REGISTER  |  SIGN IN
United States Patent6029154
PettittFebruary 22, 2000
Title
Method and system for detecting fraud in a credit card transaction over the internet
Abstract
A method and system for detecting fraud in a credit card transaction between consumer and a merchant over the Internet. The method and system comprises obtaining credit card information relating to the transaction from the consumer; and verifying the credit card information based upon a variety of parameters. The variety of parameters are weighted so as to provide a merchant with a quantifiable indication of whether the credit card transaction is fraudulent. In so doing, an integrated verification system is provided which allows a merchant, or the like, to accurately and efficiently determine the validity of a transaction over the Internet.
Inventors:Pettitt; John Philip (Los Altos, CA)
Assignee:Internet Commerce Services Corporation (San Jose, CA)
Appl. No.:901687
Filed:July 28, 1997
Current U.S. Class:705/44 705/38 705/39 
Field of Search:705/39,44,16,17,18,21,26,30,38,33,42,1 235/380,382 902/4,5
U.S. Patent Documents
3657702April 1972Stephenson, Jr.
4305095December 1981Benton
4485300November 1984Peirce
4510382April 1985Walter
4528643July 1985Freeny, Jr.
4578530March 1986Zeidler
4594663June 1986Nagata et al.
4734564March 1988Boston et al.
4734858March 1988Schlafly
4755940July 1988Brachtl et al.
4792968December 1988Katz
4795890January 1989Goldman
4799156January 1989Shavit et al.
4812628March 1989Boston et al.
4827508May 1989Shear
4845739July 1989Katz
4922521May 1990Krikke et al.
4935870June 1990Burk, Jr. et al.
4947028August 1990Gorog
4977595December 1990Ohta et al.
4982346January 1991Girouard et al.
4992940February 1991Dworkin
5025373June 1991Keyser, Jr. et al.
5060153October 1991Nakagawa
5077607December 1991Johnson et al.
5175682December 1992Higashiyama et al.
5177342January 1993Adams
5220501June 1993Lawlor et al.
5247575September 1993Sprague et al.
5305195April 1994Murphy
5311594May 1994Penzias
5321751June 1994Ray et al.
5336870August 1994Hughes et al.
5341429August 1994Stringer et al.
5347632September 1994Filepp et al.
5351186September 1994Bullock et al.
5351293September 1994Michener et al.
5377269December 1994Heptig et al.
5383113January 1995Kight et al.
5386104January 1995Sime
5414833May 1995Hershey et al.
5475585December 1995Bush
5500513March 1996Langhans et al.
5530438June 1996Bickham et al.
5557518September 1996Rosen
5590197December 1996Chen et al.
5596642January 1997Davis et al.
5596643January 1997Davis et al.
5604802February 1997Holloway
5621797April 1997Rosen
5623547April 1997Jones et al.
5642419June 1997Rosen
5696907December 1997Tom
5696909December 1997Wallner
5715314February 1998Payne et al.
5724424March 1998Gifford
5732400March 1998Mandler et al.
5757917May 1998Rose et al.
5758327May 1998Gardner et al.
5812668September 1998Weber
5819226October 1998Gopinathan et al.
5826245October 1998Sandberg-Diment
5905736May 1999Ronen et al.
Re30579April 1981Goldman et al.
Re30580April 1981Goldman et al.
Other References
"CyberSource IVS TM" found on the Internet at http://www.cybersource.com/html/solutions/fraudmain.html#overview, Nov. 4, 1998. .
Qualcomm, Insignia, Wall Data and seven other publishers choose CyberSource to distribute products via the Internet, PRNewswire, San Jose, California, Apr. 30, 1996. .
"Check Fraud: Verification Firms Help Cut $2.9 Billion Loss," Stanley H. Slom, Stores, Feb. 1992. .
"Faster Credit Card Authorization," anonymous, Chain Store Age Executive with Shopping Center Age, New York, Mar. 1995. .
"ICS CommerceFLEX Developer's Guide and Reference," Revision 2.03, CyberSource Corporation, Apr. 1997. .
"Internet Commerce Services," CyberSource Corporation, undated. .
"Electronic Software Distribution," CyberSource Corporation, undated. .
"Advertising Opportunities," CyberSource Corporation, undated. .
"Customer Profile," CyberSource Corporation, undated. .
"Shopping for Software Object on the Web," Communications Week, Nov. 1995. .
"Where to Buy Objects Over The Internet," Information Week, Dec. 1995. .
"Security for Computer Networks: An Introduction to Data Security in Teleprocessing and Electronic Funds Transfer," John Wiley & Sons, Dec. 1985. .
Webster's II, New Riverside University Dictionary, Houghton Mifflin Company, p. 1129, 1994. .
Mak, Stephen, "Network Based Billing Server", Carnegie Mellon University, Information Networking Institute, Master of Science Thesis, 1991. .
Cohen, Danny, "Computerized Commerce", ISI Reprint Series ISI/RS-89-243, Oct., 1989, Reprinted from Information Processing 89, Proceedings of the IFIP World Computer Congress, held Aug. 28-Sep. 1, 1989. .
Cohen, Danny, "Electronic Commerce", University of Southern California, Information Sciences Institute, Research Report ISI/RR-89-244, Oct., 1989. .
Jansson, Lennart, "General Electronic Payment System", 7.sup.th Proceedings of the International Conference on Computer Communication, pp. 832-837, 1985. .
Miller, S.P., et al., Kerberos Authentication and Authorization System, Project Athena Technical Plan, Section E.2.1., Massachusetts Institute of Technology, Oct., 1988. .
Davies, D.W., et al., "Security for Computer Networks: An Introduction to Data Security in Teleprocessing and Electronic Funds Transfer", John Wiley & Sons, Dec. 5, 1985. .
Batelaan, Richard, et al., "An Internet Billing Server: System Requirements", Carnegie Mellon University, Master of Science Thesis, 1992. .
Batelaan, Richard, et al., "An Internet Billing Server Prototype Design", Carnegie Mellon University, 1992. .
Bodner, Eric, et al., "The Internet Billing Server: Prototype Requirements", Carnegie Mellon University Information Networking Institute, Maser of Science Thesis, 1993. .
Bodner, Eric, et al., "The Internet Billing Server: Design Document", Carnegie Mellon University Information Networking Institute, Master of Science Thesis, 1993. .
Bodner, Eric, et al., "An Internet Billing Server: Analysis of Distributed Computing and Cross Platform Issues", Carnegie Mellon University, Master of Science Thesis, 1993. .
Bodner, Eric, et al., "An Internet Billing Server: Availability, Reliability & Scalability Issues in the MS4 Billing Server Design & Prototype", Master of Science Thesis, 1993. .
K. Rodriquez, "CyberSource sells software on Internet," InfoWorld, Nov. 21, 1994. .
"CyberSource Begins to Offer Software of Symantec and Others on the Internet," The Wall Street Journal, Jan. 31, 1995. .
"Software Sales Brought to the Internet," LAN Times, Jan. 9, 1995. .
One-page flyer describing "software.net" service, Oct. 1995. .
Fact Sheet describing "components.software.net" service, 1995. .
Hewlett-Packard Company, Product Brief, "software.net" service, Sep. 1995. .
CyberSource Corporation, Press Release, "Microsoft Corp. Chooses software.net to be First To Electronically Deliver Microsoft Software," Oct. 17, 1995. .
J. Rigdon, "Microsoft to Sell Most Popular Software Through Resellers Using the Internet," The Wall Street Journal, Oct. 16, 1995. .
CyberSource Corporation, Press Release, "Software.net Opens Internet Product Center To Connect Internet Publishers with Internet Customers," Oct. 23, 1995. .
IBM Corporation, Press Release, "IBM and CyberSource Corporation Tap Into the Power of the Internet to Offer One-Stop Component Shopping," Nov. 13, 1995. .
S. Kichen, "Impulse items," Forbes, May 8, 1995. .
M. Moeller, "New CyberSource of Information," PC Week, Nov. 20, 1995. .
H. Clancy, "Internet Makes Headway as Software Distribution Channel," Computer Reseller News, Nov. 20, 1995. .
M. Marshall et al., "Shopping for Software Object on the Web," Communications Week, Nov. 20, 1995. .
C. Wilder, "Where to Buy Objects Over The Internet," Information Week, Dec. 11, 1995. .
CyberSource Corporation, "CyberSource Corporate Backgrounder," 1996. .
CyberSource Corporation, "News and Press Release Abstracts," Apr., 1996. .
Press Release, "CyberSource's New Internet Commerce Services Provide Software Publishers Turn-Key Electronic Transaction and Distribution Services," Apr. 30, 1996. .
CyberSource Corporation, Internet Commerce Services, "Schedule of Services for Distributors and Merchants," Sep. 6, 1996. .
CyberSource Corporation, Merchant Internet Commerce Services, "Typical Commerce Site Functions and Integration Check List," 1996. .
ICS Launch Schedule, prepared and printed in Dec., 1996. .
ICS Customers list, prepared and printed in Dec., 1996. .
MarketingWorks, CyberSource Capabilities Brochure Outline, Dec. 10, 1996. .
CyberSource's ICS Launch PR Plan, Jan. 14, 1997. .
CyberSource Corporation, Brochure, "CyberSource Internet Commerce Services," 1997. .
CyberSource Corporation, "Largest Internet-Based Electronic Software Superstore," undated. .
CyberSource Corporation, "Internet Commerce Services," undated. .
CyberSource Corporation, "Electronic Software Distribution," undated. .
CyberSource Corporation, "Advertising Opportunities," undated. .
CyberSource Corporation, "Customer Profile," undated. .
CyberSource Corporation, "ICS CommerceFLEX Developer's Guide and Reference," Revision 2.03, Apr. 14, 1997..~
Primary Examiner: MacDonald; Allen R.
Assistant Examiner: Meinecke-Diaz; Susanna
Attorney, Agent or Firm:McDermott, Will & Emery
Claims

What is claimed is:
1. A method for detecting fraud in a credit card transaction between a consumer and a merchant over the Internet comprising the steps of:
receiving, from the consumer, credit card information relating to the transaction;
creating and storing a consistency check mechanism, a history check mechanism, an automatic verification mechanism and an Internet identification mechanism, each of which may indicate whether the credit card transaction is fraudulent based on transaction information, in combination with information that identifies the consumer, in which the transaction information provides the merchant with a quantifiable indication of whether the credit card transaction is fraudulent;
receiving from the merchant and storing a weight value associated with each of the mechanisms and storing the weight value in association with information that identifies the mechanisms, wherein each of the weight values signifies an importance to the merchant of the value to the credit card transaction of the associated mechanism;
weighting each value of the plurality of parameters according to the weight values;
determining whether the credit card information is fraudulent, based upon the values of the parameters and the weight values;
communicating to the merchant, over the Internet, an indication whether the credit card information is fraudulent;
wherein the steps of creating and storing further include:
obtaining other transactions utilizing an Internet address that is identified with the credit card transaction;
constructing a map of credit card numbers based upon the other transactions; and
utilizing the map of credit card numbers to determine if the credit card transaction is valid.

2. A computer readable medium containing program instructions for detecting fraud in a credit card transaction between a consumer and a merchant over the Internet, wherein execution of the program instructions by one or more processors of a computer system causes the one or more processors to carry out the steps of:
a) obtaining credit card information relating to the transactions from the consumer; and
b) verifying the credit card information based upon values of a plurality of parameters, in combination with information that identifies the consumer, and that may provide an indication whether the credit card transaction is fraudulent,
wherein each value among the plurality of parameters is weighted in the verifying step according to an importance, as determined by the merchant, of that value to the credit card transaction, so as to provide the merchant with a quantifiable indication of whether the credit card transaction is fraudulent,
wherein execution of the program instructions by one or more processors of a computer system causes the one or more processors to carry out the further steps of;
obtaining other transactions utilizing an Internet address that is identified with the credit card transaction; constructing a map of credit card numbers based upon the other transactions; and
utilizing the map of credit card numbers to determine if the credit card transaction is valid.

3. A method for verifying the validity of a credit card transaction over the Internet comprising the steps of:
a) obtaining other transactions utilizing an Internet address that is identified with the credit card transaction;
b) constructing a map of credit card numbers based upon the other transactions and;
c) utilizing the map of credit card numbers to determine if the credit card transaction is valid.
Description
FIELD OF THE INVENTION

The present invention relates generally to credit card transactions and specifically to detecting fraud in such credit card transactions when ordering and downloading information over the Internet.

BACKGROUND OF THE INVENTION

Credit card transactions are being utilized in a variety of environments. In a typical environment a user provides a merchant with a credit card, and the merchant through various means will verify whether that information is accurate. For example, referring now to FIG. 1, a typical credit card verification system 10 is shown. In such a system, a merchant 12 receives a credit card from the customer 14. The merchant then verifies the credit card information through an automated verification system ("AVS") 16.

These systems work well in a credit card transaction in which either the customer has a face-to-face meeting with the merchant or the merchant is actually shipping a package or the like to the address of a customer. The verification procedure typically includes receiving at the AVS system address information and identity information. However, when downloading information from an online service or the Internet, the address and identity information are not enough to adequately verify that the customer who is purchasing the goods is actually the owner of the credit card. For example, an individual may have both the name and the address of a particular credit card holder and that information in a normal transaction may be sufficient for authorization of such a transaction. However, in an Internet transaction it is possible to obtain all the correct information related to the particular credit card holder through unscrupulous means, and therefore, be able to fraudulently obtain information.

Accordingly, what is needed is a system and method that overcomes the problems associated with a typical verification system for credit card transactions particularly in the Internet or online services environment. The system should be easily implemented within the existing environment and should also be straightforwardly applied to existing technology. The present invention addresses such a need.

SUMMARY

A method and system for detecting fraud in a credit card transaction between a consumer and a merchant over the Internet. The method and system comprises obtaining credit card information relating to the transaction from the consumer; and verifying the credit card information based upon a variety of parameters. The variety of parameters are weighted so as to provide a merchant with a quantifiable indication of whether the credit card transaction is fraudulent. In so doing, an integrated verification system is provided which allows a merchant, or the like, to accurately and efficiently determine the validity of a transaction over the Internet.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is diagram of the prior art verification system for credit card transaction.

FIG. 2 is a verification system in accordance with the present invention.

FIG. 3 is a flow chart of the verification system in accordance with the present invention.

FIG. 4 is a flow chart of the integrated verification system in accordance with the present invention.

DETAILED DESCRIPTION

The present invention relates to a fraud detection method, system and apparatus for use in credit card transaction over online services or the Internet. The following description is presented to enable one of ordinary skill in the art to make and use the invention and is provided in the context of a patent application and its requirements. Various modifications to the preferred embodiment will be readily apparent to those skilled in the art and the generic principles herein may be applied to other embodiments. Thus, the present invention is not intended to be limited to the embodiment shown but is to be accorded the widest scope consistent with the principles and features described herein.

The present invention provides an integrated verification system for credit card transactions over an online service or the Internet. Referring now to FIG. 2, what is shown is a block diagram of a system 100 which would use the verification procedure in accordance with the present invention. System 100 includes, similar to FIG. 1, a customer 102 and a merchant 104. The customer 102 provides the merchant with a credit card, and the merchant then sends information from it to an integrated verification system ("IVS") 106 which includes a variety of parameters providing consistency, history and other information in an integrated fashion to determine whether the credit card information is valid. The IVS 106 is typically implemented in software for example in a hard disk, floppy disk or other computer-readable medium. In a typical embodiment, when the customer 102 orders a particular piece of software to be downloaded from a merchant 104, the merchant will provide the credit card number, e-mail address and other pertinent information to the IVS 106. The integrated verification system 106 then weights the variety of parameters so as to provide a merchant with a quantifiable indication on whether the credit and transaction is fraudulent. To more clearly describe the operation of a system and method in accordance with the present invention, refer now to the following discussion in conjunction with the accompanying figures.

FIG. 3 shows a simple block diagram for providing an integrated verification of a credit card transaction over the Internet. The IVS 106 includes a controller 212 which receives the credit information from the merchant and then sends that information on to a variety of parameters 202-208. The plurality of parameters operate on the information to provide an indication of whether the transaction is valid. In this embodiment, the plurality of parameters comprises a history check 202, a consistency check 204, an automatic verification system 206 and an Internet identification verification system ("IIVS") 208. The output or individual indications of validity of these parameters are provided to fraud detector 210. The fraud detector 210
combines these inputs to provide an integrated indication of whether the particular transaction is valid.

Consistency check 204 allows IVS 106 to determine whether the credit information is consistent, i.e., does the credit information match the user and other information. AVS system 206 provides similar information as AVS 16 described in FIG. 1. A key feature of both the history database 222 and the Internet ID database 224 is that they can be accessed and the information there within can be supplemented by a variety of other merchants and, therefore, information from those merchants is obtainable thereby.

History check 202 is provided which also accesses a history database 222 which may include card number and email information. The history check 202 will also actively determine if the particular transaction matches previous database information within the history database 222. Therefore, the Internet ID verification system 208 and history check 202 increases in utility over time. The Internet ID verification system 208 provides for a system for verifying the validity of an Internet address, the details of which will be discussed hereinafter. The Internet identification verification system 208 similar to the history check 202 includes a database 224 which can be added to by other merchants.

In addition, the Internet identification verification system 208 accesses and communicates with a database of Internet addresses. This system will be used to verify whether the Internet address is consistent with other Internet addresses being used in transactions utilizing this credit card.

These different parameters are weighted via weighting blocks 214-220, respectively, dependent upon the particular credit card transaction. For example, if the amount of dollar transaction is critical, it may be appropriate for the history check
202 and AVS system 206 and 206 to be weighted more critically than the other parameters. On the other hand, if a critical point is the consistency of the Internet address, then the consistency check 204 and the Internet identification system 208 may be more critical. Accordingly, each of the verification parameters 202-208 may be weighted in different amounts depending upon its importance in the verification process.

A particularly important feature of the present invention is the Internet identification system 208 and its operation within the integrated verification system 106. Through this system 208, it is possible to quickly determine if an Internet identification address is being utilized fraudulently. To describe this feature in more detail, refer now to FIG. 4 and the accompanying discussion.

FIG. 4 is a flow chart of the Internet identification verification system 208. The goal of Internet identification verification system 208 is to determine whether the physical address or the physical location of the address compares to a previous physical location that was used for that particular Internet address. Accordingly, in the flow chart of FIG. 4, first the number of transactions that had been processed using that particular Internet address is obtained from the database 224, via step 302. Thereafter, a map of those transactions is constructed based on those obtained transactions, via step 304. Finally, the constructed map is used to determine if the new credit card transaction is valid, via step 306. Accordingly, through a system and method in accordance with this system, an Internet identification verification system is provided which can quickly and easily determine whether a particular Internet address is related to a particular credit card transaction.

Accordingly, what is provided is a system and method for accurately determining whether a particular credit card transaction is a fraudulent one. The integrated verification system in accordance with the present invention provides for weighting the variety of parameters so as to provide a merchant with a quantifiable indication on whether the credit and transaction is fraudulent.

Although the present invention has been described in accordance with the embodiments shown, one of ordinary skill in the art will recognize that there could be variations to the embodiment and those variations would be within the spirit and scope of the present invention. Therefore, although the present invention was described in terms of a particular verification system, one of ordinary skill in the art readily recognizes, that any number of parameters can be utilized and their use would be within the spirit and scope of the present invention. Accordingly, many modifications may be made by one of ordinary skill without departing from the spirit and scope of the present invention, the scope of which is defined by the following claims.

* * * * *
 
Copyright 2006-2008 Patent Looker, LLC