US20060031173A1 - Method and apparatus for secure electronic commerce - Google Patents
Method and apparatus for secure electronic commerceDownload PDFInfo
- Publication number
- US20060031173A1 US20060031173A1US11/246,421US24642105AUS2006031173A1US 20060031173 A1US20060031173 A1US 20060031173A1US 24642105 AUS24642105 AUS 24642105AUS 2006031173 A1US2006031173 A1US 2006031173A1
- Authority
- US
- United States
- Prior art keywords
- financial institution
- consumer
- hash
- merchant
- transaction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
Definitions
- the present inventionrelates to electronic commerce. More specifically, the present invention relates to a method and an apparatus to facilitate secure electronic commerce.
- SSLsecure socket layer
- SSLcan protect the account number while it is in transit over the Internet
- the merchantrecovers the account number and completes the transaction.
- the merchantalso stores the account number in a database.
- the databasethen becomes a target for attack, and if the database is not secure, can lead to compromise of the account number to an unscrupulous person. Consequently, many consumers are uncomfortable with revealing their account numbers over the Internet for fear of having their account number stolen and used illegally.
- POSpoint-of-sale
- the financial institution holding the accounttypically accepts the transaction as valid if the account is not identified as being invalid.
- the accountis identified as invalid if the account is known or suspected to have been compromised, perhaps by a report of a lost credit card.
- the financial institutionrarely checks the signature on receipts and checks against the signature on file for the account. This leaves the financial institution open to fraud.
- the merchant accepting electronic transactions over the Internethas little assurance that the owner of the account originated the transaction. If the consumer later denies making the transaction, it can be difficult for the merchant to prove otherwise.
- One embodiment of the present inventionprovides a system that facilitates secure electronic commerce.
- the systemoperates by first providing a consumer with a file of security data relating to an account maintained by a financial institution.
- the consumerthen creates a financial transaction with a merchant using security data from the file to protect the financial transaction.
- This financial transactionis structured to prevent the merchant from knowing the account number for the account.
- the merchantvalidates that the financial institution identified by the financial transaction is acceptable using security data from the file.
- the merchantrequests that the financial institution authorize the financial transaction.
- the merchantcompletes the financial transaction.
- the merchantnotifies the financial institution that the financial transaction is complete.
- the file of security dataincludes a consumer identifier, a private key for encryption and authentication of data, a public key related to the private key for decryption and authentication of data, an identifier identifying the financial institution, a second public key belonging to the financial institution, an account number that has been encrypted with a key known only to the financial institution, a certificate signed by a recognized certificate authority that validates the financial institution, a certificate signed by the financial institution that validates the consumer, and computer algorithms for using the file of security data.
- This inventionrelies on the existing credit card payment processing mechanism with only minimal changes. The encrypted number is used whenever applicable.
- the file of security datais provided to the consumer on a smart card.
- the financial transactionis protected by first creating a hash of the financial transaction.
- the hash, the certificate identifying the consumer, and the encrypted account numberare encrypted using the financial institution's public key creating a secure envelope of transaction data.
- the encryption and hashare created at a secure site available only to the consumer, such as within the smart card.
- the merchantrequests that the financial institution authorize the financial transaction by validating the second hash of the financial transaction.
- the merchantgenerates the second hash which is a hash of the financial transaction and the same as the one generated by the consumer.
- the merchantsends the secure envelope and the second hash to the financial institution.
- the financial institutiondecrypts the secure envelope using the private key of the financial institution.
- the financial institutioncompares the hash recovered from the secure envelope with the second hash. If the first hash is identical to the second hash, the financial institution decrypts the encrypted account number to recover the consumer's account number. After verifying that the financial transaction is valid for the account, the financial institution authorizes the financial transaction.
- the encryption or decryption algorithmsneed not be uniform and/or the same across all consumers or merchants.
- the financial institutionverifies that the financial transaction is valid for the account by verifying that the financial institution signed the consumer's certificate. Next, the financial institution determines that the account is a valid account and that a transaction amount is not greater than an authorized limit for the account.
- the secure site available only to the consumeris within the smart card.
- the merchantvalidates that the financial institution identified by the financial transaction is acceptable by receiving the certificate that validates the financial institution, and then validating that the recognized certificate authority signed the certificate.
- FIG. 1illustrates an electronic commerce system in accordance with an embodiment of the present invention.
- FIG. 2illustrates smart card 114 in accordance with an embodiment of the present invention.
- FIG. 3is a flowchart illustrating the process of performing a financial transaction in accordance with an embodiment of the present invention.
- FIG. 4is a flowchart illustrating the process of initializing a smart card in accordance with an embodiment of the present invention.
- a computer readable storage mediumwhich may be any device or medium that can store code and/or data for use by a computer system.
- the transmission mediummay include a communications network, such as the Internet.
- FIG. 1illustrates an electronic commerce system in accordance with an embodiment of the present invention.
- the systemincludes smart card reader 102 , display terminal 104 , merchant 106 , financial institution 108 , US Treasury 109 , smart card provider 110 , consumer 112 , and smart card 114 .
- Smart card reader 102provides an interface to smart card 114 for transferring data to and from smart card 114 .
- Smart card reader 102is coupled to display terminal 104 to allow consumer 112 to view potential transactions, select an account to debit, authorize transactions, and the like.
- Display terminal 104can be any device, which allows consumer 112 to display and enter data, including a personal computer with a web browser.
- Smart card reader 102is also coupled to merchant 106 .
- this couplingis a network coupling such as the Internet.
- merchant 106communicates with smart card 114 through smart card reader 102 .
- Merchant 106provides a transaction receipt for a financial transaction to smart card 114 .
- smart card 114provides a secure digital envelope containing data, which can be used to authorize the financial transaction by financial institution 108 . Details of the authorization process are described below in conjunction with FIG. 3 .
- Merchant 106is also coupled to financial institution 108 . Merchant 106 supplies details of a financial transaction to financial institution 108 and receives authorization for the financial transaction from financial institution 108 as described below in conjunction with FIG. 3 .
- Financial institution 108is coupled to US Treasury 109 .
- US Treasury 109provides a certificate that is digitally signed using a private key belonging to US Treasury 109 . This root certificate can be used to verify that financial institution 108 is recognized by US Treasury 109 as a valid financial institution.
- the creation and use of certificates, for example X.509 certificates,is well known in the art and will not be described further herein.
- Financial institution 108also acts as a certificate authority and signs a certificate with its private key. This certificate can be used to verify that consumer 112 is a valid customer of financial institution 108 .
- Financial institution 108provides data to smart card provider 110 so that smart card provider 110 can provide smart card 114 to consumer 112 . Details of the data provided to smart card provider 110 are discussed below in conjunction with FIG. 2 .
- Consumer 112receives smart card 114 and separately receives a one-time personal identification number (PIN) for activation of smart card 114 . Consumer 112 then activates smart card 114 as described below in conjunction with FIG. 4 . After activating smart card 114 , consumer 112 can use smart card 114 to enter into financial transactions with merchant 106 .
- PINpersonal identification number
- a practitioner with ordinary skill in the artcan readily extend the above discussion to include a secure file for use on a computing device such as a personal computer, a personal digital assistant, or the like in place of smart card 114 .
- the operations using the secure fileare the same as for using smart card 114 .
- the advantage of using smart card 114 over a computing device with a secure fileis that smart card 114 is more portable.
- FIG. 2illustrates smart card 114 in accordance with an embodiment of the present invention.
- Financial institution 108provides data for smart card 114 to smart card provider 110 .
- This dataincludes, but is not limited to, consumer identifier 202 , financial institution identifier 204 , private key 206 , related public key 208 , financial institution public key 210 belonging to financial institution 108 , encrypted account number 212 which has been encrypted using a key known only to financial institution 108 , financial institution certificate 214 signed by US Treasury 109 , and consumer certificate 216 signed by financial institution 108 .
- Smart card provider 110stores the data received from financial institution 108 on smart card 114 along with computer algorithms 218 .
- Consumer identifier 202is a unique identifier, which can identify consumer 112 to financial institution 108 .
- Financial institution identifier 204is a unique identifier, which can identify financial institution 108 .
- Private key 206is a cryptographic key associated with consumer 112 .
- Public key 208is also a cryptographic key.
- private key 206 and public key 208are a key pair used with the well-known Rivest-Shamir-Adleman (RSA) encryption algorithm.
- RSARivest-Shamir-Adleman
- Financial institution public key 210is a cryptographic key that can be used to encrypt data intended for financial institution 108 .
- only financial institution 108has the related private key and, therefore, only financial institution 108 can read data encrypted using financial institution public key 210 .
- Encrypted account number 212is the account number, which will be debited for the financial transaction.
- Encrypted account number 212is encrypted with a key known only to financial institution 108 and can be decrypted only by financial institution 108 , thereby preventing merchant 106 or any other intermediate party from discovering the account number.
- smart card 114can hold multiple encrypted account numbers. If so, consumer 112 can select the encrypted account number to use for a financial transaction using display terminal 104 .
- Financial institution certificate 214is signed by US Treasury 109 and serves to identify financial institution 108 as a valid financial institution recognized by US Treasury 109 .
- Consumer certificate 216is signed by a certificate authority associated with financial institution 108 and serves to identify consumer 112 as a holder of an account of financial institution 108 .
- Computer algorithms 218are used by computer processor 220 to perform operations such as encryption, decryption, authentication, and the like.
- Computer processor 220is embedded within smart card 114 , providing a secure site to perform operations related to a financial transaction.
- FIG. 3is a flowchart illustrating the process of performing a financial transaction in accordance with an embodiment of the present invention.
- the systemstarts when consumer 112 selects merchandise or services to purchase from merchant 106 (step 302).
- consumer 112presents smart card 114 to merchant 106 through smart card reader 102 for payment (step 304).
- Merchant 106validates that financial institution certificate 214 was signed by US Treasury 109 to ensure that financial institution 108 , identified by financial institution identifier 204 is a recognized financial institution (step 306).
- merchant 106provides consumer identifier 202 and consumer certificate 216 to financial institution 108 to validate that consumer 112 has an account with financial institution 108 (step 308).
- merchant 106After financial institution 108 validates the existence of an account, merchant 106 receives account validation from financial institution 108 (step 310). Merchant 106 then sends a receipt for the transaction to consumer 112 (step 312). This receipt can be displayed to consumer 112 on display terminal 104 . Consumer 112 then verifies that the receipt is correct (step 314). Next, if there is more than one account on smart card 114 , consumer 112 selects an account from smart card 114 (step 316).
- Consumer 112then creates a hash of the data on the receipt using computer algorithms 218 on smart card 114 (step 318).
- the hash algorithmcan be any algorithm suitable for creating a non-reversible signature for the receipt such as secure hash algorithm-one (SHA-1).
- consumer 112encrypts the receipt, the hash, and encrypted account number 212 using financial institution public key 210 (step 320). This encryption provides a secure digital envelope for transferring data to financial institution 108 while preventing merchant 106 from learning the contents. Note that other data can be included in the secure digital envelope. Consumer 112 then sends the secure digital envelope to merchant 106 (step 322).
- Merchant 106creates a hash of the data on the receipt using the same algorithm as consumer 112 (step 324). Merchant 106 then sends this hash and the secure digital envelope to financial institution 108 (step 326).
- Financial institution 108decrypts the secure digital envelope to recover the encrypted data (step 328). Financial institution 108 then compares the hash received in the secure digital envelope with the hash received from merchant 106 to establish the financial transaction as valid (step 330). Next, financial institution 108 verifies that the financial transaction does not violate any account restrictions and, if not, authorizes the financial transaction (step 332). Financial institution 108 then notifies merchant 106 that the financial transaction is valid (step 334).
- Merchant 106then delivers the merchandise or service to consumer 112 (step 336). Merchant 106 notifies financial institution 108 that the financial transaction is complete ending the process (step 338).
- FIG. 4is a flowchart illustrating the process of initializing a smart card in accordance with an embodiment of the present invention.
- the systemstarts when financial institution 108 registers public key 208 belonging to consumer 112 with the certificate authority related to financial institution 108 (step 402).
- financial institution 108sends smart card 114 to consumer 112 (step 404).
- smart card 114is partially initialized with data as described above in conjunction with FIG. 2 except for consumer certificate 216 .
- financial institution 108sends a one-time personal identification number (PIN) to consumer 112 (step 406).
- PINpersonal identification number
- consumer 112requests activation of smart card 114 (step 408).
- financial institution 108requests consumer certificate 216 from the certificate authority (step 410).
- the certificate authorityissues consumer certificate 216 (step 412).
- the certificate authoritysends consumer certificate 216 to smart card provider 110 (step 414).
- smart card provider 110installs consumer certificate 216 on smart card 114 ending the process (step 416).
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Finance (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Marketing (AREA)
- Economics (AREA)
- Development Economics (AREA)
- Storage Device Security (AREA)
Abstract
Description
- 1. Field of the Invention
- The present invention relates to electronic commerce. More specifically, the present invention relates to a method and an apparatus to facilitate secure electronic commerce.
- 2. Related Art
- Electronic commerce across the Internet is rapidly becoming a mainstay of the business world. A consumer wishing to make a purchase on the Internet can use a web browser to select the desired merchandise, and then to offer payment for the merchandise.
- While shopping through a web browser is convenient, paying for the merchandise presents problems. Payment can be made using a credit card, a debit card, or an electronic check. Typically, when making payment with any of these methods, the consumer reveals the account number to the merchant so that the merchant can debit the account. Since the Internet is not secure and subject to eavesdropping, the account number is typically sent in encrypted form using a secure socket layer (SSL) system.
- Even though SSL can protect the account number while it is in transit over the Internet, the merchant recovers the account number and completes the transaction. In many cases, the merchant also stores the account number in a database. The database then becomes a target for attack, and if the database is not secure, can lead to compromise of the account number to an unscrupulous person. Consequently, many consumers are uncomfortable with revealing their account numbers over the Internet for fear of having their account number stolen and used illegally.
- The same problem exists to some degree at a point-of-sale (POS) terminal located at a cash register at the point of sale. The account number can be learned by the merchant and, if not adequately protected, compromised.
- The financial institution holding the account typically accepts the transaction as valid if the account is not identified as being invalid. The account is identified as invalid if the account is known or suspected to have been compromised, perhaps by a report of a lost credit card. The financial institution rarely checks the signature on receipts and checks against the signature on file for the account. This leaves the financial institution open to fraud.
- The merchant accepting electronic transactions over the Internet has little assurance that the owner of the account originated the transaction. If the consumer later denies making the transaction, it can be difficult for the merchant to prove otherwise.
- What is needed is a method and an apparatus that facilitates secure electronic commerce while eliminating the problems identified above.
- One embodiment of the present invention provides a system that facilitates secure electronic commerce. The system operates by first providing a consumer with a file of security data relating to an account maintained by a financial institution. The consumer then creates a financial transaction with a merchant using security data from the file to protect the financial transaction. This financial transaction is structured to prevent the merchant from knowing the account number for the account. Next, the merchant validates that the financial institution identified by the financial transaction is acceptable using security data from the file. The merchant then requests that the financial institution authorize the financial transaction. Upon receiving authorization to complete the financial transaction, the merchant completes the financial transaction. Finally, the merchant notifies the financial institution that the financial transaction is complete.
- In one embodiment of the present invention, the file of security data includes a consumer identifier, a private key for encryption and authentication of data, a public key related to the private key for decryption and authentication of data, an identifier identifying the financial institution, a second public key belonging to the financial institution, an account number that has been encrypted with a key known only to the financial institution, a certificate signed by a recognized certificate authority that validates the financial institution, a certificate signed by the financial institution that validates the consumer, and computer algorithms for using the file of security data. This invention relies on the existing credit card payment processing mechanism with only minimal changes. The encrypted number is used whenever applicable.
- In one embodiment of the present invention, the file of security data is provided to the consumer on a smart card.
- In one embodiment of the present invention, the financial transaction is protected by first creating a hash of the financial transaction. Next, the hash, the certificate identifying the consumer, and the encrypted account number are encrypted using the financial institution's public key creating a secure envelope of transaction data. The encryption and hash are created at a secure site available only to the consumer, such as within the smart card.
- In one embodiment of the present invention, the merchant requests that the financial institution authorize the financial transaction by validating the second hash of the financial transaction. The merchant generates the second hash which is a hash of the financial transaction and the same as the one generated by the consumer. The merchant sends the secure envelope and the second hash to the financial institution. The financial institution decrypts the secure envelope using the private key of the financial institution. Next, the financial institution compares the hash recovered from the secure envelope with the second hash. If the first hash is identical to the second hash, the financial institution decrypts the encrypted account number to recover the consumer's account number. After verifying that the financial transaction is valid for the account, the financial institution authorizes the financial transaction. The encryption or decryption algorithms need not be uniform and/or the same across all consumers or merchants.
- In one embodiment of the present invention, the financial institution verifies that the financial transaction is valid for the account by verifying that the financial institution signed the consumer's certificate. Next, the financial institution determines that the account is a valid account and that a transaction amount is not greater than an authorized limit for the account.
- In one embodiment of the present invention, the secure site available only to the consumer is within the smart card.
- In one embodiment of the present invention, the merchant validates that the financial institution identified by the financial transaction is acceptable by receiving the certificate that validates the financial institution, and then validating that the recognized certificate authority signed the certificate.
FIG. 1 illustrates an electronic commerce system in accordance with an embodiment of the present invention.FIG. 2 illustratessmart card 114 in accordance with an embodiment of the present invention.FIG. 3 is a flowchart illustrating the process of performing a financial transaction in accordance with an embodiment of the present invention.FIG. 4 is a flowchart illustrating the process of initializing a smart card in accordance with an embodiment of the present invention.- The following description is presented to enable any person skilled in the art to make and use the invention, and is provided in the context of a particular application and its requirements. Various modifications to the disclosed embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the present invention. Thus, the present invention is not intended to be limited to the embodiments shown, but is to be accorded the widest scope consistent with the principles and features disclosed herein.
- The data structures and code described in this detailed description are typically stored on a computer readable storage medium, which may be any device or medium that can store code and/or data for use by a computer system. This includes, but is not limited to, magnetic and optical storage devices such as disk drives, magnetic tape, CDs (compact discs) and DVDs (digital versatile discs or digital video discs), and computer instruction signals embodied in a transmission medium (with or without a carrier wave upon which the signals are modulated). For example, the transmission medium may include a communications network, such as the Internet.
- Electronic Commerce System
FIG. 1 illustrates an electronic commerce system in accordance with an embodiment of the present invention. The system includessmart card reader 102,display terminal 104,merchant 106,financial institution 108, US Treasury109,smart card provider 110,consumer 112, andsmart card 114.Smart card reader 102 provides an interface tosmart card 114 for transferring data to and fromsmart card 114.Smart card reader 102 is coupled to display terminal104 to allowconsumer 112 to view potential transactions, select an account to debit, authorize transactions, and the like.Display terminal 104 can be any device, which allowsconsumer 112 to display and enter data, including a personal computer with a web browser.Smart card reader 102 is also coupled tomerchant 106. Typically, this coupling is a network coupling such as the Internet. In operation,merchant 106 communicates withsmart card 114 throughsmart card reader 102.Merchant 106 provides a transaction receipt for a financial transaction tosmart card 114. In turn,smart card 114 provides a secure digital envelope containing data, which can be used to authorize the financial transaction byfinancial institution 108. Details of the authorization process are described below in conjunction withFIG. 3 .Merchant 106 is also coupled tofinancial institution 108.Merchant 106 supplies details of a financial transaction tofinancial institution 108 and receives authorization for the financial transaction fromfinancial institution 108 as described below in conjunction withFIG. 3 .Financial institution 108 is coupled to US Treasury109. US Treasury109 provides a certificate that is digitally signed using a private key belonging to US Treasury109. This root certificate can be used to verify thatfinancial institution 108 is recognized by US Treasury109 as a valid financial institution. The creation and use of certificates, for example X.509 certificates, is well known in the art and will not be described further herein.Financial institution 108 also acts as a certificate authority and signs a certificate with its private key. This certificate can be used to verify thatconsumer 112 is a valid customer offinancial institution 108.Financial institution 108 provides data tosmart card provider 110 so thatsmart card provider 110 can providesmart card 114 toconsumer 112. Details of the data provided tosmart card provider 110 are discussed below in conjunction withFIG. 2 .Consumer 112 receivessmart card 114 and separately receives a one-time personal identification number (PIN) for activation ofsmart card 114.Consumer 112 then activatessmart card 114 as described below in conjunction withFIG. 4 . After activatingsmart card 114,consumer 112 can usesmart card 114 to enter into financial transactions withmerchant 106.- A practitioner with ordinary skill in the art can readily extend the above discussion to include a secure file for use on a computing device such as a personal computer, a personal digital assistant, or the like in place of
smart card 114. The operations using the secure file are the same as for usingsmart card 114. The advantage of usingsmart card 114 over a computing device with a secure file is thatsmart card 114 is more portable. Smart Card 114FIG. 2 illustratessmart card 114 in accordance with an embodiment of the present invention.Financial institution 108 provides data forsmart card 114 tosmart card provider 110. This data includes, but is not limited to,consumer identifier 202,financial institution identifier 204,private key 206, relatedpublic key 208, financial institution public key210 belonging tofinancial institution 108,encrypted account number 212 which has been encrypted using a key known only tofinancial institution 108,financial institution certificate 214 signed by US Treasury109, andconsumer certificate 216 signed byfinancial institution 108.Smart card provider 110 stores the data received fromfinancial institution 108 onsmart card 114 along withcomputer algorithms 218.Consumer identifier 202 is a unique identifier, which can identifyconsumer 112 tofinancial institution 108.Financial institution identifier 204 is a unique identifier, which can identifyfinancial institution 108.Private key 206 is a cryptographic key associated withconsumer 112.Public key 208 is also a cryptographic key. In one implementation of the present invention,private key 206 andpublic key 208 are a key pair used with the well-known Rivest-Shamir-Adleman (RSA) encryption algorithm.- Financial institution public key210 is a cryptographic key that can be used to encrypt data intended for
financial institution 108. In one embodiment of the present invention, onlyfinancial institution 108 has the related private key and, therefore, onlyfinancial institution 108 can read data encrypted using financial institution public key210.Encrypted account number 212 is the account number, which will be debited for the financial transaction.Encrypted account number 212 is encrypted with a key known only tofinancial institution 108 and can be decrypted only byfinancial institution 108, thereby preventingmerchant 106 or any other intermediate party from discovering the account number. Note thatsmart card 114 can hold multiple encrypted account numbers. If so,consumer 112 can select the encrypted account number to use for a financial transaction usingdisplay terminal 104. Financial institution certificate 214 is signed by US Treasury109 and serves to identifyfinancial institution 108 as a valid financial institution recognized by US Treasury109.Consumer certificate 216 is signed by a certificate authority associated withfinancial institution 108 and serves to identifyconsumer 112 as a holder of an account offinancial institution 108.Computer algorithms 218 are used bycomputer processor 220 to perform operations such as encryption, decryption, authentication, and the like.Computer processor 220 is embedded withinsmart card 114, providing a secure site to perform operations related to a financial transaction.- Financial Transactions
FIG. 3 is a flowchart illustrating the process of performing a financial transaction in accordance with an embodiment of the present invention. The system starts whenconsumer 112 selects merchandise or services to purchase from merchant106 (step 302). Next,consumer 112 presentssmart card 114 tomerchant 106 throughsmart card reader 102 for payment (step 304).Merchant 106 validates thatfinancial institution certificate 214 was signed by US Treasury109 to ensure thatfinancial institution 108, identified byfinancial institution identifier 204 is a recognized financial institution (step 306). Next,merchant 106 providesconsumer identifier 202 andconsumer certificate 216 tofinancial institution 108 to validate thatconsumer 112 has an account with financial institution108 (step 308).- After
financial institution 108 validates the existence of an account,merchant 106 receives account validation from financial institution108 (step 310).Merchant 106 then sends a receipt for the transaction to consumer112 (step 312). This receipt can be displayed toconsumer 112 ondisplay terminal 104.Consumer 112 then verifies that the receipt is correct (step 314). Next, if there is more than one account onsmart card 114,consumer 112 selects an account from smart card114 (step 316). Consumer 112 then creates a hash of the data on the receipt usingcomputer algorithms 218 on smart card114 (step 318). The hash algorithm can be any algorithm suitable for creating a non-reversible signature for the receipt such as secure hash algorithm-one (SHA-1). Next,consumer 112 encrypts the receipt, the hash, andencrypted account number 212 using financial institution public key210 (step 320). This encryption provides a secure digital envelope for transferring data tofinancial institution 108 while preventingmerchant 106 from learning the contents. Note that other data can be included in the secure digital envelope.Consumer 112 then sends the secure digital envelope to merchant106 (step 322).Merchant 106 creates a hash of the data on the receipt using the same algorithm as consumer112 (step 324).Merchant 106 then sends this hash and the secure digital envelope to financial institution108 (step 326).Financial institution 108 decrypts the secure digital envelope to recover the encrypted data (step 328).Financial institution 108 then compares the hash received in the secure digital envelope with the hash received frommerchant 106 to establish the financial transaction as valid (step 330). Next,financial institution 108 verifies that the financial transaction does not violate any account restrictions and, if not, authorizes the financial transaction (step 332).Financial institution 108 then notifiesmerchant 106 that the financial transaction is valid (step 334).Merchant 106 then delivers the merchandise or service to consumer112 (step 336).Merchant 106 notifiesfinancial institution 108 that the financial transaction is complete ending the process (step 338).- Initializing a Smart Card
FIG. 4 is a flowchart illustrating the process of initializing a smart card in accordance with an embodiment of the present invention. The system starts whenfinancial institution 108 registerspublic key 208 belonging toconsumer 112 with the certificate authority related to financial institution108 (step 402). Next,financial institution 108 sendssmart card 114 to consumer112 (step 404). Note,smart card 114 is partially initialized with data as described above in conjunction withFIG. 2 except forconsumer certificate 216. Under separate cover,financial institution 108 sends a one-time personal identification number (PIN) to consumer112 (step 406).- Using the PIN,
consumer 112 requests activation of smart card114 (step 408). In response to this request,financial institution 108requests consumer certificate 216 from the certificate authority (step 410). Next, the certificate authority issues consumer certificate216 (step 412). - The certificate authority sends
consumer certificate 216 to smart card provider110 (step 414). Finally,smart card provider 110 installsconsumer certificate 216 onsmart card 114 ending the process (step 416). - The foregoing descriptions of embodiments of the present invention have been presented for purposes of illustration and description only. They are not intended to be exhaustive or to limit the present invention to the forms disclosed. Accordingly, many modifications and variations will be apparent to practitioners skilled in the art. Additionally, the above disclosure is not intended to limit the present invention. The scope of the present invention is defined by the appended claims.
Claims (22)
1-24. (canceled)
25. A method that facilitates an electronic transaction between a consumer and a merchant without allowing the merchant to know an account number belonging to the consumer, comprising:
sending a receipt for a transaction in electronic form from a merchant to a consumer;
receiving a secure digital envelope from the consumer, the consumer having formed the secure digital envelope by encrypting information associated with the receipt and the account number using a public key of a financial institution; and
sending the secure digital envelope along with information associated with the receipt to the financial institution, thereby enabling the financial institution to process the transaction without allowing the merchant to know an account number.
26. The method ofclaim 25 ,
wherein the consumer forms the digital envelope by,
generating a first hash of the receipt, and
encrypting the receipt, the first hash, and the account number using the public key of the financial institution; and
wherein the merchant sends the secure digital envelope to the financial institution by,
generating a second hash of the receipt; and
sending the secure digital envelope along with the second hash to the financial institution.
27. The method ofclaim 26 , wherein the method further comprises processing the transaction at the financial institution by:
using a private key belonging to the financial institution to decrypt the secure digital envelope to obtain the receipt, the first hash, and the account number; and
comparing the first hash with the second hash to validate the transaction.
28. The method ofclaim 27 , wherein if the second hash matches the first hash, the method further comprises:
authorizing the transaction; and
notifying the merchant that the transaction is valid.
29. The method ofclaim 25 , wherein the consumer forms the secure digital envelope in a smart card.
30. The method ofclaim 29 , wherein the smart card contains:
an identifier for the consumer;
an identifier for the financial institution;
a private key for the consumer;
the public key for the financial institution;
the account number; and
encryption mechanisms.
31. The method ofclaim 25 , wherein prior to sending the receipt from the merchant to the consumer, the method further comprises validating that the consumer has an account with the financial institution by:
receiving a digital certificate belonging to the financial institution from the consumer;
determining if the digital certificate of the financial institution is valid by validating that the digital certificate is signed by a recognized certificate authority;
if so, transmitting the consumer identifier and the consumer certificate to the financial institution to validate if the consumer has an account with the financial institution; and
receiving a validation message from the financial institution if the consumer has an account with the financial institution.
32. A computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method that facilitates an electronic transaction between a consumer and a merchant without allowing the merchant to know an account number belonging to the consumer, the method comprising:
sending a receipt for a transaction in electronic form from a merchant to a consumer;
receiving a secure digital envelope from the consumer, the consumer having formed the secure digital envelope by encrypting information associated with the receipt and the account number using a public key of a financial institution; and
sending the secure digital envelope along with information associated with the receipt to the financial institution, thereby enabling the financial institution to process the transaction without allowing the merchant to know an account number.
33. The computer-readable storage medium ofclaim 32 ,
wherein the consumer forms the digital envelope by,
generating a first hash of the receipt, and
encrypting the receipt, the first hash, and the account number using the public key of the financial institution; and
wherein the merchant sends the secure digital envelope to the financial institution by,
generating a second hash of the receipt; and
sending the secure digital envelope along with the second hash to the financial institution.
34. The computer-readable storage medium ofclaim 33 , wherein the method further comprises processing the transaction at the financial institution by:
using a private key belonging to the financial institution to decrypt the secure digital envelope to obtain the receipt, the first hash, and the account number; and
comparing the first hash with the second hash to validate the transaction.
35. The computer-readable storage medium ofclaim 34 , wherein if the second hash matches the first hash, the method further comprises:
authorizing the transaction; and
notifying the merchant that the transaction is valid.
36. The computer-readable storage medium ofclaim 32 , wherein the consumer forms the secure digital envelope in a smart card.
37. The computer-readable storage medium ofclaim 36 , wherein the smart card contains:
an identifier for the consumer;
an identifier for the financial institution;
a private key for the consumer;
the public key for the financial institution;
the account number; and
encryption mechanisms.
38. The computer-readable storage medium ofclaim 32 , wherein prior to sending the receipt from the merchant to the consumer, the method further comprises validating that the consumer has an account with the financial institution by:
receiving a digital certificate belonging to the financial institution from the consumer;
determining if the digital certificate of the financial institution is valid by validating that the digital certificate is signed by a recognized certificate authority;
if so, transmitting the consumer identifier and the consumer certificate to the financial institution to validate if the consumer has an account with the financial institution; and
receiving a validation message from the financial institution if the consumer has an account with the financial institution.
39. An apparatus that facilitates an electronic transaction between a consumer and a merchant without allowing the merchant to know an account number belonging to the consumer, comprising:
a sending mechanism configured to send a receipt for a transaction in electronic form from a merchant to a consumer;
a receiving mechanism configured to receive a secure digital envelope from the consumer, the consumer having formed the secure digital envelope by encrypting information associated with the receipt and the account number using a public key of a financial institution; and
wherein the sending mechanism is additionally configured to send the secure digital envelope along with information associated with the receipt to the financial institution, thereby enabling the financial institution to process the transaction without allowing the merchant to know an account number.
40. The apparatus ofclaim 39 ,
wherein the consumer forms the digital envelope by,
generating a first hash of the receipt, and
encrypting the receipt, the first hash, and the account number using the public key of the financial institution; and
wherein the merchant sends the secure digital envelope to the financial institution by,
generating a second hash of the receipt; and
sending the secure digital envelope along with the second hash to the financial institution.
41. The apparatus ofclaim 40 , further comprising a processing mechanism, which is configured to process the transaction at the financial institution by:
using a private key belonging to the financial institution to decrypt the secure digital envelope to obtain the receipt, the first hash, and the account number; and
comparing the first hash with the second hash to validate the transaction.
42. The apparatus ofclaim 41 , further comprising:
a authorizing mechanism, which is configured to authorize the transaction if the second hash matches the first hash; and
a notifying mechanism, which is configured to notify the merchant that the transaction is valid if the second hash matches the first hash.
43. The apparatus ofclaim 39 , wherein the consumer forms the secure digital envelope in a smart card.
44. The apparatus ofclaim 43 , wherein the smart card contains:
an identifier for the consumer;
an identifier for the financial institution;
a private key for the consumer;
the public key for the financial institution;
the account number; and
encryption mechanisms.
45. The apparatus ofclaim 39 , further comprising a validating mechanism, which is configured to validate that the consumer has an account with the financial institution by:
receiving a digital certificate belonging to the financial institution from the consumer;
determining if the digital certificate of the financial institution is valid by validating that the digital certificate is signed by a recognized certificate authority;
if so, transmitting the consumer identifier and the consumer certificate to the financial institution to validate if the consumer has an account with the financial institution; and
receiving a validation message from the financial institution if the consumer has an account with the financial institution.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US11/246,421US20060031173A1 (en) | 2001-08-02 | 2005-10-07 | Method and apparatus for secure electronic commerce |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US09/921,961US6990471B1 (en) | 2001-08-02 | 2001-08-02 | Method and apparatus for secure electronic commerce |
| US11/246,421US20060031173A1 (en) | 2001-08-02 | 2005-10-07 | Method and apparatus for secure electronic commerce |
Related Parent Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US09/921,961ContinuationUS6990471B1 (en) | 2001-08-02 | 2001-08-02 | Method and apparatus for secure electronic commerce |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| US20060031173A1true US20060031173A1 (en) | 2006-02-09 |
Family
ID=35614133
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US09/921,961Expired - LifetimeUS6990471B1 (en) | 2001-08-02 | 2001-08-02 | Method and apparatus for secure electronic commerce |
| US11/246,421AbandonedUS20060031173A1 (en) | 2001-08-02 | 2005-10-07 | Method and apparatus for secure electronic commerce |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US09/921,961Expired - LifetimeUS6990471B1 (en) | 2001-08-02 | 2001-08-02 | Method and apparatus for secure electronic commerce |
Country Status (1)
| Country | Link |
|---|---|
| US (2) | US6990471B1 (en) |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030236872A1 (en)* | 2002-05-09 | 2003-12-25 | Kestrel Wireless. Inc. | Method and system for enabling electronic transactions via a personal device |
| US7333615B1 (en)* | 2002-06-26 | 2008-02-19 | At&T Delaware Intellectual Property, Inc. | Encryption between multiple devices |
| US20090198617A1 (en)* | 2007-07-27 | 2009-08-06 | Ntt Docomo, Inc. | Method and apparatus for performing delegated transactions |
| US7594611B1 (en)* | 2005-12-29 | 2009-09-29 | United Services Automobile Association (Usaa) | Multi-account access card |
| US7784692B1 (en) | 2005-12-29 | 2010-08-31 | United Services Automobile Association (Usaa) | Single access vehicle |
| US20100313027A1 (en)* | 2006-02-23 | 2010-12-09 | Barclays Banks Plc | PIN Servicing |
| US20110035577A1 (en)* | 2007-03-26 | 2011-02-10 | Yunbiao Lin | Enhanced digital right management framework |
| US20110238511A1 (en)* | 2010-03-07 | 2011-09-29 | Park Steve H | Fuel dispenser payment system and method |
| US8453223B2 (en)* | 2011-09-23 | 2013-05-28 | Jerome Svigals | Method, device and system for secure transactions |
| US8806603B2 (en) | 2012-04-11 | 2014-08-12 | Jerome Svigals | Dual device system for secure transactions |
| US8997188B2 (en) | 2012-04-11 | 2015-03-31 | Jerome Svigals | System for enabling a smart device to securely accept unsolicited transactions |
| US9009807B2 (en) | 2012-04-11 | 2015-04-14 | Jerome Svigals | Smart device lockout |
| US9319404B2 (en) | 2011-09-23 | 2016-04-19 | Jerome Svigals | Security for the internet of things |
| US9344437B2 (en) | 2011-09-23 | 2016-05-17 | Jerome Svigals | Internet of things security |
| US9432378B1 (en) | 2011-09-23 | 2016-08-30 | Jerome Svigals | Internet of things security |
| US11062403B2 (en)* | 2019-09-23 | 2021-07-13 | Arthur Ray Kerr | System and method for customizable link between two entities |
Families Citing this family (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| AU781021B2 (en)* | 1999-06-18 | 2005-04-28 | Echarge Corporation | Method and apparatus for ordering goods, services and content over an internetwork using a virtual payment account |
| FR2827448B1 (en)* | 2001-07-12 | 2003-12-19 | Gemplus Card Int | METHOD FOR PROVIDING A PAYMENT GUARANTEE FOR ELECTRONIC COMMERCE ESPECIALLY BY MOBILE TELEPHONE AND IMPLEMENTATION SYSTEM |
| US7257610B2 (en)* | 2001-10-17 | 2007-08-14 | Microsoft Corporation | Systems and methods for sending coordinated notifications |
| US7895443B2 (en)* | 2002-11-05 | 2011-02-22 | Safenet, Inc. | Secure authentication using hardware token and computer fingerprint |
| EP1480107A3 (en)* | 2003-05-16 | 2006-05-24 | Berner Fachhochschule Hochschule für Technik und Architektur Biel | Method for authentication of a user with an authorizing device, and a security apparatus for carrying out the method |
| MXPA05012969A (en)* | 2003-06-04 | 2006-03-17 | Mastercard International Inc | Customer authentication in e-commerce transactions. |
| US8036963B2 (en) | 2003-10-07 | 2011-10-11 | Paymentech Lp | System and method for updating merchant payment data |
| US7512800B2 (en)* | 2004-02-03 | 2009-03-31 | Hewlett-Packard Development Company, L.P. | Key management technique for establishing a secure channel |
| JP4420201B2 (en)* | 2004-02-27 | 2010-02-24 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Authentication method using hardware token, hardware token, computer apparatus, and program |
| FR2882878B1 (en)* | 2005-03-07 | 2007-04-27 | Christophe Richard | DEVICE, METHOD AND SYSTEM FOR SECURITY FOR FINANCIAL TRANSACTIONS BASED ON THE IDENTIFICATION OF AN INDIVIDUAL THROUGH ITS BIOMETRIC PROFILE AND USING A MICROPROCESSOR CARD |
| US7302273B2 (en)* | 2005-07-08 | 2007-11-27 | Soleo Communications, Inc. | System and method for providing interactive wireless data and voice based services |
| US8719709B2 (en)* | 2006-08-25 | 2014-05-06 | Sandisk Technologies Inc. | Method for interfacing with a memory card to access a program instruction |
| CA2820983C (en) | 2008-05-18 | 2019-02-05 | Google Inc. | Secured electronic transaction system |
| US9384496B2 (en) | 2011-02-14 | 2016-07-05 | Soleo Communications, Inc | Call tracking system and method |
| US8874102B2 (en) | 2011-02-14 | 2014-10-28 | Soleo Communications, Inc. | Call tracking system and method |
| EP2801061B1 (en)* | 2012-01-05 | 2020-08-26 | Visa International Service Association | Data protection with translation |
| US11250423B2 (en)* | 2012-05-04 | 2022-02-15 | Institutional Cash Distributors Technology, Llc | Encapsulated security tokens for electronic transactions |
| US9038893B2 (en)* | 2012-09-26 | 2015-05-26 | Card Limited Corp. | Multi-purpose transaction card and associated methods and systems |
| US10147087B2 (en)* | 2015-03-06 | 2018-12-04 | Mastercard International Incorporated | Primary account number (PAN) length issuer identifier in payment account number data field of a transaction authorization request message |
| US10445629B2 (en)* | 2017-11-20 | 2019-10-15 | Mastercard International Incorporated | Secure QR code service |
Citations (27)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5544246A (en)* | 1993-09-17 | 1996-08-06 | At&T Corp. | Smartcard adapted for a plurality of service providers and for remote installation of same |
| US5590197A (en)* | 1995-04-04 | 1996-12-31 | V-One Corporation | Electronic payment system and method |
| US5815665A (en)* | 1996-04-03 | 1998-09-29 | Microsoft Corporation | System and method for providing trusted brokering services over a distributed network |
| US5855008A (en)* | 1995-12-11 | 1998-12-29 | Cybergold, Inc. | Attention brokerage |
| US5901229A (en)* | 1995-11-06 | 1999-05-04 | Nippon Telegraph And Telephone Corp. | Electronic cash implementing method using a trustee |
| US5903721A (en)* | 1997-03-13 | 1999-05-11 | cha|Technologies Services, Inc. | Method and system for secure online transaction processing |
| US5983273A (en)* | 1997-09-16 | 1999-11-09 | Webtv Networks, Inc. | Method and apparatus for providing physical security for a user account and providing access to the user's environment and preferences |
| US6000832A (en)* | 1997-09-24 | 1999-12-14 | Microsoft Corporation | Electronic online commerce card with customer generated transaction proxy number for online transactions |
| US6006200A (en)* | 1998-05-22 | 1999-12-21 | International Business Machines Corporation | Method of providing an identifier for transactions |
| US6014646A (en)* | 1995-06-08 | 2000-01-11 | France Telecom | Process for making a payment using an account manager |
| US6021202A (en)* | 1996-12-20 | 2000-02-01 | Financial Services Technology Consortium | Method and system for processing electronic documents |
| US6052785A (en)* | 1997-11-21 | 2000-04-18 | International Business Machines Corporation | Multiple remote data access security mechanism for multitiered internet computer networks |
| US6055567A (en)* | 1998-02-02 | 2000-04-25 | Checkfree Corporation | Distributed data accessing technique |
| US6061794A (en)* | 1997-09-30 | 2000-05-09 | Compaq Computer Corp. | System and method for performing secure device communications in a peer-to-peer bus architecture |
| US6075864A (en)* | 1996-08-30 | 2000-06-13 | Batten; Lynn Margaret | Method of establishing secure, digitally signed communications using an encryption key based on a blocking set cryptosystem |
| US6105137A (en)* | 1998-07-02 | 2000-08-15 | Intel Corporation | Method and apparatus for integrity verification, authentication, and secure linkage of software modules |
| US6108789A (en)* | 1998-05-05 | 2000-08-22 | Liberate Technologies | Mechanism for users with internet service provider smart cards to roam among geographically disparate authorized network computer client devices without mediation of a central authority |
| US6112305A (en)* | 1998-05-05 | 2000-08-29 | Liberate Technologies | Mechanism for dynamically binding a network computer client device to an approved internet service provider |
| US6163771A (en)* | 1997-08-28 | 2000-12-19 | Walker Digital, Llc | Method and device for generating a single-use financial account number |
| US6216112B1 (en)* | 1998-05-27 | 2001-04-10 | William H. Fuller | Method for software distribution and compensation with replenishable advertisements |
| US6219652B1 (en)* | 1998-06-01 | 2001-04-17 | Novell, Inc. | Network license authentication |
| US6219789B1 (en)* | 1995-07-20 | 2001-04-17 | Dallas Semiconductor Corporation | Microprocessor with coprocessing capabilities for secure transactions and quick clearing capabilities |
| US6237035B1 (en)* | 1997-12-18 | 2001-05-22 | International Business Machines Corporation | System and method for preventing duplicate transactions in an internet browser/internet server environment |
| US6327578B1 (en)* | 1998-12-29 | 2001-12-04 | International Business Machines Corporation | Four-party credit/debit payment protocol |
| US6598027B1 (en)* | 1999-11-16 | 2003-07-22 | Xs, Inc. | Systems, methods and computer program products for conducting regulation-compliant commercial transactions of regulated goods via a computer network |
| US6748367B1 (en)* | 1999-09-24 | 2004-06-08 | Joonho John Lee | Method and system for effecting financial transactions over a public network without submission of sensitive information |
| US6816843B1 (en)* | 2000-04-06 | 2004-11-09 | Daniel G. Baughman | Method and apparatus for conducting purchases in private over a network |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| FR2807247B1 (en)* | 2000-03-28 | 2003-01-31 | Philippe Agnelli | PAYMENT SYSTEM FOR NOT DISCLOSING BANKING INFORMATION ON THE PUBLIC AND QUASI-PUBLIC NETWORK |
- 2001
- 2001-08-02USUS09/921,961patent/US6990471B1/ennot_activeExpired - Lifetime
- 2005
- 2005-10-07USUS11/246,421patent/US20060031173A1/ennot_activeAbandoned
Patent Citations (27)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5544246A (en)* | 1993-09-17 | 1996-08-06 | At&T Corp. | Smartcard adapted for a plurality of service providers and for remote installation of same |
| US5590197A (en)* | 1995-04-04 | 1996-12-31 | V-One Corporation | Electronic payment system and method |
| US6014646A (en)* | 1995-06-08 | 2000-01-11 | France Telecom | Process for making a payment using an account manager |
| US6219789B1 (en)* | 1995-07-20 | 2001-04-17 | Dallas Semiconductor Corporation | Microprocessor with coprocessing capabilities for secure transactions and quick clearing capabilities |
| US5901229A (en)* | 1995-11-06 | 1999-05-04 | Nippon Telegraph And Telephone Corp. | Electronic cash implementing method using a trustee |
| US5855008A (en)* | 1995-12-11 | 1998-12-29 | Cybergold, Inc. | Attention brokerage |
| US5815665A (en)* | 1996-04-03 | 1998-09-29 | Microsoft Corporation | System and method for providing trusted brokering services over a distributed network |
| US6075864A (en)* | 1996-08-30 | 2000-06-13 | Batten; Lynn Margaret | Method of establishing secure, digitally signed communications using an encryption key based on a blocking set cryptosystem |
| US6021202A (en)* | 1996-12-20 | 2000-02-01 | Financial Services Technology Consortium | Method and system for processing electronic documents |
| US5903721A (en)* | 1997-03-13 | 1999-05-11 | cha|Technologies Services, Inc. | Method and system for secure online transaction processing |
| US6163771A (en)* | 1997-08-28 | 2000-12-19 | Walker Digital, Llc | Method and device for generating a single-use financial account number |
| US5983273A (en)* | 1997-09-16 | 1999-11-09 | Webtv Networks, Inc. | Method and apparatus for providing physical security for a user account and providing access to the user's environment and preferences |
| US6000832A (en)* | 1997-09-24 | 1999-12-14 | Microsoft Corporation | Electronic online commerce card with customer generated transaction proxy number for online transactions |
| US6061794A (en)* | 1997-09-30 | 2000-05-09 | Compaq Computer Corp. | System and method for performing secure device communications in a peer-to-peer bus architecture |
| US6052785A (en)* | 1997-11-21 | 2000-04-18 | International Business Machines Corporation | Multiple remote data access security mechanism for multitiered internet computer networks |
| US6237035B1 (en)* | 1997-12-18 | 2001-05-22 | International Business Machines Corporation | System and method for preventing duplicate transactions in an internet browser/internet server environment |
| US6055567A (en)* | 1998-02-02 | 2000-04-25 | Checkfree Corporation | Distributed data accessing technique |
| US6108789A (en)* | 1998-05-05 | 2000-08-22 | Liberate Technologies | Mechanism for users with internet service provider smart cards to roam among geographically disparate authorized network computer client devices without mediation of a central authority |
| US6112305A (en)* | 1998-05-05 | 2000-08-29 | Liberate Technologies | Mechanism for dynamically binding a network computer client device to an approved internet service provider |
| US6006200A (en)* | 1998-05-22 | 1999-12-21 | International Business Machines Corporation | Method of providing an identifier for transactions |
| US6216112B1 (en)* | 1998-05-27 | 2001-04-10 | William H. Fuller | Method for software distribution and compensation with replenishable advertisements |
| US6219652B1 (en)* | 1998-06-01 | 2001-04-17 | Novell, Inc. | Network license authentication |
| US6105137A (en)* | 1998-07-02 | 2000-08-15 | Intel Corporation | Method and apparatus for integrity verification, authentication, and secure linkage of software modules |
| US6327578B1 (en)* | 1998-12-29 | 2001-12-04 | International Business Machines Corporation | Four-party credit/debit payment protocol |
| US6748367B1 (en)* | 1999-09-24 | 2004-06-08 | Joonho John Lee | Method and system for effecting financial transactions over a public network without submission of sensitive information |
| US6598027B1 (en)* | 1999-11-16 | 2003-07-22 | Xs, Inc. | Systems, methods and computer program products for conducting regulation-compliant commercial transactions of regulated goods via a computer network |
| US6816843B1 (en)* | 2000-04-06 | 2004-11-09 | Daniel G. Baughman | Method and apparatus for conducting purchases in private over a network |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030236872A1 (en)* | 2002-05-09 | 2003-12-25 | Kestrel Wireless. Inc. | Method and system for enabling electronic transactions via a personal device |
| US7333615B1 (en)* | 2002-06-26 | 2008-02-19 | At&T Delaware Intellectual Property, Inc. | Encryption between multiple devices |
| US7594611B1 (en)* | 2005-12-29 | 2009-09-29 | United Services Automobile Association (Usaa) | Multi-account access card |
| US7784692B1 (en) | 2005-12-29 | 2010-08-31 | United Services Automobile Association (Usaa) | Single access vehicle |
| US20100313027A1 (en)* | 2006-02-23 | 2010-12-09 | Barclays Banks Plc | PIN Servicing |
| US10528940B2 (en)* | 2006-02-23 | 2020-01-07 | Barclays Execution Services Limited | PIN servicing |
| US8572400B2 (en)* | 2007-03-26 | 2013-10-29 | Intel Corporation | Enhanced digital right management framework |
| US20110035577A1 (en)* | 2007-03-26 | 2011-02-10 | Yunbiao Lin | Enhanced digital right management framework |
| US20090198617A1 (en)* | 2007-07-27 | 2009-08-06 | Ntt Docomo, Inc. | Method and apparatus for performing delegated transactions |
| CN102947846A (en)* | 2010-03-07 | 2013-02-27 | 吉尔巴科公司 | Fuel dispenser payment system and method |
| US20110238511A1 (en)* | 2010-03-07 | 2011-09-29 | Park Steve H | Fuel dispenser payment system and method |
| US8453223B2 (en)* | 2011-09-23 | 2013-05-28 | Jerome Svigals | Method, device and system for secure transactions |
| US9319404B2 (en) | 2011-09-23 | 2016-04-19 | Jerome Svigals | Security for the internet of things |
| US9344437B2 (en) | 2011-09-23 | 2016-05-17 | Jerome Svigals | Internet of things security |
| US9432378B1 (en) | 2011-09-23 | 2016-08-30 | Jerome Svigals | Internet of things security |
| US8806603B2 (en) | 2012-04-11 | 2014-08-12 | Jerome Svigals | Dual device system for secure transactions |
| US8997188B2 (en) | 2012-04-11 | 2015-03-31 | Jerome Svigals | System for enabling a smart device to securely accept unsolicited transactions |
| US9009807B2 (en) | 2012-04-11 | 2015-04-14 | Jerome Svigals | Smart device lockout |
| US11062403B2 (en)* | 2019-09-23 | 2021-07-13 | Arthur Ray Kerr | System and method for customizable link between two entities |
Also Published As
| Publication number | Publication date |
|---|---|
| US6990471B1 (en) | 2006-01-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US6990471B1 (en) | Method and apparatus for secure electronic commerce | |
| US7039809B1 (en) | Asymmetric encrypted pin | |
| EP1245008B1 (en) | Method and system for secure authenticated payment on a computer network | |
| US7357309B2 (en) | EMV transactions in mobile terminals | |
| US6311171B1 (en) | Symmetrically-secured electronic communication system | |
| US9619799B2 (en) | Apparatus and methods for secure element transactions and management of assets | |
| US20100153273A1 (en) | Systems for performing transactions at a point-of-sale terminal using mutating identifiers | |
| US20080208758A1 (en) | Method and apparatus for secure transactions | |
| US20190347661A1 (en) | Coordinator managed payments | |
| CN102812487A (en) | Method and system for providing internet-based transactions | |
| US20110295753A1 (en) | Pin protection for portable payment devices | |
| JP2004500671A (en) | Improved method and system for making secure payments over a computer network | |
| KR101028106B1 (en) | How payment processing server processes encrypted card information | |
| WO2022040762A1 (en) | Electronic payments systems, methods and apparatus | |
| CN118076964A (en) | Efficient and protected data transmission system and method | |
| KR100323138B1 (en) | Electronic payment method for protecting trust information and computer-readable medium recording the method | |
| KR20000036484A (en) | Cd card for the internet home shopping | |
| JPH11265417A (en) | Electronic cash method using user signature, its device and recording medium | |
| WO2011112143A1 (en) | A transaction managing system, an apparatus for managing transactions and a method for use in such an apparatus | |
| JP2002304589A (en) | Payment system | |
| KR20000017947A (en) | A SSL-based electronic payment method for protecting trust information and computer-readable medium recording the method | |
| KR20020083320A (en) | System and Method for e-business settled using electronic purse | |
| JPS6017560A (en) | Secret code system processor | |
| ZA200208248B (en) | An improved method and system for conducting secure payments over a computer network. |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| STCB | Information on status: application discontinuation | Free format text:ABANDONED -- AFTER EXAMINER'S ANSWER OR BOARD OF APPEALS DECISION |