Search

US-20260127573-A1 - PROCESSING USING MACHINE READABLE CODES AND SECURE REMOTE INTERACTIONS

US20260127573A1US 20260127573 A1US20260127573 A1US 20260127573A1US-20260127573-A1

Abstract

A method is disclosed. The method includes receiving, by an application on a communication device from an access device, a unique identifier associated with a resource provider in a transaction. The method also includes transmitting, by the application, a message comprising the unique identifier and an access data reference identifier associated with access data to a remote server computer associated with the application. The remote server computer searches a database for access data using the access data reference identifier, retrieves the access data, and provides the access data to a transport computer which processes the transaction using the access data.

Inventors

  • Barbara Patterson
  • Allen Cueli
  • Ralph Koker
  • Ruben Salazar Genovez

Assignees

  • VISA INTERNATIONAL SERVICE ASSOCIATION

Dates

Publication Date
20260507
Application Date
20251219

Claims (20)

  1. 1 . A method comprising: activating a digital application on a communication device to scan encoded data associated with a resource provider in a transaction, wherein the encoded data comprises a unique identifier associated with the resource provider in the transaction; receiving, by the digital application on the communication device from an access device, the unique identifier associated with the resource provider in the transaction; receiving a selected user device; retrieving an access data reference identifier associated with the selected user device; transmitting, by the digital application on the communication device, a message comprising the unique identifier and the access data reference identifier associated with the selected user device to a remote server computer associated with the application, wherein the remote server computer centrally stores access data for a plurality of different digital applications and is configured to update the access data for the plurality of different digital applications via the access data reference identifier, wherein the remote server computer is configured to generate a dynamic authentication ID that is sent to a transport computer for encoding into the unique identifier, the transport computer configured to send an authorization request message to a payment processing network computer, wherein the dynamic authentication ID is configured to validate the unique identifier during the transaction, wherein the remote server computer searches a database for access data using the access data reference identifier, retrieves the access data, and provides the access data to a transport computer which processes the transaction using the access data; and receiving a notification that the transaction is authorized.
  2. 2 . The method of claim 1 , wherein the unique identifier is encoded in a QR code, the access device is an access terminal that is configured to generate authorization request messages.
  3. 3 . The method of claim 1 , wherein the remote server computer is in an SRT system.
  4. 4 . The method of claim 1 , wherein the access data comprises a real credential.
  5. 5 . The method of claim 1 , wherein the access data comprises an access token.
  6. 6 . The method of claim 1 , wherein the transaction is a transaction to access secure data, and the notification comprises the secure data.
  7. 7 . The method of claim 1 , wherein the communication device is a mobile phone comprising a camera and the unique identifier is embedded in a machine readable code.
  8. 8 . The method of claim 1 , wherein after the communication device receives the unique identifier, the communication device displays a plurality of user devices, wherein one of the user devices corresponds to the access data.
  9. 9 . The method of claim 8 , wherein the selected user device corresponds to the access data from a user of the user device.
  10. 10 . The method of claim 9 , wherein the plurality of user devices are a plurality of cards.
  11. 11 . The method of claim 9 , wherein the access data comprises an access token, which is a substitute for a real credential.
  12. 12 . The method of claim 1 , wherein the transport computer generates and transmits an authorization request message comprising the access data to an authorizing entity computer to obtain authorization for the transaction.
  13. 13 . The method of claim 1 , wherein the access data comprises an access token, and wherein the transport computer generates and transmits an authorization request message comprising the access token to a processing network computer, which obtains a real credential using the access token and communicates with an authorizing entity computer to obtain authorization for the transaction.
  14. 14 . A communication device comprising: a processor; and a computer readable medium, the computer readable medium comprising code, executable by the processor, to perform a method comprising: activating a digital application on the communication device to scan encoded data associated with a resource provider in a transaction, wherein the encoded data comprises a unique identifier associated with the resource provider in the transaction; receiving, by the digital application from an access device, the unique identifier associated with the resource provider in the transaction; receiving a selected user device; retrieving an access data reference identifier associated with the selected user device; transmitting, by the digital application on the communication device, a message comprising the unique identifier and the access data reference identifier associated with the selected user device to a remote server computer associated with the application, wherein the remote server computer centrally stores access data for a plurality of different digital applications and is configured to update the access data for the plurality of different digital applications via the access data reference identifier, wherein the remote server computer is configured to generate a dynamic authentication ID that is sent to a transport computer for encoding into the unique identifier, the transport computer configured to send an authorization request message to a payment processing network computer, wherein the dynamic authentication ID is configured to validate the unique identifier during the transaction, wherein the remote server computer searches a database for access data using the access data reference identifier, retrieves the access data, and provides the access data to a transport computer which processes the transaction using the access data; and receiving a notification that the transaction is authorized.
  15. 15 . The communication device of claim 14 , further comprising: an antenna coupled to the processor; and a camera coupled to the processor.
  16. 16 . The communication device of claim 15 , wherein the unique identifier is present in a two-dimensional machine readable code and the camera is adapted to scan the two-dimensional machine readable code.
  17. 17 . A method comprising: receiving, by a remote server computer, from a digital application on a communication device in a transaction, a message comprising a unique identifier associated with a resource provider and an access data reference identifier associated with access data of a selected user device, wherein the remote server computer centrally stores access data for a plurality of different digital applications and is configured to update the access data for the plurality of different digital applications via the access data reference identifier, wherein the remote server computer is configured to generate a dynamic authentication ID that is sent to a transport computer for encoding into the unique identifier, the transport computer configured to send an authorization request message to a payment processing network computer, wherein the dynamic authentication ID is configured to validate the unique identifier during the transaction; searching a database for access data using the access data reference identifier; retrieving the access data; and providing the access data to a transport computer which processes the transaction using the access data.
  18. 18 . The method of claim 17 , wherein the access data comprises an access token, which a substitute for a real credential.
  19. 19 . The method of claim 17 , further comprising: validating, by the remote server computer, the unique identifier, before retrieving the access data.
  20. 20 . The method of claim 17 , further comprising: generating, by the remote server computer, a correlation ID; and providing the correlation ID to the transport computer along with the access data.

Description

CROSS-REFERENCES TO RELATED APPLICATIONS This application is a continuation application of U.S. application Ser. No. 17/763,834, filed Mar. 25, 2022, which is a National Stage of International Application No. PCT/US2020/055988, filed Oct. 16, 2020, which claims priority to U.S. Provisional Application No. 62/923,063, filed on Oct. 18, 2019, which are herein incorporated by reference in their entirety. BACKGROUND Codes such as QR codes have been used to access resources such as secure data, goods and services, and secure locations. When they are used, access data that is stored in a communication device that has scanned a QR code can be provided to a server computer to access a desired resource. While such systems are useful, there are a number of problems with such systems. For example, when access data is stored on a communication device it is susceptible to hacking and can be compromised. Also, a user of a communication device such as a mobile phone may wish to utilize specific access data with multiple applications on the user's phone. In this case, the user needs to interact with each application to manage the access data with respect to each application. This can be cumbersome and difficult, especially when the access data becomes inoperative (e.g., is expired or was compromised) and needs to be replaced. For example, a user may have ten applications on a communication device that might use the same access data to provide a user with a particular resource. At some time, the access data may expire and new access data needs to be provided to each of the ten applications. The user needs to input the new access data into each and every application. Embodiments of the invention address these and other problems, individually and collectively. SUMMARY One embodiment of the disclosure includes a method comprising: receiving, by an application on a communication device from an access device, a unique identifier associated with a resource provider in a transaction; transmitting, by the application, a message comprising the unique identifier and an access data reference identifier associated with access data to a remote server computer associated with the application, wherein the remote server computer searches a database for access data using the access data reference identifier, retrieves the access data, and provides the access data to a transport computer which processes the transaction using the access data; and receiving a notification that the transaction is authorized. Another embodiment of the disclosure includes a communication device comprising: a processor; and a computer readable medium, the computer readable medium comprising code, executable by the processor, to perform a method comprising: receiving, by an application from an access device, a unique identifier associated with a resource provider in a transaction; transmitting a message comprising the unique identifier and an access data reference identifier associated with access data to a remote server computer associated with the application, wherein the remote server computer searches a database for access data using the access data reference identifier, retrieves the access data, and provides the access data to a transport computer which processes the transaction using the access data; and receiving a notification that the transaction is authorized. Another embodiment of the disclosure can include a method comprising: receiving, by a remote server computer, from an application on a communication device, a message comprising the unique identifier and an access data reference identifier associated with access data; searching a database for access data using the access data reference identifier; retrieving the access data; and providing the access data to a transport computer which processes the transaction using the access data. These and other embodiments are described in further detail below. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 shows a block diagram of a system according to an embodiment of the invention. FIG. 2A shows a process for setting up an account and unique identifier for a resource provider according to the embodiments. FIG. 2B shows a process for an issuer to link a user's account to an application on a communication device according to the embodiments. FIG. 3 shows an overview of the transaction flow between a resource provider and a consumer according to the embodiments. FIGS. 4A-4F shows screenshots of images that a user would view on a mobile device or access device. FIG. 5 shows a block diagram of a communication device according to an embodiment. FIG. 6 shows a block diagram of a remote server computer that can be in an SRT system according to an embodiment. DETAILED DESCRIPTION Prior to discussing embodiments of the invention, description of some terms may be helpful in understanding embodiments of the invention. “Access data” may include any suitable data that can be used to access a resource or create data that can acce