Abstract
Multi-factor verification steps currently used for authenticating online purchases, e.g., one-time codes sent to a phone, can prove to be a hurdle for some customers. This disclosure describes a strong customer authentication technique, referred to as secure payment authentication (SPA), that enables users to authenticate online transactions using device-bound tokens. Authentication is driven by payment service providers, and a simple device unlock can confirm a transaction. Strong customer authentication is made possible with just a single (or even zero) click. Cross-device authentication can be enabled, such that a customer can authenticate themselves on a payment app on a mobile device while performing transactions on a second device such as a laptop, etc.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Recommended Citation
Muthalagappan, Annamalai; Corsello, Bill; Lin, Christopher; Li, Cong; Shu, Derek; Modrea, Florin; Sorathia, Habib; Chhatbar, Hemen; Liu, Heng; Czapracki, Jan; Xie, Jingmin; Kapila, Karen Langsam; Cai, Karl; Tu, Kenneth; Hadinger, Layla; Duan, Lei; Petraglia, Lucas; Driscu, Lucian; Mulkeen, Matt; Lawley, Mark; Deng, Meng; Gautier, Monica; Govindaraju, Raj; Yamaoka, Rie; Meza, Rocky; Huang, Sharon (Xiaoqin); Wang, Shuojing; Ratcliffe, Stephen John; Hu, Xiaoming; Wu, Yinua; Li, Yitian; Ni, Yong; Dayanand, Dinoop; and Gautam, Utkarsh, "Secure Payment Authentication That Provides Strong Customer Authentication", Technical Disclosure Commons, (January 15, 2024)
https://www.tdcommons.org/dpubs_series/6603