The present invention relates to the technical fields of Computer Security, Mobile Computing, Telecommunications, Digital Communications, Computer Technology, and Electronic Commerce.
The use of money as a medium of exchange for payments for goods and services, for payment of debts, and for other transfers of value, dates back many centuries. More recently, after the advent of the internet, online payment services and systems such as PayPal (http://paypal.com), Google Wallet (https://wallet.google.com), Apple Pay (https://www.apple.com/iphone-6/apple-pay/), plus secure online banking capabilities are now offered by many banks. Also very recently, Bitcoin (https:/bitcoin.org), a cryptographically-based currency, has been proposed that provides for payment of transactions between parties based on cryptographic proof. Furthermore, commonly used systems such as credit card and debit card systems are employing new electronic technologies and other technologies utilizing network capabilities for controlling and monitoring transactions. The demand for all forms of internet-enabled commerce is on the rise.
Money is a general purpose exchange medium. However, certain crediting, discounting, payment, and reimbursement systems related to purchase transactions may have requirements and limitations with regard to permissible spending. For example, discount coupons are typically only applicable to specific products and vendors. Also, customer loyalty and rewards programs may have internal currencies such as “air miles” for which purchasing options are limited in various ways. Welfare programs and other government services may provide funds for specific purposes. A related example is food stamps, which have a very specific intent regarding what products they can be exchanged for.
Major credit card providers (e.g. Visa, Mastercard) have corporate programs for employees that have conditional rules associated with them. An employer can participate in these programs whereby employees receive a corporate credit card tied to a corporate account and the card may have rules associated with it (related to travel expenses, for example). However, these programs are tied to only one line of accounting and the rules that govern the allowance or rejection of a specific purchase request are predetermined and are not dynamic nor are they identified by a descriptive rule set that can be customized by the customer.
The administrators, managers, and users of such monetary and payment systems may have specific intended purposes for funds, as well as regulatory requirements that must be met. Therefore, there exists a demand for comprehensive, dynamic, rule-based management of modern financial entities that constitute or represent “money”, and for related network-supported transaction and payment systems, to prevent spending of funds for purposes other than the intended or otherwise allowed ones, and to prevent malicious, fraudulent, or otherwise criminal use and theft of the funds.
Disclosed herein is an invention for the control of financial transactions based on pre-defined policies. The invention is based in part on a pending patent application that describes a system and methods for managing policy-based rules for access to computing and peripheral resources The same concept is extended here to include policies for financial transactions. The system of the present invention allows for the authoring of policy rules for when and where transactions are to be approved or rejected. The rules can consider time, place, amount, purchase type, or any other restriction imagined. The system includes direct connection to funds accounts from which approved transactions will be charged against.
U.S. patent application Ser. No. 13/945,677, incorporated herein by reference, discloses a system for policy-based access control and management for mobile computing devices. The basic system presented in that application is depicted in
As noted in U.S. patent application Ser. No. 13/945,677, the system utilizes a unique policy object language (POW for expressing policies and policy sets, and employs a specialized policy processor that synthesizes and outputs source code for later use in building PDP servers. A “policy” consists of rules and restrictions governing how a certain computing device capability, onboard device, or onboard information, or network-accessible information, or any other asset or resource that the computing device might be able to access, control or otherwise utilize, may be accessed and used by the computing device user or by other entities. A “policy set” is a collection of policies and associated information, including policy ownership information. Here, a “policy-owner” is the person or entity having responsibility for the policies in a particular policy set. Each ‘policy-owner’ establishes policies to cover security concerns for some entity. As non-limiting examples, such an entity might be a wireless carrier or other network service provider, or a provider of a service available over a network, or a device manufacturer, or a corporate device owner, or an end user of the device. In some cases, the policy-owner and that entity might be identical.
The system and method of the present invention employs a policy-based control and management system that is used to comprehensively manage the allocation, spending, and movement of funds, before and throughout transactions, thereby providing a powerful, hierarchical transaction control system.
First, each funds bundle or funds amount to be governed within the system is assigned to one or more policy sets. The funds bundle may be an amount of money allocated, for example, in a budget or grant. It may be an account balance or other sum of money made available as a source for funding one or more candidate transactions. It is a line of accounting that is made available to the user under a specific set of conditions (the “policy set”). The assignment may be accomplished through a lookup table, a database entry, or by other means. A unique funds bundle identifier may be applied. Such an identifier may incorporate or otherwise utilize a timestamp, Additionally, metadata may be assigned to the candidate transaction that may provide contextual information or other information that can be used in determining applicability of specific policies. When multiple transactions to a common recipient are applied to the same funds source, allowed transactions may be performed individually or as one aggregated transaction. This may be desired to reduce transaction fees, for example.
Processing of any candidate transaction using all or a portion of the funds bundle results in a funds usage request that is intercepted by a PEP. The PEP then issues a query to a PDP in the system that includes the details of the funds bundle and the candidate transaction such that applicable policies can be selected and evaluated. The evaluation will result in an Allow or Deny verdict for the candidate transaction. In addition, stipulations of other actions such as transaction logging or notification of specific parties such as financial governance authorities or other authorities may be performed as specified by policy. A blocked transaction may include an option to switch to a different funds bundle with a different rule set. For example, if a transaction is denied on a corporate account, a personal account may be substituted. This process is presented in
A policy-based system, according to the present invention, has an unbounded set of potential rules for restricting and specifying use of funds that can be expressed in policies. The invention includes, but is not limited to, the following rules and variants, which may be used in any combination:
Notably, the present invention has direct applications in controlling transactions associated with many business activities, and in accounting for these activities. Beyond rules such as those listed above, the system may also utilize specific accounting standards, such as Generally Accepted Accounting Principles (GAAP) as referenced here http://www.fasab.gov/accounting-standards/authoritative-source-of-gaap/, as sources of rules to be applied in policies governing transactions, and also as a standard for transaction logging. Furthermore, With regard to accounting, logging activities such as those shown in the flowchart of
In one use case of the invention focused at the point of sale, an employee is on an official business trip for her employer. She will use an eWallet system. on her smart phone such as Google Wallet or Apple Pay for all of her transactions. The invention will be used to authorize her purchases. She is authorized for travel-related expenses such as meals, taxis, and hotel, but not for entertainment expenses such as movies. She goes to dinner and pays with her eWallet. The purchase passes through the PDP which approves the transaction because meals are allowed. She later goes to a movie. Here, the transaction is denied because the PDP blocks it based on the “no entertainment” rule. When she returns from her trip, an accounting of approved transactions is made for her. She needs no reimbursement because all valid transactions were paid directly by her approved line of accounting.
In another use case of the invention focused after sale, an employee has completed a business trip for his employer and wishes to be reimbursed for travel-related expenses incurred during the trip. Allowable expenses according to corporate policies include transportation and meal costs, but do not include entertainment. The employee submits a set of expense records such as expense receipts, in some form that they can be entered or otherwise ingested into an instance of the system so that candidate reimbursement transactions can be formed or otherwise represented. Included in the employee's submitted expenses are $400 for airfare, $50 for taxi fare, $100 for meals, and $35 for a movie viewing expense. This results in four distinct candidate reimbursements. The first three airfare, taxi, and meals expenses) receive an “Allow” result in the system, and the final expense, being entertainment, receives a “Block” result denying the requested transaction. The end result is expense reimbursement from the company to the employee totaling $550.00. This may come in the form of one single aggregated transaction or as individual. transactions.
The invention applies generally to any industry requiring detailed accounting services and control for authorized expenditures.
This application is entitled to the benefit of, and claims priority to U.S. Provisional Application 62/062,568, filed on Oct. 10, 2014.
Filing Document | Filing Date | Country | Kind |
---|---|---|---|
PCT/US15/54686 | 10/8/2015 | WO | 00 |
Number | Date | Country | |
---|---|---|---|
62062568 | Oct 2014 | US |