US20030004894A1 - System, method and article of manufacture for secure network electronic payment and credit collection - Google Patents

System, method and article of manufacture for secure network electronic payment and credit collection Download PDF

Info

Publication number
US20030004894A1
US20030004894A1 US10/233,762 US23376202A US2003004894A1 US 20030004894 A1 US20030004894 A1 US 20030004894A1 US 23376202 A US23376202 A US 23376202A US 2003004894 A1 US2003004894 A1 US 2003004894A1
Authority
US
United States
Prior art keywords
payment
computer
merchant
secure
computer system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US10/233,762
Inventor
Kevin Rowney
Deepak Nadig
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hewlett Packard Development Co LP
Original Assignee
Rowney Kevin T. B.
Deepak Nadig
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Rowney Kevin T. B., Deepak Nadig filed Critical Rowney Kevin T. B.
Priority to US10/233,762 priority Critical patent/US20030004894A1/en
Publication of US20030004894A1 publication Critical patent/US20030004894A1/en
Assigned to HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P. reassignment HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: HEWLETT-PACKARD COMPANY
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • G06Q20/027Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP] involving a payment switch or gateway
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/085Payment architectures involving remote charge determination or related payment systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • G06Q30/0601Electronic shopping [e-shopping]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Definitions

  • the present invention relates to the electronic payment in exchange for goods and services purchased over a communication network, and more specifically, and more particularly, to a system, method and article of manufacture for securely transmitting payment information from a customer to a merchant to a payment gateway and returning appropriate, secure authorization to the merchant and the customer.
  • a computer operated under the control of a merchant it is desirable for a computer operated under the control of a merchant to obtain information offered by a customer and transmitted by a computer operating under the control of the customer over a publicly accessible packet-switched network (e.g., the Internet) to the computer operating under the control of the merchant, without risking the exposure of the information to interception by third parties that have access to the network, and to assure that the information is from an authentic source.
  • a publicly accessible packet-switched network e.g., the Internet
  • a payment gateway computer system that is authorized, by a bank or other financial institution that has the responsibility of providing payment on behalf of the customer, to authorize a commercial transaction on behalf of such a financial institution, without the risk of exposing that information to interception by third parties.
  • Such institutions include, for example, financial institutions offering credit or debit card services.
  • SET Secure Electronic Transaction
  • SEPP Secure Electronic Payments Protocol
  • iKP Internet Keyed Payments
  • Net Trust Net Trust
  • Cybercash Credit Payment Protocol One of ordinary skill in the art will readily comprehend that any of the secure payment technologies can be substituted for the SET protocol without undue experimentation.
  • Such secure payment technologies require the customer to operate software that is compliant with the secure payment technology, interacting with third-party certification authorities, thereby allowing the customer to transmit encoded information to a merchant, some of which may be decoded by the merchant, and some which can be decoded only by a payment gateway specified by the customer.
  • a drawback to the secure payment technology approach is that it requires deployment of special-purpose software compliant with the particular secure payment technology to the customer, thereby limiting user acceptance of the secure payment technology to those customers willing to install that software. Customers are generally reluctant to install such specialized software in the absence of a general acceptance of merchant software and payment gateway software that incorporate the corresponding secure payment technology with which to interact.
  • SSL Secure Sockets Layer
  • Freier Freier, Karlton & Kocher
  • SSL Protocol Version 3.0, March 1996 The SSL Protocol Version 3.0, March 1996, and hereby incorporated by reference.
  • SSL provides a means for secure transmission between two computers.
  • SSL has the advantage that it does not require special-purpose software to be installed on the customer's computer because it is already incorporated into widely available software that many people utilize as their standard Internet access medium, and does not require that the customer interact with any third-party certification authority.
  • the support for SSL may be incorporated into software already in use by the customer, e.g., the Netscape Navigator World Wide Web browsing tool.
  • a computer on an SSL connection may initiate a second SSL connection to another computer
  • a drawback to the SSL approach is each SSL connection supports only a two-computer connection. Therefore, SSL does not provide a mechanism for transmitting encoded information to a merchant for retransmission to a payment gateway such that a subset of the information is readable to the payment gateway but not to the merchant.
  • SSL allows for robustly secure two-party data transmission, it does not meet the ultimate need of the electronic commerce market for robustly secure three-party data transmission.
  • PCT Private Communications Technology
  • SHTTP Secure Hyper-Text Transport Protocol
  • PGP Pretty Good Privacy
  • Ipv6 Ipv6 which meets the IPSEC criteria.
  • secure transmission of data is provided between a plurality of computer systems over a public communication system, such as the Internet.
  • Secure transmission of data is provided from a customer computer system to a merchant computer system, and for the further secure transmission of data from the merchant computer system to a payment gateway computer system.
  • the payment gateway system evaluates the information and returns authorization or denial of credit via a secure transmission to the merchant which is communicated to the customer by the merchant.
  • FIG. 1A is a block diagram of a representative hardware environment in accordance with a preferred embodiment
  • FIG. 1B depicts an overview in accordance with a preferred embodiment
  • FIG. 2 depicts a more detailed view of a customer computer system in communication with merchant system under the Secure Sockets Layer protocol in accordance with a preferred embodiment
  • FIG. 3 depicts an overview of the method of securely supplying payment information to a payment gateway in order to obtain payment authorization in accordance with a preferred embodiment
  • FIG. 4 depicts the detailed steps of generating and transmitting a payment authorization request in accordance with a preferred embodiment
  • FIGS. 5A through 5F depict views of the payment authorization request and its component parts in accordance with a preferred embodiment
  • FIGS. 6A and 6B depict the detailed steps of processing a payment authorization request and generating and transmitting a payment authorization request response in accordance with a preferred embodiment
  • FIGS. 7A through 7J depict views of the payment authorization response and its component parts in accordance with a preferred embodiment
  • FIG. 8 depicts the detailed steps of processing a payment authorization response in accordance with a preferred embodiment
  • FIG. 9 depicts an overview of the method of securely supplying payment capture information to a payment gateway in accordance with a preferred embodiment
  • FIG. 10 depicts the detailed steps of generating and transmitting a payment capture request in accordance with a preferred embodiment
  • FIGS. 11A through 11F depict views of the payment capture request and its component parts in accordance with a preferred embodiment
  • FIGS. 12A and 12B depict the detailed steps of processing a payment capture request and generating and transmitting a payment capture request response in accordance with a preferred embodiment
  • FIGS. 13A through 13F depict views of the payment capture response and its component parts in accordance with a preferred embodiment
  • FIG. 14 depicts the detailed steps of processing a payment capture response in accordance with a preferred embodiment.
  • FIG. 1A illustrates a typical hardware configuration of a workstation in accordance with a preferred embodiment having a central processing unit 10 , such as a microprocessor, and a number of other units interconnected via a system bus 12 .
  • the workstation shown in FIG. 1A illustrates a typical hardware configuration of a workstation in accordance with a preferred embodiment having a central processing unit 10 , such as a microprocessor, and a number of other units interconnected via a system bus 12 .
  • RAM Random Access Memory
  • ROM Read Only Memory
  • I/O adapter 18 for connecting peripheral devices such as disk storage units 20 to the bus 12
  • user interface adapter 22 for connecting a keyboard 24 , a mouse 26 , a speaker 28 , a microphone 32 , and/or other user interface devices such as a touch screen (not shown) to the bus 12
  • communication adapter 34 for connecting the workstation to a communication network (e.g., a data processing network) and a display adapter 36 for connecting the bus 12 to a display device 38 .
  • the workstation typically has resident thereon an operating system such as the Microsoft Windows Operating System (OS), the IBM OS/2 operating system, the MAC OS, or UNIX operating system.
  • OS Microsoft Windows Operating System
  • IBM OS/2 operating system
  • MAC OS MAC OS
  • UNIX operating system Those skilled in the art will appreciate that the present invention may also be implemented on platforms and operating systems other than those mentioned.
  • a preferred embodiment is written using JAVA, C, and the C++ language and utilizes object oriented programming methodology.
  • Object oriented programming has become increasingly used to develop complex applications.
  • OOP Object oriented programming
  • OOP is a process of developing computer software using objects, including the steps of analyzing the problem, designing the system, and constructing the program.
  • An object is a software package that contains both data and a collection of related structures and procedures. Since it contains both data and a collection of structures and procedures, it can be visualized as a self-sufficient component that does not require other additional structures, procedures or data to perform its specific task.
  • OOP therefore, views a computer program as a collection of largely autonomous components, called objects, each of which is responsible for a specific task. This concept of packaging data, structures, and procedures together in one component or module is called encapsulation.
  • OOP components are reusable software modules which present an interface that conforms to an object model and which are accessed at run-time through a component integration architecture.
  • a component integration architecture is a set of architecture mechanisms which allow software modules in different process spaces to utilize each others capabilities or functions. This is generally done by assuming a common component object model on which to build the architecture.
  • An object is a single instance of the class of objects, which is often just called a class.
  • a class of objects can be viewed as a blueprint, from which many objects can be formed.
  • OOP allows the programmer to create an object that is a part of another object.
  • the object representing a piston engine is said to have a composition-relationship with the object representing a piston.
  • a piston engine comprises a piston, valves and many other components; the fact that a piston is an element of a piston engine can be logically and semantically represented in OOP by two objects.
  • OOP also allows creation of an object that “depends from” another object. If there are two objects, one representing a piston engine and the other representing a piston engine wherein the piston is made of ceramic, then the relationship between the two objects is not that of composition.
  • a ceramic piston engine does not make up a piston engine. Rather it is merely one kind of piston engine that has one more limitation than the piston engine; its piston is made of ceramic.
  • the object representing the ceramic piston engine is called a derived object, and it inherits all of the aspects of the object representing the piston engine and adds further limitation or detail to it.
  • the object representing the ceramic piston engine “depends from” the object representing the piston engine. The relationship between these objects is called inheritance.
  • the object or class representing the ceramic piston engine inherits all of the aspects of the objects representing the piston engine, it inherits the thermal characteristics of a standard piston defined in the piston engine class.
  • the ceramic piston engine object overrides these ceramic specific thermal characteristics, which are typically different from those associated with a metal piston. It skips over the original and uses new functions related to ceramic pistons.
  • Different kinds of piston engines will have different characteristics, but may have the same underlying functions associated with it (e.g., how many pistons in the engine, ignition sequences, lubrication, etc.).
  • a programmer would call the same functions with the same names, but each type of piston engine may have different/overriding implementations of functions behind the same name. This ability to hide different implementations of a function behind the same name is called polymorphism and it greatly simplifies communication among objects.
  • Objects can represent physical objects, such as automobiles in a traffic-flow simulation, electrical components in a circuit-design program, countries in an economics model, or aircraft in an air-traffic-control system.
  • Objects can represent elements of the computer-user environment such as windows, menus or graphics objects.
  • An object can represent an inventory, such as a personnel file or a table of the latitudes and longitudes of cities.
  • An object can represent user-defined data types such as time, angles, and complex numbers, or points on the plane.
  • OOP allows the software developer to design and implement a computer program that is a model of some aspects of reality, whether that reality is a physical entity, a process, a system, or a composition of matter. Since the object can represent anything, the software developer can create an object which can be used as a component in a larger software project in the future.
  • C++ is an OOP language that offers a fast, machine-executable code.
  • C++ is suitable for both commercial-application and systems-programming projects.
  • C++ appears to be the most popular choice among many OOP programmers, but there is a host of other OOP languages, such as Smalltalk, common lisp object system (CLOS), and Eiffel. Additionally, OOP capabilities are being added to more traditional popular computer programming languages such as Pascal.
  • Encapsulation enforces data abstraction through the organization of data into small, independent objects that can communicate with each other. Encapsulation protects the data in an object from accidental damage, but allows other objects to interact with that data by calling the object's member functions and structures.
  • Subclassing and inheritance make it possible to extend and modify objects through deriving new kinds of objects from the standard classes available in the system. Thus, new capabilities are created without having to start from scratch.
  • Class hierarchies and containment hierarchies provide a flexible mechanism for modeling real-world objects and the relationships among them.
  • Class libraries are very flexible. As programs grow more complex, more programmers are forced to adopt basic solutions to basic problems over and over again.
  • a relatively new extension of the class library concept is to have a framework of class libraries. This framework is more complex and consists of significant collections of collaborating classes that capture both the small scale patterns and major mechanisms that implement the common requirements and design in a specific application domain. They were first developed to free application programmers from the chores involved in displaying menus, windows, dialog boxes, and other standard user interface elements for personal computers.
  • Frameworks also represent a change in the way programmers think about the interaction between the code they write and code written by others.
  • the programmer called libraries provided by the operating system to perform certain tasks, but basically the program executed down the page from start to finish, and the programmer was solely responsible for the flow of control. This was appropriate for printing out paychecks, calculating a mathematical table, or solving other problems with a program that executed in just one way.
  • event loop programs require programmers to write a lot of code that should not need to be written separately for every application.
  • the concept of an application framework carries the event loop concept further. Instead of dealing with all the nuts and bolts of constructing basic menus, windows, and dialog boxes and then making these things all work together, programmers using application frameworks start with working application code and basic user interface elements in place. Subsequently, they build from there by replacing some of the generic capabilities of the framework with the specific capabilities of the intended application.
  • Application frameworks reduce the total amount of code that a programmer has to write from scratch.
  • the framework is really a generic application that displays windows, supports copy and paste, and so on, the programmer can also relinquish control to a greater degree than event loop programs permit.
  • the framework code takes care of almost all event handling and flow of control, and the programmer's code is called only when the framework needs it (e.g., to create or manipulate a proprietary data structure).
  • a programmer writing a framework program not only relinquishes control to the user (as is also true for event loop programs), but also relinquishes the detailed flow of control within the program to the framework. This approach allows the creation of more complex systems that work together in interesting ways, as opposed to isolated programs, having custom code, being created over and over again for similar problems.
  • a framework basically is a collection of cooperating classes that make up a reusable design solution for a given problem domain. It typically includes objects that provide default behavior (e.g., for menus and windows), and programmers use it by inheriting some of that default behavior and overriding other behavior so that the framework calls application code at the appropriate times.
  • default behavior e.g., for menus and windows
  • Behavior versus protocol Class libraries are essentially collections of behaviors that you can call when you want those individual behaviors in your program.
  • a framework provides not only behavior but also the protocol or set of rules that govern the ways in which behaviors can be combined, including rules for what a programmer is supposed to provide versus what the framework provides.
  • a preferred embodiment of the invention utilizes HyperText Markup Language (HTML) to implement documents on the Internet together with a general-purpose secure communication protocol for a transport medium between the client and the merchant.
  • HTML is a simple data format used to create hypertext documents that are portable from one platform to another.
  • HTML documents are SGML documents with generic semantics that are appropriate for representing information from a wide range of domains. HTML has been in use by the World-Wide Web global information initiative since 1990. HTML is an application of ISO Standard 8879:1986 Information Processing Text and Office Systems; Standard Generalized Markup Language (SGML).
  • HTML has been the dominant technology used in development of Web-based solutions.
  • HTML has proven to be inadequate in the following areas:
  • UI User Interface
  • Custom “widgets” e.g. real-time stock tickers, animated icons, etc.
  • client-side performance is improved.
  • Java supports the notion of client-side validation, offloading appropriate processing onto the client for improved performance.
  • Dynamic, real-time Web pages can be created.
  • custom UI components dynamic Web pages can also be created.
  • Sun's Java language has emerged as an industry-recognized language for “programming the Internet.” Sun defines Java as: “a simple, object-oriented, distributed, interpreted, robust, secure, architecture-neutral, portable, high-performance, multithreaded, dynamic, buzzword-compliant, general-purpose programming language.
  • Java supports programming for the Internet in the form of platform-independent Java applets.”
  • Java applets are small, specialized applications that comply with Sun's Java Application Programming Interface (API) allowing developers to add “interactive content” to Web documents (e.g. simple animations, page adornments, basic games, etc.).
  • Applets execute within a Java-compatible browser (e.g. Netscape Navigator) by copying code from the server to client.
  • Java's core feature set is based on C++.
  • Sun's Java literature states that Java is basically “C++, with extensions from Objective C for more dynamic method resolution”.
  • ActiveX includes tools for developing animation, 3-D virtual reality, video and other multimedia content.
  • the tools use Internet standards, work on multiple platforms, and are being supported by over 100 companies.
  • the group's building blocks are called ActiveX Controls, small, fast components that enable developers to embed parts of software in hypertext markup language (HTML) pages.
  • ActiveX Controls work with a variety of programming languages including Microsoft Visual C++, Borland Delphi, Microsoft Visual Basic programming system and, in the future, Microsoft's development tool for Java, code named “Jakarta.”
  • ActiveX Technologies also includes ActiveX Server Framework, allowing developers to create server applications.
  • ActiveX could be substituted for JAVA without undue experimentation to practice the invention.
  • FIG. 1B depicts an overview of the present invention.
  • Customer computer system 120 is in communication with merchant computer system 130 .
  • the customer-merchant session 150 operates under a general-purpose secure communication protocol such as the SSL protocol.
  • Merchant computer system 130 is additionally in communication with payment gateway computer system 140 .
  • a payment gateway is a system that provides electronic commerce services in support of a bank or other financial institution, and that interfaces to the financial institution to support the authorization and capture of transactions.
  • the customer-institution session 170 operates under a variant of a secure payment technology such as the SET protocol, as described herein, referred to as Merchant-Originated Secure Electronic Transactions (“MOSET”), as is more fully described herein.
  • MOSET Merchant-Originated Secure Electronic Transactions
  • FIG. 2 depicts a more detailed view of customer computer system 120 in communication with merchant system 130 using customer-merchant session 150 operating under the SSL protocol as documented in Freier and incorporated by reference.
  • Customer computer system 120 initiates communication with merchant computer system 130 using any well-known access protocol, e.g., Transmission Control Protocol/Internet Protocol (“TCP/IP”).
  • TCP/IP Transmission Control Protocol/Internet Protocol
  • customer computer system 120 acts as a client
  • merchant computer system 130 acts as a server.
  • Customer computer system 120 initiates communication by sending “client hello” message 210 to the merchant computer system 130 .
  • client hello message 210 When a client first connects to a server it is required to send the client hello message 210 as its first message.
  • the client can also send a client hello message 210 in response to a hello request on its own initiative in order to renegotiate the security parameters in an existing connection.
  • the client hello message includes a random structure, which is used later in the protocol.
  • the random structure includes the current time and date in standard UNIX 32-bit format according to the sender's internal clock and twenty-eight bytes of data generated by a secure random number generator.
  • the client hello message 210 further includes a variable length session identifier. If not empty, the session identifier value identifies a session between the same client and server whose security parameters the client wishes to reuse. The session identifier may be from an earlier connection, the current connection, or another currently active connection. It is useful to specify the current connection if the client only wishes to update the random structures and derived values of a connection. It is useful to specify another currently active connection if the client wishes to establish several simultaneous independent secure connections to the same server without repeating the full handshake protocol.
  • Client hello message 210 further includes an indicator of the cryptographic algorithms supported by the client in order of the client's preference, ordered according to client preference.
  • client hello message 210 In response to client hello message 210 , if merchant computer system 130 wishes to correspond with customer computer system 120 , it responds with server hello message 215 . If merchant computer system 130 does not wish to communicate with customer computer system 120 , it responds with a message, not shown, indicating refusal to communicate.
  • Server hello message 215 includes a random structure, which is used later in the protocol.
  • the random structure in server hello message 215 is in the same format as, but has contents independent of, the random structure in client hello message 210 .
  • the random structure includes the current time and date in standard UNIX 32-bit format according to the sender's internal clock and twenty-eight bytes of data generated by a secure random number generator.
  • Server hello message 215 further includes a variable length session identifier. The session identifier value identifies a new or existing session between the same client and server.
  • Server hello message 215 further includes an indicator of the cryptographic algorithms selected from among the algorithms specified by client hello message 210 , which will be used in further encrypted communications.
  • Merchant computer system 130 transmits a server certificate 220 . If transmitted, server certificate 130 enables customer computer system 120 to authenticate the identity of merchant computer system 130 .
  • server key exchange message 225 identifies a key that may be used by customer computer system 120 to decrypt further messages sent by merchant computer system 130 .
  • server computer system 130 After transmitting server hello message 215 , and optionally transmitting server certificate 220 or server key exchange message 225 , merchant computer system 130 transmits a server hello done message 230 and waits for a further response from customer computer system 120 .
  • Customer computer system 120 optionally transmits client certificate 240 to merchant computer system 130 . If transmitted, client certificate 240 enables merchant computer system 130 to authenticate the identity of customer computer system 120 . Alternatively, customer computer system 120 may transmit a no-client-certificate alert 245 , to indicate that the customer has not registered with any certification authority.
  • customer computer system 130 may optionally transmit a client key exchange message 250 .
  • Client key exchange message 250 identifies a key that may be used by merchant computer system 130 to decrypt further messages sent by customer computer system 120 .
  • customer computer system 120 After optionally transmitting client certificate 240 , no-client-certificate alert 245 , and/or client key exchange message 250 , customer computer system 120 transmits a finished message 260 .
  • customer computer system 120 and merchant computer system 130 have:
  • Customer computer system 120 and merchant computer system 130 may thereafter engage in secure communications 270 with less risk of interception by third parties.
  • Among the messages communicated by customer computer system 120 to merchant computer system 130 may be messages that specify goods or services to be ordered and payment information, such as a credit card number and related information, collectively referred to as “payment information,” that may be used to pay for the goods and/or services ordered.
  • payment information such as a credit card number and related information, collectively referred to as “payment information,” that may be used to pay for the goods and/or services ordered.
  • the merchant In order to obtain payment, the merchant must supply this information to the bank or other payment gateway responsible for the proffered payment method. This enables the merchant to perform payment authorization and payment capture.
  • Payment authorization is the process by which permission is granted by a payment gateway operating on behalf of a financial institution to authorize payment on behalf of the financial institution. This is a process that assesses transaction risk, confirms that a given transaction does not raise the account holder's debt above the account's credit limit, and reserves the specified amount of credit.
  • Payment capture is the process that triggers the movement of funds from the financial institution to the merchant'
  • FIG. 3 depicts an overview of the method of securely supplying payment information to a payment gateway in order to obtain payment authorization.
  • merchant computer system 130 generates a payment authorization request 315 and transmits it to payment gateway computer system 140 .
  • payment gateway system 140 processes the payment authorization request, generates a payment authorization response 325 and transmits it to merchant computer system 130 .
  • merchant computer system 130 processes payment authorization response 325 and determines whether payment for the goods or services sought to be obtained by the customer has been authorized.
  • FIG. 4 depicts the detailed steps of generating and transmitting a payment authorization request.
  • FIGS. 5A through 5F depict views of the payment authorization request and its component parts.
  • merchant computer system 130 creates a basic authorization request 510 .
  • the basic authorization request is a data area that includes all the information for determining whether a request should be granted or denied. Specifically, it includes such information as the party who is being charged, the amount to be charged, the account number of the account to be charged, and any additional data, such as passwords, needed to validate the charge.
  • FIG. 5A depicts a basic authorization request 510 .
  • merchant computer system 130 combines basic authorization request 510 , a copy of its encryption public key certificate 515 and a copy of its signature public key certificate 520 .
  • Merchant computer system 130 calculates a digital signature 525 for the combined contents of the combined block 530 comprising basic authorization request 510 , the encryption public key certificate 515 and the signature public key certificate 520 , and appends it to the combination of the combined basic authorization request 510 , the encryption public key certificate 515 and the signature public key certificate 520 .
  • the merchant computer system calculates digital signature 525 by first calculating a “message digest” based upon the contents of the combined basic authorization request 510 , the encryption public key certificate 515 and the signature public key certificate 520 .
  • a message digest is the fixed-length result that is generated when a variable length message is fed into a one-way hashing function. Message digests help verify that a message has not been altered because altering the message would change the digest. The message digest is then encrypted using the merchant computer system's 130 digital signature private key, thus forming a digital signature.
  • FIG. 5B depicts the combined block 530 formed by function block 420 and containing basic authorization request 510 , the encryption public key certificate 515 , the signature public key certificate 520 , and digital signature 525 .
  • Random encryption key RK-0 540 is a symmetric encryption key.
  • a symmetric encryption key is a key characterized by the property that a message encrypted with a symmetric key can be decrypted with that same key. This is contrasted with an asymmetric key pair, such as a public-key/private-key key pair, where a message encrypted with one key of the key pair may only be decrypted with the other key of the same key pair.
  • FIG. 5C depicts random encryption key RK-0 540 .
  • FIG. 5D depicts encrypted combined block 550 .
  • the encryption state of encrypted combined block 550 is graphically shown by random key lock 555 , which indicates that encrypted combined block 550 is encrypted using random key RK-0 540 .
  • merchant computer system 130 encrypts random encryption key RK-0 540 using the public key of payment gateway system 140 to form encrypted random key 560 .
  • FIG. 5E depicts encrypted random key 560 .
  • the encryption state of encrypted random key 560 is graphically shown by payment gateway public key lock 565 , which indicates that encrypted random key 560 is encrypted using the payment gateway public key.
  • merchant computer system 130 concatenates encrypted combined block 550 and encrypted random key 560 to form merchant authorization request 315 .
  • FIG. 5F depicts merchant authorization request 315 comprising encrypted combined block 550 and encrypted random key 560 .
  • merchant computer system 130 transmits merchant authorization request 315 to payment gateway system 140 .
  • FIG. 6 depicts the detailed steps of processing a payment authorization request and generating and transmitting a payment authorization request response.
  • Function blocks 610 through 630 depict the steps of processing a payment authorization request, while function blocks 635 through 685 depict the steps of generating and transmitting a payment authorization request response.
  • payment gateway computer system 140 applies its private key to encrypted random key 560 contained within received merchant authorization request 315 , thereby decrypting it and obtaining a cleartext version of random key RK-0 540 .
  • payment gateway computer system 140 applies random key RK-0 540 to encrypted combined block 550 , thereby decrypting it and obtaining a cleartext version of combined block 530 .
  • combined block 530 comprises basic authorization request 510 , a copy of merchant computer system's 130 encryption public key certificate 515 and a copy of merchant computer system's 130 signature public key certificate 520 , as well as merchant digital signature 525 .
  • payment gateway computer system 140 verifies merchant computer system's 130 encryption public key certificate 515 and merchant computer system's 130 signature public key certificate 520 . Payment gateway computer system 140 performs this verification by making a call to the certification authorities associated with each certificate. If verification of either certificate fails, payment gateway computer system 140 rejects the authorization request.
  • payment gateway computer system 140 validates merchant digital signature 525 .
  • Payment gateway computer system 140 performs this validation by calculating a message digest over the contents of the combined basic authorization request 510 , the encryption public key certificate 515 and the signature public key certificate 520 .
  • Payment gateway computer system 140 then decrypts digital signature 525 to obtain a copy of the equivalent message digest calculated by merchant computer system 130 in function block 420 . If the two message digests are equal, the digital signature 525 is validated. If validation fails, payment gateway computer system 140 rejects the authorization request.
  • payment gateway computer system 140 determines the financial institution for which authorization is required by inspection of basic authorization request 510 .
  • Payment gateway computer system 140 contacts the appropriate financial institution using a secure means, e.g, a direct-dial modem-to-modem connection, or a proprietary internal network that is not accessible to third parties, and using prior art means, obtains a response indicating whether the requested payment is authorized.
  • a secure means e.g, a direct-dial modem-to-modem connection, or a proprietary internal network that is not accessible to third parties, and using prior art means, obtains a response indicating whether the requested payment is authorized.
  • Function blocks 635 through 685 depict the steps of generating and transmitting a payment authorization request response.
  • FIGS. 7A through 7J depict views of the payment authorization response and its component parts.
  • payment gateway computer system 140 creates a basic authorization response 710 .
  • the basic authorization request is a data area that includes all the information to determine whether a request was granted or denied.
  • FIG. 7A depicts basic authorization response 710 .
  • payment gateway computer system 140 combines basic authorization response 710 , and a copy of its signature public key certificate 720 .
  • Payment computer system 140 calculates a digital signature 725 for the combined contents of the combined block 730 comprising basic authorization response 710 and the signature public key certificate 720 , and appends the signature to the combination of the combined basic authorization response 710 and the signature public key certificate 720 .
  • the payment gateway computer system calculates digital signature 725 by first calculating a message digest based on the contents of the combined basic authorization response 710 and signature public key certificate 720 .
  • the message digest is then encrypted using the merchant computer system's 140 digital signature private key, thus forming a digital signature.
  • FIG. 7B depicts the combined block 730 formed in function block 640 and containing basic authorization response 710 , the signature public key certificate 720 , and digital signature 725 .
  • payment gateway computer system 150 generates a first symmetric random encryption key 740 , denoted as RK-1.
  • FIG. 7C depicts first random encryption key RK-1 740 .
  • function block 650 payment gateway computer system 140 encrypts combined block 730 using random encryption key RK-1 740 to form encrypted combined block 750 .
  • FIG. 7D depicts encrypted combined block 750 .
  • the encryption state of encrypted combined block 750 is graphically shown by random key lock 755 , which indicates that encrypted combined block 750 is encrypted using random key RK-1 740 .
  • payment gateway computer system 140 encrypts random encryption key RK-1 740 using the public key of merchant computer system 130 to form encrypted random key RK 760 .
  • FIG. 7E depicts encrypted random key RK-1 760 .
  • the encryption state of encrypted random key 760 is graphically shown by merchant public key lock 765 , which indicates that encrypted random key 760 is encrypted using the merchant public key.
  • function block 660 payment gateway computer system 140 generates a random capture token 770 .
  • Random capture token 770 will be used in subsequent payment capture processing to associate the payment capture request with the payment authorization request being processed.
  • FIG. 7F depicts capture token 775 .
  • payment gateway computer system 140 generates a second symmetric random encryption key 775 , denoted as RK-2.
  • FIG. 7G depicts second random encryption key RK-2 775 .
  • payment gateway computer system 140 encrypts capture token 770 using random encryption key RK-2 770 to form encrypted capture token 780 .
  • FIG. 7H depicts encrypted capture token 780 .
  • the encryption state of encrypted capture token 780 is graphically shown by random key lock 785 , which indicates that encrypted capture token 780 is encrypted using random key RK-2 770 .
  • payment gateway computer system 140 encrypts second random encryption key RK-2 775 using its own public key to form encrypted random key RK-2 790 .
  • FIG. 71 depicts encrypted random key RK-2 790 .
  • the encryption state of encrypted random key 790 is graphically shown by payment gateway public key lock 795 , which indicates that encrypted random key 790 is encrypted using the payment gateway public key.
  • payment gateway computer system 140 concatenates encrypted combined block 750 , encrypted random key RK-1 760 , encrypted capture token 780 and encrypted random key RK-2 790 to form merchant authorization response 325 .
  • FIG. 7J depicts merchant authorization response 325 comprising encrypted combined block 750 , encrypted random key RK-1 760 , encrypted capture token 780 and encrypted random key RK2 790 .
  • payment gateway computer system 140 transmits merchant authorization response 325 to merchant system 130 .
  • FIG. 8 depicts the detailed steps of processing a payment authorization response.
  • merchant computer system 130 applies its private key to encrypted random key RK-1 760 contained within received merchant authorization response 325 , thereby decrypting it and obtaining a cleartext version of random key RK-1 740 .
  • merchant computer system 130 applies random key RK-1 740 to encrypted combined block 750 , thereby decrypting it and obtaining a cleartext version of combined block 730 .
  • combined block 730 comprises basic authorization response 710 , a copy of payment gateway computer system's 140 signature public key certificate 720 , as well as payment gateway digital signature 725 .
  • merchant computer system 130 verifies payment gateway computer system's 140 signature public key certificate 720 . Merchant computer system 130 performs this verification by making a call to the certification authority associated with the certificate. If verification of the certificate fails, merchant computer system 130 concludes that the authorization response is counterfeit and treats it though the authorization request had been rejected.
  • merchant computer system 130 validates payment gateway digital signature 725 .
  • Merchant computer system 130 performs this validation by calculating a message digest over the contents of the combined basic authorization request 710 and the signature public key certificate 720 .
  • Merchant computer system 130 then decrypts digital signature 725 to obtain a copy of the equivalent message digest calculated by payment gateway computer system 140 in function block 640 . If the two message digests are equal, the digital signature 725 is validated. If validation fails, concludes that the authorization response is counterfeit and treats it though the authorization request had been rejected.
  • merchant computer system 130 stores encrypted capture token 780 and encrypted random key RK-2 790 for later use in payment capture.
  • merchant computer system 130 processes the customer purchase request in accordance with the authorization response 710 . If the authorization response indicates that payment in authorized, merchant computer system 130 fills the requested order. If the authorization response indicates that payment is not authorized, or if merchant computer system 130 determined in function block 830 or 840 that the authorization response is counterfeit, merchant computer system 130 indicates to the customer that the order cannot be filled.
  • FIG. 9 depicts an overview of the method of securely supplying payment capture information to payment gateway 140 in order to obtain payment capture.
  • merchant computer system 130 generates a merchant payment capture request 915 and transmits it to payment gateway computer system 140 .
  • payment gateway system 140 processes the payment capture request 915 , generates a payment capture response 925 and transmits it to merchant computer system 130 .
  • merchant computer system 130 processes payment capture response 925 and verifies that payment for the goods or services sought to be obtained by the customer have been captured.
  • FIG. 10 depicts the detailed steps of generating and transmitting a payment capture request.
  • FIGS. 11A through 11F depict views of the payment capture request and its component parts.
  • merchant computer system 130 creates a basic capture request 510 .
  • the basic capture request is a data area that includes all the information needed by payment gateway computer system 140 to trigger a transfer of funds to the merchant operating merchant computer system 130 .
  • a capture request includes a capture request amount, a capture token, a date, summary information of the purchased items and a Merchant ID (MID) for the particular merchant.
  • FIG. 11A depicts basic authorization request 1110 .
  • merchant computer system 130 combines basic capture request 1110 , a copy of its encryption public key certificate 1115 and a copy of its signature public key certificate 1120 .
  • Merchant computer system 130 calculates a digital signature 1125 for the combined contents of the combined block 1130 comprising basic capture request 1110 , the encryption public key certificate 1115 and the signature public key certificate 1120 , and appends it to the combination of the combined basic capture request 1110 , the encryption public key certificate 1115 and the signature public key certificate 1120 .
  • the merchant computer system calculates digital signature 1125 by first calculating a message digest over the contents of the combined basic capture request 1110 , the encryption public key certificate 1115 and the signature public key certificate 1120 .
  • the message digest is then encrypted using the merchant computer system's 130 digital signature private key, thus forming a digital signature.
  • FIG. 11B depicts the combined block 1130 formed by function block 1020 and containing basic capture request 1110 , the encryption public key certificate 1115 , the signature public key certificate 1120 , and digital signature 1125 .
  • Random encryption key RK-3 1140 is a symmetric encryption key.
  • FIG. 11C depicts random encryption key RK-3 1140 .
  • FIG. 11D depicts encrypted combined block 1150 .
  • the encryption state of encrypted combined block 1150 is graphically shown by random key lock 1155 , which indicates that encrypted combined block 1150 is encrypted using random key RK-3 1140 .
  • merchant computer system 130 encrypts random encryption key RK-3 1140 using the public key of payment gateway system 140 to form encrypted random key 1160 .
  • FIG. 11E depicts encrypted random key 1160 .
  • the encryption state of encrypted random key 1160 is graphically shown by payment gateway public key lock 1165 , which indicates that encrypted random key RK-3 1160 is encrypted using the payment gateway public key.
  • merchant computer system 130 concatenates encrypted combined block 1150 , encrypted random key 1160 , and the encrypted capture token 780 and encrypted random key RK-2 790 that were stored in function block 850 to form merchant capture request 915 .
  • FIG. 11 F depicts merchant capture request 915 , comprising encrypted combined block 1150 , encrypted random key 1160 , encrypted capture token 780 and encrypted random key RK-2 790 .
  • merchant computer system 130 transmits merchant capture request 915 to payment gateway system 140 .
  • FIG. 12 depicts the detailed steps of processing a payment capture request and generating and transmitting a payment capture request response.
  • Function blocks 1210 through 1245 depict the steps of processing a payment capture request
  • function blocks 1250 through 1285 depict the steps of generating and transmitting a payment capture request response.
  • payment gateway computer system 140 applies its private key to encrypted random key 1160 contained within received merchant capture request 915 , thereby decrypting it and obtaining a cleartext version of random key RK-3 1140 .
  • payment gateway computer system 140 applies random key RK-3 1140 to encrypted combined block 1150 , thereby decrypting it and obtaining a cleartext version of combined block 1130 .
  • combined block 1130 comprises basic capture request 1110 , a copy of merchant computer system's 130 encryption public key certificate 1115 and a copy of merchant computer system's 130 signature public key certificate 1120 , as well as merchant digital signature 1125 .
  • payment gateway computer system 140 verifies merchant computer system's 130 encryption public key certificate 1115 and merchant computer system's 130 signature public key certificate 1120 .
  • Payment gateway computer system 140 performs this verification by making a call to the certification authorities associated with each certificate. If verification of either certificate fails, payment gateway computer system 140 rejects the capture request.
  • payment gateway computer system 140 validates merchant digital signature 1125 .
  • Payment gateway computer system 140 performs this validation by calculating a message digest over the contents of the combined basic capture request 1110 , the encryption public key certificate 1115 and the signature public key certificate 1120 .
  • Payment gateway computer system 140 then decrypts digital signature 1125 to obtain a copy of the equivalent message digest calculated by merchant computer system 130 in function block 1020 . If the two message digests are equal, the digital signature 1125 is validated. If validation fails, payment gateway computer system 140 rejects the capture request.
  • payment gateway computer system 140 applies its private key to encrypted random key RK-2 790 contained within received merchant capture request 915 , thereby decrypting it and obtaining a cleartext version of random key RK-2 775 .
  • payment gateway computer system 140 applies random key RK-2 775 to encrypted capture token 780 , thereby decrypting it and obtaining a cleartext version of capture token 770 .
  • payment gateway computer system 140 verifies that a proper transaction is being transmitted between capture token 780 and capture request 1110 .
  • a capture token contains data that the gateway generates at the time of authorization.
  • the authorization is approved, the encrypted capture token is given to the merchant for storage.
  • the merchant returns the capture token to the gateway along with other information required for capture.
  • the gateway compares a message made of the capture request data and the capture token data and transmits this information over a traditional credit/debit network. If an improperly formatted transaction is detected, payment gateway computer system 140 rejects the capture request.
  • payment gateway computer system 140 determines the financial institution for which capture is requested by inspection of basic capture request 1110 .
  • Payment gateway computer system 140 contacts the appropriate financial institution using a secure means, e.g, a direct-dial modem-to-modem connection, or a proprietary internal network that is not accessible to third parties, and using prior art means, instructs a computer at the financial institution to perform the requested funds transfer.
  • a secure means e.g, a direct-dial modem-to-modem connection, or a proprietary internal network that is not accessible to third parties, and using prior art means, instructs a computer at the financial institution to perform the requested funds transfer.
  • Function blocks 1250 through 1285 depict the steps of generating and transmitting a payment capture request response.
  • FIGS. 13A through 13F depict views of the payment capture response and its component parts.
  • payment gateway computer system 140 creates a basic capture response 710 .
  • the basic capture request is a data area that includes all the information to indicate whether a capture request was granted or denied.
  • FIG. 13A depicts basic authorization request 1310 .
  • payment gateway computer system 140 combines basic capture response 1310 , and a copy of its signature public key certificate 1320 .
  • Payment computer system 140 calculates a digital signature 1325 for the combined contents of the combined block 1330 comprising basic capture response 1310 and the signature public key certificate 1320 , and appends the signature to the combination of the combined basic authorization request 1310 and the signature public key certificate 1320 .
  • the payment gateway computer system calculates digital signature 1325 by first calculating a message digest over the contents of the combined basic capture response 1310 and signature public key certificate 720 . The message digest is then encrypted using the merchant computer system's 140 digital signature private key, thus forming a digital signature.
  • FIG. 13B depicts the combined block 1330 formed by function block 1255 and containing basic capture request 1310 , the signature public key certificate 1320 , and digital signature 1325 .
  • payment gateway computer system 140 generates a symmetric random encryption key 1340 , denoted as RK-4.
  • FIG. 13C depicts random encryption key RK-4 1340 .
  • payment gateway computer system 140 encrypts combined block 1330 using random encryption key RK-4 1340 to form encrypted combined block 1350 .
  • FIG. 13D depicts encrypted combined block 1350 .
  • the encryption state of encrypted combined block 1350 is graphically shown by random key lock 1355 , which indicates that encrypted combined block 1350 is encrypted using random key RK-4 1340 .
  • payment gateway computer system 140 encrypts random encryption key RK-4 1340 using the public key of merchant computer system 130 to form encrypted random key RK-4 1360 .
  • FIG. 13E depicts encrypted random key RK-4 1360 .
  • the encryption state of encrypted random key 1360 is graphically shown by merchant public key lock 1365 , which indicates that encrypted random key 1360 is encrypted using the merchant public key.
  • payment gateway computer system 140 concatenates encrypted combined block 1350 and encrypted random key RK-4 1360 to form merchant capture response 925 .
  • FIG. 13F depicts merchant capture response 925 comprising encrypted combined block 1350 and encrypted random key RK-4 1360 .
  • payment gateway computer system 140 transmits merchant capture response 925 to merchant system 130 .
  • FIG. 14 depicts the detailed steps of processing a payment capture response.
  • merchant computer system 130 applies its private key to encrypted random key RK-4 1360 contained within received merchant capture response 925 , thereby decrypting it and obtaining a cleartext version of random key RK-4 1340 .
  • merchant computer system 130 applies random key RK-4 1340 to encrypted combined block 1350 , thereby decrypting it and obtaining a cleartext version of combined block 1330 .
  • combined block 1330 comprises basic capture response 1310 , a copy of payment gateway computer system's 140 signature public key certificate 1320 , as well as payment gateway digital signature 1325 .
  • merchant computer system 130 verifies payment gateway computer system's 140 signature public key certificate 1320 . Merchant computer system 130 performs this verification by making a call to the certification authority associated with the certificate. If verification of the certificate fails, merchant computer system 130 concludes that the capture response is counterfeit and raises an error condition.
  • merchant computer system 130 validates payment gateway digital signature 1325 .
  • Merchant computer system 130 performs this validation by calculating a message digest over the contents of the combined basic authorization request 1310 and the signature public key certificate 1320 .
  • Merchant computer system 130 then decrypts digital signature 1325 to obtain a copy of the equivalent message digest calculated by payment gateway computer system 140 in function block 1255 . If the two message digests are equal, the digital signature 1325 is validated. If validation fails, merchant computer system 130 concludes that the authorization response is counterfeit and raises an error condition.
  • merchant computer system 130 stores capture response for later use in by legacy system accounting programs, e.g. to perform reconciliation between the merchant operating merchant computer system 130 and the financial institution from whom payment was requested, thereby completing the transaction.
  • the system of the present invention permits immediate deployment of a secure payment technology architecture such as the SET architecture without first establishing a public-key encryption infrastructure for use by consumers. It thereby permits immediate use of SET-compliant transaction processing without the need for consumers to migrate to SET-compliant application software.

Abstract

Secure transmission of data is provided between a plurality of computer systems over a public communication system, such as the Internet. Secure transmission of data is provided from a customer computer system to a merchant computer system, and for the further secure transmission of data from the merchant computer system to a payment gateway computer system. The payment gateway system evaluates the information and returns authorization or denial of credit via a secure transmission to the merchant which is communicated to the customer by the merchant.

Description

    FIELD OF THE INVENTION
  • The present invention relates to the electronic payment in exchange for goods and services purchased over a communication network, and more specifically, and more particularly, to a system, method and article of manufacture for securely transmitting payment information from a customer to a merchant to a payment gateway and returning appropriate, secure authorization to the merchant and the customer. [0001]
  • BACKGROUND OF THE INVENTION
  • It is desirable for a computer operated under the control of a merchant to obtain information offered by a customer and transmitted by a computer operating under the control of the customer over a publicly accessible packet-switched network (e.g., the Internet) to the computer operating under the control of the merchant, without risking the exposure of the information to interception by third parties that have access to the network, and to assure that the information is from an authentic source. It is further desirable to have the ability for the merchant to transmit information, including a subset of the information provided by the customer, over such a network to a payment gateway computer system that is authorized, by a bank or other financial institution that has the responsibility of providing payment on behalf of the customer, to authorize a commercial transaction on behalf of such a financial institution, without the risk of exposing that information to interception by third parties. Such institutions include, for example, financial institutions offering credit or debit card services. [0002]
  • One such attempt to provide such a secure transmission channel is a secure payment technology such as Secure Electronic Transaction (hereinafter “SET”), jointly developed by the Visa and MasterCard card associations, and described in Visa and MasterCard's [0003] Secure Electronic Transaction (SET) Specification, Feb. 23, 1996, hereby incorporated by reference. Other such secure payment technologies include Secure Transaction Technology “STT”), Secure Electronic Payments Protocol (“SEPP”), Internet Keyed Payments (“iKP”), Net Trust, and Cybercash Credit Payment Protocol. One of ordinary skill in the art will readily comprehend that any of the secure payment technologies can be substituted for the SET protocol without undue experimentation. Such secure payment technologies require the customer to operate software that is compliant with the secure payment technology, interacting with third-party certification authorities, thereby allowing the customer to transmit encoded information to a merchant, some of which may be decoded by the merchant, and some which can be decoded only by a payment gateway specified by the customer. A drawback to the secure payment technology approach is that it requires deployment of special-purpose software compliant with the particular secure payment technology to the customer, thereby limiting user acceptance of the secure payment technology to those customers willing to install that software. Customers are generally reluctant to install such specialized software in the absence of a general acceptance of merchant software and payment gateway software that incorporate the corresponding secure payment technology with which to interact. Similarly, merchants and payment gateways are reluctant to implement a secure payment technology in the absence of an installed customer base that is available to use that secure payment technology. This presents a “chicken-and-the-egg” problem in that no particular component of a secure payment technology is likely to achieve general acceptance until the other components also achieve general acceptance.
  • Another such attempt to provide such a secure transmission channel is a general-purpose secure communication protocol such as Netscape, Inc.'s Secure Sockets Layer (hereinafter “SSL”), as described in Freier, Karlton & Kocher (hereinafter “Freier”), [0004] The SSL Protocol Version 3.0, March 1996, and hereby incorporated by reference. SSL provides a means for secure transmission between two computers. SSL has the advantage that it does not require special-purpose software to be installed on the customer's computer because it is already incorporated into widely available software that many people utilize as their standard Internet access medium, and does not require that the customer interact with any third-party certification authority. Instead, the support for SSL may be incorporated into software already in use by the customer, e.g., the Netscape Navigator World Wide Web browsing tool. However, although a computer on an SSL connection may initiate a second SSL connection to another computer, a drawback to the SSL approach is each SSL connection supports only a two-computer connection. Therefore, SSL does not provide a mechanism for transmitting encoded information to a merchant for retransmission to a payment gateway such that a subset of the information is readable to the payment gateway but not to the merchant. Although SSL allows for robustly secure two-party data transmission, it does not meet the ultimate need of the electronic commerce market for robustly secure three-party data transmission. Other examples of general-purpose secure communication protocols include Private Communications Technology (“PCT”) from Microsoft, Inc., Secure Hyper-Text Transport Protocol (“SHTTP”) from Theresa Systems, Shen, Kerberos, Photuris, Pretty Good Privacy (“PGP”) and Ipv6 which meets the IPSEC criteria. One of ordinary skill in the art will readily comprehend that any of the general-purpose secure communication protocols can be substituted for the SSL transmission protocol without undue experimentation.
  • OBJECTS OF THE INVENTION
  • It is desirable to provide a hybrid approach that encourages the deployment of a three-party secure channel such as SET by payment gateways in the absence of customer acceptance, thereby providing customers with an incentive to install SET-compliant software on their computer systems. It is further desirable to provide a means by which a merchant may communicate with a customer using a readily deployed secure channel such SSL or another general-purpose secure communication protocol, and communicate with a payment gateway using a modified SET-like protocol that is not dependent upon customer certification. [0005]
  • SUMMARY OF THE INVENTION
  • According to a broad aspect of a preferred embodiment of the invention, secure transmission of data is provided between a plurality of computer systems over a public communication system, such as the Internet. Secure transmission of data is provided from a customer computer system to a merchant computer system, and for the further secure transmission of data from the merchant computer system to a payment gateway computer system. The payment gateway system evaluates the information and returns authorization or denial of credit via a secure transmission to the merchant which is communicated to the customer by the merchant.[0006]
  • DESCRIPTION OF THE DRAWINGS
  • The foregoing and other objects, aspects and advantages are better understood from the following detailed description of a preferred embodiment of the invention with reference to the drawings, in which: [0007]
  • FIG. 1A is a block diagram of a representative hardware environment in accordance with a preferred embodiment; [0008]
  • FIG. 1B depicts an overview in accordance with a preferred embodiment; [0009]
  • FIG. 2 depicts a more detailed view of a customer computer system in communication with merchant system under the Secure Sockets Layer protocol in accordance with a preferred embodiment; [0010]
  • FIG. 3 depicts an overview of the method of securely supplying payment information to a payment gateway in order to obtain payment authorization in accordance with a preferred embodiment; [0011]
  • FIG. 4 depicts the detailed steps of generating and transmitting a payment authorization request in accordance with a preferred embodiment; [0012]
  • FIGS. 5A through 5F depict views of the payment authorization request and its component parts in accordance with a preferred embodiment; [0013]
  • FIGS. 6A and 6B depict the detailed steps of processing a payment authorization request and generating and transmitting a payment authorization request response in accordance with a preferred embodiment; [0014]
  • FIGS. 7A through 7J depict views of the payment authorization response and its component parts in accordance with a preferred embodiment; [0015]
  • FIG. 8 depicts the detailed steps of processing a payment authorization response in accordance with a preferred embodiment; [0016]
  • FIG. 9 depicts an overview of the method of securely supplying payment capture information to a payment gateway in accordance with a preferred embodiment; [0017]
  • FIG. 10 depicts the detailed steps of generating and transmitting a payment capture request in accordance with a preferred embodiment; [0018]
  • FIGS. 11A through 11F depict views of the payment capture request and its component parts in accordance with a preferred embodiment; [0019]
  • FIGS. 12A and 12B depict the detailed steps of processing a payment capture request and generating and transmitting a payment capture request response in accordance with a preferred embodiment; [0020]
  • FIGS. 13A through 13F depict views of the payment capture response and its component parts in accordance with a preferred embodiment; and [0021]
  • FIG. 14 depicts the detailed steps of processing a payment capture response in accordance with a preferred embodiment. [0022]
  • DETAILED DESCRIPTION
  • A preferred embodiment of a system in accordance with the present invention is preferably practiced in the context of a personal computer such as the IBM PS/2, Apple Macintosh computer or UNIX based workstation. A representative hardware environment is depicted in FIG. 1A, which illustrates a typical hardware configuration of a workstation in accordance with a preferred embodiment having a [0023] central processing unit 10, such as a microprocessor, and a number of other units interconnected via a system bus 12. The workstation shown in FIG. 1A includes a Random Access Memory (RAM) 14, Read Only Memory (ROM) 16, an I/O adapter 18 for connecting peripheral devices such as disk storage units 20 to the bus 12, a user interface adapter 22 for connecting a keyboard 24, a mouse 26, a speaker 28, a microphone 32, and/or other user interface devices such as a touch screen (not shown) to the bus 12, communication adapter 34 for connecting the workstation to a communication network (e.g., a data processing network) and a display adapter 36 for connecting the bus 12 to a display device 38. The workstation typically has resident thereon an operating system such as the Microsoft Windows Operating System (OS), the IBM OS/2 operating system, the MAC OS, or UNIX operating system. Those skilled in the art will appreciate that the present invention may also be implemented on platforms and operating systems other than those mentioned.
  • A preferred embodiment is written using JAVA, C, and the C++ language and utilizes object oriented programming methodology. Object oriented programming (OOP) has become increasingly used to develop complex applications. As OOP moves toward the mainstream of software design and development, various software solutions will need to be adapted to make use of the benefits of OOP. A need exists for these principles of OOP to be applied to a messaging interface of an electronic messaging system such that a set of OOP classes and objects for the messaging interface can be provided. [0024]
  • OOP is a process of developing computer software using objects, including the steps of analyzing the problem, designing the system, and constructing the program. An object is a software package that contains both data and a collection of related structures and procedures. Since it contains both data and a collection of structures and procedures, it can be visualized as a self-sufficient component that does not require other additional structures, procedures or data to perform its specific task. OOP, therefore, views a computer program as a collection of largely autonomous components, called objects, each of which is responsible for a specific task. This concept of packaging data, structures, and procedures together in one component or module is called encapsulation. [0025]
  • In general, OOP components are reusable software modules which present an interface that conforms to an object model and which are accessed at run-time through a component integration architecture. A component integration architecture is a set of architecture mechanisms which allow software modules in different process spaces to utilize each others capabilities or functions. This is generally done by assuming a common component object model on which to build the architecture. [0026]
  • It is worthwhile to differentiate between an object and a class of objects at this point. An object is a single instance of the class of objects, which is often just called a class. A class of objects can be viewed as a blueprint, from which many objects can be formed. [0027]
  • OOP allows the programmer to create an object that is a part of another object. For example, the object representing a piston engine is said to have a composition-relationship with the object representing a piston. In reality, a piston engine comprises a piston, valves and many other components; the fact that a piston is an element of a piston engine can be logically and semantically represented in OOP by two objects. [0028]
  • OOP also allows creation of an object that “depends from” another object. If there are two objects, one representing a piston engine and the other representing a piston engine wherein the piston is made of ceramic, then the relationship between the two objects is not that of composition. A ceramic piston engine does not make up a piston engine. Rather it is merely one kind of piston engine that has one more limitation than the piston engine; its piston is made of ceramic. In this case, the object representing the ceramic piston engine is called a derived object, and it inherits all of the aspects of the object representing the piston engine and adds further limitation or detail to it. The object representing the ceramic piston engine “depends from” the object representing the piston engine. The relationship between these objects is called inheritance. [0029]
  • When the object or class representing the ceramic piston engine inherits all of the aspects of the objects representing the piston engine, it inherits the thermal characteristics of a standard piston defined in the piston engine class. However, the ceramic piston engine object overrides these ceramic specific thermal characteristics, which are typically different from those associated with a metal piston. It skips over the original and uses new functions related to ceramic pistons. Different kinds of piston engines will have different characteristics, but may have the same underlying functions associated with it (e.g., how many pistons in the engine, ignition sequences, lubrication, etc.). To access each of these functions in any piston engine object, a programmer would call the same functions with the same names, but each type of piston engine may have different/overriding implementations of functions behind the same name. This ability to hide different implementations of a function behind the same name is called polymorphism and it greatly simplifies communication among objects. [0030]
  • With the concepts of composition-relationship, encapsulation, inheritance and polymorphism, an object can represent just about anything in the real world. In fact, our logical perception of the reality is the only limit on determining the kinds of things that can become objects in object-oriented software. Some typical categories are as follows: [0031]
  • Objects can represent physical objects, such as automobiles in a traffic-flow simulation, electrical components in a circuit-design program, countries in an economics model, or aircraft in an air-traffic-control system. [0032]
  • Objects can represent elements of the computer-user environment such as windows, menus or graphics objects. [0033]
  • An object can represent an inventory, such as a personnel file or a table of the latitudes and longitudes of cities. [0034]
  • An object can represent user-defined data types such as time, angles, and complex numbers, or points on the plane. [0035]
  • With this enormous capability of an object to represent just about any logically separable matters, OOP allows the software developer to design and implement a computer program that is a model of some aspects of reality, whether that reality is a physical entity, a process, a system, or a composition of matter. Since the object can represent anything, the software developer can create an object which can be used as a component in a larger software project in the future. [0036]
  • If 90% of a new OOP software program consists of proven, existing components made from preexisting reusable objects, then only the remaining 10% of the new software project has to be written and tested from scratch. Since 90% already came from an inventory of extensively tested reusable objects, the potential domain from which an error could originate is 10% of the program. As a result, OOP enables software developers to build objects out of other, previously built, objects. [0037]
  • This process closely resembles complex machinery being built out of assemblies and sub-assemblies. OOP technology, therefore, makes software engineering more like hardware engineering in that software is built from existing components, which are available to the developer as objects. All this adds up to an improved quality of the software as well as an increased speed of its development. [0038]
  • Programming languages are beginning to fully support the OOP principles, such as encapsulation, inheritance, polymorphism, and composition-relationship. With the advent of the C++ language, many commercial software developers have embraced OOP. C++ is an OOP language that offers a fast, machine-executable code. Furthermore, C++ is suitable for both commercial-application and systems-programming projects. For now, C++ appears to be the most popular choice among many OOP programmers, but there is a host of other OOP languages, such as Smalltalk, common lisp object system (CLOS), and Eiffel. Additionally, OOP capabilities are being added to more traditional popular computer programming languages such as Pascal. [0039]
  • The benefits of object classes can be summarized, as follows: [0040]
  • Objects and their corresponding classes break down complex programming problems into many smaller, simpler problems. [0041]
  • Encapsulation enforces data abstraction through the organization of data into small, independent objects that can communicate with each other. Encapsulation protects the data in an object from accidental damage, but allows other objects to interact with that data by calling the object's member functions and structures. [0042]
  • Subclassing and inheritance make it possible to extend and modify objects through deriving new kinds of objects from the standard classes available in the system. Thus, new capabilities are created without having to start from scratch. [0043]
  • Polymorphism and multiple inheritance make it possible for different programmers to mix and match characteristics of many different classes and create specialized objects that can still work with related objects in predictable ways. [0044]
  • Class hierarchies and containment hierarchies provide a flexible mechanism for modeling real-world objects and the relationships among them. [0045]
  • Libraries of reusable classes are useful in many situations, but they also have some limitations. For example: [0046]
  • Complexity. In a complex system, the class hierarchies for related classes can become extremely confusing, with many dozens or even hundreds of classes. [0047]
  • Flow of control. A program written with the aid of class libraries is still responsible for the flow of control (i.e., it must control the interactions among all the objects created from a particular library). The programmer has to decide which functions to call at what times for which kinds of objects. [0048]
  • Duplication of effort. Although class libraries allow programmers to use and reuse many small pieces of code, each programmer puts those pieces together in a different way. Two different programmers can use the same set of class libraries to write two programs that do exactly the same thing but whose internal structure (i.e., design) may be quite different, depending on hundreds of small decisions each programmer makes along the way. Inevitably, similar pieces of code end up doing similar things in slightly different ways and do not work as well together as they should. [0049]
  • Class libraries are very flexible. As programs grow more complex, more programmers are forced to reinvent basic solutions to basic problems over and over again. A relatively new extension of the class library concept is to have a framework of class libraries. This framework is more complex and consists of significant collections of collaborating classes that capture both the small scale patterns and major mechanisms that implement the common requirements and design in a specific application domain. They were first developed to free application programmers from the chores involved in displaying menus, windows, dialog boxes, and other standard user interface elements for personal computers. [0050]
  • Frameworks also represent a change in the way programmers think about the interaction between the code they write and code written by others. In the early days of procedural programming, the programmer called libraries provided by the operating system to perform certain tasks, but basically the program executed down the page from start to finish, and the programmer was solely responsible for the flow of control. This was appropriate for printing out paychecks, calculating a mathematical table, or solving other problems with a program that executed in just one way. [0051]
  • The development of graphical user interfaces began to turn this procedural programming arrangement inside out. These interfaces allow the user, rather than program logic, to drive the program and decide when certain actions should be performed. Today, most personal computer software accomplishes this by means of an event loop which monitors the mouse, keyboard, and other sources of external events and calls the appropriate parts of the programmer's code according to actions that the user performs. The programmer no longer determines the order in which events occur. Instead, a program is divided into separate pieces that are called at unpredictable times and in an unpredictable order. By relinquishing control in this way to users, the developer creates a program that is much easier to use. Nevertheless, individual pieces of the program written by the developer still call libraries provided by the operating system to accomplish certain tasks, and the programmer must still determine the flow of control within each piece after it's called by the event loop. Application code still “sits on top of” the system. [0052]
  • Even event loop programs require programmers to write a lot of code that should not need to be written separately for every application. The concept of an application framework carries the event loop concept further. Instead of dealing with all the nuts and bolts of constructing basic menus, windows, and dialog boxes and then making these things all work together, programmers using application frameworks start with working application code and basic user interface elements in place. Subsequently, they build from there by replacing some of the generic capabilities of the framework with the specific capabilities of the intended application. [0053]
  • Application frameworks reduce the total amount of code that a programmer has to write from scratch. However, because the framework is really a generic application that displays windows, supports copy and paste, and so on, the programmer can also relinquish control to a greater degree than event loop programs permit. The framework code takes care of almost all event handling and flow of control, and the programmer's code is called only when the framework needs it (e.g., to create or manipulate a proprietary data structure). [0054]
  • A programmer writing a framework program not only relinquishes control to the user (as is also true for event loop programs), but also relinquishes the detailed flow of control within the program to the framework. This approach allows the creation of more complex systems that work together in interesting ways, as opposed to isolated programs, having custom code, being created over and over again for similar problems. [0055]
  • Thus, as is explained above, a framework basically is a collection of cooperating classes that make up a reusable design solution for a given problem domain. It typically includes objects that provide default behavior (e.g., for menus and windows), and programmers use it by inheriting some of that default behavior and overriding other behavior so that the framework calls application code at the appropriate times. [0056]
  • There are three main differences between frameworks and class libraries: [0057]
  • Behavior versus protocol. Class libraries are essentially collections of behaviors that you can call when you want those individual behaviors in your program. A framework, on the other hand, provides not only behavior but also the protocol or set of rules that govern the ways in which behaviors can be combined, including rules for what a programmer is supposed to provide versus what the framework provides. [0058]
  • Call versus override. With a class library, the code the programmer instantiates objects and calls their member functions. It's possible to instantiate and call objects in the same way with a framework (i.e., to treat the framework as a class library), but to take full advantage of a framework's reusable design, a programmer typically writes code that overrides and is called by the framework. The framework manages the flow of control among its objects. Writing a program involves dividing responsibilities among the various pieces of software that are called by the framework rather than specifying how the different pieces should work together. [0059]
  • Implementation versus design. With class libraries, programmers reuse only implementations, whereas with frameworks, they reuse design. A framework embodies the way a family of related programs or pieces of software work. It represents a generic design solution that can be adapted to a variety of specific problems in a given domain. For example, a single framework can embody the way a user interface works, even though two different user interfaces created with the same framework might solve quite different interface problems. [0060]
  • Thus, through the development of frameworks for solutions to various problems and programming tasks, significant reductions in the design and development effort for software can be achieved. A preferred embodiment of the invention utilizes HyperText Markup Language (HTML) to implement documents on the Internet together with a general-purpose secure communication protocol for a transport medium between the client and the merchant. HTML is a simple data format used to create hypertext documents that are portable from one platform to another. HTML documents are SGML documents with generic semantics that are appropriate for representing information from a wide range of domains. HTML has been in use by the World-Wide Web global information initiative since 1990. HTML is an application of ISO Standard 8879:1986 Information Processing Text and Office Systems; Standard Generalized Markup Language (SGML). [0061]
  • To date, Web development tools have been limited in their ability to create dynamic Web applications which span from client to server and interoperate with existing computing resources. Until recently, HTML has been the dominant technology used in development of Web-based solutions. However, HTML has proven to be inadequate in the following areas: [0062]
  • Poor performance; [0063]
  • Restricted user interface capabilities; [0064]
  • Can only produce static Web pages; [0065]
  • Lack of interoperability with existing applications and data; and [0066]
  • Inability to scale. [0067]
  • Sun Microsystem's Java language solves many of the client-side problems by: [0068]
  • Improving performance on the client side; [0069]
  • Enabling the creation of dynamic, real-time Web applications; and [0070]
  • Providing the ability to create a wide variety of user interface components. [0071]
  • With Java, developers can create robust User Interface (UI) components. Custom “widgets” (e.g. real-time stock tickers, animated icons, etc.) can be created, and client-side performance is improved. Unlike HTML, Java supports the notion of client-side validation, offloading appropriate processing onto the client for improved performance. Dynamic, real-time Web pages can be created. Using the above-mentioned custom UI components, dynamic Web pages can also be created. Sun's Java language has emerged as an industry-recognized language for “programming the Internet.” Sun defines Java as: “a simple, object-oriented, distributed, interpreted, robust, secure, architecture-neutral, portable, high-performance, multithreaded, dynamic, buzzword-compliant, general-purpose programming language. Java supports programming for the Internet in the form of platform-independent Java applets.” Java applets are small, specialized applications that comply with Sun's Java Application Programming Interface (API) allowing developers to add “interactive content” to Web documents (e.g. simple animations, page adornments, basic games, etc.). Applets execute within a Java-compatible browser (e.g. Netscape Navigator) by copying code from the server to client. From a language standpoint, Java's core feature set is based on C++. Sun's Java literature states that Java is basically “C++, with extensions from Objective C for more dynamic method resolution”. [0072]
  • Another technology that provides similar function to JAVA is provided by Microsoft and ActiveX Technologies, to give developers and Web designers wherewithal to build dynamic content for the Internet and personal computers. ActiveX includes tools for developing animation, 3-D virtual reality, video and other multimedia content. The tools use Internet standards, work on multiple platforms, and are being supported by over 100 companies. The group's building blocks are called ActiveX Controls, small, fast components that enable developers to embed parts of software in hypertext markup language (HTML) pages. ActiveX Controls work with a variety of programming languages including Microsoft Visual C++, Borland Delphi, Microsoft Visual Basic programming system and, in the future, Microsoft's development tool for Java, code named “Jakarta.” ActiveX Technologies also includes ActiveX Server Framework, allowing developers to create server applications. One of ordinary skill in the art will readily recognize that ActiveX could be substituted for JAVA without undue experimentation to practice the invention. [0073]
  • FIG. 1B depicts an overview of the present invention. [0074] Customer computer system 120 is in communication with merchant computer system 130. The customer-merchant session 150 operates under a general-purpose secure communication protocol such as the SSL protocol. Merchant computer system 130 is additionally in communication with payment gateway computer system 140. A payment gateway is a system that provides electronic commerce services in support of a bank or other financial institution, and that interfaces to the financial institution to support the authorization and capture of transactions. The customer-institution session 170 operates under a variant of a secure payment technology such as the SET protocol, as described herein, referred to as Merchant-Originated Secure Electronic Transactions (“MOSET”), as is more fully described herein.
  • Customer-to-Merchant Communication [0075]
  • FIG. 2 depicts a more detailed view of [0076] customer computer system 120 in communication with merchant system 130 using customer-merchant session 150 operating under the SSL protocol as documented in Freier and incorporated by reference.
  • [0077] Customer computer system 120 initiates communication with merchant computer system 130 using any well-known access protocol, e.g., Transmission Control Protocol/Internet Protocol (“TCP/IP”). In this implementation, customer computer system 120 acts as a client and merchant computer system 130 acts as a server. Customer computer system 120 initiates communication by sending “client hello” message 210 to the merchant computer system 130. When a client first connects to a server it is required to send the client hello message 210 as its first message. The client can also send a client hello message 210 in response to a hello request on its own initiative in order to renegotiate the security parameters in an existing connection. The client hello message includes a random structure, which is used later in the protocol. Specifically, the random structure includes the current time and date in standard UNIX 32-bit format according to the sender's internal clock and twenty-eight bytes of data generated by a secure random number generator. The client hello message 210 further includes a variable length session identifier. If not empty, the session identifier value identifies a session between the same client and server whose security parameters the client wishes to reuse. The session identifier may be from an earlier connection, the current connection, or another currently active connection. It is useful to specify the current connection if the client only wishes to update the random structures and derived values of a connection. It is useful to specify another currently active connection if the client wishes to establish several simultaneous independent secure connections to the same server without repeating the full handshake protocol. Client hello message 210 further includes an indicator of the cryptographic algorithms supported by the client in order of the client's preference, ordered according to client preference.
  • In response to [0078] client hello message 210, if merchant computer system 130 wishes to correspond with customer computer system 120, it responds with server hello message 215. If merchant computer system 130 does not wish to communicate with customer computer system 120, it responds with a message, not shown, indicating refusal to communicate.
  • [0079] Server hello message 215 includes a random structure, which is used later in the protocol. The random structure in server hello message 215 is in the same format as, but has contents independent of, the random structure in client hello message 210. Specifically, the random structure includes the current time and date in standard UNIX 32-bit format according to the sender's internal clock and twenty-eight bytes of data generated by a secure random number generator. Server hello message 215 further includes a variable length session identifier. The session identifier value identifies a new or existing session between the same client and server. Server hello message 215 further includes an indicator of the cryptographic algorithms selected from among the algorithms specified by client hello message 210, which will be used in further encrypted communications.
  • Optionally, [0080] Merchant computer system 130 transmits a server certificate 220. If transmitted, server certificate 130 enables customer computer system 120 to authenticate the identity of merchant computer system 130.
  • If [0081] merchant computer system 130 does not transmit a server certificate 220, or if server certificate 220 is suitable only for authentication, it may optionally transmit a server key exchange message 225. Server key exchange message 225 identifies a key that may be used by customer computer system 120 to decrypt further messages sent by merchant computer system 130.
  • After transmitting [0082] server hello message 215, and optionally transmitting server certificate 220 or server key exchange message 225, merchant computer system 130 transmits a server hello done message 230 and waits for a further response from customer computer system 120.
  • [0083] Customer computer system 120 optionally transmits client certificate 240 to merchant computer system 130. If transmitted, client certificate 240 enables merchant computer system 130 to authenticate the identity of customer computer system 120. Alternatively, customer computer system 120 may transmit a no-client-certificate alert 245, to indicate that the customer has not registered with any certification authority.
  • If [0084] customer computer system 130 does not transmit a client certificate 240, or if client certificate 240 is suitable only for authentication, customer computer system 130 may optionally transmit a client key exchange message 250. Client key exchange message 250 identifies a key that may be used by merchant computer system 130 to decrypt further messages sent by customer computer system 120.
  • After optionally transmitting [0085] client certificate 240, no-client-certificate alert 245, and/or client key exchange message 250, customer computer system 120 transmits a finished message 260.
  • At this point, [0086] customer computer system 120 and merchant computer system 130 have:
  • 1) negotiated an encryption scheme that may be commonly employed in further communications, and [0087]
  • 2) have communicated to each other a set of encryption keys that may be used to decrypt further communications between the two computer systems. [0088]
  • [0089] Customer computer system 120 and merchant computer system 130 may thereafter engage in secure communications 270 with less risk of interception by third parties.
  • Among the messages communicated by [0090] customer computer system 120 to merchant computer system 130 may be messages that specify goods or services to be ordered and payment information, such as a credit card number and related information, collectively referred to as “payment information,” that may be used to pay for the goods and/or services ordered. In order to obtain payment, the merchant must supply this information to the bank or other payment gateway responsible for the proffered payment method. This enables the merchant to perform payment authorization and payment capture. Payment authorization is the process by which permission is granted by a payment gateway operating on behalf of a financial institution to authorize payment on behalf of the financial institution. This is a process that assesses transaction risk, confirms that a given transaction does not raise the account holder's debt above the account's credit limit, and reserves the specified amount of credit. Payment capture is the process that triggers the movement of funds from the financial institution to the merchant's account.
  • Payment Authorization [0091]
  • FIG. 3 depicts an overview of the method of securely supplying payment information to a payment gateway in order to obtain payment authorization. In [0092] function block 310, merchant computer system 130 generates a payment authorization request 315 and transmits it to payment gateway computer system 140. In function block 330, payment gateway system 140 processes the payment authorization request, generates a payment authorization response 325 and transmits it to merchant computer system 130. In function block 320, merchant computer system 130 processes payment authorization response 325 and determines whether payment for the goods or services sought to be obtained by the customer has been authorized.
  • Payment Authorization Request Generation [0093]
  • FIG. 4 depicts the detailed steps of generating and transmitting a payment authorization request. FIGS. 5A through 5F depict views of the payment authorization request and its component parts. In [0094] function block 410, merchant computer system 130 creates a basic authorization request 510. The basic authorization request is a data area that includes all the information for determining whether a request should be granted or denied. Specifically, it includes such information as the party who is being charged, the amount to be charged, the account number of the account to be charged, and any additional data, such as passwords, needed to validate the charge.
  • This information is either calculated based upon prior customer merchandise selection, or provided by the customer over the secure link [0095] 270 established in the customer-merchant general-purpose secure communication protocol session. FIG. 5A depicts a basic authorization request 510.
  • In [0096] function block 420, merchant computer system 130 combines basic authorization request 510, a copy of its encryption public key certificate 515 and a copy of its signature public key certificate 520. Merchant computer system 130 calculates a digital signature 525 for the combined contents of the combined block 530 comprising basic authorization request 510, the encryption public key certificate 515 and the signature public key certificate 520, and appends it to the combination of the combined basic authorization request 510, the encryption public key certificate 515 and the signature public key certificate 520. The merchant computer system calculates digital signature 525 by first calculating a “message digest” based upon the contents of the combined basic authorization request 510, the encryption public key certificate 515 and the signature public key certificate 520. A message digest is the fixed-length result that is generated when a variable length message is fed into a one-way hashing function. Message digests help verify that a message has not been altered because altering the message would change the digest. The message digest is then encrypted using the merchant computer system's 130 digital signature private key, thus forming a digital signature.
  • FIG. 5B depicts the combined [0097] block 530 formed by function block 420 and containing basic authorization request 510, the encryption public key certificate 515, the signature public key certificate 520, and digital signature 525.
  • In [0098] function block 430, merchant computer system 130 generates a random encryption key RK-0 540, denoted as RK-0. Random encryption key RK-0 540 is a symmetric encryption key. A symmetric encryption key is a key characterized by the property that a message encrypted with a symmetric key can be decrypted with that same key. This is contrasted with an asymmetric key pair, such as a public-key/private-key key pair, where a message encrypted with one key of the key pair may only be decrypted with the other key of the same key pair. FIG. 5C depicts random encryption key RK-0 540.
  • In [0099] function block 440, merchant computer system 130 encrypts combined block 530 using random encryption key RK-0 540 to form encrypted combined block 550. FIG. 5D depicts encrypted combined block 550. The encryption state of encrypted combined block 550 is graphically shown by random key lock 555, which indicates that encrypted combined block 550 is encrypted using random key RK-0 540.
  • In [0100] function block 450, merchant computer system 130 encrypts random encryption key RK-0 540 using the public key of payment gateway system 140 to form encrypted random key 560. FIG. 5E depicts encrypted random key 560. The encryption state of encrypted random key 560 is graphically shown by payment gateway public key lock 565, which indicates that encrypted random key 560 is encrypted using the payment gateway public key.
  • In [0101] function block 460, merchant computer system 130 concatenates encrypted combined block 550 and encrypted random key 560 to form merchant authorization request 315. FIG. 5F depicts merchant authorization request 315 comprising encrypted combined block 550 and encrypted random key 560. In function block 470, merchant computer system 130 transmits merchant authorization request 315 to payment gateway system 140.
  • Payment Authorization Request Processing [0102]
  • FIG. 6 depicts the detailed steps of processing a payment authorization request and generating and transmitting a payment authorization request response. Function blocks [0103] 610 through 630 depict the steps of processing a payment authorization request, while function blocks 635 through 685 depict the steps of generating and transmitting a payment authorization request response.
  • In [0104] function block 610, payment gateway computer system 140 applies its private key to encrypted random key 560 contained within received merchant authorization request 315, thereby decrypting it and obtaining a cleartext version of random key RK-0 540. In function block 615, payment gateway computer system 140 applies random key RK-0 540 to encrypted combined block 550, thereby decrypting it and obtaining a cleartext version of combined block 530. It will be recalled that combined block 530 comprises basic authorization request 510, a copy of merchant computer system's 130 encryption public key certificate 515 and a copy of merchant computer system's 130 signature public key certificate 520, as well as merchant digital signature 525.
  • In [0105] function block 620, payment gateway computer system 140 verifies merchant computer system's 130 encryption public key certificate 515 and merchant computer system's 130 signature public key certificate 520. Payment gateway computer system 140 performs this verification by making a call to the certification authorities associated with each certificate. If verification of either certificate fails, payment gateway computer system 140 rejects the authorization request.
  • In [0106] function block 625, payment gateway computer system 140 validates merchant digital signature 525. Payment gateway computer system 140 performs this validation by calculating a message digest over the contents of the combined basic authorization request 510, the encryption public key certificate 515 and the signature public key certificate 520. Payment gateway computer system 140 then decrypts digital signature 525 to obtain a copy of the equivalent message digest calculated by merchant computer system 130 in function block 420. If the two message digests are equal, the digital signature 525 is validated. If validation fails, payment gateway computer system 140 rejects the authorization request.
  • In [0107] function block 630, payment gateway computer system 140 determines the financial institution for which authorization is required by inspection of basic authorization request 510. Payment gateway computer system 140 contacts the appropriate financial institution using a secure means, e.g, a direct-dial modem-to-modem connection, or a proprietary internal network that is not accessible to third parties, and using prior art means, obtains a response indicating whether the requested payment is authorized.
  • Payment Authorization Response Generation [0108]
  • Function blocks [0109] 635 through 685 depict the steps of generating and transmitting a payment authorization request response. FIGS. 7A through 7J depict views of the payment authorization response and its component parts.
  • In [0110] function block 635, payment gateway computer system 140 creates a basic authorization response 710. The basic authorization request is a data area that includes all the information to determine whether a request was granted or denied. FIG. 7A depicts basic authorization response 710.
  • In [0111] function block 640, payment gateway computer system 140 combines basic authorization response 710, and a copy of its signature public key certificate 720. Payment computer system 140 calculates a digital signature 725 for the combined contents of the combined block 730 comprising basic authorization response 710 and the signature public key certificate 720, and appends the signature to the combination of the combined basic authorization response 710 and the signature public key certificate 720. The payment gateway computer system calculates digital signature 725 by first calculating a message digest based on the contents of the combined basic authorization response 710 and signature public key certificate 720. The message digest is then encrypted using the merchant computer system's 140 digital signature private key, thus forming a digital signature.
  • FIG. 7B depicts the combined [0112] block 730 formed in function block 640 and containing basic authorization response 710, the signature public key certificate 720, and digital signature 725.
  • In [0113] function block 645, payment gateway computer system 150 generates a first symmetric random encryption key 740, denoted as RK-1. FIG. 7C depicts first random encryption key RK-1 740.
  • In [0114] function block 650, payment gateway computer system 140 encrypts combined block 730 using random encryption key RK-1 740 to form encrypted combined block 750. FIG. 7D depicts encrypted combined block 750. The encryption state of encrypted combined block 750 is graphically shown by random key lock 755, which indicates that encrypted combined block 750 is encrypted using random key RK-1 740.
  • In [0115] function block 655, payment gateway computer system 140 encrypts random encryption key RK-1 740 using the public key of merchant computer system 130 to form encrypted random key RK 760. FIG. 7E depicts encrypted random key RK-1 760. The encryption state of encrypted random key 760 is graphically shown by merchant public key lock 765, which indicates that encrypted random key 760 is encrypted using the merchant public key.
  • In [0116] function block 660, payment gateway computer system 140 generates a random capture token 770. Random capture token 770 will be used in subsequent payment capture processing to associate the payment capture request with the payment authorization request being processed. FIG. 7F depicts capture token 775.
  • In [0117] function block 665, payment gateway computer system 140 generates a second symmetric random encryption key 775, denoted as RK-2. FIG. 7G depicts second random encryption key RK-2 775.
  • In [0118] function block 670, payment gateway computer system 140 encrypts capture token 770 using random encryption key RK-2 770 to form encrypted capture token 780. FIG. 7H depicts encrypted capture token 780. The encryption state of encrypted capture token 780 is graphically shown by random key lock 785, which indicates that encrypted capture token 780 is encrypted using random key RK-2 770.
  • In [0119] function block 675, payment gateway computer system 140 encrypts second random encryption key RK-2 775 using its own public key to form encrypted random key RK-2 790. FIG. 71 depicts encrypted random key RK-2 790. The encryption state of encrypted random key 790 is graphically shown by payment gateway public key lock 795, which indicates that encrypted random key 790 is encrypted using the payment gateway public key.
  • In [0120] function block 680, payment gateway computer system 140 concatenates encrypted combined block 750, encrypted random key RK-1 760, encrypted capture token 780 and encrypted random key RK-2 790 to form merchant authorization response 325. FIG. 7J depicts merchant authorization response 325 comprising encrypted combined block 750, encrypted random key RK-1 760, encrypted capture token 780 and encrypted random key RK2 790. In function block 685, payment gateway computer system 140 transmits merchant authorization response 325 to merchant system 130.
  • Payment Authorization Response Processing [0121]
  • FIG. 8 depicts the detailed steps of processing a payment authorization response. In [0122] function block 810, merchant computer system 130 applies its private key to encrypted random key RK-1 760 contained within received merchant authorization response 325, thereby decrypting it and obtaining a cleartext version of random key RK-1 740.
  • In [0123] function block 820, merchant computer system 130 applies random key RK-1 740 to encrypted combined block 750, thereby decrypting it and obtaining a cleartext version of combined block 730. It will be recalled that combined block 730 comprises basic authorization response 710, a copy of payment gateway computer system's 140 signature public key certificate 720, as well as payment gateway digital signature 725.
  • In [0124] function block 830, merchant computer system 130 verifies payment gateway computer system's 140 signature public key certificate 720. Merchant computer system 130 performs this verification by making a call to the certification authority associated with the certificate. If verification of the certificate fails, merchant computer system 130 concludes that the authorization response is counterfeit and treats it though the authorization request had been rejected.
  • In [0125] function block 840, merchant computer system 130 validates payment gateway digital signature 725. Merchant computer system 130 performs this validation by calculating a message digest over the contents of the combined basic authorization request 710 and the signature public key certificate 720. Merchant computer system 130 then decrypts digital signature 725 to obtain a copy of the equivalent message digest calculated by payment gateway computer system 140 in function block 640. If the two message digests are equal, the digital signature 725 is validated. If validation fails, concludes that the authorization response is counterfeit and treats it though the authorization request had been rejected.
  • In [0126] function block 850, merchant computer system 130 stores encrypted capture token 780 and encrypted random key RK-2 790 for later use in payment capture. In function block 860, merchant computer system 130 processes the customer purchase request in accordance with the authorization response 710. If the authorization response indicates that payment in authorized, merchant computer system 130 fills the requested order. If the authorization response indicates that payment is not authorized, or if merchant computer system 130 determined in function block 830 or 840 that the authorization response is counterfeit, merchant computer system 130 indicates to the customer that the order cannot be filled.
  • Payment Capture [0127]
  • FIG. 9 depicts an overview of the method of securely supplying payment capture information to [0128] payment gateway 140 in order to obtain payment capture. In function block 910, merchant computer system 130 generates a merchant payment capture request 915 and transmits it to payment gateway computer system 140. In function block 930, payment gateway system 140 processes the payment capture request 915, generates a payment capture response 925 and transmits it to merchant computer system 130. In function block 920, merchant computer system 130 processes payment capture response 925 and verifies that payment for the goods or services sought to be obtained by the customer have been captured.
  • Payment Capture Request Generation [0129]
  • FIG. 10 depicts the detailed steps of generating and transmitting a payment capture request. FIGS. 11A through 11F depict views of the payment capture request and its component parts. In [0130] function block 1010, merchant computer system 130 creates a basic capture request 510. The basic capture request is a data area that includes all the information needed by payment gateway computer system 140 to trigger a transfer of funds to the merchant operating merchant computer system 130.
  • Specifically, a capture request includes a capture request amount, a capture token, a date, summary information of the purchased items and a Merchant ID (MID) for the particular merchant. FIG. 11A depicts [0131] basic authorization request 1110.
  • In [0132] function block 1020, merchant computer system 130 combines basic capture request 1110, a copy of its encryption public key certificate 1115 and a copy of its signature public key certificate 1120. Merchant computer system 130 calculates a digital signature 1125 for the combined contents of the combined block 1130 comprising basic capture request 1110, the encryption public key certificate 1115 and the signature public key certificate 1120, and appends it to the combination of the combined basic capture request 1110, the encryption public key certificate 1115 and the signature public key certificate 1120. The merchant computer system calculates digital signature 1125 by first calculating a message digest over the contents of the combined basic capture request 1110, the encryption public key certificate 1115 and the signature public key certificate 1120. The message digest is then encrypted using the merchant computer system's 130 digital signature private key, thus forming a digital signature.
  • FIG. 11B depicts the combined [0133] block 1130 formed by function block 1020 and containing basic capture request 1110, the encryption public key certificate 1115, the signature public key certificate 1120, and digital signature 1125.
  • In [0134] function block 1030, merchant computer system 130 generates a random encryption key 1140, denoted as RK-3. Random encryption key RK-3 1140 is a symmetric encryption key. FIG. 11C depicts random encryption key RK-3 1140.
  • In [0135] function block 1040, merchant computer system 130 encrypts combined block 1130 using random encryption key RK-3 1140 to form encrypted combined block 1150. FIG. 11D depicts encrypted combined block 1150. The encryption state of encrypted combined block 1150 is graphically shown by random key lock 1155, which indicates that encrypted combined block 1150 is encrypted using random key RK-3 1140.
  • In [0136] function block 1050, merchant computer system 130 encrypts random encryption key RK-3 1140 using the public key of payment gateway system 140 to form encrypted random key 1160. FIG. 11E depicts encrypted random key 1160. The encryption state of encrypted random key 1160 is graphically shown by payment gateway public key lock 1165, which indicates that encrypted random key RK-3 1160 is encrypted using the payment gateway public key.
  • In [0137] function block 1060, merchant computer system 130 concatenates encrypted combined block 1150, encrypted random key 1160, and the encrypted capture token 780 and encrypted random key RK-2 790 that were stored in function block 850 to form merchant capture request 915. FIG. 11F depicts merchant capture request 915, comprising encrypted combined block 1150, encrypted random key 1160, encrypted capture token 780 and encrypted random key RK-2 790. In function block 1070, merchant computer system 130 transmits merchant capture request 915 to payment gateway system 140.
  • Payment Capture Request Processing [0138]
  • FIG. 12 depicts the detailed steps of processing a payment capture request and generating and transmitting a payment capture request response. Function blocks [0139] 1210 through 1245 depict the steps of processing a payment capture request, while function blocks 1250 through 1285 depict the steps of generating and transmitting a payment capture request response.
  • In [0140] function block 1210, payment gateway computer system 140 applies its private key to encrypted random key 1160 contained within received merchant capture request 915, thereby decrypting it and obtaining a cleartext version of random key RK-3 1140. In function block 1215, payment gateway computer system 140 applies random key RK-3 1140 to encrypted combined block 1150, thereby decrypting it and obtaining a cleartext version of combined block 1130. It will be recalled that combined block 1130 comprises basic capture request 1110, a copy of merchant computer system's 130 encryption public key certificate 1115 and a copy of merchant computer system's 130 signature public key certificate 1120, as well as merchant digital signature 1125.
  • In [0141] function block 1220, payment gateway computer system 140 verifies merchant computer system's 130 encryption public key certificate 1115 and merchant computer system's 130 signature public key certificate 1120.
  • Payment [0142] gateway computer system 140 performs this verification by making a call to the certification authorities associated with each certificate. If verification of either certificate fails, payment gateway computer system 140 rejects the capture request.
  • In [0143] function block 1225, payment gateway computer system 140 validates merchant digital signature 1125. Payment gateway computer system 140 performs this validation by calculating a message digest over the contents of the combined basic capture request 1110, the encryption public key certificate 1115 and the signature public key certificate 1120. Payment gateway computer system 140 then decrypts digital signature 1125 to obtain a copy of the equivalent message digest calculated by merchant computer system 130 in function block 1020. If the two message digests are equal, the digital signature 1125 is validated. If validation fails, payment gateway computer system 140 rejects the capture request.
  • In [0144] function block 1230, payment gateway computer system 140 applies its private key to encrypted random key RK-2 790 contained within received merchant capture request 915, thereby decrypting it and obtaining a cleartext version of random key RK-2 775. In function block 1235, payment gateway computer system 140 applies random key RK-2 775 to encrypted capture token 780, thereby decrypting it and obtaining a cleartext version of capture token 770.
  • In [0145] function block 1240, payment gateway computer system 140 verifies that a proper transaction is being transmitted between capture token 780 and capture request 1110. A capture token contains data that the gateway generates at the time of authorization. When the authorization is approved, the encrypted capture token is given to the merchant for storage. At the time of capture, the merchant returns the capture token to the gateway along with other information required for capture. Upon receipt of the capture token, the gateway compares a message made of the capture request data and the capture token data and transmits this information over a traditional credit/debit network. If an improperly formatted transaction is detected, payment gateway computer system 140 rejects the capture request.
  • In [0146] function block 1245, payment gateway computer system 140 determines the financial institution for which capture is requested by inspection of basic capture request 1110. Payment gateway computer system 140 contacts the appropriate financial institution using a secure means, e.g, a direct-dial modem-to-modem connection, or a proprietary internal network that is not accessible to third parties, and using prior art means, instructs a computer at the financial institution to perform the requested funds transfer.
  • Payment Capture Response Generation [0147]
  • Function blocks [0148] 1250 through 1285 depict the steps of generating and transmitting a payment capture request response. FIGS. 13A through 13F depict views of the payment capture response and its component parts.
  • In [0149] function block 1250, payment gateway computer system 140 creates a basic capture response 710. The basic capture request is a data area that includes all the information to indicate whether a capture request was granted or denied. FIG. 13A depicts basic authorization request 1310.
  • In [0150] function block 1255, payment gateway computer system 140 combines basic capture response 1310, and a copy of its signature public key certificate 1320. Payment computer system 140 calculates a digital signature 1325 for the combined contents of the combined block 1330 comprising basic capture response 1310 and the signature public key certificate 1320, and appends the signature to the combination of the combined basic authorization request 1310 and the signature public key certificate 1320. The payment gateway computer system calculates digital signature 1325 by first calculating a message digest over the contents of the combined basic capture response 1310 and signature public key certificate 720. The message digest is then encrypted using the merchant computer system's 140 digital signature private key, thus forming a digital signature.
  • FIG. 13B depicts the combined [0151] block 1330 formed by function block 1255 and containing basic capture request 1310, the signature public key certificate 1320, and digital signature 1325.
  • In [0152] function block 1260, payment gateway computer system 140 generates a symmetric random encryption key 1340, denoted as RK-4. FIG. 13C depicts random encryption key RK-4 1340.
  • In [0153] function block 1275, payment gateway computer system 140 encrypts combined block 1330 using random encryption key RK-4 1340 to form encrypted combined block 1350. FIG. 13D depicts encrypted combined block 1350. The encryption state of encrypted combined block 1350 is graphically shown by random key lock 1355, which indicates that encrypted combined block 1350 is encrypted using random key RK-4 1340.
  • In [0154] function block 1275, payment gateway computer system 140 encrypts random encryption key RK-4 1340 using the public key of merchant computer system 130 to form encrypted random key RK-4 1360. FIG. 13E depicts encrypted random key RK-4 1360. The encryption state of encrypted random key 1360 is graphically shown by merchant public key lock 1365, which indicates that encrypted random key 1360 is encrypted using the merchant public key.
  • In [0155] function block 1280, payment gateway computer system 140 concatenates encrypted combined block 1350 and encrypted random key RK-4 1360 to form merchant capture response 925. FIG. 13F depicts merchant capture response 925 comprising encrypted combined block 1350 and encrypted random key RK-4 1360. In function block 1285, payment gateway computer system 140 transmits merchant capture response 925 to merchant system 130.
  • Payment Capture Response Processing [0156]
  • FIG. 14 depicts the detailed steps of processing a payment capture response. In [0157] function block 1410, merchant computer system 130 applies its private key to encrypted random key RK-4 1360 contained within received merchant capture response 925, thereby decrypting it and obtaining a cleartext version of random key RK-4 1340.
  • In [0158] function block 1420, merchant computer system 130 applies random key RK-4 1340 to encrypted combined block 1350, thereby decrypting it and obtaining a cleartext version of combined block 1330. It will be recalled that combined block 1330 comprises basic capture response 1310, a copy of payment gateway computer system's 140 signature public key certificate 1320, as well as payment gateway digital signature 1325.
  • In [0159] function block 1430, merchant computer system 130 verifies payment gateway computer system's 140 signature public key certificate 1320. Merchant computer system 130 performs this verification by making a call to the certification authority associated with the certificate. If verification of the certificate fails, merchant computer system 130 concludes that the capture response is counterfeit and raises an error condition.
  • In [0160] function block 1440, merchant computer system 130 validates payment gateway digital signature 1325. Merchant computer system 130 performs this validation by calculating a message digest over the contents of the combined basic authorization request 1310 and the signature public key certificate 1320. Merchant computer system 130 then decrypts digital signature 1325 to obtain a copy of the equivalent message digest calculated by payment gateway computer system 140 in function block 1255. If the two message digests are equal, the digital signature 1325 is validated. If validation fails, merchant computer system 130 concludes that the authorization response is counterfeit and raises an error condition.
  • In [0161] function block 1450, merchant computer system 130 stores capture response for later use in by legacy system accounting programs, e.g. to perform reconciliation between the merchant operating merchant computer system 130 and the financial institution from whom payment was requested, thereby completing the transaction.
  • The system of the present invention permits immediate deployment of a secure payment technology architecture such as the SET architecture without first establishing a public-key encryption infrastructure for use by consumers. It thereby permits immediate use of SET-compliant transaction processing without the need for consumers to migrate to SET-compliant application software. [0162]
  • All publications and existing subsystems mentioned in this specification are hereby incorporated by reference to the same extent as if each individual publication or existing subsystem were specifically and individually indicated to be incorporated by reference. [0163]
  • While various embodiments of a preferred embodiment have been described above, it should be understood that they have been presented by way of example only, and not limitation. Thus, the breadth and scope of a preferred embodiment should not be limited by any of the above described exemplary embodiments, but should be defined only in accordance with the following claims and their equivalents. [0164]

Claims (21)

What is claimed is:
1. A method for initiating secure communication between a first and a second computer connected to a network for receiving and transmitting payment information, comprising the steps of:
(a) establishing a communication between said first and said second computer via said network;
(b) identifying an encryption procedure and a decryption procedure utilized by said first and said second computer;
(c) transmitting encrypted payment information from said first computer to said second computer;
(d) receiving said encrypted payment information at said second computer and decrypting the payment information utilizing the decryption procedure; and
(e) repackaging said payment information to comply with a third party secure protocol for further payment processing.
2. The method as recited in claim 1, including the step of utilizing the Internet for transmitting information between said first and said second computer systems.
3. The method as recited in claim 1, including the step of transmitting from the second computer system to a third computer system for authorizing or denying credit in the payment processing.
4. The method as recited in claim 1, wherein the secure third party protocol is a Secure Electronic Transaction protocol.
5. A method for initiating secure communication between a first and a second computer connected to a network for receiving and transmitting payment information, comprising the steps of:
(a) obtaining client information for use in said secure communication between a first and a second computer;
(b) establishing a communication between said first and said second computer via said network; and
(c) repackaging said payment information to comply with a third party secure protocol for further payment processing.
6. The method as recited in claim 5, including:
(d) transmitting encrypted payment information from said first computer to said second computer;
(e) receiving said encrypted payment information at said second computer and decrypting the payment information utilizing the decryption procedure; and
(f) performing further payment processing on said decrypted information.
7. The method as recited in claim 5, wherein said client information is obtained via a telephone, fax machine or electronic mail.
8. The method as recited in claim 5, wherein an electronic signature is utilized to authenticate payment processing.
9. The method as recited in claim 7, wherein said client information is obtained via a secure general purpose protocol.
10. The method as recited in claim 5, further comprises reversing previous payment transactions.
11. Apparatus for initiating payment in a computer under the control of software with an attached display and an input device connected to a network for receiving and transmitting network information, comprising:
(a) means for establishing a communication between said first and said second computer via said network;
(b) means for identifying an encryption procedure and a decryption procedure utilized by said first and said second computer;
(c) means for transmitting encrypted payment information from said first computer to said second computer;
(d) means for receiving said encrypted payment information at said second computer and decrypting the payment information utilizing the decryption procedure; and
(e) means for repackaging said payment information to comply with a Secure Electronic Transaction protocol for further payment processing.
12. The apparatus as recited in claim 11, including means for utilizing the Internet for transmitting information between said first and said second computer systems.
13. The apparatus as recited in claim 12, including means for transmitting from the second computer system to a third computer system for authorizing or denying credit in the payment processing.
14. An apparatus for initiating secure communication between a first and a second computer connected to a network for receiving and transmitting payment information, comprising:
(a) communication hardware utilized by a client to communicate information for use in said secure communication between a first and a second computer;
(b) a computer under the control of software which establishes secure communication between said first and said second computer via said network; and
(c) a computer under the control of software which repackages said payment information to comply with a third party secure protocol for further payment processing.
15. A computer program embodied on a computer-readable medium for effecting purchase transactions by a customer system at a merchant system and effecting payment for said transactions by a payment system, comprising:
(a) a code segment for controlling secure communication of a purchase request from said customer system to said merchant system, including providing payment information from said customer system to said merchant system;
(b) a code segment for controlling secure processing of said payment information by said merchant system to generate a payment authorization request and securely transmit said payment authorization request from said merchant system to said payment system;
(c) a code segment for controlling the secure processing of said payment authorization request by said payment system to generate a payment authorization response authorizing said purchase and securely transmit said payment authorization response to said merchant system pursuant to which said merchant system fills said purchase request;
(d) a code segment for controlling the secure processing of said payment authorization response by said merchant system to generate a payment capture request and securely transmit said payment capture request to said payment system;
(e) a code segment for controlling the secure processing of said payment capture request by said payment system to generate a payment capture response authorizing payment and transmit said payment capture response to said merchant system; and
(f) a code segment for controlling the secure processing of said payment capture response by said merchant system to effect payment to the merchant system for filling said purchase request.
16. A computer program embodied on a computer-readable medium as recited in claim 15, wherein said secure protocol is a Secure Electronic Transaction protocol.
17. A computer program embodied on a computer-readable medium as recited in claim 15, wherein said secure protocol is a Secure Transaction Technology protocol.
18. A computer program embodied on a computer-readable medium as recited in claim 15, wherein said secure protocol is a Secure Electronic Payments Protocol.
19. A computer program embodied on a computer-readable medium as recited in claim 15, wherein said information includes payment administration information.
20. A computer program embodied on a computer-readable medium for initiating payment in a computer under the control of software with an attached display and an input device connected to a network for receiving and transmitting network information, comprising:
(a) a code segment for establishing a communication between said first and said second computer via said network;
(b) a code segment for identifying an encryption procedure and a decryption procedure utilized by said first and said second computer;
(c) a code segment for transmitting encrypted payment information from said first computer to said second computer;
(d) a code segment for receiving said encrypted payment information at said second computer and decrypting the payment information utilizing the decryption procedure; and
(e) a code segment for repackaging said payment information to comply with a secure protocol for further payment processing.
21. A computer program embodied on a computer-readable medium for effecting purchase transactions by a merchant computer system and payment for said transactions by a payment computer system, comprising:
(a) a code segment controlling communication between said customer and said merchant computer system for effecting purchase requests, including providing payment information from said customer to said merchant computer system; and
(b) a code segment controlling secure communication between said merchant computer system and said payment computer system for effecting operation on said payment information by said merchant computer systems to obtain administration information from said payment computer system to said merchant computer system pursuant to which said merchant computer system completes said purchase request.
US10/233,762 1996-04-26 2002-09-03 System, method and article of manufacture for secure network electronic payment and credit collection Abandoned US20030004894A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US10/233,762 US20030004894A1 (en) 1996-04-26 2002-09-03 System, method and article of manufacture for secure network electronic payment and credit collection

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US08/639,909 US5987140A (en) 1996-04-26 1996-04-26 System, method and article of manufacture for secure network electronic payment and credit collection
US31456599A 1999-06-22 1999-06-22
US10/233,762 US20030004894A1 (en) 1996-04-26 2002-09-03 System, method and article of manufacture for secure network electronic payment and credit collection

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US31456599A Continuation 1996-04-26 1999-06-22

Publications (1)

Publication Number Publication Date
US20030004894A1 true US20030004894A1 (en) 2003-01-02

Family

ID=24566073

Family Applications (2)

Application Number Title Priority Date Filing Date
US08/639,909 Expired - Lifetime US5987140A (en) 1996-04-26 1996-04-26 System, method and article of manufacture for secure network electronic payment and credit collection
US10/233,762 Abandoned US20030004894A1 (en) 1996-04-26 2002-09-03 System, method and article of manufacture for secure network electronic payment and credit collection

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US08/639,909 Expired - Lifetime US5987140A (en) 1996-04-26 1996-04-26 System, method and article of manufacture for secure network electronic payment and credit collection

Country Status (7)

Country Link
US (2) US5987140A (en)
EP (1) EP0907935B1 (en)
JP (1) JP4166280B2 (en)
AU (1) AU2811597A (en)
CA (1) CA2252649C (en)
DE (1) DE69734059T2 (en)
WO (1) WO1997041539A1 (en)

Cited By (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6957199B1 (en) * 2000-08-30 2005-10-18 Douglas Fisher Method, system and service for conducting authenticated business transactions
US20060167818A1 (en) * 2005-01-21 2006-07-27 David Wentker Methods and system for performing data exchanges related to financial transactions over a public network
EP1873704A1 (en) * 2006-06-30 2008-01-02 MediaKey Ltd. Method and system for determining whether the origin of a payment request is a specific e-commerce network source
US20090055907A1 (en) * 2007-08-20 2009-02-26 Goldman, Sachs & Co Authentification Broker for the Securities Industry
WO2010003094A1 (en) * 2008-07-02 2010-01-07 Visa International Service Association System and method of providing enhanced transaction data
US20110022852A1 (en) * 2008-03-25 2011-01-27 Mitsubishi Electric Corporation Cryptographic computation apparatus, cryptographic computation program, and storage medium
US8010425B1 (en) * 2003-03-17 2011-08-30 The Sunshine Trust Method and apparatus for extending credit
US8543508B2 (en) 2010-07-09 2013-09-24 Visa International Service Association Gateway abstraction layer
US8639846B2 (en) 2005-06-29 2014-01-28 Visa U.S.A. Inc. Adaptive gateway for switching transactions and data on unreliable networks using context-based rules
US20140172726A1 (en) * 1996-10-02 2014-06-19 Nintendo Of America Inc. Method and apparatus for enabling purchasers of products to obtain return information and to initiate product returns via an on-line network connection
US20140229382A1 (en) * 2011-04-07 2014-08-14 Charles T. Fote Broker-mediated payment systems and methods
US20150317630A1 (en) * 2014-04-30 2015-11-05 MasterCard Incorporated International Method and system for authentication token generation
CN105427101A (en) * 2015-11-19 2016-03-23 成都连银信息技术有限公司 Unified payment access gateway supporting multiple payment channels
US10068287B2 (en) 2010-06-11 2018-09-04 David A. Nelsen Systems and methods to manage and control use of a virtual card
US10937076B2 (en) 2010-10-13 2021-03-02 E2Interactive, Inc. Online personalized gifting system
US10954049B2 (en) 2017-12-12 2021-03-23 E2Interactive, Inc. Viscous liquid vessel for gifting
US11017443B2 (en) 2014-04-30 2021-05-25 E2Interactive, Inc. System and method for a merchant onsite personalization gifting platform
US11111065B2 (en) 2013-02-15 2021-09-07 E2Interactive, Inc. Gift card presentation devices
US11120428B2 (en) 2013-05-02 2021-09-14 E2Interactive, Inc. Stored value card kiosk system and method
US11182836B2 (en) 2010-10-13 2021-11-23 E2Interactive, Inc. Gift card ordering system and method
US11219288B2 (en) 2013-02-15 2022-01-11 E2Interactive, Inc. Gift card box with slanted tray and slit
US11436651B2 (en) 2012-01-30 2022-09-06 E2Interactive, Inc. Group video generating system
US11928696B2 (en) 2009-12-16 2024-03-12 E2Interactive, Inc. Systems and methods for generating a virtual value item for a promotional campaign

Families Citing this family (416)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10361802B1 (en) 1999-02-01 2019-07-23 Blanding Hovenweep, Llc Adaptive pattern recognition based control system and method
US5778367A (en) * 1995-12-14 1998-07-07 Network Engineering Software, Inc. Automated on-line information service and directory, particularly for the world wide web
US5822737A (en) * 1996-02-05 1998-10-13 Ogram; Mark E. Financial transaction system
US8117298B1 (en) 1996-02-26 2012-02-14 Graphon Corporation Multi-homed web server
US6477513B1 (en) * 1997-04-03 2002-11-05 Walker Digital, Llc Method and apparatus for executing cryptographically-enabled letters of credit
US6163771A (en) * 1997-08-28 2000-12-19 Walker Digital, Llc Method and device for generating a single-use financial account number
US6125349A (en) * 1997-10-01 2000-09-26 At&T Corp. Method and apparatus using digital credentials and other electronic certificates for electronic transactions
US6223177B1 (en) * 1997-10-22 2001-04-24 Involv International Corporation Network based groupware system
US6917962B1 (en) * 1997-10-22 2005-07-12 Brokercom Inc. Web-based groupware system
US6119106A (en) 1997-11-26 2000-09-12 Mersky; Randy Method and apparatus for facilitating customer payments to creditors from a remote site
NZ505057A (en) * 1997-12-15 2002-10-25 British Telecomm Server intermediary price setting and verification for internet shopping
US6477578B1 (en) * 1997-12-16 2002-11-05 Hankey Mhoon System and method for conducting secure internet transactions
US6681327B1 (en) * 1998-04-02 2004-01-20 Intel Corporation Method and system for managing secure client-server transactions
GB2338381A (en) 1998-06-10 1999-12-15 Barclays Bank Plc Cryptographic authentication for internet using two servers
US6738749B1 (en) * 1998-09-09 2004-05-18 Ncr Corporation Methods and apparatus for creating and storing secure customer receipts on smart cards
KR100781610B1 (en) * 1998-09-21 2007-12-07 인터내셔널 비지네스 머신즈 코포레이션 Method of improving security in electronic transactions
US7533064B1 (en) * 1998-10-07 2009-05-12 Paypal Inc. E-mail invoked electronic commerce
US7617125B1 (en) * 1998-10-07 2009-11-10 Paypal, Inc. System and method for storage and retrieval of information subject to authorization by a data controller
US6092053A (en) 1998-10-07 2000-07-18 Cybercash, Inc. System and method for merchant invoked electronic commerce
US6169974B1 (en) * 1998-10-08 2001-01-02 Paymentech, Inc. Method for closed loop processing of transactions utilizing bank card association
US7171000B1 (en) 1999-06-10 2007-01-30 Message Secure Corp. Simplified addressing for private communications
US6879665B1 (en) 1999-04-27 2005-04-12 International Business Machines Corporation Method and apparatus for sending messages in a data processing system
US6889325B1 (en) * 1999-04-28 2005-05-03 Unicate Bv Transaction method and system for data networks, like internet
AUPQ018899A0 (en) * 1999-05-05 1999-05-27 Shanahan, Terry A method of electronic transaction
US7110978B1 (en) * 1999-05-10 2006-09-19 First Data Corporation Internet-based money order system
US20020101998A1 (en) * 1999-06-10 2002-08-01 Chee-Hong Wong Fast escrow delivery
US20020019932A1 (en) * 1999-06-10 2002-02-14 Eng-Whatt Toh Cryptographically secure network
EP1315951A2 (en) 1999-07-21 2003-06-04 E-Payments A method for performing a transaction over a network
US7239226B2 (en) 2001-07-10 2007-07-03 American Express Travel Related Services Company, Inc. System and method for payment using radio frequency identification in contact and contactless transactions
US7889052B2 (en) * 2001-07-10 2011-02-15 Xatra Fund Mx, Llc Authorizing payment subsequent to RF transactions
US7837116B2 (en) 1999-09-07 2010-11-23 American Express Travel Related Services Company, Inc. Transaction card
US7051364B1 (en) * 1999-09-09 2006-05-23 Daimlerchrysler Financial Services Americas Llc System and method for preparing, executing, and securely managing electronic documents
DE19946537A1 (en) * 1999-09-28 2001-04-05 Deutsche Telekom Mobil Procedure for billing internet services via mobile radio
DE19946539B4 (en) 1999-09-28 2010-04-29 T-Mobile Deutschland Gmbh Method for billing Internet shops via mobile communications
US6332134B1 (en) * 1999-11-01 2001-12-18 Chuck Foster Financial transaction system
US20090265249A1 (en) * 1999-11-05 2009-10-22 American Express Travel Related Services Company, Inc. Systems and methods for split tender transaction processing
US7941372B2 (en) * 1999-11-05 2011-05-10 American Express Travel Related Services Company, Inc. Systems and methods for receiving an allocation of an amount between transaction accounts
US8875990B2 (en) * 1999-11-05 2014-11-04 Lead Core Fund, L.L.C. Systems and methods for allocating a payment authorization request to a payment processor
US7475808B1 (en) 1999-11-05 2009-01-13 American Express Travel Related Services Company, Inc. Systems and methods for locating a payment system utilizing a wireless point of sale device
US7941367B2 (en) * 1999-11-05 2011-05-10 American Express Travel Related Services Company, Inc. Systems and methods for allocating an amount between sub-accounts
US20090048885A1 (en) * 1999-11-05 2009-02-19 American Express Travel Related Services Company, Inc. Systems and Methods for Facilitating Cost-Splitting Transactions
US8073772B2 (en) * 1999-11-05 2011-12-06 American Express Travel Related Services Company, Inc. Systems and methods for processing transactions using multiple budgets
WO2001033522A1 (en) * 1999-11-05 2001-05-10 American Express Travel Related Services Company, Inc. Systems and methods for facilitating commercial transactions between parties residing at remote locations
US7904385B2 (en) * 1999-11-05 2011-03-08 American Express Travel Related Services Company, Inc. Systems and methods for facilitating budgeting transactions
US20090164328A1 (en) * 1999-11-05 2009-06-25 American Express Travel Related Services Company, Inc. Systems and Methods for Locating a Payment System and Determining a Taxing Authority Utilizing a Point of Sale Device
US7996307B2 (en) * 1999-11-05 2011-08-09 American Express Travel Related Services Company, Inc. Systems and methods for facilitating transactions between different financial accounts
US20090265250A1 (en) * 1999-11-05 2009-10-22 American Express Travel Related Services Company, Inc. Systems and methods for processing a transaction according to an allowance
US20090048887A1 (en) * 1999-11-05 2009-02-19 American Express Travel Related Services Company, Inc. Systems and Methods for Facilitating Transactions Involving an Intermediary
US7908214B2 (en) * 1999-11-05 2011-03-15 American Express Travel Related Services Company, Inc. Systems and methods for adjusting loan amounts to facilitate transactions
US8195565B2 (en) * 1999-11-05 2012-06-05 Lead Core Fund, L.L.C. Systems and methods for point of interaction based policy routing of transactions
US7877325B2 (en) * 1999-11-05 2011-01-25 American Express Travel Related Services Company, Inc. Systems and methods for settling an allocation of an amount between transaction accounts
US8103584B2 (en) * 1999-11-05 2012-01-24 American Express Travel Related Services Company, Inc. Systems and methods for authorizing an allocation of an amount between transaction accounts
US8190514B2 (en) * 1999-11-05 2012-05-29 Lead Core Fund, L.L.C. Systems and methods for transaction processing based upon an overdraft scenario
US8820633B2 (en) * 1999-11-05 2014-09-02 Lead Core Fund, L.L.C. Methods for a third party biller to receive an allocated payment authorization request
US20090164325A1 (en) * 1999-11-05 2009-06-25 American Express Travel Related Services Company, Inc. Systems and Methods for Locating an Automated Clearing House Utilizing a Point of Sale Device
US20090164329A1 (en) * 1999-11-05 2009-06-25 American Express Travel Related Services Company, Inc. Systems for Processing a Payment Authorization Request Utilizing a Network of Point of Sale Devices
US20090265241A1 (en) * 1999-11-05 2009-10-22 American Express Travel Related Services Company, Inc. Systems and methods for determining a rewards account to fund a transaction
US8646685B2 (en) * 1999-11-05 2014-02-11 Lead Core Fund, L.L.C. Device for allocating a payment authorization request to a payment processor
US7962407B2 (en) * 1999-11-05 2011-06-14 American Express Travel Related Services Company, Inc. Systems and methods for allocating an amount between transaction accounts
US8103585B2 (en) * 1999-11-05 2012-01-24 American Express Travel Related Services Company, Inc. Systems and methods for suggesting an allocation
US20090271278A1 (en) * 1999-11-05 2009-10-29 American Express Travel Related Services Company, Inc. Systems and methods for routing a transaction request to a payment system via a transaction device
US20090164331A1 (en) * 1999-11-05 2009-06-25 American Express Travel Related Services Company, Inc. Systems for Locating a Payment System Utilizing a Point of Sale Device
US7962408B2 (en) * 1999-11-05 2011-06-14 American Express Travel Related Services Company, Inc. Systems and methods for establishing an allocation of an amount between transaction accounts
US8458086B2 (en) * 1999-11-05 2013-06-04 Lead Core Fund, L.L.C. Allocating partial payment of a transaction amount using an allocation rule
US8234212B2 (en) * 1999-11-05 2012-07-31 Lead Core Fund, L.L.C. Systems and methods for facilitating transactions with interest
US8814039B2 (en) * 1999-11-05 2014-08-26 Lead Core Fund, L.L.C. Methods for processing a payment authorization request utilizing a network of point of sale devices
US7962406B2 (en) * 1999-11-05 2011-06-14 American Express Travel Related Services Company, Inc. Systems and methods for facilitating transactions
US7979349B2 (en) * 1999-11-05 2011-07-12 American Express Travel Related Services Company, Inc. Systems and methods for adjusting crediting limits to facilitate transactions
US8794509B2 (en) * 1999-11-05 2014-08-05 Lead Core Fund, L.L.C. Systems and methods for processing a payment authorization request over disparate payment networks
US8275704B2 (en) * 1999-11-05 2012-09-25 Lead Core Fund, L.L.C. Systems and methods for authorizing an allocation of an amount between transaction accounts
US8596527B2 (en) * 1999-11-05 2013-12-03 Lead Core Fund, L.L.C. Methods for locating a payment system utilizing a point of sale device
US8851369B2 (en) * 1999-11-05 2014-10-07 Lead Core Fund, L.L.C. Systems and methods for transaction processing using a smartcard
US20090048886A1 (en) * 1999-11-05 2009-02-19 American Express Travel Related Services Company, Inc. Systems and Methods for Facilitating Gifting Transactions
US8180706B2 (en) * 1999-11-05 2012-05-15 Lead Core Fund, L.L.C. Systems and methods for maximizing a rewards accumulation strategy during transaction processing
US7925585B2 (en) * 1999-11-05 2011-04-12 American Express Travel Related Services Company, Inc. Systems and methods for facilitating transactions with different account issuers
US7899744B2 (en) * 1999-11-05 2011-03-01 American Express Travel Related Services Company, Inc. Systems and methods for approval of an allocation
US6876991B1 (en) 1999-11-08 2005-04-05 Collaborative Decision Platforms, Llc. System, method and computer program product for a collaborative decision platform
US6980970B2 (en) * 1999-12-16 2005-12-27 Debit.Net, Inc. Secure networked transaction system
US6948063B1 (en) * 1999-12-23 2005-09-20 Checkfree Corporation Securing electronic transactions over public networks
SG89314A1 (en) * 2000-01-18 2002-06-18 Cazh Pte Ltd Secure network electronic transactions and payments system
US7172112B2 (en) 2000-01-21 2007-02-06 American Express Travel Related Services Company, Inc. Public/private dual card system and method
US8543423B2 (en) 2002-07-16 2013-09-24 American Express Travel Related Services Company, Inc. Method and apparatus for enrolling with multiple transaction environments
US8429041B2 (en) 2003-05-09 2013-04-23 American Express Travel Related Services Company, Inc. Systems and methods for managing account information lifecycles
US20020162008A1 (en) * 2000-01-28 2002-10-31 Vincent Hill Method and system for controlling access to a telecommunication or internet system
US20020052853A1 (en) * 2000-02-10 2002-05-02 Fernando Munoz Transportation system for on-line transactions
US7366695B1 (en) 2000-02-29 2008-04-29 First Data Corporation Electronic purchase method and funds transfer system
US20030126075A1 (en) * 2001-11-15 2003-07-03 First Data Corporation Online funds transfer method
US8036905B2 (en) * 2000-02-29 2011-10-11 Newgistics, Inc. Method and system for processing the local return of remotely purchased products
US20030126036A1 (en) * 2000-02-29 2003-07-03 First Data Corporation Online payments
US7627531B2 (en) 2000-03-07 2009-12-01 American Express Travel Related Services Company, Inc. System for facilitating a transaction
US8645137B2 (en) 2000-03-16 2014-02-04 Apple Inc. Fast, language-independent method for user authentication by voice
US8386337B2 (en) * 2000-03-24 2013-02-26 Newgistics, Inc. System and method for single-action returns of remotely purchased merchandise
US7177798B2 (en) * 2000-04-07 2007-02-13 Rensselaer Polytechnic Institute Natural language interface using constrained intermediate dictionary of results
US20020032649A1 (en) * 2000-04-13 2002-03-14 Balamurugan Selvarajan High-security E-currency IDs for E-commerce transactions
DE10020565A1 (en) * 2000-04-27 2001-10-31 Deutsche Post Ag Process in which a customer retrieves monetary information from a loading point
WO2001084443A1 (en) * 2000-05-03 2001-11-08 Harrison Shelton E Jr Electronic bond & guaranty process and business method
US7280984B2 (en) * 2000-05-08 2007-10-09 Phelan Iii Frank Money card system, method and apparatus
US7472092B2 (en) * 2000-05-08 2008-12-30 Patricia Phelan Money order device with identity verification and method
US10521782B2 (en) * 2000-05-15 2019-12-31 Efunds Corporation System for and method of effecting an electronic transaction
US7565326B2 (en) * 2000-05-25 2009-07-21 Randle William M Dialect independent multi-dimensional integrator using a normalized language platform and secure controlled access
US7647259B2 (en) * 2000-06-16 2010-01-12 De Fabrega Ingrid Perscky E-commerce development intranet portal
WO2003034186A2 (en) * 2001-10-16 2003-04-24 Newattitude Inc. (Dba Digital World Access, Inc.) Self-administered automatic payroll deduction
US20010056399A1 (en) * 2000-06-27 2001-12-27 Eric Saylors Web dependent consumer financing and virtual reselling method
US20040111370A1 (en) * 2000-06-27 2004-06-10 Digital World Access, Inc. Single source money management system
US20050211765A1 (en) * 2000-06-27 2005-09-29 Digital World Access, Inc. Money management network
US7251728B2 (en) * 2000-07-07 2007-07-31 Message Secure Corporation Secure and reliable document delivery using routing lists
JP4955894B2 (en) * 2000-07-10 2012-06-20 マスターカード インターナシヨナル インコーポレーテツド Method and system for executing secure electronic commerce by looping back authorization request data
US7233920B1 (en) 2000-09-07 2007-06-19 Paymentech, L.P. System and apparatus for credit transaction data transmission
US20020099648A1 (en) * 2000-09-19 2002-07-25 Devoe Dana L. Method of reducing fraud in credit card and other E-business
JP4011327B2 (en) * 2000-11-15 2007-11-21 株式会社レクサー・リサーチ Display object providing apparatus, display object providing method, and display object providing program
CA2327935C (en) * 2000-12-08 2013-10-22 Wmode Inc. System and method to provide real time transaction validation and billing via a communications network
US20020073027A1 (en) * 2000-12-11 2002-06-13 Hui Helen Shan-Shan Mobile payment system
AU2002237759A1 (en) * 2001-01-05 2002-07-16 Yozons, Inc. System and method for processing digital documents utilizing secure communications over a network
US20020120529A1 (en) * 2001-01-22 2002-08-29 Thomas Buettgenbach Accelerated access to an electronic catalog
US7047405B2 (en) * 2001-04-05 2006-05-16 Qualcomm, Inc. Method and apparatus for providing secure processing and data storage for a wireless communication device
US7181017B1 (en) 2001-03-23 2007-02-20 David Felsher System and method for secure three-party communications
US7424201B2 (en) * 2001-03-30 2008-09-09 Sandisk 3D Llc Method for field-programming a solid-state memory device with a digital media file
US7181506B1 (en) 2001-04-06 2007-02-20 Mcafee, Inc. System and method to securely confirm performance of task by a peer in a peer-to-peer network environment
US7062555B1 (en) 2001-04-06 2006-06-13 Networks Associates Technology, Inc. System and method for automatic selection of service provider for efficient use of bandwidth and resources in a peer-to-peer network environment
US20020161998A1 (en) * 2001-04-27 2002-10-31 International Business Machines Corporation Method and system for providing hardware cryptography functionality to a data processing system lacking cryptography hardware
CA2347528A1 (en) * 2001-05-15 2002-11-15 Ibm Canada Limited-Ibm Canada Limitee System and method for on-line payment
US7716091B2 (en) 2001-05-24 2010-05-11 Newgistics, Inc. Local returns of remotely purchased merchandise with return code validation
US7650314B1 (en) 2001-05-25 2010-01-19 American Express Travel Related Services Company, Inc. System and method for securing a recurrent billing transaction
US7725427B2 (en) 2001-05-25 2010-05-25 Fred Bishop Recurrent billing maintenance with radio frequency payment devices
US7110525B1 (en) 2001-06-25 2006-09-19 Toby Heller Agent training sensitive call routing system
US8538863B1 (en) 2001-07-10 2013-09-17 American Express Travel Related Services Company, Inc. System and method for facilitating a transaction using a revolving use account associated with a primary account
US7303120B2 (en) 2001-07-10 2007-12-04 American Express Travel Related Services Company, Inc. System for biometric security using a FOB
US20040236699A1 (en) 2001-07-10 2004-11-25 American Express Travel Related Services Company, Inc. Method and system for hand geometry recognition biometrics on a fob
US7996324B2 (en) 2001-07-10 2011-08-09 American Express Travel Related Services Company, Inc. Systems and methods for managing multiple accounts on a RF transaction device using secondary identification indicia
US8294552B2 (en) 2001-07-10 2012-10-23 Xatra Fund Mx, Llc Facial scan biometrics on a payment device
US7705732B2 (en) 2001-07-10 2010-04-27 Fred Bishop Authenticating an RF transaction using a transaction counter
US7119659B2 (en) 2001-07-10 2006-10-10 American Express Travel Related Services Company, Inc. Systems and methods for providing a RF transaction device for use in a private label transaction
US8001054B1 (en) 2001-07-10 2011-08-16 American Express Travel Related Services Company, Inc. System and method for generating an unpredictable number using a seeded algorithm
US8548927B2 (en) 2001-07-10 2013-10-01 Xatra Fund Mx, Llc Biometric registration for facilitating an RF transaction
US7493288B2 (en) 2001-07-10 2009-02-17 Xatra Fund Mx, Llc RF payment via a mobile device
US7249112B2 (en) 2002-07-09 2007-07-24 American Express Travel Related Services Company, Inc. System and method for assigning a funding source for a radio frequency identification device
US9031880B2 (en) 2001-07-10 2015-05-12 Iii Holdings 1, Llc Systems and methods for non-traditional payment using biometric data
US7360689B2 (en) 2001-07-10 2008-04-22 American Express Travel Related Services Company, Inc. Method and system for proffering multiple biometrics for use with a FOB
US7827106B2 (en) 2001-07-10 2010-11-02 American Express Travel Related Services Company, Inc. System and method for manufacturing a punch-out RFID transaction device
US8284025B2 (en) 2001-07-10 2012-10-09 Xatra Fund Mx, Llc Method and system for auditory recognition biometrics on a FOB
US8960535B2 (en) 2001-07-10 2015-02-24 Iii Holdings 1, Llc Method and system for resource management and evaluation
US9454752B2 (en) 2001-07-10 2016-09-27 Chartoleaux Kg Limited Liability Company Reload protocol at a transaction processing entity
US7503480B2 (en) 2001-07-10 2009-03-17 American Express Travel Related Services Company, Inc. Method and system for tracking user performance
US9024719B1 (en) 2001-07-10 2015-05-05 Xatra Fund Mx, Llc RF transaction system and method for storing user personal data
US7746215B1 (en) 2001-07-10 2010-06-29 Fred Bishop RF transactions using a wireless reader grid
US7668750B2 (en) 2001-07-10 2010-02-23 David S Bonalle Securing RF transactions using a transactions counter
US8635131B1 (en) 2001-07-10 2014-01-21 American Express Travel Related Services Company, Inc. System and method for managing a transaction protocol
US7925535B2 (en) 2001-07-10 2011-04-12 American Express Travel Related Services Company, Inc. System and method for securing RF transactions using a radio frequency identification device including a random number generator
US7805378B2 (en) 2001-07-10 2010-09-28 American Express Travel Related Servicex Company, Inc. System and method for encoding information in magnetic stripe format for use in radio frequency identification transactions
US7762457B2 (en) 2001-07-10 2010-07-27 American Express Travel Related Services Company, Inc. System and method for dynamic fob synchronization and personalization
DE10134541A1 (en) * 2001-07-16 2003-02-13 Siemens Ag Computer system and method for ordering a product, in particular a food or beverage
AU2002354970B2 (en) * 2001-07-19 2007-01-18 Synkronos Pty Ltd Virtual credit card terminal and method of transaction
AUPR647701A0 (en) * 2001-07-19 2001-08-09 Synkronos Pty Ltd Virtual credit card terminal and method of transaction
US20030028664A1 (en) * 2001-08-02 2003-02-06 Kaijun Tan Method and system for secure distribution and utilization of data over a network
US7296003B2 (en) 2001-08-17 2007-11-13 Globex Financial Services, Inc. Method and apparatus for facilitating manual payments for transactions conducted over a network
US20030050892A1 (en) * 2001-09-07 2003-03-13 Efunds Corporation Electronic point-of-sale check processing method and system
WO2003023644A1 (en) * 2001-09-07 2003-03-20 Noam Eli M A general packet-based payment and transaction method and system
ITFI20010199A1 (en) 2001-10-22 2003-04-22 Riccardo Vieri SYSTEM AND METHOD TO TRANSFORM TEXTUAL COMMUNICATIONS INTO VOICE AND SEND THEM WITH AN INTERNET CONNECTION TO ANY TELEPHONE SYSTEM
US7822679B1 (en) 2001-10-29 2010-10-26 Visa U.S.A. Inc. Method and system for conducting a commercial transaction between a buyer and a seller
US20030126079A1 (en) * 2001-11-12 2003-07-03 Roberson James A. System and method for implementing frictionless micropayments for consumable services
US7184980B2 (en) * 2001-11-15 2007-02-27 First Data Corporation Online incremental payment method
US20030105977A1 (en) * 2001-12-05 2003-06-05 International Business Machines Corporation Offload processing for secure data transfer
US20030105952A1 (en) * 2001-12-05 2003-06-05 International Business Machines Corporation Offload processing for security session establishment and control
US7246233B2 (en) * 2001-12-05 2007-07-17 International Business Machines Corporation Policy-driven kernel-based security implementation
US7865446B2 (en) * 2001-12-11 2011-01-04 International Businesss Machines Corporation Method for secure electronic commercial transaction on-line processing
US7372952B1 (en) 2002-03-07 2008-05-13 Wai Wu Telephony control system with intelligent call routing
DE10211265A1 (en) * 2002-03-13 2003-10-09 Deutsche Post Ag Method and device for creating verifiable tamper-proof documents
US7296074B2 (en) * 2002-03-20 2007-11-13 Scientific-Atlanta, Inc. Media on demand session re-use
US7487127B2 (en) 2002-03-27 2009-02-03 First Data Corporation Merchant cash payment systems and methods
US20030212609A1 (en) * 2002-04-03 2003-11-13 Jeffery Blair Method of facilitating a transaction between a buyer and at least one seller
US7200577B2 (en) 2002-05-01 2007-04-03 America Online Incorporated Method and apparatus for secure online transactions
US20030229539A1 (en) * 2002-06-10 2003-12-11 First Data Corporation Rebate issuance system and methods
US20030229541A1 (en) * 2002-06-10 2003-12-11 First Data Corporation Methods and systems for reconciliation of discount certificates
US8554614B2 (en) 2002-06-10 2013-10-08 First Data Corporation Methods and systems for bulk activation of multiple, disparate stored value accounts
US8370205B2 (en) 2003-10-28 2013-02-05 First Data Corporation System for activation of multiple cards
US7280981B2 (en) 2002-08-27 2007-10-09 Visa U.S.A. Inc. Method and system for facilitating payment transactions using access devices
US8229855B2 (en) 2002-08-27 2012-07-24 Jean Huang Method and system for facilitating payment transactions using access devices
US6805287B2 (en) 2002-09-12 2004-10-19 American Express Travel Related Services Company, Inc. System and method for converting a stored value card to a credit card
US7729984B1 (en) 2002-09-27 2010-06-01 Abas Enterprises Llc Effecting financial transactions
US20040111361A1 (en) * 2002-11-15 2004-06-10 Automatic Data Processing, Inc. System and method for value delivery
US9818136B1 (en) 2003-02-05 2017-11-14 Steven M. Hoffberg System and method for determining contingent relevance
US20040193436A1 (en) * 2003-02-10 2004-09-30 Stashluk Edward J. Method and system using return labels with dynamically generated multiple datapoint coding
US20040193438A1 (en) * 2003-02-10 2004-09-30 Stashluk Edward J. Merchandise return system with value added returns processing (dispositioning)
US20040181310A1 (en) * 2003-02-10 2004-09-16 Stashluk Edward J. Merchandise return system with value added returns processing (data communications)
US20040215531A1 (en) * 2003-02-10 2004-10-28 Stashluk Edward J. Computer generated merchandise return labels with rules-based coding
US20040167863A1 (en) * 2003-02-21 2004-08-26 Knowles W. Jeffrey System and method of transferring data through transaction process
US20040187108A1 (en) * 2003-02-21 2004-09-23 Knowles W. Jeffrey Method of scheduling and event processing in computer operating system
US20040167854A1 (en) * 2003-02-21 2004-08-26 Knowles W. Jeffrey System and method of currency conversion in financial transaction process
US8041633B2 (en) 2003-02-21 2011-10-18 Mtrex, Inc. System and method of electronic data transaction processing
US7676034B1 (en) 2003-03-07 2010-03-09 Wai Wu Method and system for matching entities in an auction
US20040188515A1 (en) * 2003-03-26 2004-09-30 Ivan Jimenez Pre-paid internet credit card
EP1636936A2 (en) * 2003-06-17 2006-03-22 Visa International Service Association Method and systems for securely exchanging data in an electronic transaction
US7908215B2 (en) 2003-06-30 2011-03-15 American Express Travel Related Services Company, Inc. System and method for selection of payment systems from a payment system directory to process a transaction
US8666855B2 (en) 2003-06-30 2014-03-04 Plati Networking, Llc System and method for a payment system directory
US20050027648A1 (en) * 2003-07-29 2005-02-03 Knowles W. Jeffrey System and method of account reconciliation for electronic transactions
US7290278B2 (en) 2003-10-02 2007-10-30 Aol Llc, A Delaware Limited Liability Company Identity based service system
US20050149738A1 (en) * 2004-01-02 2005-07-07 Targosky David G. Biometric authentication system and method for providing access to a KVM system
US20050171908A1 (en) * 2004-01-29 2005-08-04 Carlsen James K. System and method for aggregating and delegating signature authority to third parties in commercial transactions
US20050187870A1 (en) * 2004-02-24 2005-08-25 First Data Corporation System for maintaining balance data
US20070237315A1 (en) * 2004-02-24 2007-10-11 First Data Corporation System for maintaining type and/or status information for a party - communication point relationship
US20070239786A1 (en) * 2004-02-24 2007-10-11 First Data Corporation System for maintaining regulatory compliance of communication point data
US8571977B2 (en) 2004-06-17 2013-10-29 Visa International Service Association Method and system for providing seller bank receivable discounting aggregation services
US7318550B2 (en) 2004-07-01 2008-01-15 American Express Travel Related Services Company, Inc. Biometric safeguard method for use with a smartcard
US20060015450A1 (en) * 2004-07-13 2006-01-19 Wells Fargo Bank, N.A. Financial services network and associated processes
US7702730B2 (en) 2004-09-03 2010-04-20 Open Text Corporation Systems and methods for collaboration
US20080282331A1 (en) * 2004-10-08 2008-11-13 Advanced Network Technology Laboratories Pte Ltd User Provisioning With Multi-Factor Authentication
GB2421155B (en) * 2004-12-07 2007-06-06 Hewlett Packard Development Co A system and method for constraint resolution
US20060149577A1 (en) * 2004-12-30 2006-07-06 Newgistics, Inc. System and method for the customized processing of returned merchandise
US7711639B2 (en) 2005-01-12 2010-05-04 Visa International Pre-funding system and method
US10719859B2 (en) * 2005-01-28 2020-07-21 Wells Fargo Bank, N.A. Electronic bill pay and bill presentment account number treatment system and method
US20060248009A1 (en) * 2005-05-02 2006-11-02 Hicks Sydney S System and method for processing electronic payments
US20070011044A1 (en) * 2005-07-06 2007-01-11 First Data Corporation Discount applications with registered payment instruments
US7354004B2 (en) 2005-08-23 2008-04-08 The Western Union Company Presentation instrument display and activation systems and methods
US8677377B2 (en) 2005-09-08 2014-03-18 Apple Inc. Method and apparatus for building an intelligent automated assistant
US8874477B2 (en) 2005-10-04 2014-10-28 Steven Mark Hoffberg Multifactorial optimization system and method
US8300798B1 (en) 2006-04-03 2012-10-30 Wai Wu Intelligent communication routing system and method
US20070265744A1 (en) * 2006-05-12 2007-11-15 Electronic Data Systems Corporation Vehicle information system and method
US20070299774A1 (en) * 2006-06-22 2007-12-27 First Data Corporation System and method for card not present transactions
US9318108B2 (en) 2010-01-18 2016-04-19 Apple Inc. Intelligent automated assistant
US20080103966A1 (en) * 2006-10-31 2008-05-01 Chuck Foster System and/or method for dynamic determination of transaction processing fees
US8060437B2 (en) 2006-10-31 2011-11-15 International Funding Partners Llc Automatic termination of electronic transactions
US8036967B2 (en) * 2007-01-12 2011-10-11 Allegacy Federal Credit Union Bank card fraud detection and/or prevention methods
US8818904B2 (en) 2007-01-17 2014-08-26 The Western Union Company Generation systems and methods for transaction identifiers having biometric keys associated therewith
US7933835B2 (en) 2007-01-17 2011-04-26 The Western Union Company Secure money transfer systems and methods using biometric keys associated therewith
US20080201260A1 (en) * 2007-02-16 2008-08-21 Toby Unwin Internet micro payments system
US8566247B1 (en) 2007-02-19 2013-10-22 Robert H. Nagel System and method for secure communications involving an intermediary
US8521650B2 (en) * 2007-02-26 2013-08-27 Zepfrog Corp. Method and service for providing access to premium content and dispersing payment therefore
US8504473B2 (en) 2007-03-28 2013-08-06 The Western Union Company Money transfer system and messaging system
US8977255B2 (en) 2007-04-03 2015-03-10 Apple Inc. Method and system for operating a multi-function portable electronic device using voice-activation
US20100106579A1 (en) * 2007-04-17 2010-04-29 American Express Travel Related Services Company, Inc. System and method for determining consumer incentives based upon positive consumer behavior
US20100106581A1 (en) * 2007-04-17 2010-04-29 American Express Travel Related Services Company Inc. System and method for enabling registration, determination and distribution of positive behavior incentives
US20090055266A1 (en) * 2007-05-24 2009-02-26 Brody Edward Subscription promotion and management system and method
US20090036103A1 (en) 2007-07-30 2009-02-05 First Data Corporation Mobile communication systems and methods for redeeming and reporting coupons
US9053089B2 (en) 2007-10-02 2015-06-09 Apple Inc. Part-of-speech tagging using latent analogy
US20090112759A1 (en) * 2007-10-30 2009-04-30 Chuck Foster Accumulated transactions
US9330720B2 (en) 2008-01-03 2016-05-03 Apple Inc. Methods and apparatus for altering audio output signals
US20090182675A1 (en) * 2008-01-04 2009-07-16 Brody Edward Method and system for conducting electronic commerce over a network using a shadow credit card number
US8335916B2 (en) 2008-01-29 2012-12-18 International Business Machines Corporation Secure request handling using a kernel level cache
US8065143B2 (en) 2008-02-22 2011-11-22 Apple Inc. Providing text input using speech data and non-speech data
US8996376B2 (en) 2008-04-05 2015-03-31 Apple Inc. Intelligent text-to-speech conversion
US10496753B2 (en) 2010-01-18 2019-12-03 Apple Inc. Automatically adapting user interfaces for hands-free interaction
US8464150B2 (en) 2008-06-07 2013-06-11 Apple Inc. Automatic language identification for dynamic text processing
US20100030549A1 (en) 2008-07-31 2010-02-04 Lee Michael M Mobile device having human language translation capability with positional feedback
US8768702B2 (en) 2008-09-05 2014-07-01 Apple Inc. Multi-tiered voice feedback in an electronic device
US8898568B2 (en) 2008-09-09 2014-11-25 Apple Inc. Audio user interface
US8712776B2 (en) 2008-09-29 2014-04-29 Apple Inc. Systems and methods for selective text to speech synthesis
US8676904B2 (en) 2008-10-02 2014-03-18 Apple Inc. Electronic devices with voice command and contextual data processing capabilities
US9959870B2 (en) 2008-12-11 2018-05-01 Apple Inc. Speech recognition involving a mobile device
US9396462B2 (en) * 2008-12-22 2016-07-19 General Electric Company System and method for roaming billing for electric vehicles
US8583551B2 (en) * 2008-12-22 2013-11-12 General Electric Company Systems and methods for prepaid electric metering for vehicles
US9030153B2 (en) * 2008-12-22 2015-05-12 General Electric Company Systems and methods for delivering energy to an electric vehicle with parking fee collection
US8315930B2 (en) 2008-12-22 2012-11-20 General Electric Company Systems and methods for charging an electric vehicle using broadband over powerlines
US9505317B2 (en) * 2008-12-22 2016-11-29 General Electric Company System and method for electric vehicle charging and billing using a wireless vehicle communication service
US20100156349A1 (en) * 2008-12-22 2010-06-24 Nathan Bowman Littrell System and method for pay as you go charging for electric vehicles
US20100161393A1 (en) * 2008-12-22 2010-06-24 Nathan Bowman Littrell Systems and methods for charging an electric vehicle within a parking area
US8862252B2 (en) 2009-01-30 2014-10-14 Apple Inc. Audio user interface for displayless electronic device
US8380507B2 (en) 2009-03-09 2013-02-19 Apple Inc. Systems and methods for determining the language to use for speech generated by a text to speech engine
US8595098B2 (en) * 2009-03-18 2013-11-26 Network Merchants, Inc. Transmission of sensitive customer information during electronic-based transactions
US10241752B2 (en) 2011-09-30 2019-03-26 Apple Inc. Interface for a virtual digital assistant
US9858925B2 (en) 2009-06-05 2018-01-02 Apple Inc. Using context information to facilitate processing of commands in a virtual assistant
US10241644B2 (en) 2011-06-03 2019-03-26 Apple Inc. Actionable reminder entries
US20120311585A1 (en) 2011-06-03 2012-12-06 Apple Inc. Organizing task items that represent tasks to perform
US10540976B2 (en) 2009-06-05 2020-01-21 Apple Inc. Contextual voice commands
US9431006B2 (en) 2009-07-02 2016-08-30 Apple Inc. Methods and apparatuses for automatic speech recognition
US8682649B2 (en) 2009-11-12 2014-03-25 Apple Inc. Sentiment prediction from textual data
US8311838B2 (en) 2010-01-13 2012-11-13 Apple Inc. Devices and methods for identifying a prompt corresponding to a voice input in a sequence of prompts
US8381107B2 (en) 2010-01-13 2013-02-19 Apple Inc. Adaptive audio feedback system and method
US10553209B2 (en) 2010-01-18 2020-02-04 Apple Inc. Systems and methods for hands-free notification summaries
US10276170B2 (en) 2010-01-18 2019-04-30 Apple Inc. Intelligent automated assistant
US10679605B2 (en) 2010-01-18 2020-06-09 Apple Inc. Hands-free list-reading by intelligent automated assistant
US10705794B2 (en) 2010-01-18 2020-07-07 Apple Inc. Automatically adapting user interfaces for hands-free interaction
WO2011089450A2 (en) 2010-01-25 2011-07-28 Andrew Peter Nelson Jerram Apparatuses, methods and systems for a digital conversation management platform
US8682667B2 (en) 2010-02-25 2014-03-25 Apple Inc. User profiling for selecting user specific voice input processing information
US8650071B2 (en) 2010-05-10 2014-02-11 First Data Corporation Mobile coupon analysis systems and methods
US8713021B2 (en) 2010-07-07 2014-04-29 Apple Inc. Unsupervised document clustering using latent semantic density analysis
US8719006B2 (en) 2010-08-27 2014-05-06 Apple Inc. Combined statistical and rule-based part-of-speech tagging for text-to-speech synthesis
US8719014B2 (en) 2010-09-27 2014-05-06 Apple Inc. Electronic device with text error correction based on voice recognition data
US10515147B2 (en) 2010-12-22 2019-12-24 Apple Inc. Using statistical language models for contextual lookup
US10762293B2 (en) 2010-12-22 2020-09-01 Apple Inc. Using parts-of-speech tagging and named entity recognition for spelling correction
US8781836B2 (en) 2011-02-22 2014-07-15 Apple Inc. Hearing assistance system for providing consistent human speech
US9262612B2 (en) 2011-03-21 2016-02-16 Apple Inc. Device access using voice authentication
US20120290416A1 (en) * 2011-05-10 2012-11-15 Inicia IP Holdings, LLC. Systems, methods and processor-readable media for converting coins to electronic funds deposited with an account associated with a user at a point of sale
US10057736B2 (en) 2011-06-03 2018-08-21 Apple Inc. Active transport based notifications
US10672399B2 (en) 2011-06-03 2020-06-02 Apple Inc. Switching between text data and audio data based on a mapping
US8812294B2 (en) 2011-06-21 2014-08-19 Apple Inc. Translating phrases from one language into another using an order-based set of declarative rules
US20130030924A1 (en) 2011-07-28 2013-01-31 American Express Travel Related Services Company, Inc. Systems and methods for generating and using a digital pass
US8706472B2 (en) 2011-08-11 2014-04-22 Apple Inc. Method for disambiguating multiple readings in language conversion
US8994660B2 (en) 2011-08-29 2015-03-31 Apple Inc. Text correction processing
US8762156B2 (en) 2011-09-28 2014-06-24 Apple Inc. Speech recognition repair using contextual information
US8631229B2 (en) * 2011-09-30 2014-01-14 Braintree Payment Solutions, Llc Differential client-side encryption of information originating from a client
CN109508983A (en) 2012-01-05 2019-03-22 维萨国际服务协会 Data protection is carried out with conversion
US10134385B2 (en) 2012-03-02 2018-11-20 Apple Inc. Systems and methods for name pronunciation
US9483461B2 (en) 2012-03-06 2016-11-01 Apple Inc. Handling speech synthesis of content for multiple languages
US11593800B2 (en) 2012-03-07 2023-02-28 Early Warning Services, Llc System and method for transferring funds
US10395223B2 (en) 2012-03-07 2019-08-27 Early Warning Services, Llc System and method for transferring funds
US9626664B2 (en) 2012-03-07 2017-04-18 Clearxchange, Llc System and method for transferring funds
US10318936B2 (en) 2012-03-07 2019-06-11 Early Warning Services, Llc System and method for transferring funds
US10395247B2 (en) 2012-03-07 2019-08-27 Early Warning Services, Llc Systems and methods for facilitating a secure transaction at a non-financial institution system
US10970688B2 (en) 2012-03-07 2021-04-06 Early Warning Services, Llc System and method for transferring funds
US9280610B2 (en) 2012-05-14 2016-03-08 Apple Inc. Crowd sourcing information to fulfill user requests
US10417037B2 (en) 2012-05-15 2019-09-17 Apple Inc. Systems and methods for integrating third party services with a digital assistant
US8775442B2 (en) 2012-05-15 2014-07-08 Apple Inc. Semantic search using a single-source semantic model
US9721563B2 (en) 2012-06-08 2017-08-01 Apple Inc. Name recognition system
US10019994B2 (en) 2012-06-08 2018-07-10 Apple Inc. Systems and methods for recognizing textual identifiers within a plurality of words
US9495129B2 (en) 2012-06-29 2016-11-15 Apple Inc. Device, method, and user interface for voice-activated navigation and browsing of a document
US9576574B2 (en) 2012-09-10 2017-02-21 Apple Inc. Context-sensitive handling of interruptions by intelligent digital assistant
US9547647B2 (en) 2012-09-19 2017-01-17 Apple Inc. Voice-based media searching
US8935167B2 (en) 2012-09-25 2015-01-13 Apple Inc. Exemplar-based latent perceptual modeling for automatic speech recognition
KR20230137475A (en) 2013-02-07 2023-10-04 애플 인크. Voice trigger for a digital assistant
US9977779B2 (en) 2013-03-14 2018-05-22 Apple Inc. Automatic supplementation of word correction dictionaries
US10572476B2 (en) 2013-03-14 2020-02-25 Apple Inc. Refining a search based on schedule items
US10652394B2 (en) 2013-03-14 2020-05-12 Apple Inc. System and method for processing voicemail
US9733821B2 (en) 2013-03-14 2017-08-15 Apple Inc. Voice control to diagnose inadvertent activation of accessibility features
US10642574B2 (en) 2013-03-14 2020-05-05 Apple Inc. Device, method, and graphical user interface for outputting captions
US9368114B2 (en) 2013-03-14 2016-06-14 Apple Inc. Context-sensitive handling of interruptions
US10748529B1 (en) 2013-03-15 2020-08-18 Apple Inc. Voice activated device for use with a voice-based digital assistant
WO2014168730A2 (en) 2013-03-15 2014-10-16 Apple Inc. Context-sensitive handling of interruptions
WO2014144579A1 (en) 2013-03-15 2014-09-18 Apple Inc. System and method for updating an adaptive speech recognition model
US9922642B2 (en) 2013-03-15 2018-03-20 Apple Inc. Training an at least partial voice command system
US11151899B2 (en) 2013-03-15 2021-10-19 Apple Inc. User training by intelligent digital assistant
US9582608B2 (en) 2013-06-07 2017-02-28 Apple Inc. Unified ranking with entropy-weighted information for phrase-based semantic auto-completion
WO2014197336A1 (en) 2013-06-07 2014-12-11 Apple Inc. System and method for detecting errors in interactions with a voice-based digital assistant
WO2014197334A2 (en) 2013-06-07 2014-12-11 Apple Inc. System and method for user-specified pronunciation of words for speech synthesis and recognition
WO2014197335A1 (en) 2013-06-08 2014-12-11 Apple Inc. Interpreting and acting upon commands that involve sharing information with remote devices
EP3937002A1 (en) 2013-06-09 2022-01-12 Apple Inc. Device, method, and graphical user interface for enabling conversation persistence across two or more instances of a digital assistant
US10176167B2 (en) 2013-06-09 2019-01-08 Apple Inc. System and method for inferring user intent from speech inputs
KR101809808B1 (en) 2013-06-13 2017-12-15 애플 인크. System and method for emergency calls initiated by voice command
JP6163266B2 (en) 2013-08-06 2017-07-12 アップル インコーポレイテッド Automatic activation of smart responses based on activation from remote devices
US10296160B2 (en) 2013-12-06 2019-05-21 Apple Inc. Method for extracting salient dialog usage from live data
US9620105B2 (en) 2014-05-15 2017-04-11 Apple Inc. Analyzing audio input for efficient speech and music recognition
US10592095B2 (en) 2014-05-23 2020-03-17 Apple Inc. Instantaneous speaking of content on touch devices
US9502031B2 (en) 2014-05-27 2016-11-22 Apple Inc. Method for supporting dynamic grammars in WFST-based ASR
US9734193B2 (en) 2014-05-30 2017-08-15 Apple Inc. Determining domain salience ranking from ambiguous words in natural speech
US9715875B2 (en) 2014-05-30 2017-07-25 Apple Inc. Reducing the need for manual start/end-pointing and trigger phrases
US9760559B2 (en) 2014-05-30 2017-09-12 Apple Inc. Predictive text input
EP3480811A1 (en) 2014-05-30 2019-05-08 Apple Inc. Multi-command single utterance input method
US9785630B2 (en) 2014-05-30 2017-10-10 Apple Inc. Text prediction using combined word N-gram and unigram language models
US9430463B2 (en) 2014-05-30 2016-08-30 Apple Inc. Exemplar-based natural language processing
US10170123B2 (en) 2014-05-30 2019-01-01 Apple Inc. Intelligent assistant for home automation
US9842101B2 (en) 2014-05-30 2017-12-12 Apple Inc. Predictive conversion of language input
US10289433B2 (en) 2014-05-30 2019-05-14 Apple Inc. Domain specific language for encoding assistant dialog
US10078631B2 (en) 2014-05-30 2018-09-18 Apple Inc. Entropy-guided text prediction using combined word and character n-gram language models
US9633004B2 (en) 2014-05-30 2017-04-25 Apple Inc. Better resolution when referencing to concepts
US10659851B2 (en) 2014-06-30 2020-05-19 Apple Inc. Real-time digital assistant knowledge updates
US9338493B2 (en) 2014-06-30 2016-05-10 Apple Inc. Intelligent automated assistant for TV user interactions
US10446141B2 (en) 2014-08-28 2019-10-15 Apple Inc. Automatic speech recognition based on user feedback
US9818400B2 (en) 2014-09-11 2017-11-14 Apple Inc. Method and apparatus for discovering trending terms in speech requests
US10789041B2 (en) 2014-09-12 2020-09-29 Apple Inc. Dynamic thresholds for always listening speech trigger
US9886432B2 (en) 2014-09-30 2018-02-06 Apple Inc. Parsimonious handling of word inflection via categorical stem + suffix N-gram language models
US10074360B2 (en) 2014-09-30 2018-09-11 Apple Inc. Providing an indication of the suitability of speech recognition
US9668121B2 (en) 2014-09-30 2017-05-30 Apple Inc. Social reminders
US10127911B2 (en) 2014-09-30 2018-11-13 Apple Inc. Speaker identification and unsupervised speaker adaptation techniques
US9646609B2 (en) 2014-09-30 2017-05-09 Apple Inc. Caching apparatus for serving phonetic pronunciations
US10552013B2 (en) 2014-12-02 2020-02-04 Apple Inc. Data detection
US9711141B2 (en) 2014-12-09 2017-07-18 Apple Inc. Disambiguating heteronyms in speech synthesis
US10204149B1 (en) 2015-01-13 2019-02-12 Servicenow, Inc. Apparatus and method providing flexible hierarchies in database applications
US9865280B2 (en) 2015-03-06 2018-01-09 Apple Inc. Structured dictation using intelligent automated assistants
US10567477B2 (en) 2015-03-08 2020-02-18 Apple Inc. Virtual assistant continuity
US9886953B2 (en) 2015-03-08 2018-02-06 Apple Inc. Virtual assistant activation
US9721566B2 (en) 2015-03-08 2017-08-01 Apple Inc. Competing devices responding to voice triggers
US9899019B2 (en) 2015-03-18 2018-02-20 Apple Inc. Systems and methods for structured stem and suffix language models
US10839359B2 (en) 2015-03-23 2020-11-17 Early Warning Services, Llc Payment real-time funds availability
US10748127B2 (en) 2015-03-23 2020-08-18 Early Warning Services, Llc Payment real-time funds availability
US10878387B2 (en) 2015-03-23 2020-12-29 Early Warning Services, Llc Real-time determination of funds availability for checks and ACH items
US10832246B2 (en) 2015-03-23 2020-11-10 Early Warning Services, Llc Payment real-time funds availability
US10769606B2 (en) 2015-03-23 2020-09-08 Early Warning Services, Llc Payment real-time funds availability
US9842105B2 (en) 2015-04-16 2017-12-12 Apple Inc. Parsimonious continuous-space phrase representations for natural language processing
US10083688B2 (en) 2015-05-27 2018-09-25 Apple Inc. Device voice control for selecting a displayed affordance
US10127220B2 (en) 2015-06-04 2018-11-13 Apple Inc. Language identification from short strings
US10101822B2 (en) 2015-06-05 2018-10-16 Apple Inc. Language input correction
US10255907B2 (en) 2015-06-07 2019-04-09 Apple Inc. Automatic accent detection using acoustic models
US10186254B2 (en) 2015-06-07 2019-01-22 Apple Inc. Context-based endpoint detection
US11025565B2 (en) 2015-06-07 2021-06-01 Apple Inc. Personalized prediction of responses for instant messaging
US11037122B2 (en) 2015-07-21 2021-06-15 Early Warning Services, Llc Secure real-time transactions
US11062290B2 (en) 2015-07-21 2021-07-13 Early Warning Services, Llc Secure real-time transactions
US11151523B2 (en) 2015-07-21 2021-10-19 Early Warning Services, Llc Secure transactions with offline device
US11151522B2 (en) 2015-07-21 2021-10-19 Early Warning Services, Llc Secure transactions with offline device
US11386410B2 (en) 2015-07-21 2022-07-12 Early Warning Services, Llc Secure transactions with offline device
US11157884B2 (en) 2015-07-21 2021-10-26 Early Warning Services, Llc Secure transactions with offline device
US10438175B2 (en) 2015-07-21 2019-10-08 Early Warning Services, Llc Secure real-time payment transactions
US10970695B2 (en) 2015-07-21 2021-04-06 Early Warning Services, Llc Secure real-time transactions
US11037121B2 (en) 2015-07-21 2021-06-15 Early Warning Services, Llc Secure real-time transactions
US10963856B2 (en) 2015-07-21 2021-03-30 Early Warning Services, Llc Secure real-time transactions
US10956888B2 (en) 2015-07-21 2021-03-23 Early Warning Services, Llc Secure real-time transactions
US10747498B2 (en) 2015-09-08 2020-08-18 Apple Inc. Zero latency digital assistant
US10671428B2 (en) 2015-09-08 2020-06-02 Apple Inc. Distributed personal assistant
US9697820B2 (en) 2015-09-24 2017-07-04 Apple Inc. Unit-selection text-to-speech synthesis using concatenation-sensitive neural networks
US11010550B2 (en) 2015-09-29 2021-05-18 Apple Inc. Unified language modeling framework for word prediction, auto-completion and auto-correction
US10366158B2 (en) 2015-09-29 2019-07-30 Apple Inc. Efficient word encoding for recurrent neural network language models
US11587559B2 (en) 2015-09-30 2023-02-21 Apple Inc. Intelligent device identification
US10691473B2 (en) 2015-11-06 2020-06-23 Apple Inc. Intelligent automated assistant in a messaging environment
US10049668B2 (en) 2015-12-02 2018-08-14 Apple Inc. Applying neural network language models to weighted finite state transducers for automatic speech recognition
EP3185502A1 (en) * 2015-12-23 2017-06-28 Mastercard International Incorporated Secure payment system
US10223066B2 (en) 2015-12-23 2019-03-05 Apple Inc. Proactive assistance based on dialog communication between devices
US10446143B2 (en) 2016-03-14 2019-10-15 Apple Inc. Identification of voice inputs providing credentials
US9934775B2 (en) 2016-05-26 2018-04-03 Apple Inc. Unit-selection text-to-speech synthesis based on predicted concatenation parameters
US9972304B2 (en) 2016-06-03 2018-05-15 Apple Inc. Privacy preserving distributed evaluation framework for embedded personalized systems
US10249300B2 (en) 2016-06-06 2019-04-02 Apple Inc. Intelligent list reading
US10049663B2 (en) 2016-06-08 2018-08-14 Apple, Inc. Intelligent automated assistant for media exploration
DK179309B1 (en) 2016-06-09 2018-04-23 Apple Inc Intelligent automated assistant in a home environment
US10067938B2 (en) 2016-06-10 2018-09-04 Apple Inc. Multilingual word prediction
US10509862B2 (en) 2016-06-10 2019-12-17 Apple Inc. Dynamic phrase expansion of language input
US10192552B2 (en) 2016-06-10 2019-01-29 Apple Inc. Digital assistant providing whispered speech
US10586535B2 (en) 2016-06-10 2020-03-10 Apple Inc. Intelligent digital assistant in a multi-tasking environment
US10490187B2 (en) 2016-06-10 2019-11-26 Apple Inc. Digital assistant providing automated status report
DK201670540A1 (en) 2016-06-11 2018-01-08 Apple Inc Application integration with a digital assistant
DK179049B1 (en) 2016-06-11 2017-09-18 Apple Inc Data driven natural language event detection and classification
DK179343B1 (en) 2016-06-11 2018-05-14 Apple Inc Intelligent task discovery
DK179415B1 (en) 2016-06-11 2018-06-14 Apple Inc Intelligent device arbitration and control
US11144928B2 (en) 2016-09-19 2021-10-12 Early Warning Services, Llc Authentication and fraud prevention in provisioning a mobile wallet
US10593346B2 (en) 2016-12-22 2020-03-17 Apple Inc. Rank-reduced token representation for automatic speech recognition
DK179745B1 (en) 2017-05-12 2019-05-01 Apple Inc. SYNCHRONIZATION AND TASK DELEGATION OF A DIGITAL ASSISTANT
DK201770431A1 (en) 2017-05-15 2018-12-20 Apple Inc. Optimizing dialogue policy decisions for digital assistants using implicit feedback
US11475446B2 (en) 2018-12-28 2022-10-18 Mastercard International Incorporated System, methods and computer program products for identity authentication for electronic payment transactions
US11494769B2 (en) * 2019-01-10 2022-11-08 Mastercard International Incorporated System, methods and computer program products for identity authentication for electronic payment transactions
US11271933B1 (en) * 2020-01-15 2022-03-08 Worldpay Limited Systems and methods for hosted authentication service

Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3651511A (en) * 1968-02-05 1972-03-21 Stewart Warner Corp Traveling message display
US3956615A (en) * 1974-06-25 1976-05-11 Ibm Corporation Transaction execution system with secure data storage and communications
US4277837A (en) * 1977-12-30 1981-07-07 International Business Machines Corporation Personal portable terminal for financial transactions
US4303904A (en) * 1979-10-12 1981-12-01 Chasek Norman E Universally applicable, in-motion and automatic toll paying system using microwaves
US4454414A (en) * 1982-06-16 1984-06-12 Vericard Corporation Funds transfer system using optically coupled, portable modules
US4614861A (en) * 1984-11-15 1986-09-30 Intellicard International, Inc. Unitary, self-contained card verification and validation system and method
US4630201A (en) * 1984-02-14 1986-12-16 International Security Note & Computer Corporation On-line and off-line transaction security system using a code generated from a transaction parameter and a random number
US4766293A (en) * 1986-06-26 1988-08-23 Visa International Service Association Portable financial transaction card capable of authorizing a transaction in foreign currencies
US4799156A (en) * 1986-10-01 1989-01-17 Strategic Processing Corporation Interactive market management system
US4859837A (en) * 1987-03-23 1989-08-22 Halpern John Wolfgang Portable data carrier incorporating manually presettable processing modes
US4877950A (en) * 1982-08-23 1989-10-31 Paperless Accounting, Inc. Electronic purse-device
US5677955A (en) * 1995-04-07 1997-10-14 Financial Services Technology Consortium Electronic funds transfer instruments
US5870473A (en) * 1995-12-14 1999-02-09 Cybercash, Inc. Electronic transfer system and method

Family Cites Families (45)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4906828A (en) * 1983-02-28 1990-03-06 Paperless Accounting, Inc. Electronic money purse and fund transfer system
IL75702A0 (en) * 1984-07-27 1985-11-29 Technion Res & Dev Foundation Apparatus for effecting and recording monetary transactions
US4689478A (en) * 1984-12-24 1987-08-25 Ncr Corporation System for handling transactions including a portable personal terminal
JPH07104891B2 (en) * 1986-08-05 1995-11-13 沖電気工業株式会社 Transaction processor
US4968873A (en) * 1987-09-08 1990-11-06 Juergen Dethloff Smart card issuing and receiving apparatus
US4885789A (en) * 1988-02-01 1989-12-05 International Business Machines Corporation Remote trusted path mechanism for telnet
US5195130A (en) * 1988-05-05 1993-03-16 Transaction Technology, Inc. Computer and telephone apparatus with user friendly computer interface and enhanced integrity features
CA1321649C (en) * 1988-05-19 1993-08-24 Jeffrey R. Austin Method and system for authentication
FR2639742B2 (en) * 1988-05-30 1992-03-13 Dassault Electronique TRANSACTION SYSTEM OF THE MIXED ELECTRONIC PURSE TYPE
JPH0622030B2 (en) * 1988-10-03 1994-03-23 富士通株式会社 Transaction validity confirmation method
US5016274A (en) * 1988-11-08 1991-05-14 Silvio Micali On-line/off-line digital signing
JPH03179863A (en) * 1989-09-04 1991-08-05 Hitachi Ltd Method and equipment for automatic transaction
ZA907106B (en) * 1989-10-06 1991-09-25 Net 1 Products Pty Ltd Funds transfer system
US5452352A (en) * 1990-03-20 1995-09-19 Talton; David Automatic dialing system
GB9008362D0 (en) * 1990-04-12 1990-06-13 Hackremco No 574 Limited Banking computer system
GB2251098B (en) * 1990-12-17 1994-10-05 Allied Irish Banks P L C Apparatus for processing data
US5221838A (en) * 1990-12-24 1993-06-22 Motorola, Inc. Electronic wallet
JPH06503218A (en) * 1991-04-16 1994-04-07 バラス,ジョン Method and apparatus for placing orders from remote locations
US5283819A (en) * 1991-04-25 1994-02-01 Compuadd Corporation Computing and multimedia entertainment system
CA2054836A1 (en) * 1991-08-14 1993-02-15 William F. Gorog Home financial transaction system
GB9121995D0 (en) * 1991-10-16 1991-11-27 Jonhig Ltd Value transfer system
US5557518A (en) * 1994-04-28 1996-09-17 Citibank, N.A. Trusted agents for open electronic commerce
US5453601A (en) * 1991-11-15 1995-09-26 Citibank, N.A. Electronic-monetary system
WO1993017388A1 (en) * 1992-02-26 1993-09-02 Clark Paul C System for protecting computers via intelligent tokens or smart cards
WO1993020511A1 (en) * 1992-03-31 1993-10-14 Aggregate Computing, Inc. An integrated remote execution system for a heterogenous computer network environment
US5297030A (en) * 1992-04-08 1994-03-22 Ncr Corporation Method using bill and coin images on a touch screen for processing payment for merchandise items
US5476259A (en) * 1992-06-11 1995-12-19 Gamin Weingardt Trust, A Nevada Trust Pari-mutuel electronic and live table gaming
CA2100134C (en) * 1992-09-29 1999-06-22 Raymond Otto Colbert Secure credit/debit card authorization
CH685891A5 (en) * 1993-01-18 1995-10-31 Ascom Autelca Ag A method as security concept to prevent unauthorized use of a payment instrument for cashless settling on imprest
US5420405A (en) * 1993-02-26 1995-05-30 Chasek; Norman E. Secure, automated transaction system that supports an electronic currency operating in mixed debit & credit modes
US5475826A (en) * 1993-11-19 1995-12-12 Fischer; Addison M. Method for protecting a volatile file using a single hash
US5524110A (en) * 1993-11-24 1996-06-04 Intel Corporation Conferencing over multiple transports
US5521966A (en) * 1993-12-14 1996-05-28 At&T Corp. Method and system for mediating transactions that use portable smart cards
US5461217A (en) * 1994-02-08 1995-10-24 At&T Ipm Corp. Secure money transfer techniques using smart cards
US5590038A (en) * 1994-06-20 1996-12-31 Pitroda; Satyan G. Universal electronic transaction card including receipt storage and system and methods of conducting electronic transactions
US5459304A (en) * 1994-09-13 1995-10-17 At&T Ipm Corp. Smart card techniques for motor vehicle record administration
US5715314A (en) * 1994-10-24 1998-02-03 Open Market, Inc. Network sales system
US5793966A (en) * 1995-12-01 1998-08-11 Vermeer Technologies, Inc. Computer system and computer-implemented process for creation and maintenance of online services
US5590197A (en) * 1995-04-04 1996-12-31 V-One Corporation Electronic payment system and method
US5742845A (en) * 1995-06-22 1998-04-21 Datascape, Inc. System for extending present open network communication protocols to communicate with non-standard I/O devices directly coupled to an open network
US5671280A (en) * 1995-08-30 1997-09-23 Citibank, N.A. System and method for commercial payments using trusted agents
US5638445A (en) * 1995-09-19 1997-06-10 Microsoft Corporation Blind encryption
US5671279A (en) * 1995-11-13 1997-09-23 Netscape Communications Corporation Electronic commerce using a secure courier system
US5754772A (en) * 1996-03-26 1998-05-19 Unisys Corporation Transaction service independent HTTP server-to-transaction gateway
US5729594A (en) * 1996-06-07 1998-03-17 Klingman; Edwin E. On-line secured financial transaction system through electronic media

Patent Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3651511A (en) * 1968-02-05 1972-03-21 Stewart Warner Corp Traveling message display
US3956615A (en) * 1974-06-25 1976-05-11 Ibm Corporation Transaction execution system with secure data storage and communications
US4277837A (en) * 1977-12-30 1981-07-07 International Business Machines Corporation Personal portable terminal for financial transactions
US4303904A (en) * 1979-10-12 1981-12-01 Chasek Norman E Universally applicable, in-motion and automatic toll paying system using microwaves
US4454414A (en) * 1982-06-16 1984-06-12 Vericard Corporation Funds transfer system using optically coupled, portable modules
US4877950A (en) * 1982-08-23 1989-10-31 Paperless Accounting, Inc. Electronic purse-device
US4630201A (en) * 1984-02-14 1986-12-16 International Security Note & Computer Corporation On-line and off-line transaction security system using a code generated from a transaction parameter and a random number
US4614861A (en) * 1984-11-15 1986-09-30 Intellicard International, Inc. Unitary, self-contained card verification and validation system and method
US4766293A (en) * 1986-06-26 1988-08-23 Visa International Service Association Portable financial transaction card capable of authorizing a transaction in foreign currencies
US4799156A (en) * 1986-10-01 1989-01-17 Strategic Processing Corporation Interactive market management system
US4859837A (en) * 1987-03-23 1989-08-22 Halpern John Wolfgang Portable data carrier incorporating manually presettable processing modes
US5677955A (en) * 1995-04-07 1997-10-14 Financial Services Technology Consortium Electronic funds transfer instruments
US5870473A (en) * 1995-12-14 1999-02-09 Cybercash, Inc. Electronic transfer system and method

Cited By (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9292854B2 (en) * 1996-10-02 2016-03-22 E2Interactive, Inc. Method and apparatus for enabling purchasers of products to obtain return information and to initiate product returns via an on-line network connection
US20140172726A1 (en) * 1996-10-02 2014-06-19 Nintendo Of America Inc. Method and apparatus for enabling purchasers of products to obtain return information and to initiate product returns via an on-line network connection
US20060020783A1 (en) * 2000-08-30 2006-01-26 Douglas Fisher Method, system and service for conducting authenticated business transactions
US6957199B1 (en) * 2000-08-30 2005-10-18 Douglas Fisher Method, system and service for conducting authenticated business transactions
US8010425B1 (en) * 2003-03-17 2011-08-30 The Sunshine Trust Method and apparatus for extending credit
US20060167818A1 (en) * 2005-01-21 2006-07-27 David Wentker Methods and system for performing data exchanges related to financial transactions over a public network
AU2006206255B2 (en) * 2005-01-21 2010-06-03 Visa International Service Association Data exchanges related to financial transactions over a public network
US8639846B2 (en) 2005-06-29 2014-01-28 Visa U.S.A. Inc. Adaptive gateway for switching transactions and data on unreliable networks using context-based rules
EP1873704A1 (en) * 2006-06-30 2008-01-02 MediaKey Ltd. Method and system for determining whether the origin of a payment request is a specific e-commerce network source
US20090259574A1 (en) * 2006-06-30 2009-10-15 Mediakey Ltd. Method and system for determining whether the origin of a payment request is a specific e-commerce network source
US20150007301A1 (en) * 2007-08-20 2015-01-01 Goldman, Sachs & Co. Identity-independent authentication tokens
US8839383B2 (en) * 2007-08-20 2014-09-16 Goldman, Sachs & Co. Authentification broker for the securities industry
US20090055907A1 (en) * 2007-08-20 2009-02-26 Goldman, Sachs & Co Authentification Broker for the Securities Industry
US9426138B2 (en) * 2007-08-20 2016-08-23 Goldman, Sachs & Co. Identity-independent authentication tokens
US20110022852A1 (en) * 2008-03-25 2011-01-27 Mitsubishi Electric Corporation Cryptographic computation apparatus, cryptographic computation program, and storage medium
WO2010003094A1 (en) * 2008-07-02 2010-01-07 Visa International Service Association System and method of providing enhanced transaction data
US11928696B2 (en) 2009-12-16 2024-03-12 E2Interactive, Inc. Systems and methods for generating a virtual value item for a promotional campaign
US10068287B2 (en) 2010-06-11 2018-09-04 David A. Nelsen Systems and methods to manage and control use of a virtual card
US8543508B2 (en) 2010-07-09 2013-09-24 Visa International Service Association Gateway abstraction layer
US9846905B2 (en) 2010-07-09 2017-12-19 Visa International Service Association Gateway abstraction layer
US11182836B2 (en) 2010-10-13 2021-11-23 E2Interactive, Inc. Gift card ordering system and method
US10937076B2 (en) 2010-10-13 2021-03-02 E2Interactive, Inc. Online personalized gifting system
US20150095236A1 (en) * 2011-04-07 2015-04-02 Charles T. Fote Broker-mediated payment systems and methods
US20140229382A1 (en) * 2011-04-07 2014-08-14 Charles T. Fote Broker-mediated payment systems and methods
US11436651B2 (en) 2012-01-30 2022-09-06 E2Interactive, Inc. Group video generating system
US11111065B2 (en) 2013-02-15 2021-09-07 E2Interactive, Inc. Gift card presentation devices
US11219288B2 (en) 2013-02-15 2022-01-11 E2Interactive, Inc. Gift card box with slanted tray and slit
US11120428B2 (en) 2013-05-02 2021-09-14 E2Interactive, Inc. Stored value card kiosk system and method
US11017443B2 (en) 2014-04-30 2021-05-25 E2Interactive, Inc. System and method for a merchant onsite personalization gifting platform
US20150317630A1 (en) * 2014-04-30 2015-11-05 MasterCard Incorporated International Method and system for authentication token generation
CN105427101A (en) * 2015-11-19 2016-03-23 成都连银信息技术有限公司 Unified payment access gateway supporting multiple payment channels
US10954049B2 (en) 2017-12-12 2021-03-23 E2Interactive, Inc. Viscous liquid vessel for gifting

Also Published As

Publication number Publication date
JP4166280B2 (en) 2008-10-15
WO1997041539A1 (en) 1997-11-06
DE69734059T2 (en) 2006-06-14
US5987140A (en) 1999-11-16
CA2252649C (en) 2002-08-06
JP2000510621A (en) 2000-08-15
EP0907935B1 (en) 2005-08-24
AU2811597A (en) 1997-11-19
EP0907935A1 (en) 1999-04-14
DE69734059D1 (en) 2005-09-29
CA2252649A1 (en) 1997-11-06

Similar Documents

Publication Publication Date Title
US5987140A (en) System, method and article of manufacture for secure network electronic payment and credit collection
US6061665A (en) System, method and article of manufacture for dynamic negotiation of a network payment framework
US6856975B1 (en) System, method, and article of manufacture for secure transactions utilizing a computer network
US5996076A (en) System, method and article of manufacture for secure digital certification of electronic commerce
US5987132A (en) System, method and article of manufacture for conditionally accepting a payment method utilizing an extensible, flexible architecture
US6373950B1 (en) System, method and article of manufacture for transmitting messages within messages utilizing an extensible, flexible architecture
US6002767A (en) System, method and article of manufacture for a modular gateway server architecture
US6178409B1 (en) System, method and article of manufacture for multiple-entry point virtual point of sale architecture
US6253027B1 (en) System, method and article of manufacture for exchanging software and configuration data over a multichannel, extensible, flexible architecture
US5903721A (en) Method and system for secure online transaction processing
US6119105A (en) System, method and article of manufacture for initiation of software distribution from a point of certificate creation utilizing an extensible, flexible architecture
US5889863A (en) System, method and article of manufacture for remote virtual point of sale processing utilizing a multichannel, extensible, flexible architecture
US5850446A (en) System, method and article of manufacture for virtual point of sale processing utilizing an extensible, flexible architecture
US9519894B2 (en) Methods and apparatus for conducting electronic transactions
US20030140007A1 (en) Third party value acquisition for electronic transaction settlement over a network
CA2753375C (en) Methods and apparatus for conducting electronic transactions
US6026379A (en) System, method and article of manufacture for managing transactions in a high availability system
US7979343B2 (en) System, method and computer program product for providing an efficient trading market
US10355863B2 (en) System and method for authenticating electronic content
KR20010024853A (en) System and method for authenticating peer components
Giorgini et al. Requirement engineering meets security: A case study on modelling secure electronic transactions by VISA and Mastercard
WO1998005011A2 (en) A system, method and article of manufacture for secure, stored value transactions over an open communication network utilizing an extensible, flexible architecture
JP2002297919A (en) System, method and product for safe transaction using computer network
Massacci et al. Requirement Engineering meets Security: A Case Study on Modelling Secure Electronic Transactions by VISA and Mastercard
Claessens et al. Enabling a lightweight software agent framework for secure agent-based electronic commerce applications

Legal Events

Date Code Title Description
AS Assignment

Owner name: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P., COLORAD

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:HEWLETT-PACKARD COMPANY;REEL/FRAME:013776/0928

Effective date: 20030131

Owner name: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.,COLORADO

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:HEWLETT-PACKARD COMPANY;REEL/FRAME:013776/0928

Effective date: 20030131

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO PAY ISSUE FEE