FIG. 1 is a block diagram that illustrates a conventional payment system 100.
The system 100 includes a conventional payment card/device 102. As is familiar to those who are skilled in the art, the payment card/device 102 may be a magnetic stripe card, an IC (integrated circuit) card, a fob, a payment-enabled smartphone, etc. The payment card/device 102 is shown being carried and used by an account holder/user 103.
The system 100 further includes a reader component 104 associated with a POS terminal 106. In some known manner (depending on the type of the payment card/device 102) the reader component 104 is capable of reading the payment account number and other information from the payment card/device 102.
The reader component 104 and the POS terminal 106 may be located at the premises of a retail store and operated by a sales associate of the retailer for the purpose of processing retail transactions. The payment card/device 102 is shown in FIG. 1 to be interacting with the reader component 104 and the POS terminal 106 for the purpose of executing such a transaction.
A computer 108 operated by an acquirer (acquiring financial institution) is also shown as part of the system 100 in FIG. 1. The acquirer computer 108 may operate in a conventional manner to receive an authorization request for the transaction from the POS terminal 106. The acquirer computer 108 may route the authorization request via a payment network 110 to the server computer 112 operated by the issuer of a payment account that is associated with the payment card/device 102. As is also well known, the authorization response generated by the payment card issuer server computer 112 may be routed back to the POS terminal 106 via the payment network 110 and the acquirer computer 108.
One well known example of a payment network is referred to as the “Banknet” system, and is operated by MasterCard International Incorporated, which is the assignee hereof.
The payment account issuer server computer 112 may be operated by or on behalf of a financial institution (“FI”) that issues payment accounts to individual users. For example, the payment account issuer server computer 112 may perform such functions as (a) receiving and responding to requests for authorization of payment account transactions to be charged to payment accounts issued by the FI; (b) tracking and storing transactions and maintaining account records; (c) rendering periodic account statements; and (d) receiving and tracking payments to the issuer from the account holders.
The components of the system 100 as depicted in FIG. 1 are only those that are needed for processing a single transaction. A typical payment system may process many purchase transactions (including simultaneous transactions) and may include a considerable number of payment account issuers and their computers, a considerable number of acquirers and their computers, and numerous merchants and their POS terminals and associated reader components. The system may also include a very large number of payment account holders, who carry payment cards or other devices for initiating payment transactions by presenting an associated payment account number to the reader component of a POS terminal.
For use-cases in which the payment card/device is embodied as a payment-enabled smartphone, the concept of a “digital wallet” has been introduced. In some implementations, the digital wallet takes the form of a payment-related application program (“app”) that is downloaded to and active on the smartphone. The user is permitted to load data (and/or an account-related payment app) corresponding to a number of different payment accounts (and possibly other types of credentials as well) into the wallet app. At the point of sale, the user opens the wallet app and selects one of the associated payment accounts for use in the present transaction. Via the wallet app or (as the case may be) the selected payment app, the corresponding payment credentials may be provided to the POS terminal to initiate the payment interaction among the merchant and other components of the payment account system.
In other implementations of the digital wallet concept, the main repository of account/credential data is located in a remote server (e.g., operated by a “wallet service provider”—WSP). The user may access his/her wallet partition in the server via a suitable mobile app, or (e.g.) for online shopping via a laptop computer or PC. In something of a hybrid of the two approaches, the wallet app plays a central role, but the payment account data/payment tokens are not stored in the smartphone, but rather are made accessible at the time of the purchase transaction via interaction between the wallet app and a remote host server.
In known implementations of mobile wallet apps, access to the app is permitted only upon user authentication, as by a biometric measure. One well known biometric measure relies on a fingerprint scanner on the smartphone and verification of the user's fingerprint.
The present inventor has recognized opportunities to apply the concept of wallet apps and associated biometric user authentication to improve the convenience and security of processes involved in obtaining VAT (value added tax) refunds on purchases made by travelers outside of their home countries.