Bruce Thomas Rutherford, 51213 Longwood Dr, Manalapan, NJ 07726

2003012, Jun 26, 2003

Mar 11, 2002

10/096271

Edward Hogan - Larchmont NY, US
Carl Campbell - Newtown Square PA, US
Arthur Kranzley - Princeton Junction NJ, US
Bruce Rutherford - Stamford CT, US
Stephen Orfei - Katonah NY, US

G06F017/60

705/026000

In a secure electronic payment system, authentication data is sent from a payment account issuer to user software operated by a purchaser. The user software sends the authentication data to a merchant using hidden fields on the Web page of the merchant. The merchant generates an authorization request message based upon the authentication data. The authorization request message is sent to a payment organization either directly from the merchant or via the merchant's acquirer. The payment organization forwards the authorization request message to a payment account issuer which verifies the authorization request message, thereby generating an authorization response message which is sent to the payment organization. The payment organization forwards the authorization response message to the merchant, either directly or via the acquirer.

2008015, Jun 26, 2008

Jun 4, 2004

10/560192

Bruce Rutherford - Stamford CT, US
Alfred Dagher - Wyckoff NJ, US
Mark Wiseman - Chesterfield MO, US
Didier Jean Marie Charles Paie - Rixensart, BE
Jean-Paul Edmond Rans - Lasnes, BE
Fikret Ates - Namur, BE
John Wankmueller - Great Neck NY, US

G06Q 20/00

705 44

A Chip Authentication Program based on 3-D Secure protocols is provided for authenticating customers' on-line transactions. An issuer, who may be a payment card issuer, operates Access Control and Authentication Request Servers for authenticating transactions by individual customers who are identified by their personal EMV-complaint smart cards. An authentication token is generated at the point of interaction (POI) for each transaction based on information from the customer's smart card and transaction specific information sent directly by the issuer to populate a web page at the POI. Authentication tokens generated at the POI are evaluated by the Authentication Request Server to authenticate individual customer and/or card presence at the transaction POI. Authentication values are transported on-line in designated Universal Cardholder Authentication Fields consistent with 3-D Secure protocols.

2022031, Oct 6, 2022

Jun 22, 2022

17/846111

- Purchase NY, US
Fernando LOURENCO - Congleton, GB
Bruce John RUTHERFORD - Stamford CT, US

G06Q 20/32
H04L 9/30
G06Q 20/36
G06Q 20/20

A method for secured receipt and usage of payment credentials using a commercial-off-the-shelf (COTS) device includes: storing, in the COTS device, a secure application program and cryptographic keys; establishing, by the program, a secure communication channel with a back-end system inaccessible by any application program or component in the COTS device; exchanging attestation data between the program and the back-end system using the communication channel; receiving payment credentials from a payment card by a near field communication (NFC) interface in the COTS device; transmitting the payment credentials to the program by the NFC interface; enciphering, by the program, the payment credentials; and transmitting, by the program of the COTS device, the enciphered payment credentials to the back-end system using the secure communication channel.

2021009, Mar 25, 2021

Dec 4, 2020

17/112565

- San Francisco CA, US
- Purchase NY, US
Bruce Rutherford - Stamford CT, US
Gregory Williamson - Stamford CT, US
James Anderson - Mount Vernon NY, US

G06Q 20/38
G06Q 20/40
G06Q 20/36
G06Q 20/12
G06Q 20/20

Embodiments of the invention are directed to methods, apparatuses, computer readable media and systems for providing, along with a token, a token assurance level and data used to generate the token assurance level. At the time a token is issued, one or more Identification and Verification (ID&V) methods may be performed to ensure that the token is replacing a PAN that was legitimately used by a token requestor. A token assurance level may be assigned to a given token in light of the type of ID&V that is performed and the entity performing the ID&V. Different ID&Vs may result in different token assurance levels. An issuer may wish to know the level of assurance and the data used in generating the level of assurance associated with a token prior to authorizing a payment transaction that uses the token.

2019031, Oct 17, 2019

Apr 12, 2019

16/382338

- Purchase NY, US
Fernando Lourenco - Congleton, GB
Bruce John Rutherford - Stamford CT, US

MASTERCARD INTERNATIONAL INCORPORATED - Purchase NY

G06Q 20/32
G06Q 20/36
G06Q 20/20
H04L 9/30

A method for secured receipt and usage of payment credentials using a commercial-off-the-shelf (COTS) device includes: storing, in the COTS device, a secure application program and cryptographic keys; establishing, by the program, a secure communication channel with a back-end system inaccessible by any application program or component in the COTS device; exchanging attestation data between the program and the back-end system using the communication channel; receiving payment credentials from a payment card by a near field communication (NFC) interface in the COTS device; transmitting the payment credentials to the program by the NFC interface; enciphering, by the program, the payment credentials; and transmitting, by the program of the COTS device, the enciphered payment credentials to the back-end system using the secure communication channel.