ACCOUNT TRANSACTION FRAUD DETECTION

摘要

A merchant conducting a transaction on an account forms transaction data with a sensitive data field. To obscure the account prior to transmitting information about the transaction, for each character in the sensitive data field, a combined character is formed with a character of a generated pad. A replacement character is formed by a modulus operation on the combined character and is stored in the corresponding position in the sensitive data field. A transmission containing the sensitive data field with replacement characters is delivered to the merchant's acquirer. Subsequently, a first transmission is received for another transaction from a merchant that contains transaction data upon an account and a sensitive data field. Using the sensitive data field, an attempt is made to retrieve a transaction data record that contains data from a previous transaction that includes the account upon which the previous transaction was conducted. The sensitive data field, which is encrypted as the corresponding account upon which the previous transaction was conducted, was encrypted by a character-by-character modulo operation using a generated pad. If the transaction data record is retrieved, a second transmission is sent that contains a fraud notification of the attempt to conduct a transaction upon the encrypted account in the sensitive data field. If there is no retrieval of the transaction data record, a third transmission containing a no-fraud notification is sent.