for more parts, supposedly confidential data from the person attempting to use the payment device may be insufficient to verify that the person is authorized to use the payment device. This is because in some situations, additional data could be obtained the same by fraud, and account information of the payment device (e.g., through improper access to the person's PC, which stores account information and other sensitive data). In addition, as in payment, and not in payment transactions (those that can occur in trade, �oglasavanje contracts, etc.) each party in a transaction usually prefers to have a means of authentication identification information and data relevant to other parties to the agreement or transaction. It is desirable to prevent fraud, misrepresentation or later revocation of the agreement. Thus, it is desirable to have reliable methods of authentication of parties in a transaction in cases where the payment device or the party not present at the location of the seller or other party in a transaction or agreement. If possible, it is desirable to use elements of existing authentication systems of payment devices that are used for transactions with the card, to perform some or all of the authentication operations for a transaction without presenting the card, as it will reduce the cost and complexity of additional authentication process.

Given the above, it is desirable to have a system and corresponding devices and methods of authenticating a consumer who participates in a remote transaction such as a transaction without presenting the card held over a cellular network or a wireless connection using a mobile payment device. In addition, it is desirable that the authentication system was relatively easy to implement and use, and give consumers the opportunity to register a mobile payment device for use in a transaction and to authenticate during the transaction�AI. In addition, it would be desirable for the system, devices and methods did not require a significant investment of new resources to implement and ensure a high level of interoperability between the system participants. Additionally it would be desirable if the existing authentication system for a network of e-Commerce transactions could be strengthened to enable mobile payment device to conduct a transaction without presenting the card over the mobile channel using some or all of the same system elements. Variants of embodiment of the invention is directed to solving these and other problems individually and collectively.

Summary of the INVENTION

Variants of the embodiment of the present invention is directed to systems and corresponding devices and methods for authenticating the parties involved in a transaction without presenting the card. In such transactions, one party to a transaction (and therefore the payment device of this participant is in a remote location relative to the other party to the transaction. This can create uncertainty about identification information of a remotely located participant or about the authenticity of the data provided by the participants. System, devices and methods of the invention may be used�Sya as part of the fulfillment of the payment and not payment transactions and are suitable for use in e-Commerce transactions, conducted using a mobile payment device, such as a mobile phone.

One aspect of the present invention is that it can be implemented using the elements of infrastructure that are currently in use for authentication of payment devices and participants of the transaction with the card, and therefore does not require a completely new set of systems, processes or operations. Thus, the variants of embodiment of the present invention can allow banks and other providers of mobile payments is to strengthen the existing authentication framework to provide authentication service for transactions without card-initiated mobile payment devices. This reduces the cost of providing mobile payment services to consumers and may increase the recognition of such services, as consumers and other objects included in the process of payment transaction, you will already be familiar with many, if not all, systems, and processes used. In addition, variants of the embodiment of the present invention can be used by consumers and other entities involved in a payment transaction, to provide improved security (which includes multiple levels of security for authentication of the consumer conducting �randaccio), increase the speed of transaction processing and greater convenience for consumers than was possible in the absence of the invention.

In some embodiments embodiment, the system, apparatus and method of the invention include an infrastructure and a process for providing consumers the opportunity to register your mobile phone number and associate this number with the payment account. After registration, the user can use his mobile phone to initiate or perform one or more stages of the payment transaction. Payment transaction is recognized as initiated or completed through the mobile phone, and in response the server can authenticate the transaction based on the mobile number and the previous registration and authentication process. In other embodiments, embodiments, the server may identify a payment transaction as initiated or completed through mobile phone and in response to initiate contact with the consumer using the mobile phone to request confirmation of the desire of the consumer to perform a transaction.

In one embodiment, the present invention is directed to a device for authentication of the consumer conducting the payment transaction using the mobile device, wherein the device includes in with�BOJ processor, programmed for executing a set of instructions, a data medium connected to the processor, and wherein the set of instructions contained on the storage medium, wherein, when the set of instructions executed by the processor, the device authenticates the user through registration of the mobile communication device and a mobile device with a payment account of the user, authentication of registration of the mobile device using identification data previously provided by the consumer and associated with the payment account, receiving data, initiating a payment transaction, and determining that the payment transaction was initiated using the mobile device.

In another embodiment, the present invention is directed to a method of authenticating a consumer conducting a payment transaction using a mobile device, the method contains the stages at which accept data identifying the mobile device, and data identifying a payment account of the consumer, authenticate the mobile device using identification data previously provided by the user and associated with a payment account that is to receive the data, initiating a payment transaction, and determines that the payment transaction was initiated with ISPO�Itanium mobile device.

In yet another embodiment, the present invention is directed to a method of conducting a payment transaction, the method contains the stages at which associate a payment account of the consumer and the first identification data of the user, wherein the first identification data of the user are used by the consumer for approval of payment transactions made using the payment account of the consumer, receive data identifying the mobile device, and data identifying a payment account of the consumer, make a request to the user to provide the first identification data of the user, authenticate the mobile device, if the answer to the query is a first identification data of the consumer to receive the data, initiating a payment transaction, determine that the payment transaction was initiated using the mobile device, and in response to determining that the payment transaction was initiated using the mobile device, authenticate the user.

Other objectives and advantages of embodiments of the present invention will be apparent to those skilled in the art after review of the detailed description of the present invention and the appended figures.

BRIEF description of the DRAWINGS

Fig. 1 diagram, Fig�stereoma data flow between various components of the authentication system, which can be used during the registration process for mobile payment device, in accordance with some embodiments of the embodiments of the present invention;

Fig. 2 is a diagram illustrating data flow between various components of the approval process for transactions that can be used during a payment transaction performed using mobile payment device, in accordance with some embodiments of the embodiments of the present invention;

Fig. 3 is a diagram illustrating data flow between various components of the authentication system that can be used during the registration process for mobile payment devices and specific for mobile device authentication data, in accordance with some embodiments of the embodiments of the present invention;

Fig. 4 is a diagram illustrating data flow between various components of the approval process for transactions that can be used during a payment transaction performed using mobile payment devices and specific mobile password, in accordance with some embodiments of the embodiments of the present invention;

Fig. 5 is a functional block diagram of elements of a mobile payment device in the form of a mobile phone that can use�atsya with some variation of an embodiment of the present invention; and

Fig. 6 is a functional block diagram of a computer system, device or instrument that can be used to implement some of the processes or operations that are part of embodiments of the present invention.

DETAILED DESCRIPTION

Variants of embodiment of the invention is directed to systems, devices and methods to enable authentication of a transaction or a party to a transaction in a situation in which the participant is remote from the other party to the transaction. An example of this is the transaction without presenting the card (or more accurately, without the presence of the payment device), for example, conducted using a mobile payment device. The invention includes the infrastructure and processes to provide consumers the opportunity to register your mobile phone number and associate this number with the payment account. The registration process can be executed with use of the website, and registration may require that the user has provided authentication data that were previously provided by the consumer and associated with the payment account. Thus, the number of mobile phone user becomes associated with the payment account by an authenticated way. After registration the user can use�AMB your mobile phone to initiate or perform one or more stages of the payment transaction. Payment transaction is recognized as initiated or completed through the mobile phone, and in response the server can authenticate the transaction based on the mobile number and the result of the previous process of registration and authentication. In other embodiments, embodiments, the server may identify a payment transaction as initiated or completed through the mobile phone, and in response communicates with a consumer using a mobile phone to request confirmation of the desire of the consumer to perform a transaction. As examples of this confirmation may take the form of answering a call on a mobile phone, is formed through interactive voice system (IVR) or through the consumer's providing additional authentication data, which were previously provided by the user and associated with a mobile phone (with the understanding that additional authentication data may be used by the consumer for authorization of transactions performed using mobile phone).

Many, if not all, systems, devices and methods of the present invention can be implemented using the infrastructure elements that are now used for authentication of payment devices and participants in Tr�naklah with the card. Thus, the variants of embodiment of the present invention can allow banks and other providers of mobile payments is to strengthen the existing authentication framework to provide authentication service for transactions without card-initiated mobile payment devices. This reduces the cost of providing mobile payment services to consumers and may increase the recognition of such services, as consumers and other objects involved in the process of payment transactions, will already be familiar with many, if not all, of the used systems and processes. In addition, variants of the embodiment of the present invention can be used by consumers and other entities involved in a payment transaction, to provide improved security (which includes multiple levels of security for authentication of the consumer conducting the transaction), increase the speed of transaction processing and greater convenience for consumers than was possible in the absence of the invention.

Before describing embodiments of the systems and methods of the invention will be presented some of the terms, definitions and abbreviations, which are used to describe these embodiments.

Used herein, in some embodiments embodiment, the term "Issuer" may �tositsa to any suitable object, which may open and maintain an account associated with the consumer. Examples of the Issuer include a Bank, a credit Union, an entity, such as a retail store or service provider, or government facility. In many cases, the Issuer may provide the user with a map e-Commerce or other type of payment device. The Issuer typically has an established relationship with the consumer and, thus, has data that can be used to authenticate the consumer. Such data may include social security number of the consumer, birthday, account number, shipping address, preferences, etc.

Used in this description in some embodiments embodiment, the term "server" is typically a powerful computer or cluster of computers. For example, the server can be a big universal computer, a cluster of mini-computers or a group of servers functioning as a unit. In one example, the server may be a database server connected to the web server. In addition, the server can behave as a computer, which services the requests of one or more client computers or portable electronic devices.

Used in this description in some embodiments embodiment, the term "trading server" is a server used�first to provide consumers an interactive electronic storefronts, where consumers can make purchases and conduct online transactions after they decide to buy from the seller the goods or services.

Used in this description in some embodiments embodiment, the term "provider of mobile payments" (or "Operator MPI" or "MPI") performs various authentication functions on behalf of the seller. Provider of mobile payments can use the right hardware and/or software that is available to the seller, to ensure these functions. For example, the operator MPI can use software running on the server, or it can be a component that is running on another server that is accessible to the seller. Among other functions, the MPI operator can determine whether the authentication for the card number or payment account, or to verify the digital signature in the authentication message. In some embodiments embodiment, the service provider of mobile payments can use a component that operates in the domain service.

Used in this description in some embodiments embodiment, the term "server access management" (or "ACS") provides issuers (or other objects capable of authenticating a consumer conducting interactive transaction or the transaction without the card) �the ability to authenticate consumers during the transaction. The ACS server performs the requested authentication service and provides digitally signed responses to the object that is requesting the authentication. The ACS server can be shared by multiple parties. Alternatively, the party may have multiple servers access control, each of which is associated with a separate subset of consumers.

Used in this description in some embodiments embodiment, the term "directory server" can be used to route messages containing information registration and authentication between the shopping module or service provider of mobile payments and by the Issuer's ACS server. The directory server can also determine whether the consumer is to use the authentication service. In some embodiments embodiment, the directory server can manage the organization of processing or maintenance payments, such as Visa.

Used in this description in some embodiments embodiment, the term "processing system" or "network of payment processing" may include server computers data processing subsystems, networks, and operations used to support and supply services authorization services, exception file, and services to perform the calculations and settlement of accounts. Example of system or network payment processing can include in with�BOJ VisaNet. System and network payment processing can process a credit card transaction, the transaction for debit card transactions and commercial transactions of other types. Systems and networks for the processing of payments can also have systems that perform the service of the purposes of payment and settlement of accounts. System or network payment processing may use any suitable wired or wireless network, including the Internet, to allow communication and data transfer between components or elements.

Used in this description in some embodiments embodiment, the term "interactive speech system" (or "IVR") refers to the technology of telephony systems that allows a computing device to detect speech and touchtone via a regular phone call and to provide interaction with the user through a telephone call.

Used in this description in some embodiments embodiment, the term "short message service" (or "SMS") can be used to denote a well-known Protocol for messages sent from mobile phones and mobile phones. A typical SMS text messages can allow users to send up to 160 characters per message.

Used in this description in some embodiments embodiment the term "the number of the mobile subscriber ISDN (or MSISDN) may be used to indicate the number of the mobile subscriber in a digital network with integrated services (ISDN), which may be a mobile phone number of the consumer.

As noted above, variants of an embodiment of the invention can be particularly useful for conducting remote transactions, that is, in the case where the consumer and the payment device is not present from the seller. Remote transactions can be conducted through the methods of communication, including, but not limited to, voice calls or mobile terrestrial communications, messages, short message service (SMS), etc. Various data transfer protocols (e.g. TCP/IP) may also be used. Remote transactions can be initiated with mobile payment devices, including, but without limitation, mobile phones, smartphones, connected with the Internet computers or terminals, handheld computers (PDA), etc.

In some embodiments embodiment, before providing the possibility to the consumer to use their mobile payment device a payment transaction, the mobile device is registered and associated with the payment account belonging to the consumer. The registration process may include an authentication process in which the consumer is required to provide information that confirms his identity information or proves that he is authorized to conduct payment transactions using PLA�foreign accounts. Such information may take the form of code words, passwords, data security or other kind of data authentication or identification, which have been previously provided to the authentication service. In this case, information for consumers has been pre-checked and set as a satisfactory way of "proof" that the person providing the information is the consumer who is authorized to use the payment account. For example, a consumer seeking to register their mobile payment device, may be asked to provide his mobile phone number or other identifier of the mobile payment device and the account number for the payment account, which he wants to communicate with mobile ID. The authentication service may then request that the consumer has provided a form of data authentication to prove their identity information (e.g., password, etc.), and authentication data have been previously provided and are associated with the consumer. If the authentication information provided by the consumer, checked and are correct (i.e. they are data previously provided and associated with the consumer or the payment account of the consumer), the identifier mobilnog� device associated with the payment account of the consumer. As will be described, in some embodiments, embodiments of the invention, it can provide the consumer the ability to perform payment transactions using a mobile device without the need to provide additional authentication data or identification.

Thus, in some embodiments, embodiments of the invention the user can be authenticated (for example, in order to conduct the transaction at a later time), while the consumer is in the process of registration in the service of mobile payments. The consumer can then conduct transactions using mobile payment services without the need for additional authentication during the transaction. It provides customers a convenient way to use their mobile payment device for payment transactions.

As noted, some aspects of the authentication process of the consumer can be made during registration of a mobile payment device to guarantee that only the consumer who is properly authenticated by the authentication service may register in the service of mobile payments (and, thus, to use its mobile payment device to perform payment transactions). As an example, the user can register in the service of defense Ministry�ilen payments by registering a mobile phone number and personal account number (PAN) service provider mobile payments. In some embodiments embodiment, the ACS server may ask the user to provide a previously accepted the password that was associated with the payment account. In some embodiments embodiment, the ACS server may decide to authenticate the user via a separate channel or query as part of the registration process (for example, by calling on the mobile phone, request information through the messaging service on desktop, etc.). During a subsequent transaction initiated by the consumer, the service provider of mobile payments can check your telephone number and PAN, used by the consumer during the transaction. In some embodiments of the incarnation during the transaction, the service provider of mobile payments may request the creation of a signature authentication from the ACS server without passing through a separate authentication process with the consumer.

It should be noted that in some embodiments embodiment, the service provider of mobile payments and the ACS operator in the domain of the Issuer may enter into a bilateral agreement to ensure that the ACS system can distinguish between a transaction carried out on the mobile channel, and a transaction based on the web. As will be described, it can be made to ensure that the system of the invention is the ability to recognize that a transaction is carried out with required�of mobile payment devices and in response to apply a predetermined authorization process for the transaction. It should be noted that if desired, the service provider of mobile payments could change its system of registration in the service to ensure that the mobile payments service may register only those users that are authenticated by the specified authentication system. In other embodiments, the embodiment of the ACS can be configured to be able to distinguish and authenticate mobile transaction without any agreement, participation or alteration by the provider of mobile payments. Given the large number of sellers of electronic Commerce, the ability to authenticate mobile transactions payment without requiring changes by the seller may be useful. In such embodiments embodiment, when the consumer is redirected by the seller on the ACS server, the ACS server uses the HTTP headers to recognize that the consumer uses the mobile device. Then, the ACS server sends properly formatted the password request window consumer device. The consumer enters their pre-registered password, the ACS server authenticates the user and provides the authentication results back to the provider of mobile payments.

Fig. 1 is a schematic diagram illustrating data flow between various components�Tami authentication system, which can be used during the registration process for mobile payment device, in accordance with some embodiments of the embodiments of the present invention. As shown in Fig. 1, in a typical scenario the user or consumer of 1000 uses the client 1100, such as a web browser running on a personal computer to register a mobile payment device for use with a payment account. The 1000 consumer registers his / her personal account number (PAN) and the number MSISDN by sending this information to the operator 1200 MPI via the client 1100. Typically, the MSISDN number will be the number of mobile phone user in the case of a mobile payment device, which is a mobile phone; however, if the payment device is a mobile telephone number, the MSISDN number can represent another type of data. In some embodiments, embodiment 1000 user uses a web browser running on the client 1100, for access to the web site, executable by the operator 1200 MPI to provide this information. It should be noted that the client 1100 may be a mobile communication device, which is registered by the consumer 1000 for use as a mobile payment device, although in some embodiments, is embodied�ia client can be the same device (or resident on the device), which is registered as a mobile payment device. The provision of this information is shown as a stream of data 110 of Fig. 1.

The operator then 1200 MPI determines the appropriate server 1300 ACS for a given payment account provided by the consumer 1000. In some embodiments embodiment, the operator MPI 1200 accesses the directory server to find an appropriate server 1300 ACS. Once the operator 1200 MPI has identified the appropriate location server 1300 ACS, the operator 1200 MPI sends number PAN number MSISDN provided by the consumer server 1000 1300 ACS. Transfer the PAN number and the MSISDN number is shown as a stream 120 of the data in Fig. 1.

The server 1300 ACS may then communicate with the client 1100, used by the consumer 1000, to perform or complete the registration process. It should be noted that in some embodiments embodiment, the registration process may include some or all of the authentication process. In some embodiments embodiment, the registration may include the sending by the server 1300 ACS web page to the client 1100 on the Internet. Send a web page is shown as a stream of data 130. The user 1000 may then proceed to enter a password or other security information on the web page and provide this information back to the server 1300 ACS. The password or other security information provided by the consumer, may repre�ablate a password or data which were previously set by the user 1000, to authenticate a transaction without presenting the card, such as a transaction conducted on the sites of e-Commerce on the Internet (though this is not required because the password or the data could be set by the user to authenticate other types of payment transactions). Thus, in some embodiments embodiment, the consumer can register your information on the payment account and provide a password that will be used to authenticate the user in some situations transactions. When the user later wants to register your mobile phone number and the number of PAN to use your mobile phone for a mobile payment transaction, he may be asked to provide the previously provided password to authenticate the user. The answer is the consumer can also serve to confirm his desire to have the mobile phone number associated with the number of the PAN, in order to use their mobile phone for payment transactions. It should be noted that in some embodiments embodiment the password provided by the server 1300 ACS, it may be a new password that is registered by the consumer for use with the transaction without presenting the card, or more specifically for mobile transactions. Predostavlennaya server ACS 1300 is shown as a stream of data 140.

If the supplied password is the one that was pre-installed by the consumer, the server 1300 ACS can confirm the password and send the authentication result (i.e. that the consumer is properly authenticated) operator 1200 MPI. The server 1300 ACS can also send other information with the result of authentication, such as the value of authentication credit card holder (CAVV). This interaction is shown as a data flow of 150. The preset password may be such as described in U.S. patent No. 7,007,840, which describes the process for providing consumers the opportunity to register the number of the PAN corresponding consumer payment account, and to associate this account with a password that the user can use at a later time for its authentication. If the supplied password is the new password that is registered by the user, the server 1300 ACS may request from a consumer other data before providing the operator 1200 MPI indication that the consumer is authenticated. Such other data may include, for example, the consumer profile or identity.

After receiving confirmation that the consumer is authenticated, the operator MPI 1200 may send the authentication message to the Issuer 1500 for wire�RCTs provided value (CVV2) card verification and confirm what payment account which the user wants to use for a transaction using a mobile payment device is active. The operator 1200 MPI can provide this authentication message to the Issuer 1500 using the system 1400 of processing payments. This data flow is shown as 160 and 170. When a payment account (e.g., credit or debit card) is checked, a mobile payment device is registered for consumer use 1000 in transactions without a card.

Fig. 2 is a diagram illustrating data flow between various components of the approval process for transactions that can be used during a payment transaction performed using mobile payment device, in accordance with some embodiments of the embodiments of the present invention. As shown in the figure, in a typical payment transaction, the consumer 1000 initiates a transaction without the card using registered mobile payment device 2100 1000 user (when the registration process is conducted in accordance with the process shown in Fig. 1, or in other suitable process). In some embodiments embodiment, the user 1000 may initiate a transaction by entering the client's PIN (personal identification number) on the mobile Board�tion device 2100, by activating a payment application installed on the mobile device 2100 through the provision of another type of access control or security data to the device or through participation in another form of user interaction with the device. In response, the mobile payment device 2100 then initiates a payment transaction with the node 1200 operator of mobile payments. This stage is shown as a stream 210 of data. The data transmitted in the stream 210 of data may include the MSISDN number of mobile payment devices, although they can also include other data in addition to the MSISDN number or instead of it.

On the basis of the MSISDN number and/or other data received from the mobile payment device 2100, the operator 1200 MPI can identify consumer payment account associated with the consumer. The operator 1200 MPI provider of mobile payments may then request authentication from the ACS server 1300 associated with a payment account registered mobile payment device 2100 (or, more precisely, the proof of the previous authentication of the consumer and/or mobile payment device). In some embodiments embodiment, the operator 1200 MPI can use the directory server to find an appropriate server 1300 ACS for a payment account of the consumer 1000. When the operator 1200 MPI identified on�lying the server 1300 ACS for authentication, the operator MPI 1200 may send the authentication request to the server 1300 ACS. This operator request MPI 1200 to the ACS server 1300 is shown as a stream of data 220.

The server 1300 ACS will recognize the request from the operator 1200 MPI as associated with a mobile payment transaction initiated using a mobile payment device, and based on the data provided as part of the previous registration and authentication process (as described in relation to Fig. 1) can create a message of endorsement or authentication of a transaction for the payment transaction. According to some variants of embodiment of the server 1300 ACS, optionally, may be forced to form an IVR call on a mobile payment device 2100 to confirm the intentions of the user 1000 to carry out the transaction. Optional IVR call is shown as a stream of data 230 and 240, where one element of the data stream represents a formed IVR call to the mobile device and the other element of the data stream is a response to the IVR call generated by a user using the mobile device. After performing any additional operations of authentication or verification that may be used (with or without the execution of such operations if they are not required), the server 1300 ACS sends the authentication result to the operator 1200 MPI, and it is shown as a flow 250 Yes�tion. The authentication result may contain other relevant authentication data, such as the CAVV. It should be noted that in addition to using the IVR system can also be used other forms of confirmation of intent of the consumer to conduct the transaction; they include, but are not limited to, SMS messaging, emails, ensuring the consumer is given a numeric or alphanumeric code in response to the message, etc. Should also be noted that the use of IVR call or other form of confirmation of intent of the consumer to conduct a transaction can be applied selectively only to certain transactions, such as transactions that are suspicious on the subject of fraud, transactions with a value that exceeds a predefined threshold, or on any other suitable criteria.

The operator 1200 MPI uses the authentication result received from the server 1300 ACS (which, as noted, may include information such as the CAVV and/or other data related to payment device or payment account), to provide authorization for the payment transaction to the Issuer 1500 for a payment account used by the consumer. This authorization can be submitted via 1400 payment processing, and the process is shown as streams 260 and 270 of the data. Autoriza�Oia, transferred to the Issuer, may include information that identifies a transaction as a transaction without presenting the card conducted using an authorized mobile payment device.

It should be noted that in an example, process a payment transaction, as described in relation to Fig. 2, no additional authentication of the consumer is not required to run the server 1300 ACS during the transaction (although, as noted, can be used IVR authentication or another type of additional authentication). Instead, the server 1300 ACS recognizes the transaction, adopted from the operator 1200 MPI, as the transaction without presenting the card, which is initiated using pre-authenticated mobile payment device 2100. This allows the consumer to conduct a payment transaction using a mobile payment device without the need to provide additional authentication information, thereby reducing the inconvenience for the user and speeding up the transaction.

Alternatively to the variant embodiment of the invention, described in relation to Fig. 1 and 2, in some embodiments of the incarnation during the registration process, the user can provide a password or other form of data authentication to be used specifically for the authorization of payment �randaccio, initiated using a mobile payment device, or the specified mobile payment devices. In this embodiment, the user registers their mobile payment device by a method similar to that described in relation to Fig. 1; however, during the registration process, the user provides the server with password authentication or another type of authentication data that are registered and connected with the transactions which are carried out using the mobile payment device of the user. During the subsequent payment transaction that is initiated using a mobile payment device, the consumer is asked to supply the registered authentication data associated with the device in the form of user authentication and approval of the transaction.

Thus, in this alternative embodiment, the consumer may be asked to provide a new numeric password (or other data suitable form, such as alphanumeric or string of characters) for use with a mobile payment device of the consumer, when the consumer registers their mobile payment device for use in a payment transaction. After registering for the service of mobile payments, the consumer can perform circuit boards�understanding the transaction by using your mobile device, moreover, the transaction is authenticated using a numeric password or other data. A new password can be (and in some cases it is desirable to be) different from other passwords that can be used to authenticate the user for other types of transactions, such as an e-Commerce transaction conducted over the Internet. Thus, an alternative embodiment allows the user to create and register the server ASC password, specialized for mobile payment device. The user enters the selected password into a mobile payment device, such as a mobile phone, when conducting a transaction using a mobile payment device. Then the password can be sent from mobile device via mobile operator payment on the ACS server to authenticate the user and approval of the transaction.

It should be noted that in some implementations, the variants of embodiment of the process of the invention can require changes were made within the domain of the service provider of mobile payments (which may be part of a domain) and/or on the ACS server (which may be part of the domain of the Issuer) for the authentication system, which is arranged to authenticate a standard electronic transaction �commercii (i.e., the transaction not be performed using a mobile payment device). The implementation of embodiments of the invention can also lead to a reconfiguration of the shopping module in the commercial domain and/or modifications in the domain of the Issuer (i.e. the ACS server) to host the authentication process on the basis of mobile payment devices. In addition, in some cases, service provider of mobile payments may be required to implement modifications to your host and client software, mobile phone to mobile support input of the password by the user for each transaction and the direction of the operator password of the ACS server.

Next, with reference to Fig. 3 will be described an alternative embodiment of the present invention, in which specific mobile payment device password or the authentication details are used for payment transactions initiated using a mobile payment device. Fig. 3 is a diagram illustrating data flow between various components of the authentication system that can be used during the registration process for mobile payment devices and specific for mobile device authentication data in accordance with some embodiments of the embodiments of the present invention.

As shown in �figure, the consumer 1000 uses the client 1100, such as a web browser running on a personal computer, for registering a mobile payment device for use with a payment account. The 1000 consumer registers his / her personal account number (PAN) and the number MSISDN by sending this information to the operator 1200 MPI via the client 1100. Typically, the MSISDN number will be the number of mobile phone user in the case of a mobile payment device, which is a mobile phone; however, if the payment device is a mobile telephone number, the MSISDN number can represent another type of data. In some embodiments, embodiment 1000 user uses a web browser running on the client 1100, for access to the web site, executable by the operator 1200 MPI to provide this information. It should be noted that the client 1100 may be a mobile communication device, which is registered by the consumer 1000 for use as a mobile payment device, although in some embodiments embodiment, the client may be the same device (or resident on the device), which is registered as a mobile payment device. The provision of this information is shown as a stream of data 310 in Fig. 3.

The operator then 1200 MPI on�determines the appropriate server 1300 ACS for a payment account, relevant data provided by the consumer 1000. According to one variant embodiment, the operator MPI 1200 accesses the directory server to find an appropriate server 1300 ACS. When the operator 1200 MPI has identified the appropriate location server 1300 ACS, the operator MPI 1200 may send the number of PAN number MSISDN provided by the consumer 1000, the server 1300 ACS. Transfer the PAN number and the MSISDN number is shown as a stream of data 320 of Fig. 3.

The server 1300 ACS may then communicate with the client 1100, used by the consumer 1000, to register for specific mobile payment device or a specific mobile transaction password or other authentication data. According to one variant embodiment of the process begins when the server 1300 ACS sends the client 1100 a web page on the Internet. Send a web page is shown as a stream of data 330. The user 1000 may then enter your "standard" password on the web site, as well as new specific mobile payment device or mobile transaction password and provide this information back to the server 1300 ACS. Standard password entered by the user, may be a password that was pre-installed by the consumer 1000 for authenticating a transaction without presenting the card, such as a transaction conducted on the sites of e�my Commerce on the Internet (although this is not required because the password or the data could be set by the user for authentication of payment transactions other types). The default password can be set using any suitable process or operation, for example as described in relation to Fig. 1 or as described in previously mentioned U.S. patent No. 7,007,840 entitled "Controlled activation of cardholders in a secure authentication program", the contents of which are incorporated herein by reference in its entirety for all purposes. Specific to mobile payment or mobile device transaction password can be numeric, alphanumeric, or be another type of password or authentication data that will be associated with a registered mobile payment device and used as part of the authentication process for transactions without a card, carried out with the device. The provision of these passwords server ACS 1300 is shown as a stream of data 340. It should be noted that the standard password and specific mobile password can be provided as part of the same provision of data or as a separate provision of data, for example, using two separate forms on web pages (and providing specific mobile password mo�et to occur in response to a query or form formed in response to the provision of standard password).

The server 1300 ACS accepts the submitted data and can then check the default password, set specific mobile password mobile payment devices and send the authentication result to the operator 1200 MPI. The ACS server 1300 may also send other information with the result of authentication, such as the value of authentication credit card holder (CAVV). This interaction is shown as a flow 350 data.

The operator 1200 may then send the authentication message to the Issuer 1500 to validate the supplied value (CVV2) card verification and confirm whether the user account is active. The operator 1200 MPI can provide this authentication message to the Issuer 1500 using the system 1400 of processing payments. This data flow is shown as elements 360 and 370 in the figure. When a card is checked, a mobile payment device is registered for consumer use 1000 in transactions without a card.

Fig. 4 is a diagram illustrating data flow between various components of the approval process for transactions that can be used during a payment transaction performed using mobile payment devices and specific mobile password ACC�accordance with some embodiments of the embodiments of the present invention. In a typical payment transaction, the consumer 1000 initiates a transaction without the card using registered mobile payment device 2100 of the consumer. In some embodiments embodiment, the user 1000 may initiate a transaction by entering the client's PIN (personal identification number) in a mobile payment device 2100, via activation of the payment application installed on the mobile device 2100 through the provision of another type of access control or security data to the device or through participation in another form of user interaction with the device. In response, the mobile payment device 2100 initiates a payment transaction with the operator 1200 mobile payment services. This step shows how to stream data 410. The data transmitted in the stream data 410 may include the MSISDN number of mobile payment devices, although they can also include other data in addition to the MSISDN number or instead of it.

On the basis of the MSISDN number and/or other data received from the mobile payment device 2100, the operator 1200 MPI can identify consumer payment account associated with the consumer. The operator then 1200 requests 1000 user to enter or otherwise provide for specific mobile payment devices �whether mobile transaction password, set during the registration process. In response, the user 1000 enters his specific mobile password into a mobile payment device 2100 and sends the password back to the operator 1200 MPI. This flow of data between a mobile payment device 2100 and 1200 operator shown as MPI threads 420 and 430 of the data in the figure.

The operator MPI 1200 then sends an authentication request to the server 1300 ACS. In some embodiments embodiment, the operator 1200 MPI can use the directory server to find an appropriate server 1300 ACS for a payment account of the consumer 1000. When the operator 1200 MPI has identified the appropriate location server 1300 ACS, the operator MPI 1200 may send the authentication request to the server 1300 ACS. The authentication request includes a specific mobile password entered by the consumer 1000. This authentication request is shown as a stream of data 440.

In some embodiments embodiment, the server 1300 can recognize that the authentication request is made by the operator of the MPI 1200, made for a mobile payment transaction without presenting the card, and the server 1300 ACS supports separate authentication process, which uses specific mobile password mobile payment device 2100 to authenticate the user (and not the default password or a different password for a payment account). The server 1300 ACS authenticates the request providing the correct specific mobile password and sends the authentication result to the operator 1200. In some embodiments embodiment the authentication result may include other relevant authentication data, such as the CAVV. The transmission of the authentication result to the operator MPI 1200 is shown as a data stream 450.

According to some variants of embodiment of the server 1300 ACS, optionally, may be forced to form an IVR call on a mobile payment device 2100 to confirm the intentions of the user 1000 to carry out the transaction. Call IVR may include formed IVR call to your mobile device and answer the call, IVR, formed by the consumer using the mobile device. It should be noted that in addition to using the IVR system can also be used other forms of confirmation of intent of the consumer to conduct the transaction; they include, but are not limited to, SMS messaging, emails, ensuring the consumer is given a numeric or alphanumeric code in response to the message, etc. Should also be noted that the use of IVR call or other form of confirmation of intent of the consumer to conduct a transaction can be applied selectively only to certain transactions, such as transactions that are suspicious on the subject of fraud, transactions with a value that exceeds a predefined threshold, or any friend�m suitable criteria.

The operator 1200 MPI then uses the authentication response received from the server 1300 ACS for authorization of a transaction without presenting the card with the Issuer 1500 payment account used by the consumer 1000. The operator 1200 MPI can make this request using the system of payment processing. This is shown as threads 460 and 470 of the data in the figure. As illustrated in Fig. 4, specific mobile password sent from user 1000 to the server 1300 through ACS operator 1200 MPI.

Methods, processes or operations described with reference to Fig. 1-4 may be implemented using any suitable type of mobile payment device or portable consumer devices, including, but without limitation, a mobile phone, a pocket PC (PDA), portable computer or other device having a wireless communication and data transmission. Mobile payment device or portable consumer device may include a contactless element such as semiconductor chip, embedded or otherwise attached to a mobile phone, a pocket computer (PDA), etc. As described, in some embodiments embodiment the consumer can use a mobile payment device or portable consumer device, such as mobile tele�it, to conduct a payment transaction by providing payment information and functioning as an interface to provide data authentication. It should be noted that the variants of embodiment of the invention is not limited to any particular type of mobile payment device or portable consumer device.

An exemplary portable consumer device or a mobile payment device can be in one of many suitable forms. For example, suitable portable mobile payment device may be portable and compact so that they could fit in the pocket of the consumer (e.g., pocket). They may include smart chips embedded in another device. Examples of portable consumer devices that can function as payment devices include cellular phones, handheld computers (PDA), pagers, transponders, etc. of the Portable consumer device can function as a debit devices (e.g., debit card), credit devices (e.g., credit card or prepaid devices (e.g. prepaid card).

Exemplary mobile payment device may comprise a computer readable medium and a body as shown nafig. 5, which is a functional block diagram of elements of a mobile payment device in the form of a mobile phone that can be used with some embodiments of the embodiments of the present invention. It should be noted that Fig. 5 shows several components, and portable consumer devices or mobile payment device used as part of the implementation of the invention may contain any suitable combination or subset of such components. Machine-readable media (CRM) 32(b) may be located within the body 32(h) or can be separated from it. The body 32(h) may be formed as a plastic substrate, housing or other suitable structure. Machine-readable media 32(b) may represent a memory that stores data and may be performed in any suitable form, including magnetic strips or memory chips, and may contain uniquely derived keys, encryption algorithms, etc. the Memory may also store information such as financial information, transaction information (e.g., as in tickets for pass in metro or railway transport), information access (e.g., as in passes, etc.) and Financial information may include information such as Bank account information, identification but�Bank EP (BIN), information credit or debit card information account balance, expiration date, information about the consumer, such as name, date of birth, etc.

Information in memory can also be in the form of data tracks, such as traditionally related to credit cards. These tracks may include track 1 and track 2. Track 1 typically stores more information than track 2, and contains the credit card holder's name and account number and other arbitrary data. This track is sometimes used by the airlines when securing reservations with a credit card. Track 2 currently typically used for payment transactions. This is the track that is read by automated teller machines (ATM) and terminals accepting credit cards. Track typically contains the account of the owner of the credit card, the encrypted PIN, and other arbitrary data.

Machine-readable media 32(b) or the memory may include code that when performed by a programmed processor causes the implementation of the respective stages, processes or operations of the present invention. For example, a computer-readable medium 32(b) may contain code that in its execution helps with reception of mobile payment devices and when using a mobile payment device in transects�and without presenting the card (CNP).

Phone 32 may further include a contactless element 32(g), which may include a semiconductor chip (or other data storage element), and in some embodiments embodiment the corresponding element of wireless data transmission, such as an antenna or a Converter. It should be noted that the element of wireless data transmission is not required in all embodiments, embodiments of the invention, since the contactless element may be integrated with the communication capabilities of the mobile phone, and thereby permitted the transfer of data between a contactless element and the cellular system. In such situations, the contactless element 32(g) can be embedded in the telephone 32 and data or control instructions transmitted via a cellular connection, can be applied to contactless element 32(g) via the contactless interface element (not shown). The contactless interface element enables the exchange of data and/or control instructions between the schema of the mobile device (and hence the cellular network) and contactless element 32(g).

In some embodiments, embodiments of the contactless element 32(g) has the ability to transmit and receive data using wireless near field (NFC) (or wireless environment short range) �typically in accordance with a standardized Protocol or data transfer mechanism (e.g., ISO 14443/NFC). Other suitable communication capabilities of small range that can be used to implement the invention include RFID, Bluetooth™, infrared or other transmission capabilities that can be used to exchange data between telephone 32 and a reading device or terminal point of sale. Thus, the phone 32 can have interoperability and transfer of data and/or control instructions via both a cellular network, using a wireless short range or short range.

Phone 32 also will typically include a processor 32(c) (e.g., a microprocessor or CPU) that is programmed with a set of instructions, wherein the processor executes instructions to implement various functions of the telephone device 32 and 32(d) display to provide the consumer with the possibility to see phone numbers and other information and messages. Phone 32 may further include elements 32(e) input (such as keyboard, touch screen, etc.) to provide the consumer (or representative) an opportunity to enter information into the device, a speaker 32(f) to grant the consumer to hear voice communication, music, etc., and a microphone 32(i) to provide the consumer the opportunity to enter your language in those�EPON 32. Phone 32 will also typically include an antenna 32(a) to allow wireless communication and data transmission using a cellular network.

Fig. 6 is a functional block diagram of a computer system, device or instrument that can be used to implement some of the processes or operations that are part of embodiments of the present invention. In an exemplary embodiment, some or all of the functional components depicted in Fig. 6, may be present on a server or other computing device that executes some or all of the operator functions MPI (element 1200 of Fig. 1-4), the ACS server (element 1300 of Fig. 1-4) or payment (element 1400 of Fig. 1-4), which are described in relation to embodiments of the present invention. Subsystems shown in Fig. 6, interconnected via system bus 675. Shown with additional subsystems such as a printer 674, keyboard 678, hard disk 679 (or other memory containing computer readable media), monitor 676, which is attached to the adapter 682 of the display device, and others. Peripherals and I/OS that are connected to the controller 671 input/output, can be connected with the computer system via any Cauley�society funds known in the art, such as a serial port 677. For example, the serial port 677 or external interface 681 can be used to connect computing devices with a global network such as the Internet, a mouse device or a scanner. Connection via system bus allows the Central processor 673 to communicate with each subsystem and to control the execution of instructions from system memory 672 or hard disk 679, and also for the exchange of information between subsystems. System memory 672 and/or hard disk 679 may embody computer readable media. As mentioned, some or all of these elements may be present in previously described devices or devices. For example, previously described by the directory server or server access control can include one or more components shown in Fig. 6.

Machine-readable media in accordance with a variant embodiment of the invention may contain code or other type of executable instructions for performing any of the functions, processes or operations described in relation to embodiments of the present invention. For example, previously described, the operator MPI may be a computing device that includes a processor and contains with�itively computer media contains the code when it is executed by the programmed processor performs authentication of the consumer to conduct transactions on a mobile device during registration of the mobile device for use in transactions, and code for conducting a transaction using a mobile device. Thus, the operator MPI may include a processor connected to computer readable media, wherein the processor executes instructions embodied by computer readable code on a computer's storage medium.

Used here, the terms and expressions are used as terms of description and not of limitation, and the use of such terms and expressions do not have the intention of excluding equivalents shown and described signs or their parts; it is recognized that within the scope of the claimed invention various modifications are possible. In addition, any one or more signs of any variant of embodiment of the invention can be combined with any one or more other features of any other variant embodiments of the invention without deviation from the scope of the invention.

In addition, it should be understood that as described above, the present invention can be implemented in the form of the control logic using software obespechitelnyh or integrated way. Based on the information provided in this document descriptions and ideas specialist in the art will recognize and understand other ways of implementing the present invention using hardware and a combination of hardware and software.

The elements specified in the singular imply the meaning of "one or more" unless specifically indicated otherwise.

1. The device for authentication of the consumer conducting the payment transaction using the mobile device, wherein the device contains:
the processor is programmed to execute a set of instructions;
a data medium connected to the processor; and
moreover, the set of instructions contained on the storage medium, wherein, when the set of instructions executed by the processor, the device authenticates the user by means of:
registering the mobile communication device and a mobile device with a payment account of the consumer;
authenticating the mobile device using identification data previously provided by the user and associated with the payment account;
receiving data, initiating a payment transaction;
determining that the payment transaction was initiated using the mobile device; and
determining, based on authentication p�to registration of the mobile device, that the payment transaction was authenticated for payment of the account using a mobile device.

2. The device according to claim 1, wherein registering the mobile communication device and a mobile device with a payment account of the consumer further comprises:
receiving registration data from the user, and
the registration data includes a payment account identifier and the identifier of the mobile device, wherein the registration data provided by the user using the client device.

3. The device according to claim 2, in which the mobile device is a mobile phone and the identifier of the mobile device is a phone number of a mobile phone.

4. The device according to claim 2, wherein the registration data provided by the user by entering the registration data on the website using the client device.

5. The device according to claim 1, wherein authenticating the mobile device using identification data previously provided by the user and associated with the payment account further comprises:
request the user to provide identification data;
receiving the requested identification data;
determining that the identification data are consistent with �dentification data previously provided by the consumer and associated with the payment account; and
in response to determining that the identification data are consistent with the identification data previously provided by the consumer, determining that the registration of the mobile device is authenticated.

6. The device according to claim 5, in which the identification data is a password previously associated with the payment account and used by the consumer for approval of the payment transaction.

7. The device according to claim 1, wherein after determining that the payment transaction was initiated using the mobile device, the device authenticates the user by means of contact with customers via a mobile device for receiving confirmation that the consumer wishes to conclude the payment transaction.

8. The device according to claim 7, in which the contact with the consumer through the mobile device further comprises a contact with the consumer through one or more of the formation of the call to your mobile device or compilation of messages to the mobile device.

9. The device according to claim 1, wherein after determining that the payment transaction was initiated using the mobile device, the device authenticates the user by means of:
request the consumer to provide the second type ID�ntification data moreover, the second type identification data previously registered for use in authentication of payment transactions initiated using a mobile device;
receiving second identification data from the mobile device; and
verification that the second type of identification data is correct.

10. The device according to claim 1, wherein the payment transaction is processed after determining that the payment transaction was authenticated for payment of the account using a mobile device.

11. Method of authenticating a consumer conducting a payment
the transaction by using mobile device, the method includes:
receiving data identifying a mobile device, and data identifying a payment account of the consumer;
authentication of the mobile device using identification data previously provided by the user and associated with the payment account;
receiving data, initiating a payment transaction;
determining that the payment transaction was initiated using the mobile device; and
determining, based on authentication of the mobile device that the payment transaction was authenticated for payment of the account using a mobile device.

12. A method according to claim 11, in which PL�Tina the transaction is processed after determining that that the payment transaction was authenticated for payment of the account using a mobile device.

13. A method according to claim 11, in which the mobile device is a mobile telephone, and data identifying the mobile device, represent a telephone number for a mobile phone.

14. A method according to claim 11, in which the authentication of the mobile device using identification data previously provided by the user and associated with the payment account further comprises:
request the user to provide identification data;
receiving the requested identification data;
determining that the identification data are consistent with the identification data previously provided by the user and associated with the payment account; and
in response to determining that the identification data are consistent with the identification data previously provided by the consumer, determining that the mobile device is authenticated.

15. A method according to claim 11, in which, after determining that the payment transaction was initiated using the mobile device, the method further comprises the implementation of contact with customers via a mobile device for receiving confirmation that the consumer wishes to conclude the payment of transit�tion.

16. A method according to claim 15, in which the contact with the consumer through the mobile device further comprises the implementation of contact with the consumer through one or more of the formation of the call to your mobile device or compilation of messages to the mobile device.

17. A method according to claim 11, in which, after determining that the payment transaction was initiated using the mobile device, the method further comprises:
request the consumer to provide the second type of identification data and second identification data previously registered for use in authentication of payment transactions initiated using a mobile device;
receiving second identification data from the mobile device; and
verification that the second type of identification data is correct.

18. Method of conducting a payment transaction, the method includes:
linking a payment account of the consumer with the first identification data of the user, wherein the first identification data of the user are used by the consumer for approval of payment transactions conducted using the payment account of the consumer;
receiving data identifying a mobile device, and data identifying a payment account of the consumer; request the consumer to provide a first identification data of the consumer;
authentication of the mobile device, if the answer to the query is a first identification data of the consumer;
receiving data, initiating a payment transaction; and
determining that the payment transaction was initiated using the mobile device; and
in response to determining that the payment transaction was initiated using the mobile device, determining, based on authentication of the mobile device that the payment transaction was authenticated for payment account of the consumer using the mobile device.

19. A method according to claim 18, further comprising: processing payment transactions without requiring that the consumer participated in the authentication process during the payment transaction.

20. A method according to claim 18 in which the mobile device is a mobile telephone, and data identifying the mobile device, represent a telephone number for a mobile phone.

21. A method according to claim 18, in which the request user to provide the first identification data of the consumer further comprises receiving from the second user identification data of the user, wherein the second identification data of the consumer ustanovlenija use by the consumer for approval of payment transactions, carried out using a mobile device, and authenticating the user further comprises receiving from the second user identification data of the user in order to authorize the payment transaction.

22. How to bind the mobile device to the payment account, the method includes:
a) receiving, on a computer mobile payment system (MPI) of the seller, the data that identifies your mobile device, and data identifying a payment account of the consumer;
(b) determining the server's access control to the Issuer associated with the payment account;
c) providing a computer MPI vendor authentication request that includes data identifying the mobile device, and data identifying a payment account, the server
access control to the Issuer, wherein the management server access to the Issuer:
transmits a web page on a client device controlled by the user;
receives authentication data from the client device via the web page;
verifies received data authentication based on the authentication data previously granted for a payment account of the user management server access to the Issuer; and
generates the authentication result based on the verification of the received data, the authentication�tion;
(d) receiving by the computer MPI seller of the authentication result; and
(e) forwarding the MPI computer the seller of the result of authentication to the computer of the Issuer controlled by the Issuer, wherein the Issuer subsequently determines that a payment account is active;
by means of this register the mobile device with a payment account.

23. A method according to claim 22, in which determining the management server access to the Issuer associated with the payment account contains the identification based on the data identifying a payment account, the management server access to the Issuer from the set of servers control access to the Issuer using the directory server.

24. A method according to claim 22, in which the transmission of the authentication request that includes data identifying
mobile device and data identifying a payment account, going through the directory server.

25. A method according to claim 22, in which data identifying a mobile device that represents a phone number and data identifying a payment account, represent the number of the payment account.

26. A method according to claim 22, in which authentication data contains the password.

27. A method according to claim 22, in which the client device is a mobile device.

28. A method according to claim 22, in which the server control access to the Issuer�, client device and the computer MPI seller are separated from each other.

29. A method according to claim 22, in which the management server access to the Issuer digitally signs the authentication result.

30. A method according to claim 22, in which the transmission of the authentication request that includes data identifying the mobile device, and data identifying a payment account, going through the directory server and the directory server is online payment processing.

31. A method according to claim 22, in which the transmission of the authentication request that includes data identifying the mobile device, and data identifying a payment account, going through the directory server and the directory server is online payment processing, which is configured to process credit and debit card transactions and which is configured to perform authorization and settlement and clearing services.

32. PC mobile payment system (MPI) of the seller containing a processor and a computer-readable medium connected to the processor, and computer readable media includes code that is executable by the processor for implementing the method containing:
a) receiving, at the computer MPI seller, the data that identifies your mobile device, and data identifying a payment account sweat�of ebites;
(b) determining the server's access control to the Issuer associated with the payment account;
c) providing a computer MPI vendor authorization request that includes data identifying the mobile device, and data identifying a payment account, the management server access to the Issuer, wherein the management server access to the Issuer:
transmits a web page on a client device controlled by the user;
receives authentication data from the client device via the web page;
verifies received data authentication based on the authentication data previously granted for a payment account of the user management server access to the Issuer; and
generates the authentication result based on the verification of received authentication data;
(d) receiving by the computer MPI seller of the authentication result; and
(e) forwarding the MPI computer the seller of the result of authentication to the computer of the Issuer controlled by the Issuer, wherein the Issuer subsequently determines that a payment account is active;
by means of this register the mobile device with a payment account.

33. PC MPI seller according to claim 32, in which determining the management server access to the Issuer associated with the payment account contains identificat�Yu, based on the data identifying a payment account, the management server access to the Issuer from the set of servers control access to the Issuer using the directory server.

34. PC MPI seller according to claim 32, in which the transmission of the authentication request that includes data identifying the mobile device, and data identifying a payment account, going through the directory server.

35. PC MPI seller according to claim 32, in which data identifying a mobile device that represents a phone number and data identifying a payment account, represent the number of the payment account.

36. PC MPI seller according to claim 32, in which authentication data contains the password.

37. PC MPI seller according to claim 32, in which the client device is a mobile device.

38. PC MPI seller according to claim 32, in which the server access control to the Issuer, a client device and a computer MPI seller are separated from each other.

39. PC MPI seller according to claim 32, in which the server access control to the Issuer digitally signs the authentication result.

40. PC MPI seller according to claim 32, in which the transmission of the authentication request that includes data identifying the mobile device, and data identifying a payment account, hap�dit through the directory server while the directory server is online payment processing.

41. PC MPI seller according to claim 32, in which the transmission of the authentication request that includes data identifying the mobile device, and data identifying a payment account, going through the directory server and the directory server is online payment processing, which is configured to process credit and debit card transactions and which is configured to perform authorization and settlement and clearing services.



 

Same patents:

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to a method and system of mobile communication. The mobile communication method for the mobile communication system including a mobile station (UE), a PDN gate (PGW) and PCRF, with that, the method involves the repeated establishment of connection of a data packet network (PDN) by means of the above PGW, if PGW knows that PCRF was re-started in a modification procedure of a unidirectional channel.

EFFECT: technical result consists in the transfer and reception of information related to policy and tariff classification control (PCC) when a failure takes place in a functional unit of policy and tariff classification rules (PCRF) or when PCRF resumes operation after such failure takes place.

6 cl, 9 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to wireless communication technologies. The method involves the following: determination by means of the first basic station of user equipment in an activated state; calculation by means of the first basic station of the number of a sub-frame at a sub-frame used for sending the paging information, and the number of a paging frame that includes the above sub-frame; with that, paging information is used for paging of user equipment in an activated state; and sending by the first basic station of the calculated number of the sub-frame and the calculated number of the frame at the paging frame to the second basic station so that the second basic station configures the sub-frame corresponding to the number of the sub-frame in the paging frame corresponding to the number of the frame in the form of an almost blank sub-frame, or the second basic station stops sending of information in the sub-frame corresponding to the number of the sub-frame in the paging frame corresponding to the number of the frame.

EFFECT: elimination of paging interference formed by the basic station creating interference.

10 cl, 7 dwg, 2 tbl

FIELD: physics, computation hardware.

SUBSTANCE: invention relates to wireless sensory networks (WSC). Control over WSC operation consists in creation of WSC cluster architecture while WSC is initiated to set WSC parameters. Note here that said parameters include controlled parameters. Level of noisy channels is analyzed. Note here that the number of WSV sensory nodes is selected in proportion to required parameters of processing accuracy and accuracy of transfer of controlled parameters. Note here the those assemblies of sensory nodes are activated whereat current values of controlled parameters exceed the magnitudes preset as tolerances. Thereafter, bonds are created in WSC between its activated sensory units. WSC operation is analyzed to select the optimum network structure so that better results as to rate-to-accuracy ratio are obtained by intellectual module built around a neuron network running on genetic algorithm.

EFFECT: higher efficiency and operating accuracy, power saving.

2 cl, 6 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to wireless communication. A method of establishing a collaboration mode comprises steps where: a base station receives from user equipment a mode establishment request, which is used to request establishment of a collaboration mode; the base station encapsulates configuration information on the collaboration mode, allowed to be used by the user equipment, in a response message; the base station transmits the response establishment message to the user equipment and receives from the user equipment a feedback message on whether configuration of the collaboration mode is complete or not.

EFFECT: easy establishment of the collaboration mode of a base station and user equipment while simultaneously maintaining reliability and communication quality.

58 cl, 16 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to means of controlling advertisement delivery to mobile clients while maintaining user privacy. The method includes receiving, at an advertisement delivery service, a location use token from a mobile client, sending the location use token to a location broker service for verification, receiving, at the advertisement delivery service, the mobile client location from the location broker service and delivering a location-targeted advertisement to the mobile client, wherein delivery is further based geographic density of a plurality of mobile clients.

EFFECT: high accuracy of advertisement delivery owing to use of a location broker service.

19 cl, 3 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to wireless communication. Associating a plurality of contention-based uplink grants with a range of uplink resource blocks allows one contention-based uplink grant message to signal the entire plurality of grants. The signalling load on the PDCCH is reduced by using a single contention-based uplink grant message to signal a plurality of contention-based uplink grants. The message indicates an allocated set of uplink resource blocks and the number of separate uplink resource grants represented by the set and is signalled such that user terminals recognise that separate subsets of uplink resource blocks within the set correspond to a separate contention-based uplink grant. Information included in the contention-based uplink grant message is used to control the probability at which the user terminals attempt contention-based uplink transmissions and/or to control the modulation and coding scheme used for such transmissions.

EFFECT: reducing the probability of collision with multiple users in a cell.

36 cl, 8 dwg

FIELD: physics, communications.

SUBSTANCE: invention relates to wireless communication. User equipment (700) is configured to decide on application or not of a power reduction and to indicate said decision in a power headroom report intended for transmission to a radio base station (600). The radio base station (600) is configured to receive the power headroom report and based on the indicated information in the received power headroom report, the base station is made aware of an additional or special power backoff (e.g. to fulfil SAR requirements) that has been applied and is therefore able to distinguish it from normal power backoff or power reduction.

EFFECT: invention is intended to indicate power backoff in at least a power headroom report in a communication system.

30 cl, 18 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to radio communication. The invention describes solutions for use of a combination of types of reference signals in a wireless communication network when making measurements relating to positioning. As per one example, UE uses a combination of CRS and PRS. As an illustrative case, UE receives PRS and possibly CRS from one or more honeycombs while it receives only CRS from one or more other honeycombs. In this case, UE determines for example time tag values of the received signal for CRS as those received from some honeycombs for each honeycomb and for PRS as those received from other honeycombs for each honeycomb. UE can make measurements and notify for each signal/for each honeycomb and can make calculations, in which a combination of time tag measurements participates, which have been made both for CRS and for PRS. In an additional aspect, control or coordination of transmissions of reference signals is performed for each port in honeycombs, which use multiple antenna ports to perform transmission in every such honeycomb.

EFFECT: improving positioning measurement quality.

30 cl, 14 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to mobile communication. The method comprises: a step of transmitting, by an operation and maintenance server EM, "MDT config" to a subscriber management server HSS, and a step of transmitting, by the subscriber management server HSS, to the target mobile station UE an instruction to perform the MDT measurement process through a mobility management node MME and a radio base station eNB when it is determined that the MDT measurement process by the target mobile station UE is approved.

EFFECT: enabling a mobile station UE to perform a Minimisation of Drive Tests (MDT) measurement process when approval is received from the mobile station subscriber.

8 cl, 7 dwg

FIELD: radio engineering, communication.

SUBSTANCE: communication system contains: level of radiosignal reception/transmission including combination of radiosignal reception/transmission assemblies; local calculating level comprising local calculating assembly connected with radiosignal reception/transmission assembly at one or several combinations of adjacent radiosignal reception/transmission assemblies and executing all communication processing or first part of the communication processing; central calculating level comprising central calculating assembly connected with local calculating assembly and performing the second part of communication processing, at that all communication processing contains the first part of the communication processing and second part of the communication processing. The local calculating level is responsible for complete or part of the communication processing.

EFFECT: economy of network bandpass and improved use of the system resources.

21 cl, 7 dwg

FIELD: medicine.

SUBSTANCE: invention relates to devices for medical monitoring. The method contains stages at which: a packet (7) of data about a patient is transmitted from a device (10) for patient monitoring to the central server (12); a message (72) with acknowledgement (ACK), transmitted by the central server (12) in response to receiving by the central server (10) of the transmitted packet (70) of data about the patient, with a message with acknowledgement containing a time stamp, provided from the central server (12) clock (46), indicating the time and date, when the central server (12) received the packet (70) of the patient's data; the message time stamp (72) with ACK is compared with the current time of the clock (28) of the patient monitoring device (10); and if the difference between the current time of the clock (28) of the patient monitoring device (10) and the time stamp (74) with ACK is larger than the first preliminarily determined time, the clock (28) is synchronised in accordance with the time and date in the time stamp (74) in the message (72) with ACK.

EFFECT: provision of control of the time synchronisation interface.

13 cl, 5 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering and specifically to intelligent automated assistant systems. Disclosed is method of operating an intelligent automated assistant. The method is carried out in an electronic device having a processor and memory which stores instructions for execution by the processor. The processor executes instructions on which a user request is received, wherein the user request includes a speech input received from the user. Based on the representation of user intent, a plurality of relevant task parameters are identified for the task flow, wherein the plurality of relevant task parameters includes at least one task parameter explicitly expressed in speech input and at least one task parameter logically derived from context information associated with the speech input.

EFFECT: high accuracy of presenting a user with relevant information by taking into account task parameters logically derived from context information.

11 cl, 50 dwg, 5 tbl

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering. A method for electronic notary certification of text information, which includes preliminary registration of a contractor in an "electronic notary" system; when sending information by electronic mail, indicating in the "copy" field the address of the automatic "electronic notary" system; upon receiving a copy of the sent information, the automatic mail enters the copy into the personal accounts of the sender and the receiver with indication of the time of sending, the sender, the addressee of the information and all attachments comprising the information, wherein the automatic mail further notifies the addressee on the sending of information and storage of the certified copy of the sent information on the website in the personal account of the contractor.

EFFECT: confirming the sending of a document or file with indication of the date and time of sending via electronic mail.

4 cl

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to providing secure transactions in payment systems using bank cards. The technical result is the low risk of card transactions that are unauthorised by the card holder when the card is compromised. In the method of conducting authorised card transactions, the card holder changes said card parameters in advance to permitting parameters by sending an authenticated request to a processing centre of the issuer, thereby permitting one or more authorised transactions; an authorised transaction can be approved by the processing centre of the issuer only if card parameters permitting said transaction were established by an authentication request by the card holder.

EFFECT: present solution minimises the risk of transactions that are unauthorised by a card holder in any environment of using cards and is distinguished by the capability for use in existing systems for controlling authorised transactions.

3 cl, 5 dwg

FIELD: physics, computation hardware.

SUBSTANCE: invention relates to creation and operation of data base of vacancies and manpower resources. Search system for every selected data element defines its rating and processes data of data base and includes structuring in relational view of data on structure, terms and interrelations as to official characteristics with allowance for taxonomy and ontology of subject area as well as compilation of the rating of indices making the matrix and their ranging. Clients-physical persons define the priorities of criteria for fulfilled job and selection of a company. Besides, they enter the obligatory magnitude of criteria and varying ranged indices for selection of vacancies to be automatically processed by the system in scoring mode. For this, these are ganged after determination of their mean arithmetic value. Client-physical person defines the obligatory values of criteria and varying ranged indices for personnel selection. The latter are processed by the system in scoring mode. For this all candidates selected in compliance with used complex of search criterion after definition of their mean arithmetic value get the rating in the list of resumes of selected candidates for client-physical person the make the decision on.

EFFECT: accelerated search at ranging of data on personnel or vacancies.

8 cl, 1 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to the field of optimisation of selection and delivery of products in a trading network. The system for the network optimisation implemented by the computer comprises: the first processor for data processing for data receiving and storage in data memory; the second processor for data processing for obtaining at least one input data for conditional dynamic options in a network; the third processor for data processing for obtaining at least one input data set for the specified network to define the specified chosen products with use of at least one optimised filters; the fourth processor for data processing for delivery of at least one of the named products at least to one of the named organisations participating in a trade network and the fifth processor for data processing for data recording relating to the named delivered products, in the data memory.

EFFECT: optimisation of selection of a product or service with reference to requirements of clients and ensuring dynamic integration of these requirements.

16 cl, 5 dwg

FIELD: physics, control.

SUBSTANCE: invention relates to computer engineering. A climate control device, having a network interface configured to receive a request to use the climate control device; transmit an authorisation request to a payment system in response to receiving said request; receive an activation message containing information associated with the payment system in response to the authorisation request; transmit a payment message to the payment system based on a plurality of usage parameters, wherein the payment message leads to the deduction of funds from the account of the user; a user interface configured to receive user input which identifies a climate control programme containing a temperature parameter, a humidity parameter, an ionisation parameter, a dryer parameter, an air purification parameter, a sound parameter and a fragrance parameter, wherein each of said parameters is associated with a corresponding one of a plurality of times, a plurality of durations and a plurality of set values; and a climate control subsystem configured to change the environment based on the climate control programme.

EFFECT: automated climate control on a confined territory.

13 cl, 1 tbl, 11 dwg

FIELD: medicine.

SUBSTANCE: invention relates to transfusiology and is intended for application in medical institutions in planning and transfusion to patient of preserved donated blood components. Method is realised with application of bar-coding technology, with formation of unified information and technological system, where databank of patients who have transfusions of donated blood components in anamnesis is maintained; transfusion plan, with respect to which available components of donated blood are estimated, is composed in accordance with operation plan, and request is sent to blood centre for missing volume of donated blood components, data about obtained blood components are automatically included into medical information system.

EFFECT: ensuring safety of transfusion of donated blood components.

7 cl, 18 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to activation of services using algorithmically configured keys. The method of user subscription to the service comprises: identification in the computer of issuer of the user who is authorized for subscription to a service on the basis of a criteria determined by an issuer; extraction by a computer of the issuer of data associated with the user and shared data element which is shared by the issuer computer and the service provider computer; formation of the first activation code by the issuer computer and sending the first activation code to the user; and the user sends the first activation code and data associated with the user to the service provider computer; and the service provider computer forms the second activation code and authorizes the user for subscription to service, if the first and the second activation codes are identical.

EFFECT: prevention of violation of security of data processing system.

20 cl, 9 dwg

FIELD: medicine.

SUBSTANCE: invention relates to medical working process of visualisation. System contains: control unit (114), containing processor (116); and multitude of processing executives (102), connected with it, with processor (116) realising control of realisation with feedback of plane of medical visualisation working process by means of multitude of processing executives (102), and processor (116) is made with possibility of inquiring electronic medical information, dealing with and/or not dealing with visualisation from one or more processing executives; formation of plan of visualisation procedure working process by means of visualisation procedure, based on information inquired; reception of signal, indicating due date of planned visualisation procedure; downloading visualisation protocol, corresponding to visualisation procedure, into visualisation system, used for visualisation procedure; realisation of scanning by means of visualisation system; and updating plan of visualisation procedure working process.

EFFECT: increased reliability of patient diagnostics.

15 cl, 9 dwg

FIELD: computer science, in particular, system for situational analysis of passenger transportation.

SUBSTANCE: system has block for selection of database addresses, block for forming recording signals and reading server database, block for controlling selection of data, first and second registers, block for comparing codes, five blocks for selecting record parameters, memory block, first group memory block, second group memory block, third group memory block.

EFFECT: higher speed of operation of system due to localization of range of data search addresses in server database using voyage group identifiers and given time period.

11 dwg

Up!