This invention relates generally to the field of authentication, and in particular to authenticating an account holder. In one specific aspect, the invention relates to authenticating an account holder when making a card not present transaction, such as over the Internet or the phone.
Fraud involving stolen credit or debit account numbers is a major concern for financial institutions worldwide. This risk of fraudulent transactions occurring with card present transactions is significantly less than with card not present transactions. This is primarily because the clerk can check to make sure there is a physical card and that the signature on the card matches the signature on the receipt.
For card not present transactions, these precautions are not available. As such, if an account number is stolen and provided over the Internet, there is no effective way to verify this fact. While debit cards often have an associated personal identification number (PIN), card holders generally do not disclose this information over the Internet because of additional security concerns.
One attempt at dealing with these issues is disclosed in published U.S. patent application Ser. No. 20020004772, entitled “System and Method for Verifying a Financial Instrument,” which is herein incorporated by reference. This approach requires the card holder to pre-register before making an Internet transaction. As part of this pre-registration process, funds are deposited into the card holder's account. The card holder is then required to view his or her transactions to see the amount deposited. However, this process requires two transactions (and associated fees) in order to consummate a purchase. Also, if no purchase is made, the card holder receives a free deposit of funds.
This application provides other solutions for authenticating an account holder. Features and advantages of such solutions are set forth below.