The Toronto-Dominion Bank
High fraud risk transaction authorization

Abstract:

A method of authorizing a transaction involves a computer server authenticating a payment cardholder from a cardholder credential, and receiving a request from a communications terminal to initiate an online transaction with the server. The server communicates with a database of clusters, each uniquely associated with a respective cardholder and identifying an authentication card and a partial payment card number. The server requests an authentication credential from the terminal in response to determining that the requested transaction possesses a high risk of fraud. The server receives the requested authentication credential, and uses the cardholder and authentication credentials to locate the authentication card uniquely associated with the cardholder and the authentication credential in the database. The authentication credential has fewer digits than the account number of the located authentication card. The server authorizes the transaction in response to authenticating the cardholder using the account number of the located authentication card.