Embodiments of the present invention are directed to systems, apparatuses and methods for the purchase of products or services using financial instruments such as debit cards or credit cards, and more specifically, to a method of assigning a unique identifier within an open network to the point of sale terminals used in transactions involving such instruments. The inventive method and associated systems and apparatuses may be used to facilitate the transactions and enhance the processing of data associated with the transactions to provide better service to users of the financial instruments and the associated data processing networks.
Financial instruments or payment devices such as debit cards or credit cards are used by millions of people worldwide to facilitate various types of commercial transactions. In a typical transaction involving the purchase of a product or service, the instrument is presented at a point of sale device or terminal (“POS terminal”) located at a merchant's place of business. The POS terminal may be a card reader or similar device that is capable of reading or accessing data stored on the financial instrument, where this data may include identification or authentication data, for example.
Debit cards, credit cards and other portable consumer devices are typically associated with a unique identification number. The identification number is “unique” in the sense that each such number is associated with only a single financial instrument within a given network of instruments and financial data processors. Further, a network may be either “open” or “closed”. A closed network (sometimes termed a “proprietary network”) is one that is typically operated by one or more entities but excludes participation or access by entities that are not members of the network. In contrast, an open network is one in which participation is not limited in this manner, and in which entities that may be members of other, proprietary networks may participate. Identification and other data may be unique within a closed network but not within an open network (as the same identification or number may be assigned to objects within two different closed networks). In this sense, an object within a closed network may not have a globally unique identifier within an open network, even though the identifier is unique within the closed network.
In some cases the unique identification number associated with a debit card, credit card or other portable consumer device is termed a primary account number (PAN) and is part of the bank identification number (BIN) schema adopted by card issuing entities (e.g., Visa™ or MasterCard™). The PAN is globally unique within the group of all financial data processing networks, even though those networks may be closed networks. The PAN is one of the pieces of data read from the card by the POS terminal and provided to a payment processor or transaction processing entity. The global use of a standardized numbering system permits a unique identification number to be associated with each issued card or financial instrument. This has the benefit of enabling system wide tracking of card usage and account activity, providing the ability to detect fraud or other undesirable activities on the part of card users or merchants in an efficient and unambiguous manner.
However, there are problems that may arise even within the present consumer device identification system. One problem is that the advent and widespread usage of prepaid-type cards, such as gift and rebate cards, has introduced ambiguity and uncertainty into the system. This is because although each prepaid card carries a globally unique PAN, gift and rebate cards are not associated with an identifiable account holder and therefore payment systems cannot assign financial accountability to a unique individual. In addition, in contrast to the globally unique identification number associated with a portable consumer device, (which, as noted, can create problems for some types of prepaid cards), there is presently no globally unique number or form of identification assigned to (or otherwise associated with) the POS terminals. While a POS terminal may be associated with an identification number that is unique within a closed network (such as a local environment, store, group of stores, or commonly owned set of terminals), at present there is no method of generating, assigning, or using a globally unique identifier for a POS terminal where that identifier is unique within an open network. Further, because POS terminals are not presently associated with such a unique identifier within an open network, the unique POS identification data is not provided to a payment processor or transaction processing entity as part of a transaction or other operation performed by the POS terminal. This situation is undesirable for several reasons. Firstly, it creates a possible security risk because transactions occurring at the POS terminal cannot be verified as accurately in the absence of unique identification or registration data for the device. This may create the opportunity for fraudulent activities, such as a situation in which “spoofed” or fake POS terminals are used to obtain electronic payments from consumers.
In addition, within an open network, the lack of a way to unambiguously associate transactions with the POS terminal at which the transactions occurred prevents a payment processor from collecting data about the types and volume of transactions occurring at specific POS terminals. This is disadvantageous because such data may be of benefit in configuring POS terminals for specific data processing or content delivery tasks (such as downloading data processing or acquisition applications to a specific type of POS terminal, or providing content for the benefit of a user of the terminal). Another disadvantage of the lack of a unique POS terminal identification is that it prevents a centralized entity from having knowledge of the capabilities of the POS terminals, and hence prevents or delays the introduction of new features or functions that may provide added security or other benefits to the consumer. As noted, although some POS terminal manufacturers may assign or otherwise associate a serial or other identification number with the devices they manufacture, this information may not be provided to a payment processor, and further, even if it were provided, it may not be unique across multiple manufacturers.
What is desired is a system, apparatus and method for uniquely identifying POS terminals that are part of an open payment processing network, and further, a method of using that information as part of a transaction or other process to overcome the disadvantages that arise from the lack of such identification data. Embodiments of the invention address these problems and other problems individually and collectively.