U.S. patent application number 15/207161 was filed with the patent office on 2017-02-23 for method for transmitting code.
The applicant listed for this patent is PayPal Inc.. Invention is credited to Josef Gundel, Christian Hogl.
Application Number | 20170053275 15/207161 |
Document ID | / |
Family ID | 7910792 |
Filed Date | 2017-02-23 |
United States Patent
Application |
20170053275 |
Kind Code |
A1 |
Hogl; Christian ; et
al. |
February 23, 2017 |
METHOD FOR TRANSMITTING CODE
Abstract
The present invention relates to a method for transmitting a
code to a user in which the user transmits his or her financial
account identifier information to a code allocation unit 3, the
code allocation unit 3 transfers an amount of money to the
financial institution 5 specified by the user and/or transfers an
amount of money from the financial institution 5 specified by the
user, thereby submitting the account identifier information and the
code to be transmitted as additional information with this transfer
and/or this debit, and the financial institution 5 forwards a
receipt for the transfer and/or debit together with the additional
information to the user.
Inventors: |
Hogl; Christian; (Munich,
DE) ; Gundel; Josef; (Aschheim, DE) |
|
Applicant: |
Name |
City |
State |
Country |
Type |
PayPal Inc. |
San Jose |
CA |
US |
|
|
Family ID: |
7910792 |
Appl. No.: |
15/207161 |
Filed: |
July 11, 2016 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
14081978 |
Nov 15, 2013 |
|
|
|
15207161 |
|
|
|
|
13615056 |
Sep 13, 2012 |
8600878 |
|
|
14081978 |
|
|
|
|
13236304 |
Sep 19, 2011 |
8301556 |
|
|
13615056 |
|
|
|
|
10018237 |
Jun 24, 2002 |
8024260 |
|
|
PCT/EP00/05359 |
Jun 9, 2000 |
|
|
|
13236304 |
|
|
|
|
Current U.S.
Class: |
1/1 |
Current CPC
Class: |
G06Q 20/04 20130101;
G06Q 20/40 20130101; G06Q 30/06 20130101; G06Q 40/00 20130101; G06Q
40/025 20130101; G06Q 20/401 20130101; G06Q 20/10 20130101; G06Q
20/102 20130101 |
International
Class: |
G06Q 20/40 20060101
G06Q020/40; G06Q 20/10 20060101 G06Q020/10 |
Foreign Application Data
Date |
Code |
Application Number |
Jun 10, 1999 |
DE |
199 26 472.4 |
Claims
1. A method for providing secure access to a service, comprising:
receiving, by a computing system through a network, a user access
request by a user to access a service; determining, by a code
allocation unit in the computing system, a financial account of the
user that is identified in the user access request; causing, by the
code allocation unit in the computing system, an amount of value to
be transferred over a secure transmission channel to the financial
account of the user; receiving, by the computing system from a
service accessing device through the network subsequent to the
causing of the amount of value to be transferred to the financial
account, a user access attempt by the user to access the service;
determining, by the computing system, that the user access attempt
identifies the amount of value that was caused to be transferred to
the financial account; and validating, in response to determining
that the user access attempt identifies the amount of value that
was caused to be transferred to the financial account, the user
access attempt to cause the service accessing device to provide the
user access to the service in response to the user access
attempt.
2. The method of claim 1, further comprising: determining, by the
code allocation unit in the computing system, an access code having
a numerical value, wherein amount of value caused to be transferred
to the financial account corresponds to the numerical value of the
access code.
3. The method of claim 1, wherein the transfer of the amount of
value to the financial account causes a receipt that identifies the
amount of value to be sent to the user.
4. The method of claim 1, wherein the determining the financial
account of the user that is identified in the user access request
includes: retrieving, by the code allocation unit in the computing
system from the user access request, one of a bank account
identifier and a credit account identifier.
5. The method of claim 1, wherein the causing the amount of value
to be transferred over a secure transmission channel to the
financial account of the user includes: causing, by the code
allocation unit in the computing system, a first amount of value to
be transferred over the secure transmission channel to the
financial account of the user; and causing, by the code allocation
unit in the computing system, a second amount of value to be
transferred over the secure transmission channel to the financial
account of the user.
6. The method of claim 5, wherein the determining that the user
access attempt identifies the amount of value that was caused to be
transferred to the financial account includes: determining, by the
computing system, that the user access attempt is associated with
both the first amount of value and the second amount of value.
7. The method of claim 6, wherein the determining that the user
access attempt is associated with both the first amount of value
and the second amount of value includes: determining, by the
computing system, that the user access attempt includes a result of
a computation involving the first amount of value and the second
amount of value.
8. A non-transitory, machine-readable medium having stored thereon
machine-readable instructions executable to cause a machine to
perform operations comprising: receiving, through a network, a user
access request by a user to access a service; determining a
financial account of the user that is identified in the user access
request; causing an amount of value to be transferred over a secure
transmission channel to the financial account of the user;
receiving, from a service accessing device through the network
subsequent to the causing of the amount of value to be transferred
to the financial account, a user access attempt by the user to
access the service; determining that the user access attempt
identifies the amount of value that was caused to be transferred to
the financial account; and validating, in response to determining
that the user access attempt identifies the amount of value that
was caused to be transferred to the financial account, the user
access attempt to cause the service accessing device to provide the
user access to the service in response to the user access
attempt.
9. The non-transitory machine-readable medium of claim 8, wherein
the operations further comprise: determining an access code having
a numerical value, wherein amount of value caused to be transferred
to the financial account corresponds to the numerical value of the
access code.
10. The non-transitory machine-readable medium of claim 8, wherein
the transfer of the amount of value to the financial account causes
a receipt that identifies the amount of value to be sent to the
user.
11. The non-transitory machine-readable medium of claim 8, wherein
the determining the financial account of the user that is
identified in the user access request includes: retrieving, from
the user access request, one of a bank account identifier and a
credit account identifier.
12. The non-transitory machine-readable medium of claim 8, wherein
the causing the amount of value to be transferred over a secure
transmission channel to the financial account of the user includes:
causing a first amount of value to be transferred over the secure
transmission channel to the financial account of the user; and
causing a second amount of value to be transferred over the secure
transmission channel to the financial account of the user.
13. The non-transitory machine-readable medium of claim 12, wherein
the determining that the user access attempt identifies the amount
of value that was caused to be transferred to the financial account
includes: determining that the user access attempt is associated
with both the first amount of value and the second amount of
value.
14. The non-transitory machine-readable medium of claim 13, wherein
the determining that the user access attempt is associated with
both the first amount of value and the second amount of value
includes: determining that the user access attempt includes a
result of a computation involving the first amount of value and the
second amount of value.
15. A secure access system, comprising: at least one computing
device that is coupled to a network and configured to perform
operations to cause the system to: receive, through the network, a
user access request by a user to access a service; determine a
financial account of the user that is identified in the user access
request; cause an amount of value to be transferred over a secure
transmission channel to the financial account of the user; receive,
from a service accessing device through the network subsequent to
the causing of the amount of value to be transferred to the
financial account, a user access attempt by the user to access the
service; determine that the user access attempt identifies the
amount of value that was caused to be transferred to the financial
account; and validate, in response to determining that the user
access attempt identifies the amount of value that was caused to be
transferred to the financial account, the user access attempt to
cause the service accessing device to provide the user access to
the service in response to the user access attempt.
16. The system of claim 15, wherein the operations further cause
the system to: determine an access code having a numerical value,
wherein amount of value caused to be transferred to the financial
account corresponds to the numerical value of the access code.
17. The system of claim 15, wherein the transfer of the amount of
value to the financial account causes a receipt that identifies the
amount of value to be sent to the user.
18. The system of claim 15, wherein the determining the financial
account of the user that is identified in the user access request
includes: retrieving, from the user access request, one of a bank
account identifier and a credit account identifier.
19. The system of claim 15, wherein the causing the amount of value
to be transferred over a secure transmission channel to the
financial account of the user includes: causing a first amount of
value to be transferred over the secure transmission channel to the
financial account of the user; and causing a second amount of value
to be transferred over the secure transmission channel to the
financial account of the user, and wherein the determining that the
user access attempt identifies the amount of value that was caused
to be transferred to the financial account includes: determining
that the user access attempt is associated with both the first
amount of value and the second amount of value.
20. The system of claim 19, wherein the determining that the user
access attempt is associated with both the first amount of value
and the second amount of value includes: determining that the user
access attempt includes a result of a computation involving the
first amount of value and the second amount of value.
Description
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application is a Continuation of U.S. Utility patent
application Ser. No. 13/615,056, filed Sep. 13, 2012, Issued Dec.
3, 2013, U.S. Pat. No. 8,600,878, which us a Continuation of U.S.
Utility patent application Ser. No. 13/236,304, filed Sep. 19,
2011, Issued Oct. 30, 2012, U.S. Pat. No. 8,301,556, which is a
Continuation of U.S. Utility patent application Ser. No.
10/018,237, filed Jun. 24, 2002, Issued Sep. 20, 2011, U.S. Pat.
No. 8,024,260, which is a U.S. National Stage Filing under 35
U.S.C. 371 from International Patent Application No.
PCT/EP00/05359, filed Jun. 9, 2000, and published as WO 00/77754 A1
on Dec. 21, 2000, which in turn claims the priority benefit of
German Application Serial No. 199 26 472.4, filed Oct. 6, 1999, all
of which are incorporated herein by reference in their
entirety.
[0002] The present invention relates to a method for transmitting a
code to a user.
[0003] Traditionally, companies offering services or selling goods
are used to issuing personal codes to users who intend to buy or
use the goods or services in order to facilitate identification of
the users with the company. Furthermore, financial institutions,
for example, are used to issuing personal identification numbers
(PINs) to their customers to enable them to withdraw money from
ATMs, conduct financial transactions, standing orders or use other
services through a computer. Whenever a user initiates the first
contact to such a company there is the problem of transmitting the
personal code to him or her securely with minimal expense.
Traditionally, personal codes will be handed over personally or
sent by mail. Although both transmission methods are relatively
secure, the expense associated with it is relatively high. It is
either necessary to prepare a special tamper-proof letter, thereby
ensuring that no third party cart get information about the code
without opening the letter, or the user has to show up in person
with a company representative and submit a means of identification,
for example his passport, in order to have his or her identity
checked. Furthermore, companies, especially those offering online
services, are used to transmitting personal codes via e-mail.
Although this transmission method is very simple, it is also very
insecure.
[0004] Once a personal code has been transmitted to a user, there
is the additional problem of how to conduct future payment
transactions with the user when he or she is buying or using the
company's goods or services. The so-called direct debit method has
been proven to be especially advantageous for conducting payment
transactions. With this method, the user agrees in advance to have
amounts of money transferred from his or her bank corresponding to
the goods or services bought or used, thereby eliminating the need
to explicitly confirm every single transaction in the future. With
this method, the company submits the user's financial account
identifier and the amount to be transferred to the user's financial
institution. This can be especially simply effected by an
electronic storage media, for example a diskette, or by an online
remote data connection. The financial institution verifies the
financial account identifier information and, after positive
verification, transfers the respective amount of money from the
user's account to the company's account. For the company conducting
this direct debit method, there is the problem of guaranteeing that
all data submitted to the financial institution are correct. For
example, if the financial account identifier information cannot be
assigned to a valid bank account, the financial institution will
reject the transaction and levy relatively high charges to the
company. Consequently, with new users, there is the added problem
of verifying financial account identifier information along with
transmitting personal codes in order to prevent problems with
future payment transactions. Such a verification is very expensive
and difficult, especially for a company that neither has personal
contact with a new user nor, for example, any means of physically
checking his or her credit card or ATM card at least shortly.
Consequently, companies are used to omitting verification of
financial account identifier information provided by new users,
thereby disadvantageously incurring the risk of fraud and invalid
transactions.
[0005] It is therefore the object of the present invention to
provide a method for transmitting a code to a user which is secure,
causes minimal expense and, therefore, costs associated with the
transmission, and additionally provides a means for verifying
financial account identifier information provided by the user.
[0006] This object is accomplished by the method according to claim
1, whereby advantageous modifications can be seen from the
dependent claims.
[0007] According to the invention, the user transmits his or her
financial account identifier information to a code allocation unit.
Said code allocation unit transfers an amount of money to the
financial institution specified by the user and/or transfers an
amount of money from the financial institution specified by the
user, thereby submitting the account identifier information and the
code to be transmitted as additional information with this transfer
and/or this debit. After having executed the transfer and/or the
debit, the financial institution forwards a receipt for the
transfer and/or debit together with the additional information to
the user.
[0008] Advantageously, the invention provides a very secure
transmission method. The secrecy of the transmission channel is
guaranteed by the financial institution, as transaction details of
the transferor debit will not be divulged to any person outside a
select group of confidential staff and, furthermore, only the
legitimate user has access to his or her transfer or debit
transaction receipts.
[0009] Furthermore, the method according to the invention provides
a proof that the code has been transmitted to the account specified
by the financial account identifier information through the
additional information with the transfer or debit. The financial
institution thus acts as an independent third party confirming the
transaction. Consequently, the user will later not be able to
repudiate having received the code. Thus, the transmission method
according to the invention is almost equivalent to a registered
letter, but less expensive and causes less effort.
[0010] In an advantageous embodiment of the invention, a
verification unit of the financial institution, prior to executing
the transfer and/or debit verifies the transfer and/or debit, data
submitted by the allocation unit as to whether they can be assigned
to a valid financial account of the user. In the case of a positive
verification, the financial institution executes the transfer
and/or debit initiated by the allocation unit. This measure ensures
that the transfer and/or debit will not be executed unless there is
a valid account of the user with the financial institution. For
example, if his or her account is temporarily closed or
non-existent, an invalid transaction can be avoided. Consequently,
the method according to the invention obviates the need for
separately verifying financial account identifier information or
incurring future costs associated with invalid direct debit
transactions.
[0011] Advantageously, in the case the verification of the
financial account identifier information is negative, the
verification unit of the financial institution transmits this
result to the code allocation unit. In the code allocation unit, it
can thus be decided whether to refrain from issuing a personal code
to the user but rather contact him or her through another
communication channel, if necessary.
[0012] Advantageously, the user furthermore submits identification
data to the code allocation unit. These identification data are
being submitted together with the account identifier information
when initiating the transfer and/or debit. The verification unit
verifies the identification data in combination with the account
identifier information. Thus, not only the principal validity of
the account identifier information can be verified, but also
whether the account identifier information matches the specified
user.
[0013] The transmission of the identification data and/or financial
account identifier information of the user, the money transfer
and/or debit and/or the transmission of the transferor debit
transaction receipt can advantageously be effected by a remote data
connection. This can facilitate the method according to the
invention very much. Furthermore, by using a remote data
connection, the code can very quickly be transmitted to the user.
The remote data connection can, for example, be effected through a
computer network and/or an automatic telephone interface, for
example an interactive voice response system.
[0014] In an advantageous embodiment of the method according to the
invention, the code consists of at least two partial codes, whereby
one code is being transmitted by the method according to the
invention as an additional information with the transfer and/or
debit and another partial code is being transmitted to the user by
an alternate transmission method. This embodiment has the advantage
that a third party, even in the case of getting access to the code
transmitted by the method according to the invention, is being
prevented from using it fraudulently, because the resulting code
effectively used later consists of the at least two partial codes.
Even if the other partial code is being transmitted by a relatively
insecure method, such as the internet or the telephone, the
probability of a third party getting access to both partial codes
is very low. This embodiment thus provides a very secure code
transmission method.
[0015] Advantageously, the identification data transmitted by the
user to the allocation unit comprise at least the user's full name.
Furthermore, the financial account identifier information
transmitted by the user to the code allocation unit comprises at
least the bank account number or credit card number and/or the name
or bank code number of the financial institution or the credit card
company.
[0016] Furthermore, the financial institution can also forward a
transfer or debit transaction receipt to the allocation unit. Thus,
through the receipts of the financial institution, not only the
user, but also the party operating the code allocation unit will be
advantageously provided with a means of proving the code
transmission. This embodiment of the method according to the
invention is almost equivalent to a registered letter with delivery
confirmation, avoiding the drawbacks associated with sending
letters.
[0017] Embodiments of the method according to the invention will be
described in detail with references to the enclosed FIGURE.
[0018] The FIGURE schematically depicts a system for conducting the
method according to the invention.
[0019] Reference number 1 refers to an input unit of a user
intending to obtain a code from a company, for example, in order to
use the company's services. The input unit can, for example, be a
computer or a telephone system. The company features a code
allocation unit 3. This code allocation unit 3 can, for example, be
the company's central computer or a system of connected single
computers. The code to be allocated can be any information
submitted to a user in order to enable him to identify himself or
herself to any party. The code can be a permanent personal access
code such as a PIN. Furthermore, the code can be a one-time code
such as a TAN (transaction number).
[0020] The user's input unit 1 and the company's allocation unit 3
are connected by some form of remote data connection 2. The remote
data connection can, for example, be a computer network such as the
internet or an automatic telephone interface such its an
interactive voice response system. The user transmits his or her
financial account identifier information through the input unit 1
via the remote data connection 2 to the code allocation unit 3. In
this context, the term "financial account identifier information"
refers to any collection of data that allow to establish some form
of financial transaction with the user. The term "financial
institution" generally refers to an entity through which financial
transactions can be conducted. Obviously, the term also comprises a
network of single institutions, for example the user's bank, the
company's bank and for example, the ACH (Automated Clearing House).
The financial transactions can thus be effected, for example,
through an account with a financial institution, such as a bank or
savings bank, or a credit card account. The financial account
identifier information provided by the user comprises of his or her
bank account number or credit card number and the name or bank code
number of his or her financial institution or credit card
company.
[0021] The code allocation unit 3 then transfers an amount of money
to the financial institution specified by the user, thereby
submitting the financial account identifier information and, if
necessary, the user's identification data. After the new user's
data have been transmitted, the money transfer can be effected
automatically. Furthermore, the code to be transmitted is being
transmitted as additional information with this transfer. The term
"additional information" refers to any information transmitted in
association with the money transfer. This information can be
transmitted in unencrypted or encrypted form, additionally to the
money transfer data or contained therein.
[0022] Such transmissions can, for example, be effected in the
following ways: with a money transfer to a financial institution, a
payment reference can be specified. This payment reference can
indicate the code to be transmitted. Advantageously, a very small
amount of money, for example EUR 1.00 is being transferred.
Furthermore, the code to be transmitted can be contained within the
amount of money to be transferred. For example, if the code 1498 is
to be transmitted, an amount of EUR 14.98 could be transferred. The
amount transferred can later be billed as an expense to the user.
The money transfer can be effected through a remote data connection
4 between the code allocation unit 3 and the financial institution
5.
[0023] The financial institution 5 advantageously features a
verification unit which verifies the money transfer data received
from the code allocation unit as to whether they can be assigned to
a valid financial account of the user. For example, it is being
verified whether the account number exists and, if applicable,
whether it exists for the specified user. In the case of a positive
validation, the financial institution 5 executes the money transfer
initiated by the allocation unit 3 and credits the respective
amount of money to the users account. A receipt for the money
transfer together with the additional information is being
transmitted to the user via another connection 6, which can also be
a remote data connection 6 such as a computer network or an
automatic telephone interlace. Furthermore, it is possible to
forward the receipt to the user by an account balance statement
printer.
[0024] Additionally, the financial institution 5 can also forward a
receipt for the money transfer to the allocation unit 3 in order to
provide the party operating the code allocation 3 unit with a means
of proving the code transmission.
[0025] The method according to the invention provides an especially
simple way of transmitting a personal code to a new user. All the
user has to know is how to extract the code from the additional
information associated with the money transfer. This can be
communicated by the company issuing the code or by another party,
for example over the internet in a public forum.
[0026] Simultaneously with the transmission, it is verified that
the financial account identifier information is correctly specified
by the user, because only by doing so will he or she be able to
receive the money transfer. This is especially important for future
payment transactions between the user and the company offering
services or selling goods. Furthermore, the user will receive his
or her code very quickly, as the time needed for the transmission
depends only on the time needed for the money transfer by the
financial institution 5.
[0027] It is being remarked that the term "remote data connection"
not only refers to an online connection, but also to offline
connections, as long as some form of data transfer between the
respective units is effected. For example, it could also be
possible to ship data storage media.
[0028] If the verification unit of the financial institution 5
yields a verification result indicating that the account identifier
information submitted is invalid, the financial institution 5 does
not carry out the money transfer. Advantageously, this result is
being transmitted to the verification and allocation unit via a
remote data connection 4. In this case, it can thus be decided in
the code allocation unit whether to initiate another contact to the
user 1, for example through the remote data connection 2, or
whether to retrain from issuing a personal code to the respective
user.
[0029] In another embodiment of the method according to the
invention, the code to be used later by the new user consists of
two or more partial codes. For example, the first partial code
represents the first four digits of the effective code and the
second partial code represents the last four digits. The effective
code could, for example, also be generated by multiplying the two
partial codes or by applying some other computation known to the
user. One partial code is being transmitted to the user using the
method according to the invention and the other partial code or a
plurality of other partial codes by an alternate transmission
method that may be not so secure. For example, the second partial
code can be sent over a computer network such as the internet to
the user.
[0030] This embodiment of the method provides an increased level of
security, because an unauthorized person, even when getting access
to the partial code transmitted by the method according to the
invention, still has no information about the resulting code
effectively used later. The probability of that person getting
access to both or all partial codes is very low.
[0031] In another embodiment of the invention, the code
transmission will be effected by a debit rather than a transfer of
a small amount of money from the financial institution specified by
the new user. With this debit as well, the account identifier
information and as additional information the code to be
transmitted are specified. The method used in this embodiment of
the invention corresponds to the method described above, whereby in
each case a debit rather than a transfer is executed.
[0032] Furthermore, both a transfer and a debit of the same amount
of money can be executed simultaneously. Although this method
slightly increases the expense, however, it will have a neutral
effect on the new user's account balance.
* * * * *