Payment card based electronic payment transactions can be characterized as two types. One type of transaction is a card present type of transaction, while another type transaction is a card not present type of transaction.
In a card present type of transaction, a person may use a payment card such as a credit card to conduct the transaction. Prior to conducting the transaction, the merchant may obtain and check the person's payment card to confirm that he is the actual holder of the card. For example, the merchant may ask for the person's driver's license to confirm that the name on the driver's license is the same name that is on the payment card. Once this is done, the person may take the payment card and swipe it by the merchant's POS (point of service) terminal to start the process of authorizing the transaction. The POS terminal may generate and send an authorization request message to an issuer of the payment card. The issuer may subsequently approve or not approve of the transaction.
Another type of payment transaction is a “card not present” type of transaction. An example of a card not present type of transaction is an online purchase transaction. In a card not present type of transaction, the online merchant does not physically verify that the consumer is actually in possession of a payment card that is being used to conduct the transaction. To purchase goods or services online, a consumer only needs to possess the account number associated with the card and perhaps a card verification value (CVV2) associated with the card. In an online transaction, a human being does not verify that the consumer purchasing the goods is in physical possession of the card that is used to conduct the transaction.
Because nobody has verified that the person conducting the transaction is actually in physical possession of the card that is being used to conduct the transaction, the possibility of fraud can be considered greater than in a card present type of transaction, as compared to a card not present type of transaction. Because of the higher risk associated with card not present type of transactions, card not present transactions may be subject to higher processing fees (e.g., interchange fees) than card present types of transactions.
Recently, mobile phones have been provided with contactless devices (e.g., an RF or radio frequency transmitter), which can allow them to be used as contactless payment devices. Although a mobile phone can be physically present at a physical point of sale when a person conducts a purchase transaction in person at a merchant, the purchase transaction would generally be considered card not present types of transactions. This is because a physical card is not present during the transaction and since the mobile phone would not possess the necessary security attributes (e.g., holograms, card verification values, secure chip) that a card might have. Thus, transactions conducted with contactless phones would likely be subject to higher processing fees than transactions conducted using traditional payment cards, even though contactless phones are used to conduct in person payment transactions.
Furthermore, the security of transactions conducted using mobile phones could also be improved. In order to successfully conduct payment transactions using mobile phones, there needs to be a certain degree of trust between the person using the mobile phone, the issuer that is linked to the mobile phone, and the payment processing organization that processes payment transactions conducted with the mobile phone.
It would be desirable to improve payment systems and methods so that transactions can be securely conducted with mobile communication devices.
Embodiments of the invention address these and other problems.