American Express has filed a patent for a system that enables secure online in-application purchases. The system involves a computing device that identifies a purchase request from a merchant application, authenticates an account with a wallet provider, executes a security library to ensure device security, determines a security code based on data received from the wallet provider, and transmits a token to the wallet provider for the purchase request. GlobalData’s report on American Express gives a 360-degree view of the company including its patenting strategy. Buy the report here.
According to GlobalData’s company profile on American Express, payment actuated vending was a key innovation area identified from patents. American Express's grant share as of June 2023 was 1%. Grant share is based on the ratio of number of grants to total number of patents.
Securely conducting online in-application purchases
A recently filed patent (Publication Number: US20230206215A1) describes a method and system for secure transactions using a client device and a wallet provider. The method involves several steps to ensure the security of the transaction.
In the first claim, the method begins with the client device identifying a purchase request from a merchant application. The client device then authenticates an account with a wallet provider based on the user's selection. The device receives an instruction from the wallet provider to execute a security library stored on the device. By executing the security library, the client device determines its own security and generates a device response for the wallet provider. The device also determines a security code based on data received from the wallet provider and transmits a token to the wallet provider, referencing the account stored on the client device.
The second claim adds that the client device generates the purchase request using the merchant application, based on the user's selection of an item and a checkout button.
The third claim explains that the authentication process involves generating a list of active accounts for display using a wallet provider client layer. This list is based on transaction data provided by the merchant application, and the user selects the desired account from this list.
The fourth claim introduces the use of a network software development kit (SDK). The client device receives an indication to invoke the SDK, generates an application transaction counter (ATC) based on the SDK's function execution, and transmits the ATC to the wallet provider.
The fifth claim states that the client device generates a payment cryptogram for the purchase request by executing a wallet provider client layer.
The sixth claim specifies that the merchant application can be a browser application, a native application, a web application, or a website executed on the client device.
The seventh claim involves the client device receiving a modified unpredictable number (MUN) from the wallet provider and generating a payment cryptogram based on the security code and the MUN.
The subsequent claims describe a system and a non-transitory computer-readable medium embodying machine-executable instructions that perform the same steps as the method claims.
Overall, this patent outlines a method and system for secure transactions using a client device and a wallet provider, ensuring authentication, security, and encryption of payment information.