1. Field of the Invention
The present invention relates generally to credit card verification processes, and specifically to an improved automated system and process for detecting and preventing the fraudulent use of credit cards by unauthorized users.
2. Description of Related Art
Credit cards have conventionally been used for financial transactions for reasons of public convenience and economy. Typically, a purchaser merely needs to present the credit card to a vendor to complete a transaction, where all information necessary to complete the financial transaction is contained on the credit card. Credit cards inherently possess a certain degree of risk for fraudulent use, since the credit card information necessary for the financial transaction appears on the face of the credit card. Thus, if a credit card is lost or stolen, an unauthorized user of the credit card may complete financial transactions by merely presenting the credit card number to a vendor. In order to prevent unauthorized use of a credit card, vendors have conventionally asked for picture identification or compared the purchaser's signature with a signature on the card to ensure the purchaser is an authorized user of the card. However, such authorization techniques can only be performed when the purchaser is in the presence of the vendor. Recently, there has been a trend toward performing credit card transactions electronically over computer networks via the "Internet" or phone lines via audiotext systems. In such electronic credit card transactions, the purchaser inputs the credit card information from a remote terminal, such as a computer terminal or telephone keypad, and this information is transmitted to the vendor. Prior authorization techniques used for in-person transactions can not be used with electronic credit card transactions, so new security measures are required to prevent fraudulent and unauthorized electronic credit card transactions.
One type of security measure developed for electronic credit card transactions is the verification of the billing address of the credit card holder. The purchaser is required to input his billing address along with his credit card information through the remote terminal. The financial institution issuing the credit card has the billing address for each of its credit card holders stored along with the associated credit card information in a database of credit card holders' accounts. When the credit card information is presented to the financial institution from the vendor for authorization, the stored billing address associated with the credit card number submitted for authorization is compared with the billing address input by the purchaser to ensure they match. If the addresses do not correlate, then the purchaser is deemed to be an unauthorized user and the credit card transaction is denied. However, address verification systems of this type are not entirely effective in preventing unauthorized use. Individuals usually carry their credit cards in their wallets along with other personal identification, such as the individual's driver's license. A thief who steals the individual's wallet will have access to the individual's personal identification as well as their credit card, so that the thief will know the credit card holder's address and will be able to satisfy the address verification test during the authorization procedure. Thus, address verification systems have not been successful in entirely eliminating fraudulent usage of credit cards.
Another security measure developed to prevent fraudulent electronic credit card transactions is the use of automated number identification (ANI) blocking. Since almost all electronic credit card transactions are performed from remote terminals connected through telephone lines, the vendor automatically collects the telephone number associated with the telephone line of the remote device from the telephone carrier. The vendor possesses a stored list of telephone numbers associated with a pattern of fraudulent use, wherein the ANI collected is compared with the stored list to determine if a match exists. If the ANI collected is on the stored list, then that telephone line is blocked from further use. ANI blocking is effective in preventing continued fraudulent usage of a credit card from a particular phone number. However, ANI blocking is also of limited usefulness, because it correlates a telephone number used on one occasion for a fraudulent credit card transaction as a blocked phone number. Even though the telephone number and credit card are not interrelated, the telephone number will be blocked from any further credit card transactions. The next electronic credit card transaction attempted using that telephone number may be a valid transaction, but the transaction will be denied since the telephone number has been blocked by ANI blocking. Thus, remote terminals frequently having a plurality of different users, such as hotel room telephones or pay phones, will be blocked by ANI blocking by one fraudulent use, preventing subsequent valid credit card transactions from being performed from that remote terminal. While ANI blocking is effective in preventing repeated fraudulent credit card transactions from occurring from the same remote terminal, it also has the detrimental effect of preventing subsequent valid credit card transactions from being performed from the same remote terminal.
Clearly, there is a need for a method for preventing fraudulent electronic credit card transactions which does not also incidentally prevent subsequent valid credit card transactions from being performed. Moreover, there is a need for a more secure method for preventing fraudulent electronic credit card transactions by requiring identifying data that is not easily attainable by a fraudulent user.