1. Field of the Art
Generally, the present application relates to financial data processing and presentation thereof. Specifically, methods, systems, and devices are presented for merchant-customizable token codes used for online shopping and preventing identity theft.
2. Discussion of the Related Art
Accepting credit card, debit card, prepaid card, and other payment cards is a given for many retail merchants. For online merchants, accepting PayPal® payments, Google Checkout™ payments, and other alternate electronic payment types in addition to traditional credit card payments is becoming more common. Interfacing with the plethora of payment brands that customers expect to be available for payment transactions can be daunting, especially given the regulatory burden of financial regulations, industry standards, and security considerations.
Some merchants contract with third-party payment services in order to facilitate interfacing with the different types of payment networks. CyberSource of Mountain View, Calif., is one such third party payment service.
Third-party payment services not only take care of maintaining interfaces between a contracting merchant and payment networks, they also offer other services such as risk management, hosted order pages (e.g., redirected online checkout web pages), and silent order posts (e.g., secure fields for a merchant's online checkout web page). These services are in addition to servicing the day-to-day payment transactions of merchants.
In a typical payment transaction, a merchant sends an authorization request for a customer's payment to the third-party payment service, and the third-party payment service forwards the authorization request to the proper entity. This entity often is one of many third-party vendors with which the third-party payment service contracts. The entity then obtains an approval for the authorization request—an “authorization”—from the customer's bank, etc. The authorization confirms that the customer indeed has money (or credit) in his or her account to pay for the transaction and also locks down or otherwise reserves the money (or credit) in the account.
For example, for a merchant whose bank is Wells Fargo, an authorization request for payment from a customer's Visa credit card is forwarded to Wells Fargo (i.e., the acquirer). Wells Fargo then obtains an authorization for the request through VisaNet™ from the customer's bank that issued the credit card (i.e., the issuer).
Hosted order pages and silent order posts allow a merchant to avoid collecting customers' credit card numbers and related specifics. Instead, the third-party payment service presents the credit card entry web page or fields for the user to enter his or her information. Because the merchant does not collect the information, it can avoid the burdens related to being payment card industry (PCI) data security standard (DSS) compliant.
There are difficulties associated with hosted order pages and silent order posts. For one, customers prefer a seamless interface so that it appears that he or she is not being redirected to a third party in order to make a purchase. It has also been found that seeing the order specifics on the payment page helps remind the customer of why he or she is spending money, perhaps easing the purchase along. If order specifics are to be shown on a third party web site, then that information must be packaged and sent to the third party web site. There is also the complication of robustly handling a user who clicks a Back or Cancel button on his or her web browser. With all of the difficulties, it may be easier to keep as much of the payment selections on the merchant's web site as possible.
A need exists in the art for better coordination of merchant web sites and third-party vendors that facilitate payments.