ENHANCEMENTS TO TRANSACTION PROCESSING IN A SECURE ENVIRONMENT

摘要

Embodiments of the present invention are directed to methods, systems, and apparatuses for performing a secure authentication process to authenticate a payment device used in a transaction between a merchant and a user. The secure authentication process may receive an authentication request message including user data, user computing device data and transaction data to verify that an account is enrolled in the secure authentication process and perform a risk analysis to determine whether the transaction should be authenticated.

主权项

1. A method comprising:
receiving, at a server computer, an authentication request message for a transaction involving a user computing device associated with a user, the authentication request message including user data, user computing device data, and transaction data; determining, by the server computer, if authentication is available for the transaction by determining whether an account identifier associated with the user is enrolled in an authentication program; when authentication is available for the transaction, performing, by the server computer, a risk analysis using the user data, the user computing device data, and the transaction data received in the authentication request message to compute a risk score; and when the risk score determined from the risk analysis is on a first side of a threshold,
initiating generating a verification value, andprovisioning the verification value to the user computing device in an authentication response message, and when the risk score determined from the risk analysis is on a second side of the threshold,
initiating generating and sending a challenge request message to the user computing device, andprovisioning the verification value to the user computing device in the authentication response message, after the challenge request message is generated and sent.