The proliferation of the Internet has resulted in a thriving electronic commerce industry, where more and more products and services are available to customers in a variety of non-traditional ways (e.g., Internet, telephone sales, wireless, interactive TV, etc.). In conventional transactions, customers typically provide merchants with transaction numbers (e.g., charge card numbers) associated with a customer's existing debit, phone, credit or other transaction enabling devices (e.g., private label cards, American Express® card, VISA® card, MasterCard® card, Discover Card®, AT&T® phone card, MCI® phone card, etc.). Where a transaction is completed “on-line” the transmission of the transaction number over an often insecure public access network (i.e., Internet) exposes the transaction number to theft by hackers and system eavesdroppers. This transmission of transaction numbers via online means has created increased opportunities for fraud since the customer often does not present a physical card for transaction completion. Namely, it is possible for these numbers to be intercepted during transmission, after transmission, while being stored electronically or at the merchant's online or offline location.
In light of the increase in charge card fraud involving situations where the physical charge card is not actually presented to the merchant, customers are becoming increasingly leery of giving out the customer's transaction account number to online merchants (or other unknown third parties asserting to be merchants).
Moreover, not only are the customers subject to incur unauthorized charges due to theft of the customer's charge card information, but the online merchant receiving the fraudulent or stolen credit card information is victimized as well. The merchant may receive charge card information belonging to a valid customer, which is not being used by the valid customer to complete an online transaction. For example, the charge card information may be used by a fraudulent person who has pirated the information, and not by someone who the customer has authorized to use the transaction account. Once a transaction request is processed, the merchant may have difficulty getting satisfaction of the transaction request, especially if, for example, the valid customer later disputes the transaction. Thus, a more secure means is needed of ensuring that the charge card number received by the merchant is not stolen.
Furthermore, with the introduction of new payment technologies, such as transponder devices using radio frequency to facilitate transactions, there is a need to protect and safeguard related account numbers or other sensitive information from fraud or theft. In addition to addressing security gaps, the invention can be used by a creditworthy accountholder to set up and administer secondary accounts to others (student, dependent, spouse, employees, etc.).