摘要 |
A two-factor approach for authenticating payment transactions between a third-party application and a consumer is facilitated by a transaction server via a consumer's mobile device. A first communication channel (e.g., the Internet) is used to request authorization, and a second independent communication channel is used for identity verification and authorization. The second channel is typically the user's mobile phone or other wireless communication device. In this way, authorization is de-linked from, but “synchronized” with, the communication channel used to purchase goods or services. |
主权项 |
1. A method of authorizing a payment transaction among a consumer, a merchant, and a registered consumer device by a transaction server, the method comprising:
transmitting, by a merchant system to the transaction server over a first communication channel, a transaction-authorization request containing a consumer identifier but not including secure information of the consumer; subsequent to the communication from the merchant system and without initiation by the consumer, transmitting the transaction authorization request to the registered consumer device over a second communication channel different from the first communication channel; and upon receiving over the second communication channel a transaction authorization, which does not include secure consumer information, granted by the consumer via the registered device, transmitting the transaction authorization to the merchant system over the first communication channel. |