Browse Prior Art Database

Method and System for Clear Identification of Identity in Transactions

IP.com Disclosure Number: IPCOM000202180D
Publication Date: 2010-Dec-07
Document File: 1 page(s) / 21K

Publishing Venue

The IP.com Prior Art Database

Abstract

This article is on verification measures for security on transactions. Currently banks and credit cards elicit some piece of private knowledge with the account owner during the transaction. This private knowledge is meant to confirm that the person making the transaction is the person who is the owner of the account; such as mother's maiden name, last 4 of social, pin code, verification code, email address. This correlation of private knowledge does somewhat assist in preventing the most casual fraud. However the perpetrators know this and know that gathering this information will allow them to successfully complete the transaction. Notification is usually emailed to customers either by requesting an email address or keeping one on file. Our idea uses presence as a way to verify a person for security purposes.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 63% of the total text.

Page 01 of 1

Method and System for Clear Identification of Identity in Transactions

Presence can be inferred in a transaction by various means, i.e. a web transaction where the user is engaged in an https session with a merchant can use the ip address of the originating system and compare to a listed live session of some type of instant messenger. IRC the profile of this could conclude presence if the sessions were originating from the same IP address or if different make the assumption that they were not. Similarly if presence was indicated by the confirmation of a cellular telephone on a network it could be polled or checked for GPS co-location.

Instant messaging connections can be used to validate the internet purchase using the presence of the ordering party and the origin of the system used to make the credit transaction to be validated, a very strong correlation can be established -since the perpetrator of any fraud would have to have physical access to the system - and be logged in as the IMS user on that same system - which requires knowledge/access to two accounts at the same time (IMS and credit information to complete the transaction)
- and also requires that the IMS account holder not be logged in or attempting to log in during that transaction. (This is a different and novel use of the IMS since what the invention is doing is not a simple validation that the IMS account is on a specific system, but the system that is originating a credit transaction for that IMS...