A SYSTEM AND METHOD FOR MAKING PAYMENT
FIELD OF THE INVENTION
This invention relates to electronic commerce and particularly to a system and method for making payment over the Internet.
BACKGROUND TO THE INVENTION
The security of electronic payments is vital. To avoid possible credit card fraud, several methods and systems exist which claim to allow for secure payments. None of existing method and systems, however, is appropriate for or accessible to a more indigent user who does not have a credit card account and probably conducts online transactions on borrowed or public computers, such as from so called "internet cafes". There is also a level of distrust from certain consumers regarding the security and privacy of electronic payments. Users do not wish their identity and shopping styles to be known for a variety of reasons and may prefer to transact using cash rather than electronic payment means.
Although this specification deals mainly with internet transactions, it will be readily appreciated that it applies to any transaction in which a payer's credit card details are supplied remotely, such as when payment is effected by telephone.
In this specification, the phrase "credit card number" will be understood to include sixteen digit credit card numbers, expiry date and card security code, being the details which are require for carrying out a transaction. It includes debit card numbers and any other number format which is accepted by a vendor in terms of a payment system.
OBJECT OF THE INVENTION
The object of this invention is to provide a system and method for making a payment which at least partially enhances the security and privacy of electronic payments.
SUMMARY OF THE INVENTION
In accordance with a first aspect of this invention there is provided a system having an administrator operable to supply one of a plurality of temporary credit card numbers to a user, the numbers being associated with an administrator's bank account at a banking institution. The temporary credit card number may expire after a time period preselected by the user or the administrator.
The system may comprise a database comprising information regarding the user, the temporary credit card number supplied to the user, and the expiry details of the temporary credit card number.
In accordance with a second aspect of this invention there is provided a method for making remote payment comprising an administrator supplying a user with one of a plurality of temporary credit card numbers for making payments, each number being associated with a bank account held by the administrator at a banking institution.
The method may further include a prior step of the user transferring funds from, a bank account of the user to the administrator's bank account.
The method may further comprise terminating the validity of the temporary credit card number a predetermined period after issue.
In accordance with a third aspect of this invention there is provided a method of issuing temporary credit card numbers, the method comprising:
receiving funds from a user;
selecting a temporary credit card number, the credit card number being associated with a bank account held by an administrator at a banking institution; and
communicating the selected temporary credit card number to the user.
The method may further comprise the steps of: determining an expiry time, after which the temporary credit card will no longer be valid; and
communicating the expiry time to the user.
BRIEF DESCRIPTION OF THE DRAWINGS
Figure 1 shows a schematic block diagram of a payment according to an example embodiment of the present invention;
Figure 2 shows a flow chart representing a method for making remote payment according to an example embodiment of the present invention; and
Figure 3 shows a flow chart representing a method of issuing temporary credit card numbers according to an example embodiment of the present invention.
DETAILED DESCRIPTION OF THE INVENTION
Referring first to Figure 1 , a payment system 10 in accordance with the invention includes an administrator 12 having a database 14 and a processing unit 16 with a communication means, such as a personal computer with internet access, the internet being represented schematically by bubble 18.
In use, a user 20 wishing to make an online transaction must register to use the system 10. This may be done in several ways. In a first way, registration is carried out on an online system, indicated schematically by bubble 22, where the user 20 is prompted to provide a username and password. For the sake of privacy, no personal or contact details are required for registering. The user 20 is then informed that, to make use of the system 10, funds must be deposited into one of a plurality of bank accounts. As will be described in more detail further on in the specification, the administrator 12 may have bank accounts 24, 26 and 28, each at different banks. In order for the funds to be allocated to the user 20, the username must be entered as a reference.
In a second way, registration may take place telephonically. The user 20 can use a mobile telephone to send a blank text message using short message service (SMS) to a predetermined number. The administrator 12 is then operable to receive the SMS and generate a username and password for the user 20 which are then sent to the user's mobile telephone.
If the user 20 wishes to make any payments using the system, funds need to be transferred in a conventional manner to one of the bank accounts 24, 26, 28 held by the administrator 12, each account being at a different banking institution. The reference number entered during the transfer is the user's username.
The administrator 12 is then operable to monitor each bank account 24, 26, 28 for possible transactions taking place. Once a deposit is made, the administrator 12 issues one of several temporary credit card numbers to the user 20. The administrator 12 stores the temporary credit card number on its database 14 against the username. The relevant bank account details and deposit are also entered into the database 14.
The user 20 obtains the temporary credit card number by logging into the system 10 online or by sending his username, by SMS, to a dedicated number. The SMS triggers the administrator 12 to send the temporary credit card number to the user's mobile telephone. When the user 20 receives the number, he is informed it must be used, for example, within five hours after which the number expires. In a more complex version of the system 10, the user 20 may determine the duration of the temporary credit card number's validity. Preferably, for the sake of security of payment, the user 20 may only choose a duration that is less than a predetermined duration, such as, for example, five hours.
The user 20 may then shop at a vendor using the temporary credit card number, as is well known in the art. When prompted to enter his credit card details, the user 20 gives the vendor his temporary credit card number. In an embodiment, the administrator 12 is then informed of the proposed intended transaction and verifies that it is less than the amount which was transferred by the user 20 into the administrator's bank account. If so, the transaction is allowed. If it exceeds the amount or if it is effected after the credit card number is expired, the transaction is denied. Alternatively, instead of the administrator 12 having to verify each proposed transaction, the administrator 12 may adjust the credit limit of the temporary credit number so that it matches the amount transferred/required by the user 20. In so doing, if the transaction amount exceeds the credit limit of the relevant temporary credit card number, the transaction will not be approved,
Several variations exist which fall within the scope of the invention. The sixteen digit credit number, for example, may be issued in a voucher which may be bought at any dedicated outlet, such as a post office or pharmacy. Then, the user who wishes to make purchases to the value of R1000, pays the vendor for a R1000 voucher. The voucher has a number concealed by a layer which may be scratched off. After scratching off the layer, the number is SMS'd to the administrator with the usemame. As that number corresponds to a R 1000 voucher, the administrator is aware of the amount to be allocated to the user. Turning now to Figure 2, a second aspect of this invention, namely a method 30 for making remote payment, will be briefly described. The method 30 comprises an administrator supplying a user with one of a plurality of temporary credit card numbers for making payments, as indicated by block 32. As described above, each number is associated with a bank account held by the administrator at a banking institution.
The method 30 may further include a prior step of the user transferring funds from a bank account of the user to the administrator's bank account, as indicated by block 34.
The method 30 may further comprise terminating the validity of the temporary credit card number a predetermined period after issue, as indicated by block 36.
Turning now to Figure 3, a third aspect of this invention, namely a method 40 of issuing temporary credit card numbers, will be briefly described. The method 40 comprises receiving funds from a user, as indicated by block 42. The method 40 further comprises selecting a temporary credit card number, the credit card number being associated with a bank account held by an administrator at a banking institution, as indicated by block 44, and as described in detail above. Finally, the method 40 comprises communicating the selected temporary credit card number to the user, as indicated by block 46.
The method 40 may further comprise the steps of determining an expiry time, after which the temporary credit card will no longer be valid, as indicated by block
48, and then communicating the expiry time to the user, as indicated by block 50.
It will be readily appreciated that by having a temporary credit card number which expires after a relatively short period, the likelihood of fraudulent use of the number is substantially decreased. Further, by utilizing an account which is separate from the user's main account, the amount which may be fraudulently obtained from the account is limited to the amount transferred to the dedicated account. This increases the confidence of users in making internet payments and other remote payments. Furthermore, the privacy of the user's transactions is ensured as the administrator does not hold a record of the user's personal details.