US20110078083A1 - Electronic draft capture - Google Patents

Electronic draft capture Download PDF

Info

Publication number
US20110078083A1
US20110078083A1 US12/917,775 US91777510A US2011078083A1 US 20110078083 A1 US20110078083 A1 US 20110078083A1 US 91777510 A US91777510 A US 91777510A US 2011078083 A1 US2011078083 A1 US 2011078083A1
Authority
US
United States
Prior art keywords
transaction
data
response
authorization request
field
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US12/917,775
Inventor
Anthony James Yeates
Pavel Anatolievich Dournov
Balaji Balasubramanian
Vaidyanathan Arunachalam
Donna Lynn Whitlock
Timothy Belvin
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Technology Licensing LLC
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Priority to US12/917,775 priority Critical patent/US20110078083A1/en
Publication of US20110078083A1 publication Critical patent/US20110078083A1/en
Assigned to MICROSOFT TECHNOLOGY LICENSING, LLC reassignment MICROSOFT TECHNOLOGY LICENSING, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MICROSOFT CORPORATION
Assigned to MICROSOFT CORPORATION reassignment MICROSOFT CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: ARUNACHALAM, VAIDYANATHAN, BALASUBRAMANIAN, BALAJI, BELVIN, TIMOTHY, WHITLOCK, DONNA LYNN, DOURNOV, PAVEL ANATOLIEVICH, YEATES, ANTHONY JAMES
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • G06Q20/027Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP] involving a payment switch or gateway
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/102Bill distribution or payments
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes

Definitions

  • the present invention relates to processing financial transaction authorization requests from merchants. More specifically, the present invention relates to a payment processing gateway for use in processing financial transaction authorization requests and a protocol accessing such a gateway.
  • a purchaser purchases a retail product from a merchant.
  • Retail transactions have been used throughout much of human history. Having evolved from a simple barter system, there has been an ongoing trend to make such transactions more efficient and convenient for the consumer and the merchant.
  • money was used to represent the value of items to allow more flexibility in such transactions.
  • a debit ledger can be maintained by the merchant and used to record sales in which credit was extended to the consumer. This allowed the consumer to pay for the goods at a future date.
  • Checking systems are also employed in which a check is issued allowing the recipient to draw on those funds from a bank.
  • financial cards provide far more convenience to the consumer than the use of physical checks.
  • financial card issuers Historically, copies of receipts from such financial card transactions were simply maintained by the merchant and periodically processed. Eventually real time authorization techniques were provided by financial card issuers. In such systems, a merchant is able to obtain an authorization from the financial card issuer prior to completion of the retail transaction.
  • Various types of authorization can be used, for example an authorization can be obtained through oral communication, such as through a telephone call. Authorizations can also be obtained through digital communication techniques.
  • POS point of sale
  • a magnetic strip on a financial card is “swiped” through a card reader.
  • Data on a “smartcard” chip can also be read.
  • the data can be read using a magnetic sensor, electrical contacts, a radio frequency (RF) connection, or through other techniques.
  • the card reader or a device connected to the reader initiates a telephone call with an authorization center.
  • the authorization center is able to immediately authorize or decline a particular transaction.
  • the point of sale device informs personnel at the retail location of the result of the authorization request. If the transaction is questionable, the merchant can be required to obtain further information for verifying the card holding prior to providing authorization for the transaction.
  • a device at the point of sale uses a secure communication technique, such as a Secure Socket Layer (SSL), to communicate with a authorization gateway.
  • SSL Secure Socket Layer
  • the gateway is capable of simultaneously communicating with point of sale devices from multiple merchants.
  • the gateway contacts the appropriate financial institution regarding the authorization request and relays the result of the authorization request back to the appropriate point of sale device through the Internet connection.
  • an authorization request is transmitted to a payment processing gateway server.
  • the authorization request includes a supplemental header having a contract identification field that stores an identification of a contract between a merchant and a payment provider.
  • a transaction response transmission is received from the payment processing gateway server in response to the authorization request.
  • the transaction response transmission includes a transaction response header and a response data component.
  • the transaction response header includes identification of a particular transaction to which the transaction response transmission is applicable.
  • the response data component includes an indication that the contract is invalid. The indication that the contract is invalid is responded to by facilitating a rejection of the financial transaction.
  • FIG. 1 is a simplified diagram showing a payment processing gateway coupling a point of sale device to financial institutions across public and financial networks.
  • FIG. 2 is a block diagram showing the point of sale device of FIG. 1 in greater detail.
  • FIG. 3 is a block diagram showing the payment processing gateway of FIG. 1 in greater detail.
  • FIG. 4 is a block diagram of a general computing environment in which embodiments of the present invention may be practiced.
  • FIG. 5 is a block diagram showing an authorization request data packet.
  • FIG. 6 is a block diagram showing an authorization response data packet.
  • the present invention provides a protocol and implementation to support various forms of electronic fund transaction types.
  • electronic fund transactions are those which are based upon credit cards, charge cards, debit cards, check verification, gift cards, coupons, etc.
  • these various types of electronic fund transactions are referred to as “financial transactions” or “financial cards,” although a physical card is not required.
  • Various transaction types are supported including the types “authorize”, “void”, “return”, “settle”, etc.
  • Point of sale (POS) terminals communicate directly over a public network such as the Internet, or through a retail server system which couples to the public network, to a payment processing gateway server.
  • the payment processing gateway server provides a link between authorization requests received from the public network and at least one financial network.
  • the financial network provides communications with at least one financial institution which is capable of authorizing the particular transaction.
  • the financial network can be a private network or can be a secure link over a public network.
  • FIG. 1 is a simplified block diagram of an electronic fund transaction processing system 10 in accordance with one example embodiment of the present invention.
  • the transaction processing system 10 includes a point of sale (POS) device 12 which couples to a public network 14 , such as the Internet.
  • a payment processing gateway 16 couples to the public network 14 and is in communication with the point of sale device 12 .
  • the payment processing gateway 16 couples to at least one financial network 18 A, 18 B . . . 18 N.
  • the financial network 18 A-N can be a private network or a secure communication link over a public network such as the Internet.
  • At least one financial institution 20 A, 20 B . . . 20 N couples to each of the respective financial networks 18 A, 18 B . . . 18 N. Any number of financial institutions 20 A-N can couple to a single financial network 18 A-N.
  • the point of sale device 12 can be physically located at a retail location such as a retail store.
  • the device 12 can comprise an individual cash register, for example, or can be a retail server system which is used to connect to multiple point of sale devices.
  • a retail server system can provide additional functionality such as inventory control, theft prevention, etc.
  • the retail server system can be implemented in a separate server or in a peer-to-peer architecture.
  • the retail location can include a local area network which couples to the point of sale device 12 .
  • wireless networks are provided. In one aspect, the present invention reduces communication overhead on such networks.
  • FIG. 2 is a simplified block diagram of point of the sale device 12 shown in FIG. 1 and which includes a user input/output 30 .
  • the user input/output 30 can comprise, for example, a display, keyboard, a touch screen, pointing device, card reader such as a magnetic card reader, RFID reader, magnetic stripe reader, smartcard reader, voice recognition device or the like, weighing scale, or any of the various inputs and outputs discussed below or known in the art.
  • the input/output 30 couples to a processor system 32 which includes a memory 34 .
  • Memory 34 is used for storing programming instructions as well as data.
  • a network interface 36 is used to couple the processor system 32 to the public network 14 over a physical layer 38 .
  • User input/output 30 is used to initiate a financial card authorization request by processor 32 .
  • Processor 32 formats the request in accordance with the appropriate protocol format for transmission by network interface 36 over the physical layer 38 .
  • the physical layer 38 can be any type of network connection.
  • processor system 32 can perform other functions such as maintain inventory, perform cash register operations, provide instructions to an operator, provide information or advertisements to a consumer, etc.
  • FIG. 3 is a simplified block diagram of payment processing gateway 16 .
  • Gateway 16 includes a network interface 40 configured to couple to the public network 14 through physical layer 42 .
  • a processor system 44 includes a memory 47 which contains programming instructions and data.
  • Processor system 44 couples to public network 14 through interface 40 and to financial networks 18 A-N through a network interface 46 .
  • Network interface 46 couples to financial network 18 A-N through physical layer 48 .
  • gateway 16 receives authorization requests from point of sale device 12 over public network 14 .
  • the authorization requests are formatted in accordance with the appropriate transmission protocol for transmission over financial network 18 A-N to a respective financial institution 20 A-N.
  • gateway 16 receives a response to an authorization request from the appropriate financial institution 20 A- 20 N, the result is relayed back to the respective point of sale device 12 through the public network 14 .
  • the response transmission is identified such that the point of sale device 12 is able to determine to which authorization request the response message relates.
  • a transaction identification is not required when a single authorization request is sent over a synchronous connection, such as a single credit card transaction.
  • the point of sale device 12 can wait for a return value to an httpost, or wait on a dedication socket, as there are no other transactions which must be followed.
  • a transaction authorization request is sent, either at the point of sale device or through a retail server system, or if multiple transactions are bundled into a single message, or for some other reason a synchronous responses are supported, such a transaction identification can be used.
  • processor system 44 can have other inputs, outputs or configurations.
  • the network interface 46 and physical layer 48 can be in accordance with any appropriate standard or protocol.
  • FIG. 4 illustrates an example of a suitable computing system environment 100 on which the invention may be implemented.
  • System environment 100 can implement point of sale device 12 and/or payment processing gateway 16 .
  • the devices, for example payment processing gateway 16 can be implemented across multiple environments 100 .
  • the computing system environment 100 is only one example of a suitable computing environment and is not intended to suggest any limitation as to the scope of use or functionality of the invention. Neither should the computing environment 100 be interpreted as having any dependency or requirement relating to any one or combination of components illustrated in the exemplary operating environment 100 .
  • the invention can be implemented in numerous other general purpose or special purpose computing system environments or configurations.
  • Examples of well-known computing systems, environments, and/or configurations that may be suitable for use with the invention include, but are not limited to, personal computers, server computers, hand-held or laptop devices, multiprocessor systems, microprocessor-based systems, programmable consumer electronics, network PCs, minicomputers, mainframe computers, telephony systems, dedicated custom hardware, distributed computing environments that include any of the above systems or devices, and the like.
  • the invention may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer.
  • program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types.
  • the invention is designed to be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network.
  • program modules are located in both local and remote computer storage media including memory storage devices.
  • an exemplary system for implementing the invention includes a one or more general-purpose computing devices in the form of a computer 110 .
  • Components of computer 110 may include, but are not limited to, a processing unit 120 , a system memory 130 , and a system bus 121 that couples various system components including the system memory to the processing unit 120 .
  • the system bus 121 may be any of several types of bus structures including a memory bus or memory controller, a peripheral bus, and a local bus using any of a variety of bus architectures.
  • such architectures include Industry Standard Architecture (ISA) bus, Micro Channel Architecture (MCA) bus, Enhanced ISA (EISA) bus, Video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus also known as Mezzanine bus.
  • ISA Industry Standard Architecture
  • MCA Micro Channel Architecture
  • EISA Enhanced ISA
  • VESA Video Electronics Standards Association
  • PCI Peripheral Component Interconnect
  • Computer 110 typically includes a variety of computer readable media.
  • Computer readable media can be any available media that can be accessed by computer 110 and includes both volatile and nonvolatile media, removable and non-removable media.
  • Computer readable media may comprise computer storage media and communication media.
  • Computer storage media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data.
  • Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by computer 110 .
  • Communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media.
  • modulated data signal means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal.
  • communication media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared and other wireless media. Combinations of any of the above should also be included within the scope of computer readable media.
  • the system memory 130 includes computer storage media in the form of volatile and/or nonvolatile memory such as read only memory (ROM) 131 and random access memory (RAM) 132 .
  • ROM read only memory
  • RAM random access memory
  • BIOS basic input/output system
  • RAM 132 typically contains data and/or program modules that are immediately accessible to and/or presently being operated on by processing unit 120 .
  • FIG. 3 illustrates operating system 134 , application programs 135 , other program modules 136 , and program data 137 .
  • the computer 110 may also include other removable/non-removable volatile/nonvolatile computer storage media.
  • FIG. 4 illustrates a hard disk drive 141 that reads from or writes to non-removable, nonvolatile magnetic media, a magnetic disk drive 151 that reads from or writes to a removable, nonvolatile magnetic disk 152 , and an optical disk drive 155 that reads from or writes to a removable, nonvolatile optical disk 156 such as a CD ROM or other optical media.
  • removable/non-removable, volatile/nonvolatile computer storage media that can be used in the exemplary operating environment include, but are not limited to, magnetic tape cassettes, flash memory cards, digital versatile disks, digital video tape, solid state RAM, solid state ROM, and the like.
  • the hard disk drive 141 is typically connected to the system bus 121 through a non-removable memory interface such as interface 140
  • magnetic disk drive 151 and optical disk drive 155 are typically connected to the system bus 121 by a removable memory interface, such as interface 150 .
  • hard disk drive 141 is illustrated as storing operating system 144 , application programs 145 , other program modules 146 , and program data 147 . Note that these components can either be the same as or different from operating system 134 , application programs 135 , other program modules 136 , and program data 137 . Operating system 144 , application programs 145 , other program modules 146 , and program data 147 are given different numbers here to illustrate that, at a minimum, they are different copies.
  • a user may enter commands and information into the computer 110 through input devices such as a keyboard 162 , a microphone 163 , and a pointing device 161 , such as a mouse, trackball or touch pad.
  • Other input devices may include a joystick, game pad, satellite dish, scanner, or the like.
  • These and other input devices are often connected to the processing unit 120 through a user input interface 160 that is coupled to a system bus, but may be connected by other interface and bus structures, such as a parallel port, game port or a universal serial bus (USB).
  • the system bus may be implemented using any appropriate techniques.
  • a monitor 191 or other type of display device is also connected to the system bus 121 via an interface, such as a video interface 190 .
  • computers may also include other peripheral output devices such as speakers 197 , printer 196 , pole displays, modems, network interface cards, etc. which may be connected through an output peripheral interface 195 .
  • the computer 110 is operated in a networked environment using logical connections to one or more remote computers, such as a remote computer 180 .
  • the remote computer 180 may be a personal computer, a hand-held device, a server, a router, a network PC, a peer device or other common network node, and typically includes many or all of the elements described above relative to the computer 110 .
  • the logical connections depicted in FIG. 4 include a local area network (LAN) 171 and a wide area network (WAN) 173 , but may also include other networks.
  • LAN local area network
  • WAN wide area network
  • Such networking environments are commonplace in offices, enterprise-wide computer networks, intranets and the Internet.
  • the computer 110 When used in a LAN networking environment, the computer 110 is connected to the LAN 171 through a network interface or adapter 170 .
  • the WAN networking environment is provided by the public network 14 or private networks 18 A-N.
  • the computer 110 typically includes a modem 172 network interface card, or other means for establishing communications over the WAN 173 , such as the Internet.
  • a network connection to the WAN may also be through a gateway, router, proxy, or other connection to the WAN over the LAN.
  • the modem 172 which may be internal or external, may be connected to the system bus 121 via the user input interface 160 , or other appropriate mechanism.
  • program modules depicted relative to the computer 110 may be stored in the remote memory storage device.
  • FIG. 4 illustrates remote application programs 185 as residing on remote computer 180 . It will be appreciated that the network connections shown are exemplary and other means of establishing a communications link between the computers may be used.
  • the present invention provides a new protocol for transmission of authorization requests and/or authorization responses between point of sale device 12 and payment processing gateway 16 over public network 14 .
  • the protocol can be configured for optimized implementation with retail management software which operates on a retail server system running on the gateway 16 .
  • data can be preconfigured or otherwise previously stored in a database in memory 47 on the payment processing gateway 16 such that the data does not need to be retransmitted over the public network 14 . This provides increased security while reducing transmission overhead.
  • FIG. 5 is a block diagram showing an example authorization request 200 .
  • Authorization request 200 includes a transaction specific data field 202 , cache-key field 204 and a cacheable data field 206 .
  • the supplemental header field 208 is shown pre-pended to the authorization request 200 on top of the cacheable data 206 .
  • the supplemental header carries a small amount of data which is used as a key to index a database in payment processing gateway 16 .
  • One example of such a field is one which identifies the financial contract(s) and terms of operation for a particular acquiring banks or financial networks and the payment gateway provider.
  • Such a “contract ID” field can be used by the payment processing gateway 16 to access a small list of valid contract IDs. This accessing can be through a simple in-memory list or an in-memory hash table to improve performance. If a particular transaction request arrives at the payment processing gateway 16 with an invalid contract ID, the payment processing gateway 16 can reject the authorization request because a valid contract is not properly identified for the particular merchant who sent the authorization request 200 .
  • the contract ID can be used to reference a particular subset of a group of valid financial networks, for example, an issuing financial institution frequently used more than one financial network and an acquiring bank or financial institution will indicate which subset of the various networks can be used by the merchant.
  • the rejection from the payment processing gateway 16 can be in the form of an authorization or transaction response transmission 230 shown in FIG. 6 .
  • a transaction response can include a transaction identification header field 232 and a response data field 234 .
  • the transaction identification field 232 identifies a particular transaction to which the response 230 is applicable. For example, a merchant may issue multiple transaction authorization requests 200 within a short period of time and the transaction identification field 232 is used to match a particular response with the appropriate request. As discussed above, the transaction ID is not required in all embodiments.
  • the response field 234 includes data which indicates the response to the authorization request 200 such as “authorized”, “declined”, “hold card”, “cut card”, “bad card”, “call issuer for further information”, or request additional information from the purchaser, for example, to verify the authenticity of the card holder.
  • the gateway 16 can also request transmission of cacheable data to populate a cache. If the contract ID for the supplemental header 208 is invalid, the payment processing gateway 16 can provide a response 234 to the authorization request 200 which indicates that the contract is invalid.
  • the contract ID field can also be used to audit transactions by payment processing gateway 16 . This auditing can be used to ensure that merchants utilizing the payment processing gateway 16 , or the financial institutions utilizing payment processing gateway 16 , are properly charged for the use of the service. Further, the contact ID field can be used to analyze transactions to determine the source of the transactions, destination of the transaction, particular merchants involved, particular terms of the contract, etc. In one specific example, the contract identification comprises two bytes of 8 bits each.
  • the supplemental header 208 includes a payment type field.
  • the payment type field is used to provide information to the payment processing gateway 16 as to which particular financial network 18 A-N should be used for authorizing the transaction.
  • a particular financial network 18 A-N may be for credit transactions of a particular type of debit card, while another financial network 18 A-N may be for use with credit cards.
  • Other financial networks may be directed to advance payment types such as gift cards, coupons, smart credit cards, “microcredits”, etc. “Microcredits” are directed to a credit format in which small dollar amount transactions may be performed through credit in a cost effective manner.
  • the payment type field can also indicate the particular protocol used by the back-end financial network 18 A-N and often within payload of the transmission, i.e., the transaction specific data 202 .
  • the transaction authorization protocol 200 illustrated in FIG. 5 also provides a cache-key field 204 .
  • the cache-key 204 can be used to uniquely identify a particular shop or store submitting an authorization request.
  • Merchant data can also be cached, for example for merchants with multiple stores.
  • the payment processing gateway 16 can retrieve cache data within memory 34 illustrated in FIG. 2 based upon the cache-key.
  • the cache data can be merchant or store invariant data information described below in more detail.
  • the cache-key field 204 comprises a 128 bit data field.
  • the data field can be used to carry a GUID (Globally Unique Identifier).
  • GUID Globally Unique Identifier
  • the authorization request 200 may also contain cache-able data 206 .
  • Typical prior art financial transaction protocols are capable of carrying a fairly rich set of merchant data, including for example, merchant name (25 bytes), country (3 bytes), state (2 bytes), location (13 bytes), city code/zip code (3 bytes), merchant category (4 bytes), acquirer bin (6 bytes), time zone differential (3 bytes), merchant category code (4 bytes), extra field separators for ease of viewing (4 bytes) and others.
  • the total can be more than 66 bytes of data for the main authorization message in a T-format authorization request message (direct debit). Typically, all of this data must be transmitted with each authorization request.
  • the transaction invariant data can be cached in memory 34 of payment gateway 16 .
  • a cache would provide limited benefits due to server performance limitations and the difficulty of maintaining state across multiple servers arranged in a cluster. For example, the state of a particular transaction would be required to be maintained across a cluster of servers in a performat manner because there is a relatively high volume of authorization request which must be processed in near real time. Further, it is difficult to ensure that cached data is maintained or otherwise restored when a server is reset.
  • Web servers tend to be inherently stateless.
  • payment processing gateway 16 is configured as a web server offering a web service which maintains state using a cache as desired in order to support such caching operations.
  • the cache can be through any appropriate caching technique such as a shared file, a database, etc.
  • a caching mechanism is utilized which provides high performance and operates very efficiently to support large numbers of simultaneous transactions.
  • the merchant invariant data is cached in volatile memory (i.e., RAM) of the payment processing gateway 16 . For example, by caching 100 bytes of data per merchant and with 200,000 merchants, 20 megabytes of memory world be utilized.
  • a settlement request typically occurs less frequently than an authorization request.
  • a number of transactions are typically “batched” together for settlement with the appropriate financial institution.
  • the settlement process involves the transfer of funds from the appropriate financial institution to the account of the merchant.
  • the caching of merchant or transaction invariant data can be achieved in any appropriate way. Even a small cluster of 2 servers can process a relatively large volume of authorization request traffic. For such a cache to be effective, the state can be maintained for each transaction being serviced by the gateway 16 .
  • a state service can be maintained across multiple web servers in a web cluster. Such a state service can be implemented in a shared server whereby each of the servers in the web cluster can access for the state information. Cache consistency and replication across multiple servers must be maintained for such an implementation.
  • One specific implementation of such a state service is through the .NET framework provided by Microsoft Corporation, of Redmond, Wash.
  • This framework supports a distributed computing environment in which applications may be written in any number of high level languages.
  • the high level languages are compiled to a common runtime language known as CLR (Common Language Runtime).
  • CLR Common Language Runtime
  • the CLR can operate across various hardware platforms such that the implementation is hardware independent.
  • the payment processing gateway 16 consists of a number of distributed computing systems. Objects can be used to exchange data between the systems and maintain.
  • each server maintains its own cache.
  • a single server with sufficient processing capabilities may be capable of processing a substantial number of authorization requests.
  • the state service can operate with a database server, such as an SQL server which can be used to provide backup of stored data.
  • the database can be used to restore the in-memory cache upon system failure of other fault.
  • a single database access is employed for each authorization per transaction.
  • a procedure stored in the payment processing gateway 16 can be used to log the transaction to memory, for auditing, reporting, billing or other purposes.
  • the same procedure used to log the data to the database can be used to read the associated cached invariant merchant data back from the database.
  • a web server front end can also be utilized with payment processing gateway 16 which directs web requests from a particular IP (Internet Protocol) address to the same server within the cluster. This particular redirection can be set for any time period, for example a number of days.
  • IP Internet Protocol
  • Such a front end can be implemented in software or hardware components. With such an implementation, it is not necessary to synchronize the web server cache within the cluster. Instead, each web server within the cluster provided by the payment processing gateway 16 need only maintain state for the particular transactions which it is handling.
  • a web service can be utilized such as that provided by ASP.NET.
  • a particular ASP.NET page can be provided on each web server within the web cluster and used to update the cache of a given server.
  • a custom server can be provided which provides a state server to other computers within the cluster.
  • the server can maintain an in-memory cache of merchant or store invariant records.
  • the state server can respond to requests from the web cluster. If the state server is reset or otherwise looses data, the web cluster can provide a negative acknowledgement (i.e., NACK) to the merchant/store POS 12 thereby requesting that a complete data transmission be provided with the next transmission.
  • the transmission of the complete data set can be provided for a desired length of time. This will cause the merchant to provide all of the merchant invariant data such that the database provided by the gateway 16 can be repopulated.
  • the payment processing gateway 16 can provide the appropriate financial institution 20 A-N with all the data received from a particular merchant, mapping various fields as required.
  • software operating at the point of sale device 12 can be configured to periodically transmit the entire data set for a given merchant to the payment processing gateway. This can be used to allow webservers or state servers of gateway 16 to be individually reset without difficulty.
  • the software running on a point of sale device 12 can be configured to submit a full data set every 2, 8 or 24 hours.
  • Data transmissions such as the authorization response 230 shown in FIG. 6 can include an additional data field to allow the payment processing gateway 16 to indicate that the full merchant data is required.
  • a separate message can be sent by the gateway 16 . This data can be sent independently, or can be included in the next transaction request.
  • the message from the payment processing gateway 16 to the point of sale device 12 can indicate which data field or fields must be re-sent.
  • the payment processing gateway 16 can continue to accept partial data for a period of time after the initial request is sent. This allows multiple point of sale devices 12 within a store to transmit data to a payment processing gateway 16 which is implemented across multiple servers.
  • the present invention eliminates redundant or unrequired transmissions. For example, some acknowledgement messages used in socket-based protocols such as the protocol implemented by VisaNet are redundant. This is especially true for protocols based upon HTTPS.
  • the acknowledgement (ACK) which is transmitted before a response for a credit card transaction in a single transaction mode is not required.
  • the acknowledgement can be useful in monitoring operation of the software during debugging, it is not normally required by the point of sale device 12 . Other such non-essential transmissions can also be eliminated.
  • the various transmissions between the point of sale device 12 and the payment processing gateway 16 can be implemented using a number of techniques.
  • the HTTPS protocol can be used in which a packet or partial packet for transmission on a financial network 18 A-N is “wrapped” as the payload in the secure transmission.
  • This configuration is particularly useful when integrating point of sale devices 12 which are at retail locations or which are implemented online through a merchant website. Further, this configuration can scale to high transaction volumes as required.
  • the payment processing gateway 16 provides an XML service for communication with the point of sale device 12 .
  • This configuration is also well suited for integrating point of sale devices 12 which exist at both retail locations and from online merchants.
  • a secure socket layer (SSL) protocol can be used in which a particular message or packet is carried in an SSL wrapper. This implementation may be required for some debit card transactions and is suited for the high performance required to handle a large volume of transactions. Further, such a protocol can be used to keep a socket open on a financial network 18 A-N during the entire transaction process. Server clustering techniques such as thread pooling, clustering and load balancing can be implemented to support such an SSL protocol.
  • the payment processing gateway 16 can provide a back end server process to maintain open payment sockets (or equivalents) through the financial networks 18 A-N.
  • a back end service can be synchronized with a stateless front end coupled to public network 14 .
  • credit card authorizations can typically be handled as a single synchronous transaction
  • debit card transactions typically require an additional final acknowledgement from the point of sale device 12 to the payment processing gateway 16 and to the appropriate financial institution 20 A-N over a financial network 18 A-N. This additional acknowledgement confirms that the retailer received the authorization acknowledgement and that the funds transfer was settled. If this acknowledgement is not received, the transaction is automatically reversed and the funds are returned to the customer's account.
  • a server thread is used to maintain both the front end and back end socket sessions.
  • this is more difficult to implement in a web based protocol which utilizes web servers such as Microsoft's IIS.
  • web services are inherently stateless. Therefore, without additional implementation, the final acknowledgement may go to a different thread than the original transaction, and possibly even to a different server in a web cluster.
  • the present invention maintains a thread in the web service such that such an acknowledgement can be sent to the appropriate financial institution.
  • the back end server process typically on a separate common server can be used to maintain an open back end socket over the appropriate financial network 18 A-N.
  • the socket must be uniquely identified to the front end web server, for example using a GUID which the back end server maps to a specific socket port.
  • the front end web server coupled to the public network 14 will place transaction messages on the appropriate queue.
  • the queue is then accessed by the back end server process.
  • the back end server process can be single or multi-threaded and processes messages by assigning them to a new or existing socket session as appropriate.
  • a new socket session with a financial institute 18 A-N is opened at the start of each transaction and closed at the end of the transaction. All messages for a given transaction will occur over the same socket. Socket connections for incomplete transactions can be set to time out after a predetermined interval to protect server resources.
  • the point of sale device is required to provide an acknowledgement to the gateway during a debit card transaction
  • the present invention operates without the need for such a second acknowledgement.
  • the gateway can send a second acknowledgement back through the financial network without waiting for the acknowledgement to be received from the point of sale device.
  • This allows the transaction to be stateless within the gateway and the debit transaction can then be easily supported over the HTTPS protocol without the need to use sockets such as SSL, directly.
  • This configuration allows standard web servers to implement the present invention. Without the second acknowledgement from the point of the sale device, an additional safety mechanism can be provided to prevent a duplicate transaction from being processed.
  • the gateway can detect that the same or a similar transaction is being run from the same terminal or store within a specific period of time. If such a transaction is identified by the gateway, the gateway can simply block the transaction or send some type of a message back to the point of sale device indicating that an error has occurred or warning that a duplicate transaction has been received, request a confirmation that the duplicate data should be processed, request that the data be specifically called in, or simply acknowledge a successfully processed transaction previously. For example, if the same payment instrument is used from the same point of sale terminal within a relatively small time window, for example, one to two minutes, a simple acknowledgement can be provided.
  • the present invention is configured to operate as a web service.
  • a socket server implementation is used.
  • web services provide transactional functions which operate across a network such as the Internet. Web services adhere to a shared specification such that they are able to share objects and exchange data.
  • WSE web services enhancements
  • the present invention is applicable to electronic fund transfers based upon financial transaction authorization requests, and response to such requests. Although cards are specifically discussed, the invention relates to any type of payment instrument that can be used.
  • the financial transaction authorization request are conveyed from a source, such as a store or merchant, to an authorization provider, such as a financial institution, over public and/or private networks or direct connections.

Abstract

A method for processing financial transactions includes transmitting an authorization request to a payment processing gateway server. The authorization request includes a supplemental header having a contract identification field that stores an identification of a contract between a merchant and a payment provider. A transaction response transmission is received from the payment processing gateway server in response to the authorization request. The transaction response transmission includes a transaction response header and a response data component. The transaction response header includes identification of a particular transaction to which the transaction response transmission is applicable. The response data component includes an indication that the contract is invalid. The indication that the contract is invalid is responded to by facilitating a rejection of the financial transaction.

Description

    CROSS REFERENCE TO RELATED APPLICATION
  • The present application is a continuation of and claims priority of U.S. patent application Ser. No. 10/620,293, filed Jul. 15, 2003, the content of which is hereby incorporated by reference in its entirety.
    • BACKGROUND OF THE INVENTION
  • The present invention relates to processing financial transaction authorization requests from merchants. More specifically, the present invention relates to a payment processing gateway for use in processing financial transaction authorization requests and a protocol accessing such a gateway.
  • In a retail transaction, a purchaser purchases a retail product from a merchant. Retail transactions have been used throughout much of human history. Having evolved from a simple barter system, there has been an ongoing trend to make such transactions more efficient and convenient for the consumer and the merchant. As an alternative to barter, money was used to represent the value of items to allow more flexibility in such transactions. Next, there was the realization that the money involved in the transaction did not need to be physically present at the transaction time. For example, a debit ledger can be maintained by the merchant and used to record sales in which credit was extended to the consumer. This allowed the consumer to pay for the goods at a future date. Checking systems are also employed in which a check is issued allowing the recipient to draw on those funds from a bank.
  • Charge, debit cards, electronic checks and the like (“financial cards”) provide far more convenience to the consumer than the use of physical checks. Originally, copies of receipts from such financial card transactions were simply maintained by the merchant and periodically processed. Eventually real time authorization techniques were provided by financial card issuers. In such systems, a merchant is able to obtain an authorization from the financial card issuer prior to completion of the retail transaction. Various types of authorization can be used, for example an authorization can be obtained through oral communication, such as through a telephone call. Authorizations can also be obtained through digital communication techniques.
  • Presently, many retail locations employ point of sale (POS) devices in which a magnetic strip on a financial card is “swiped” through a card reader. Data on a “smartcard” chip can also be read. The data can be read using a magnetic sensor, electrical contacts, a radio frequency (RF) connection, or through other techniques. The card reader or a device connected to the reader, initiates a telephone call with an authorization center. The authorization center is able to immediately authorize or decline a particular transaction. The point of sale device informs personnel at the retail location of the result of the authorization request. If the transaction is questionable, the merchant can be required to obtain further information for verifying the card holding prior to providing authorization for the transaction. With the advent of the Internet, such authorization procedures are moving away from point to point telephone connections and are beginning to exploit the connectivity that the Internet provides. In such transactions, a device at the point of sale uses a secure communication technique, such as a Secure Socket Layer (SSL), to communicate with a authorization gateway. The gateway is capable of simultaneously communicating with point of sale devices from multiple merchants. The gateway contacts the appropriate financial institution regarding the authorization request and relays the result of the authorization request back to the appropriate point of sale device through the Internet connection. There is an ongoing need to improve the performance and convenience of such transactions.
    • SUMMARY OF THE INVENTION
  • Embodiments of systems and methods for processing financial transactions are disclosed herein. In one embodiment, an authorization request is transmitted to a payment processing gateway server. The authorization request includes a supplemental header having a contract identification field that stores an identification of a contract between a merchant and a payment provider. A transaction response transmission is received from the payment processing gateway server in response to the authorization request. The transaction response transmission includes a transaction response header and a response data component. The transaction response header includes identification of a particular transaction to which the transaction response transmission is applicable. The response data component includes an indication that the contract is invalid. The indication that the contract is invalid is responded to by facilitating a rejection of the financial transaction.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a simplified diagram showing a payment processing gateway coupling a point of sale device to financial institutions across public and financial networks.
  • FIG. 2 is a block diagram showing the point of sale device of FIG. 1 in greater detail.
  • FIG. 3 is a block diagram showing the payment processing gateway of FIG. 1 in greater detail.
  • FIG. 4 is a block diagram of a general computing environment in which embodiments of the present invention may be practiced.
  • FIG. 5 is a block diagram showing an authorization request data packet.
  • FIG. 6 is a block diagram showing an authorization response data packet.
    •  DETAILED DESCRIPTION OF ILLUSTRATIVE EMBODIMENTS
  • The present invention provides a protocol and implementation to support various forms of electronic fund transaction types. Examples of electronic fund transactions are those which are based upon credit cards, charge cards, debit cards, check verification, gift cards, coupons, etc. As used herein, these various types of electronic fund transactions are referred to as “financial transactions” or “financial cards,” although a physical card is not required. Various transaction types are supported including the types “authorize”, “void”, “return”, “settle”, etc.
  • Point of sale (POS) terminals communicate directly over a public network such as the Internet, or through a retail server system which couples to the public network, to a payment processing gateway server. The payment processing gateway server provides a link between authorization requests received from the public network and at least one financial network. The financial network provides communications with at least one financial institution which is capable of authorizing the particular transaction. The financial network can be a private network or can be a secure link over a public network.
  • FIG. 1 is a simplified block diagram of an electronic fund transaction processing system 10 in accordance with one example embodiment of the present invention. The transaction processing system 10 includes a point of sale (POS) device 12 which couples to a public network 14, such as the Internet. A payment processing gateway 16 couples to the public network 14 and is in communication with the point of sale device 12. The payment processing gateway 16 couples to at least one financial network 18A, 18B . . . 18N. The financial network 18A-N can be a private network or a secure communication link over a public network such as the Internet. At least one financial institution 20A, 20B . . . 20N couples to each of the respective financial networks 18A, 18B . . . 18N. Any number of financial institutions 20A-N can couple to a single financial network 18A-N.
  • The point of sale device 12 can be physically located at a retail location such as a retail store. The device 12 can comprise an individual cash register, for example, or can be a retail server system which is used to connect to multiple point of sale devices. Such a retail server system can provide additional functionality such as inventory control, theft prevention, etc. The retail server system can be implemented in a separate server or in a peer-to-peer architecture. The retail location can include a local area network which couples to the point of sale device 12. In some systems, wireless networks are provided. In one aspect, the present invention reduces communication overhead on such networks.
  • FIG. 2 is a simplified block diagram of point of the sale device 12 shown in FIG. 1 and which includes a user input/output 30. The user input/output 30 can comprise, for example, a display, keyboard, a touch screen, pointing device, card reader such as a magnetic card reader, RFID reader, magnetic stripe reader, smartcard reader, voice recognition device or the like, weighing scale, or any of the various inputs and outputs discussed below or known in the art. The input/output 30 couples to a processor system 32 which includes a memory 34. Memory 34 is used for storing programming instructions as well as data. A network interface 36 is used to couple the processor system 32 to the public network 14 over a physical layer 38. User input/output 30 is used to initiate a financial card authorization request by processor 32. Processor 32 formats the request in accordance with the appropriate protocol format for transmission by network interface 36 over the physical layer 38. The physical layer 38 can be any type of network connection. In addition, processor system 32 can perform other functions such as maintain inventory, perform cash register operations, provide instructions to an operator, provide information or advertisements to a consumer, etc.
  • FIG. 3 is a simplified block diagram of payment processing gateway 16. Gateway 16 includes a network interface 40 configured to couple to the public network 14 through physical layer 42. A processor system 44 includes a memory 47 which contains programming instructions and data. Processor system 44 couples to public network 14 through interface 40 and to financial networks 18A-N through a network interface 46. Network interface 46 couples to financial network 18A-N through physical layer 48.
  • In operation, gateway 16 receives authorization requests from point of sale device 12 over public network 14. The authorization requests are formatted in accordance with the appropriate transmission protocol for transmission over financial network 18A-N to a respective financial institution 20A-N. When gateway 16 receives a response to an authorization request from the appropriate financial institution 20A-20N, the result is relayed back to the respective point of sale device 12 through the public network 14. In accordance with one transmission protocol, the response transmission is identified such that the point of sale device 12 is able to determine to which authorization request the response message relates. However, such a transaction identification is not required when a single authorization request is sent over a synchronous connection, such as a single credit card transaction. In this case, the point of sale device 12 can wait for a return value to an httpost, or wait on a dedication socket, as there are no other transactions which must be followed. However, if multiple transaction authorization requests are sent, either at the point of sale device or through a retail server system, or if multiple transactions are bundled into a single message, or for some other reason a synchronous responses are supported, such a transaction identification can be used.
  • As illustrated below in greater detail, processor system 44 can have other inputs, outputs or configurations. The network interface 46 and physical layer 48 can be in accordance with any appropriate standard or protocol.
  • FIG. 4 illustrates an example of a suitable computing system environment 100 on which the invention may be implemented. System environment 100 can implement point of sale device 12 and/or payment processing gateway 16. The devices, for example payment processing gateway 16, can be implemented across multiple environments 100. The computing system environment 100 is only one example of a suitable computing environment and is not intended to suggest any limitation as to the scope of use or functionality of the invention. Neither should the computing environment 100 be interpreted as having any dependency or requirement relating to any one or combination of components illustrated in the exemplary operating environment 100.
  • The invention can be implemented in numerous other general purpose or special purpose computing system environments or configurations. Examples of well-known computing systems, environments, and/or configurations that may be suitable for use with the invention include, but are not limited to, personal computers, server computers, hand-held or laptop devices, multiprocessor systems, microprocessor-based systems, programmable consumer electronics, network PCs, minicomputers, mainframe computers, telephony systems, dedicated custom hardware, distributed computing environments that include any of the above systems or devices, and the like.
  • The invention may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. In some embodiments, the invention is designed to be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules are located in both local and remote computer storage media including memory storage devices.
  • With reference to FIG. 4, an exemplary system for implementing the invention includes a one or more general-purpose computing devices in the form of a computer 110. Components of computer 110 may include, but are not limited to, a processing unit 120, a system memory 130, and a system bus 121 that couples various system components including the system memory to the processing unit 120. The system bus 121 may be any of several types of bus structures including a memory bus or memory controller, a peripheral bus, and a local bus using any of a variety of bus architectures. By way of example, and not limitation, such architectures include Industry Standard Architecture (ISA) bus, Micro Channel Architecture (MCA) bus, Enhanced ISA (EISA) bus, Video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus also known as Mezzanine bus.
  • Computer 110 typically includes a variety of computer readable media. Computer readable media can be any available media that can be accessed by computer 110 and includes both volatile and nonvolatile media, removable and non-removable media. By way of example, and not limitation, computer readable media may comprise computer storage media and communication media. Computer storage media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by computer 110. Communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media. The term “modulated data signal” means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal. By way of example, and not limitation, communication media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared and other wireless media. Combinations of any of the above should also be included within the scope of computer readable media.
  • The system memory 130 includes computer storage media in the form of volatile and/or nonvolatile memory such as read only memory (ROM) 131 and random access memory (RAM) 132. A basic input/output system 133 (BIOS), containing the basic routines that help to transfer information between elements within computer 110, such as during start-up, is typically stored in ROM 131. RAM 132 typically contains data and/or program modules that are immediately accessible to and/or presently being operated on by processing unit 120. By way of example, and not limitation, FIG. 3 illustrates operating system 134, application programs 135, other program modules 136, and program data 137.
  • The computer 110 may also include other removable/non-removable volatile/nonvolatile computer storage media. By way of example only, FIG. 4 illustrates a hard disk drive 141 that reads from or writes to non-removable, nonvolatile magnetic media, a magnetic disk drive 151 that reads from or writes to a removable, nonvolatile magnetic disk 152, and an optical disk drive 155 that reads from or writes to a removable, nonvolatile optical disk 156 such as a CD ROM or other optical media. Other removable/non-removable, volatile/nonvolatile computer storage media that can be used in the exemplary operating environment include, but are not limited to, magnetic tape cassettes, flash memory cards, digital versatile disks, digital video tape, solid state RAM, solid state ROM, and the like. The hard disk drive 141 is typically connected to the system bus 121 through a non-removable memory interface such as interface 140, and magnetic disk drive 151 and optical disk drive 155 are typically connected to the system bus 121 by a removable memory interface, such as interface 150.
  • The drives and their associated computer storage media discussed above and illustrated in FIG. 4, provide storage of computer readable instructions, data structures, program modules and other data for the computer 110. In FIG. 4, for example, hard disk drive 141 is illustrated as storing operating system 144, application programs 145, other program modules 146, and program data 147. Note that these components can either be the same as or different from operating system 134, application programs 135, other program modules 136, and program data 137. Operating system 144, application programs 145, other program modules 146, and program data 147 are given different numbers here to illustrate that, at a minimum, they are different copies.
  • A user may enter commands and information into the computer 110 through input devices such as a keyboard 162, a microphone 163, and a pointing device 161, such as a mouse, trackball or touch pad. Other input devices (not shown) may include a joystick, game pad, satellite dish, scanner, or the like. These and other input devices are often connected to the processing unit 120 through a user input interface 160 that is coupled to a system bus, but may be connected by other interface and bus structures, such as a parallel port, game port or a universal serial bus (USB). The system bus may be implemented using any appropriate techniques. A monitor 191 or other type of display device is also connected to the system bus 121 via an interface, such as a video interface 190. In addition to the monitor, computers may also include other peripheral output devices such as speakers 197, printer 196, pole displays, modems, network interface cards, etc. which may be connected through an output peripheral interface 195.
  • The computer 110 is operated in a networked environment using logical connections to one or more remote computers, such as a remote computer 180. The remote computer 180 may be a personal computer, a hand-held device, a server, a router, a network PC, a peer device or other common network node, and typically includes many or all of the elements described above relative to the computer 110. The logical connections depicted in FIG. 4 include a local area network (LAN) 171 and a wide area network (WAN) 173, but may also include other networks. Such networking environments are commonplace in offices, enterprise-wide computer networks, intranets and the Internet.
  • When used in a LAN networking environment, the computer 110 is connected to the LAN 171 through a network interface or adapter 170. The WAN networking environment is provided by the public network 14 or private networks 18A-N. The computer 110 typically includes a modem 172 network interface card, or other means for establishing communications over the WAN 173, such as the Internet. A network connection to the WAN may also be through a gateway, router, proxy, or other connection to the WAN over the LAN. The modem 172, which may be internal or external, may be connected to the system bus 121 via the user input interface 160, or other appropriate mechanism. In a networked environment, program modules depicted relative to the computer 110, or portions thereof, may be stored in the remote memory storage device. By way of example, and not limitation, FIG. 4 illustrates remote application programs 185 as residing on remote computer 180. It will be appreciated that the network connections shown are exemplary and other means of establishing a communications link between the computers may be used.
  • In one aspect, the present invention provides a new protocol for transmission of authorization requests and/or authorization responses between point of sale device 12 and payment processing gateway 16 over public network 14. The protocol can be configured for optimized implementation with retail management software which operates on a retail server system running on the gateway 16. In some embodiments, data can be preconfigured or otherwise previously stored in a database in memory 47 on the payment processing gateway 16 such that the data does not need to be retransmitted over the public network 14. This provides increased security while reducing transmission overhead.
  • In one aspect, a supplemental header is pre-pended to the authorization request “payload”. FIG. 5 is a block diagram showing an example authorization request 200. Authorization request 200 includes a transaction specific data field 202, cache-key field 204 and a cacheable data field 206. The supplemental header field 208 is shown pre-pended to the authorization request 200 on top of the cacheable data 206. The supplemental header carries a small amount of data which is used as a key to index a database in payment processing gateway 16. One example of such a field is one which identifies the financial contract(s) and terms of operation for a particular acquiring banks or financial networks and the payment gateway provider. Such a “contract ID” field can be used by the payment processing gateway 16 to access a small list of valid contract IDs. This accessing can be through a simple in-memory list or an in-memory hash table to improve performance. If a particular transaction request arrives at the payment processing gateway 16 with an invalid contract ID, the payment processing gateway 16 can reject the authorization request because a valid contract is not properly identified for the particular merchant who sent the authorization request 200. In another example, the contract ID can be used to reference a particular subset of a group of valid financial networks, for example, an issuing financial institution frequently used more than one financial network and an acquiring bank or financial institution will indicate which subset of the various networks can be used by the merchant.
  • The rejection from the payment processing gateway 16 can be in the form of an authorization or transaction response transmission 230 shown in FIG. 6. A transaction response can include a transaction identification header field 232 and a response data field 234. The transaction identification field 232 identifies a particular transaction to which the response 230 is applicable. For example, a merchant may issue multiple transaction authorization requests 200 within a short period of time and the transaction identification field 232 is used to match a particular response with the appropriate request. As discussed above, the transaction ID is not required in all embodiments. The response field 234 includes data which indicates the response to the authorization request 200 such as “authorized”, “declined”, “hold card”, “cut card”, “bad card”, “call issuer for further information”, or request additional information from the purchaser, for example, to verify the authenticity of the card holder. As discussed below, the gateway 16 can also request transmission of cacheable data to populate a cache. If the contract ID for the supplemental header 208 is invalid, the payment processing gateway 16 can provide a response 234 to the authorization request 200 which indicates that the contract is invalid.
  • The contract ID field can also be used to audit transactions by payment processing gateway 16. This auditing can be used to ensure that merchants utilizing the payment processing gateway 16, or the financial institutions utilizing payment processing gateway 16, are properly charged for the use of the service. Further, the contact ID field can be used to analyze transactions to determine the source of the transactions, destination of the transaction, particular merchants involved, particular terms of the contract, etc. In one specific example, the contract identification comprises two bytes of 8 bits each.
  • In another example, the supplemental header 208 includes a payment type field. The payment type field is used to provide information to the payment processing gateway 16 as to which particular financial network 18A-N should be used for authorizing the transaction. For example, a particular financial network 18A-N may be for credit transactions of a particular type of debit card, while another financial network 18A-N may be for use with credit cards. Other financial networks may be directed to advance payment types such as gift cards, coupons, smart credit cards, “microcredits”, etc. “Microcredits” are directed to a credit format in which small dollar amount transactions may be performed through credit in a cost effective manner. The payment type field can also indicate the particular protocol used by the back-end financial network 18A-N and often within payload of the transmission, i.e., the transaction specific data 202.
  • The transaction authorization protocol 200 illustrated in FIG. 5 also provides a cache-key field 204. The cache-key 204 can be used to uniquely identify a particular shop or store submitting an authorization request. Merchant data can also be cached, for example for merchants with multiple stores. The payment processing gateway 16 can retrieve cache data within memory 34 illustrated in FIG. 2 based upon the cache-key. The cache data can be merchant or store invariant data information described below in more detail. In one specific embodiment, the cache-key field 204 comprises a 128 bit data field. The data field can be used to carry a GUID (Globally Unique Identifier). In another specific example, 12 bytes of the 128 bits identifies a particular merchant while the remaining 4 bytes identifies a particular store of that merchant.
  • The authorization request 200 may also contain cache-able data 206. Typical prior art financial transaction protocols are capable of carrying a fairly rich set of merchant data, including for example, merchant name (25 bytes), country (3 bytes), state (2 bytes), location (13 bytes), city code/zip code (3 bytes), merchant category (4 bytes), acquirer bin (6 bytes), time zone differential (3 bytes), merchant category code (4 bytes), extra field separators for ease of viewing (4 bytes) and others. The total can be more than 66 bytes of data for the main authorization message in a T-format authorization request message (direct debit). Typically, all of this data must be transmitted with each authorization request.
  • With the present invention, the transaction invariant data can be cached in memory 34 of payment gateway 16. In typical prior art gateways, such a cache would provide limited benefits due to server performance limitations and the difficulty of maintaining state across multiple servers arranged in a cluster. For example, the state of a particular transaction would be required to be maintained across a cluster of servers in a performat manner because there is a relatively high volume of authorization request which must be processed in near real time. Further, it is difficult to ensure that cached data is maintained or otherwise restored when a server is reset.
  • Web servers, for example, tend to be inherently stateless. With the present invention, payment processing gateway 16 is configured as a web server offering a web service which maintains state using a cache as desired in order to support such caching operations. The cache can be through any appropriate caching technique such as a shared file, a database, etc. Preferably, a caching mechanism is utilized which provides high performance and operates very efficiently to support large numbers of simultaneous transactions. In one aspect, the merchant invariant data is cached in volatile memory (i.e., RAM) of the payment processing gateway 16. For example, by caching 100 bytes of data per merchant and with 200,000 merchants, 20 megabytes of memory world be utilized.
  • Although this caching operation is particularly useful for authorization requests, the caching can also be utilized with settlement requests. A settlement request typically occurs less frequently than an authorization request. In a settlement request, a number of transactions are typically “batched” together for settlement with the appropriate financial institution. The settlement process involves the transfer of funds from the appropriate financial institution to the account of the merchant.
  • If the payment processing gateway 16 is implemented in a number of different servers, such as that provided by a web cluster, the caching of merchant or transaction invariant data can be achieved in any appropriate way. Even a small cluster of 2 servers can process a relatively large volume of authorization request traffic. For such a cache to be effective, the state can be maintained for each transaction being serviced by the gateway 16. A state service can be maintained across multiple web servers in a web cluster. Such a state service can be implemented in a shared server whereby each of the servers in the web cluster can access for the state information. Cache consistency and replication across multiple servers must be maintained for such an implementation. One specific implementation of such a state service is through the .NET framework provided by Microsoft Corporation, of Redmond, Wash. This framework supports a distributed computing environment in which applications may be written in any number of high level languages. The high level languages are compiled to a common runtime language known as CLR (Common Language Runtime). Further, in such an embodiment, the CLR can operate across various hardware platforms such that the implementation is hardware independent. In such an embodiment, the payment processing gateway 16 consists of a number of distributed computing systems. Objects can be used to exchange data between the systems and maintain.
  • In one implementation suitable for a small number of servers, each server maintains its own cache. A single server with sufficient processing capabilities may be capable of processing a substantial number of authorization requests.
  • The state service can operate with a database server, such as an SQL server which can be used to provide backup of stored data. The database can be used to restore the in-memory cache upon system failure of other fault.
  • In some embodiments, a single database access is employed for each authorization per transaction. For example, a procedure stored in the payment processing gateway 16 can be used to log the transaction to memory, for auditing, reporting, billing or other purposes. The same procedure used to log the data to the database can be used to read the associated cached invariant merchant data back from the database.
  • A web server front end can also be utilized with payment processing gateway 16 which directs web requests from a particular IP (Internet Protocol) address to the same server within the cluster. This particular redirection can be set for any time period, for example a number of days. Such a front end can be implemented in software or hardware components. With such an implementation, it is not necessary to synchronize the web server cache within the cluster. Instead, each web server within the cluster provided by the payment processing gateway 16 need only maintain state for the particular transactions which it is handling.
  • For small scale applications, a web service can be utilized such as that provided by ASP.NET. A particular ASP.NET page can be provided on each web server within the web cluster and used to update the cache of a given server.
  • A custom server can be provided which provides a state server to other computers within the cluster. The server can maintain an in-memory cache of merchant or store invariant records. The state server can respond to requests from the web cluster. If the state server is reset or otherwise looses data, the web cluster can provide a negative acknowledgement (i.e., NACK) to the merchant/store POS 12 thereby requesting that a complete data transmission be provided with the next transmission. The transmission of the complete data set can be provided for a desired length of time. This will cause the merchant to provide all of the merchant invariant data such that the database provided by the gateway 16 can be repopulated. During this period, the payment processing gateway 16 can provide the appropriate financial institution 20A-N with all the data received from a particular merchant, mapping various fields as required.
  • In embodiments such as those discussed above in which various data is cached within a memory in payment processing gateway 16, software operating at the point of sale device 12 can be configured to periodically transmit the entire data set for a given merchant to the payment processing gateway. This can be used to allow webservers or state servers of gateway 16 to be individually reset without difficulty. For example, the software running on a point of sale device 12 can be configured to submit a full data set every 2, 8 or 24 hours. Data transmissions such as the authorization response 230 shown in FIG. 6 can include an additional data field to allow the payment processing gateway 16 to indicate that the full merchant data is required. Alternatively, a separate message can be sent by the gateway 16. This data can be sent independently, or can be included in the next transaction request. Further, if only partial data is required, the message from the payment processing gateway 16 to the point of sale device 12 can indicate which data field or fields must be re-sent. In such a configuration, the payment processing gateway 16 can continue to accept partial data for a period of time after the initial request is sent. This allows multiple point of sale devices 12 within a store to transmit data to a payment processing gateway 16 which is implemented across multiple servers.
  • In order to further reduce the overhead of the messages exchanged across the public network 14, or local networks of the retail location, in one aspect the present invention eliminates redundant or unrequired transmissions. For example, some acknowledgement messages used in socket-based protocols such as the protocol implemented by VisaNet are redundant. This is especially true for protocols based upon HTTPS. In one specific example, the acknowledgement (ACK) which is transmitted before a response for a credit card transaction in a single transaction mode is not required. Although the acknowledgement can be useful in monitoring operation of the software during debugging, it is not normally required by the point of sale device 12. Other such non-essential transmissions can also be eliminated.
  • The various transmissions between the point of sale device 12 and the payment processing gateway 16, including the authorization request 200 and the authorization response 230, can be implemented using a number of techniques. For example, the HTTPS protocol can be used in which a packet or partial packet for transmission on a financial network 18A-N is “wrapped” as the payload in the secure transmission. This configuration is particularly useful when integrating point of sale devices 12 which are at retail locations or which are implemented online through a merchant website. Further, this configuration can scale to high transaction volumes as required.
  • In another example, the payment processing gateway 16 provides an XML service for communication with the point of sale device 12. This configuration is also well suited for integrating point of sale devices 12 which exist at both retail locations and from online merchants.
  • A secure socket layer (SSL) protocol can be used in which a particular message or packet is carried in an SSL wrapper. This implementation may be required for some debit card transactions and is suited for the high performance required to handle a large volume of transactions. Further, such a protocol can be used to keep a socket open on a financial network 18A-N during the entire transaction process. Server clustering techniques such as thread pooling, clustering and load balancing can be implemented to support such an SSL protocol.
  • In another implementation of the present invention, the payment processing gateway 16 can provide a back end server process to maintain open payment sockets (or equivalents) through the financial networks 18A-N. Such a back end service can be synchronized with a stateless front end coupled to public network 14. Although credit card authorizations can typically be handled as a single synchronous transaction, debit card transactions typically require an additional final acknowledgement from the point of sale device 12 to the payment processing gateway 16 and to the appropriate financial institution 20A-N over a financial network 18A-N. This additional acknowledgement confirms that the retailer received the authorization acknowledgement and that the funds transfer was settled. If this acknowledgement is not received, the transaction is automatically reversed and the funds are returned to the customer's account. This can be implemented using a socket based protocol, such as SSL, where a server thread is used to maintain both the front end and back end socket sessions. However, this is more difficult to implement in a web based protocol which utilizes web servers such as Microsoft's IIS. As discussed above, web services are inherently stateless. Therefore, without additional implementation, the final acknowledgement may go to a different thread than the original transaction, and possibly even to a different server in a web cluster. In one aspect, the present invention maintains a thread in the web service such that such an acknowledgement can be sent to the appropriate financial institution.
  • The back end server process typically on a separate common server can be used to maintain an open back end socket over the appropriate financial network 18A-N. In such an embodiment, the socket must be uniquely identified to the front end web server, for example using a GUID which the back end server maps to a specific socket port. The front end web server coupled to the public network 14 will place transaction messages on the appropriate queue. The queue is then accessed by the back end server process. The back end server process can be single or multi-threaded and processes messages by assigning them to a new or existing socket session as appropriate. A new socket session with a financial institute 18A-N is opened at the start of each transaction and closed at the end of the transaction. All messages for a given transaction will occur over the same socket. Socket connections for incomplete transactions can be set to time out after a predetermined interval to protect server resources.
  • Although in typical payment processing systems, the point of sale device is required to provide an acknowledgement to the gateway during a debit card transaction, in one aspect, the present invention operates without the need for such a second acknowledgement. For example, the gateway can send a second acknowledgement back through the financial network without waiting for the acknowledgement to be received from the point of sale device. This allows the transaction to be stateless within the gateway and the debit transaction can then be easily supported over the HTTPS protocol without the need to use sockets such as SSL, directly. This configuration allows standard web servers to implement the present invention. Without the second acknowledgement from the point of the sale device, an additional safety mechanism can be provided to prevent a duplicate transaction from being processed. For example, the gateway can detect that the same or a similar transaction is being run from the same terminal or store within a specific period of time. If such a transaction is identified by the gateway, the gateway can simply block the transaction or send some type of a message back to the point of sale device indicating that an error has occurred or warning that a duplicate transaction has been received, request a confirmation that the duplicate data should be processed, request that the data be specifically called in, or simply acknowledge a successfully processed transaction previously. For example, if the same payment instrument is used from the same point of sale terminal within a relatively small time window, for example, one to two minutes, a simple acknowledgement can be provided.
  • Although the present invention has been described with reference to particular embodiments, workers skilled in the art will recognize that changes may be made in form and detail without departing from the spirit and scope of the invention. In one aspect, the present invention is configured to operate as a web service. In another aspect, a socket server implementation is used. In general, web services provide transactional functions which operate across a network such as the Internet. Web services adhere to a shared specification such that they are able to share objects and exchange data. One extension of web services which is well suited for implementation of the present invention is the web services enhancements (WSE) class library available in the Microsoft.NET framework. The present invention is applicable to electronic fund transfers based upon financial transaction authorization requests, and response to such requests. Although cards are specifically discussed, the invention relates to any type of payment instrument that can be used. The financial transaction authorization request are conveyed from a source, such as a store or merchant, to an authorization provider, such as a financial institution, over public and/or private networks or direct connections.

Claims (21)

1. A method of authorizing a financial transaction, the method comprising:
receiving a first authorization request from a point of sale device, the first authorization request including a first transaction specific data field, a first cache key field, a first cacheable data field, and a first supplemental header field, the first cacheable data field including merchant data, the first supplemental header including a first contract ID field that is used as a key to index a database and a payment type field that is used to identify a particular financial network;
accessing a list of valid contract IDs utilizing the first contract ID field;
uniquely identifying a particular store submitting the first authorization request utilizing the first cache key field;
caching the merchant data in a volatile memory component of a payment processing gateway;
sending a first authorization transmission in response to the first authorization request, the first authorization transmission including a transaction identification field and a response data field, the transaction identification field identifying a particular financial transaction to which the first authorization transmission is applicable, the response field indicating a response to the first authorization request, wherein the response is selected from the group consisting of “authorized,” “declined,” “hold card,” “cut card,” “bad card,” “call issuer for further information,” and “request additional information from the purchaser”;
receiving a second authorization request from the point of sale device, the second authorization request including a second transaction specific data field and a second cache key field; and
retrieving the merchant data from the volatile memory component utilizing the second cache key field.
2. The method of claim 1 wherein the first supplemental header identifies a financial contract and terms of operation for a particular acquiring bank and a payment gateway provider.
3. The method of claim 2 wherein the point of sale device is a retail server system that is used to connect multiple point of sale devices.
4. The method of claim 3 further comprising the retail server system providing inventory control and theft protection.
5. The method of claim 4 wherein accessing a list of valid contract IDs comprises accessing an in-memory hash table.
6. The method of claim 5 wherein the first authorization transmission includes a request for the point of sale device to transmit cacheable data to populate a cache.
7. The method of claim 6 further comprising:
auditing financial transaction processed by a payment process gateway utilizing the first contract ID field; and
utilizing the audit to ensure that merchants using the payment process gateway are properly charged.
8. The method of claim 7 wherein the merchant data comprises a merchant name, a country, a state, a location, a city code/zip code, a merchant category, an acquirer bin, a time zone differential, a merchant category code, and an extra field separator.
9. A method of processing a financial transaction, the method comprising:
transmitting an authorization request to a payment processing gateway server, the authorization request including a supplemental header that includes a contract identification field that stores an identification of a contract between a merchant and a payment provider;
receiving, from the payment processing gateway server in response to the authorization request, a transaction response transmission, wherein the transaction response transmission includes a transaction response header and a response data component, the transaction response header including identification of a particular transaction to which the transaction response transmission is applicable, and wherein the response data component includes an indication that said contract is invalid; and
responding to the indication that the contract is invalid by facilitating a rejection of the financial transaction.
10. The method of claim 9, wherein the authorization request further comprises a transaction specific data field that includes an indication of the identification of the particular transaction.
11. The method of claim 10, wherein the authorization request further comprises a cache key field that identifies a particular business sub-unit for which data is to be cached separately from a different business sub-unit.
12. The method of claim 10, wherein the authorization request further comprises a cache key field that includes an identifier that points to a particular data storage location on the payment processing gateway server.
12. The method of claim 10, wherein the authorization request further comprises a cache key field that includes an identifier that points to a particular one of a plurality of data storage locations maintained on the payment processing gateway server for the merchant.
13. A method of processing a financial transaction, the method comprising:
transmitting an authorization request to a payment processing gateway server, the authorization request including a mechanism for identifying a specific one of a plurality of data storage locations maintained on the payment processing gateway server for a particular merchant; and
receiving, from the payment processing gateway server in response to the authorization request, a transaction response transmission, wherein the transaction response transmission includes a transaction response header and a response data component, the transaction response header including identification of a particular transaction to which the transaction response transmission is applicable, and wherein the response data component includes an indication that said contract is valid or otherwise authorized.
14. The method of claim 13, wherein the mechanism for identifying a specific one of a plurality of data storage locations is a mechanism for identifying a particular business sub-unit for the particular merchant.
15. The method of claim 13, wherein the mechanism for identifying a specific one of a plurality of data storage locations is a mechanism for identifying a particular business unit.
16. The method of claim 13, wherein the mechanism for identifying a specific one of a plurality of data storage locations is a mechanism for identifying a particular store.
17. The method of claim 13, wherein the mechanism for identifying a specific one of a plurality of data storage locations is a mechanism for identifying a shared data stored location made accessible as part of a web service.
18. The method of claim 13, wherein the mechanism for identifying a specific one of a plurality of data storage locations is a mechanism for identifying a data stored location that is configured to support simultaneous data recordation transactions.
19. The method of claim 13, wherein the mechanism for identifying a specific one of a plurality of data storage locations is a mechanism for identifying a volatile data storage memory.
20. The method of claim 13, wherein the mechanism for identifying a specific one of a plurality of data storage locations is a mechanism for identifying a data storage location in which there is a collection of pre-existing transaction data for the merchant already cached.
US12/917,775 2003-07-15 2010-11-02 Electronic draft capture Abandoned US20110078083A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US12/917,775 US20110078083A1 (en) 2003-07-15 2010-11-02 Electronic draft capture

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/620,293 US7853525B2 (en) 2003-07-15 2003-07-15 Electronic draft capture
US12/917,775 US20110078083A1 (en) 2003-07-15 2010-11-02 Electronic draft capture

Related Parent Applications (2)

Application Number Title Priority Date Filing Date
US10/620,293 Continuation US7853525B2 (en) 2003-07-15 2003-07-15 Electronic draft capture
US81622108A Continuation 2005-02-14 2008-05-23

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US13/166,882 Continuation-In-Part US8440968B2 (en) 2005-02-14 2011-06-23 Ion-mobility analyser

Publications (1)

Publication Number Publication Date
US20110078083A1 true US20110078083A1 (en) 2011-03-31

Family

ID=34062749

Family Applications (2)

Application Number Title Priority Date Filing Date
US10/620,293 Active 2028-02-05 US7853525B2 (en) 2003-07-15 2003-07-15 Electronic draft capture
US12/917,775 Abandoned US20110078083A1 (en) 2003-07-15 2010-11-02 Electronic draft capture

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US10/620,293 Active 2028-02-05 US7853525B2 (en) 2003-07-15 2003-07-15 Electronic draft capture

Country Status (1)

Country Link
US (2) US7853525B2 (en)

Families Citing this family (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7580861B1 (en) 2000-03-17 2009-08-25 Amazon Technologies, Inc. Providing automated gift registry functionality to assist a user in purchasing an item for a recipient
US7269160B1 (en) 2000-05-26 2007-09-11 Buffalo International, Inc. Voice over internet call center integration
US7318043B1 (en) 2004-05-24 2008-01-08 Amazon Technologies, Inc. Automatically identifying erroneous orders
US20060167818A1 (en) * 2005-01-21 2006-07-27 David Wentker Methods and system for performing data exchanges related to financial transactions over a public network
US7445147B2 (en) * 2005-03-25 2008-11-04 Wal-Mart Stores, Inc. Stored value card validation
US7774402B2 (en) * 2005-06-29 2010-08-10 Visa U.S.A. Adaptive gateway for switching transactions and data on unreliable networks using context-based rules
US20070276766A1 (en) * 2006-05-24 2007-11-29 Carlos Antonio Lorenzo Hoyos System and Method for Preventing Multiple Charges for a Transaction in a Payment System
US8626661B2 (en) * 2006-10-10 2014-01-07 Global Standard Financial, Inc. Electronic lockbox using digitally originated checks
US20080247629A1 (en) * 2006-10-10 2008-10-09 Gilder Clark S Systems and methods for check 21 image replacement document enhancements
US20080243685A1 (en) * 2007-04-02 2008-10-02 Nizam Antoo Bill payment system
US9342823B2 (en) * 2007-06-18 2016-05-17 Lemon, Inc. Payment clearing network for electronic financial transactions and related personal financial transaction device
US20090328184A1 (en) * 2008-06-26 2009-12-31 Utstarcom, Inc. System and Method for Enhanced Security of IP Transactions
US20100145855A1 (en) * 2008-12-06 2010-06-10 Fordyce Iii Edward W Payment account processing which conveys non purchase related data exchanges
JP5442467B2 (en) * 2010-01-19 2014-03-12 フェリカネットワークス株式会社 Information processing apparatus, information processing system, and program
US9990673B2 (en) * 2010-05-03 2018-06-05 Symbol Technologies, Llc Universal payment module systems and methods for mobile computing devices
WO2012006628A2 (en) 2010-07-09 2012-01-12 Visa International Service Association Gateway abstraction layer
FR2962830B1 (en) * 2010-07-16 2012-08-03 Xiring Sa SERVER, TERMINAL AND SECURE TRANSACTION METHOD
US20120102134A1 (en) * 2010-10-21 2012-04-26 International Business Machines Corporation Cache sharing among branch proxy servers via a master proxy server at a data center
US8924297B2 (en) 2011-02-25 2014-12-30 Visa International Service Association Direct connection systems and methods
NL2006609C2 (en) * 2011-04-14 2012-10-16 Sepasoft B V COMPOSITION AND METHOD FOR HANDLING TRANSACTIONS.
NL2006608C2 (en) * 2011-04-14 2012-10-16 Sepasoft B V COMPOSITION AND METHOD FOR HANDLING TRANSACTIONS.
US10496977B2 (en) 2012-07-16 2019-12-03 Square, Inc. Storing and forwarding payment transactions
US20140156534A1 (en) * 2012-12-05 2014-06-05 Sam Quigley Method for securely storing and forwarding payment transactions
WO2014124043A1 (en) 2013-02-05 2014-08-14 Visa International Service Association Integrated communications network for transactions
FR3074946B1 (en) * 2017-12-11 2021-08-27 Oney Bank ELECTRONIC TRANSACTION METHODS AND SYSTEMS

Citations (57)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3956615A (en) * 1974-06-25 1976-05-11 Ibm Corporation Transaction execution system with secure data storage and communications
US4264782A (en) * 1979-06-29 1981-04-28 International Business Machines Corporation Method and apparatus for transaction and identity verification
US5371797A (en) * 1993-01-19 1994-12-06 Bellsouth Corporation Secure electronic funds transfer from telephone or unsecured terminal
US5500890A (en) * 1993-08-19 1996-03-19 Exxon Research And Engineering Company Point-of-sale system using multi-threaded transactions and interleaved file transfer
US5526409A (en) * 1993-10-26 1996-06-11 Visa International Service Association Adaptive communication system within a transaction card network
US5621201A (en) * 1994-05-11 1997-04-15 Visa International Automated purchasing control system
US5651002A (en) * 1995-07-12 1997-07-22 3Com Corporation Internetworking device with enhanced packet header translation and memory
US5812668A (en) * 1996-06-17 1998-09-22 Verifone, Inc. System, method and article of manufacture for verifying the operation of a remote transaction clearance system utilizing a multichannel, extensible, flexible architecture
US5850446A (en) * 1996-06-17 1998-12-15 Verifone, Inc. System, method and article of manufacture for virtual point of sale processing utilizing an extensible, flexible architecture
US5889860A (en) * 1996-11-08 1999-03-30 Sunhawk Corporation, Inc. Encryption system with transaction coded decryption key
US5903878A (en) * 1997-08-20 1999-05-11 Talati; Kirit K. Method and apparatus for electronic commerce
US5910987A (en) * 1995-02-13 1999-06-08 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US5945653A (en) * 1997-06-26 1999-08-31 Walker Asset Management Limited Partnership System and method for establishing and executing functions to affect credit card accounts and transactions
US5983208A (en) * 1996-06-17 1999-11-09 Verifone, Inc. System, method and article of manufacture for handling transaction results in a gateway payment architecture utilizing a multichannel, extensible, flexible architecture
US6058373A (en) * 1996-10-16 2000-05-02 Microsoft Corporation System and method for processing electronic order forms
US6070798A (en) * 1997-02-21 2000-06-06 Nethery; Kee Purchaser generated transaction recording and negotiable instrument payment system
US6092053A (en) * 1998-10-07 2000-07-18 Cybercash, Inc. System and method for merchant invoked electronic commerce
US6119105A (en) * 1996-06-17 2000-09-12 Verifone, Inc. System, method and article of manufacture for initiation of software distribution from a point of certificate creation utilizing an extensible, flexible architecture
US6134588A (en) * 1997-11-12 2000-10-17 International Business Machines Corporation High availability web browser access to servers
US6302326B1 (en) * 1996-06-10 2001-10-16 Diebold, Incorporated Financial transaction processing system and method
US6334114B1 (en) * 1997-10-31 2001-12-25 Oracle Corporation Method and apparatus for performing transactions in a stateless web environment which supports a declarative paradigm
US6337861B1 (en) * 1999-02-02 2002-01-08 Cisco Technology, Inc. Method and apparatus to properly route ICMP messages in a tag-switching network
US20020023004A1 (en) * 2000-06-23 2002-02-21 Richard Hollander Online store management system
US6393411B1 (en) * 1998-07-21 2002-05-21 Amdahl Corporation Device and method for authorized funds transfer
US20020062347A1 (en) * 2000-10-17 2002-05-23 Low Colin Andrew Overview subsystem for information page server
US20020069162A1 (en) * 2000-11-15 2002-06-06 Cornelius Boylan Method for payment, user equipment, server, payment system and computer program product
US20020111886A1 (en) * 2001-02-12 2002-08-15 Chenevich William L. Payment management
US20020120846A1 (en) * 2001-02-23 2002-08-29 Stewart Whitney Hilton Electronic payment and authentication system with debit and identification data verification and electronic check capabilities
US20020156684A1 (en) * 2000-01-10 2002-10-24 Lucinda Stone Method for using computers to facilitate and control the creating of a plurality of functions
US6480894B1 (en) * 1998-03-06 2002-11-12 I2 Technologies Us, Inc. System and method for maintaining a state for a user session using a web system
US20030004828A1 (en) * 2000-04-27 2003-01-02 S/B Exchange Enterprises, Inc. Prepaid card authorization and security system
US20030028481A1 (en) * 1998-03-25 2003-02-06 Orbis Patents, Ltd. Credit card system and method
US20030056092A1 (en) * 2001-04-18 2003-03-20 Edgett Jeff Steven Method and system for associating a plurality of transaction data records generated in a service access system
US20030061156A1 (en) * 1999-12-21 2003-03-27 Sang-Jin Lim Instant settlement system and method for credit card member stores
US20030061171A1 (en) * 2000-05-15 2003-03-27 Kevin Gilbert System for and method of effecting an electronic transaction
US6629285B1 (en) * 2000-01-04 2003-09-30 Nokia Corporation Data transmission
US20030212796A1 (en) * 2002-02-23 2003-11-13 Wow Technologies, Inc. Loadable debit card system and method
US20030212904A1 (en) * 2000-05-25 2003-11-13 Randle William M. Standardized transmission and exchange of data with security and non-repudiation functions
US20030229590A1 (en) * 2001-12-12 2003-12-11 Byrne Shannon Lee Global integrated payment system
US20040007618A1 (en) * 2002-07-10 2004-01-15 Scott Oram Prepaid credit card method
US20040030624A1 (en) * 2000-07-24 2004-02-12 Ip Strategy Incorporated Storage medium storing a disintermediated financial transaction program, disintermediated financial transaction system and disintermediated financial transaction method
US20040059870A1 (en) * 2002-09-24 2004-03-25 International Business Machines Corporation Method, system, and program for restoring data in cache
US20040128240A1 (en) * 2002-10-07 2004-07-01 Yusin Wendy E. Method and system for managing financial transactions
US6760746B1 (en) * 1999-09-01 2004-07-06 Eric Schneider Method, product, and apparatus for processing a data request
US6785675B1 (en) * 2000-11-13 2004-08-31 Convey Development, Inc. Aggregation of resource requests from multiple individual requestors
US20050192892A1 (en) * 2002-02-23 2005-09-01 Wow! Technologies Automated clearing house compatible loadable debit card system and method
US6966034B2 (en) * 2000-06-30 2005-11-15 Microsoft Corporation Supplemental request header for applications or devices using web browsers
US6970849B1 (en) * 1999-12-17 2005-11-29 Microsoft Corporation Inter-server communication using request with encrypted parameter
US7016875B1 (en) * 2000-08-04 2006-03-21 Enfotrust Networks, Inc. Single sign-on for access to a central data repository
US20060085250A1 (en) * 1999-05-11 2006-04-20 Christopher Kantarjiev Techniques for processing customer service transactions at customer site using mobile computing device
US7051002B2 (en) * 2002-06-12 2006-05-23 Cardinalcommerce Corporation Universal merchant platform for payment authentication
US7069244B2 (en) * 2002-09-17 2006-06-27 First Data Corporation Method and system for merchant processing of purchase card transactions with expanded card type acceptance
US7103570B1 (en) * 1999-12-28 2006-09-05 First Data Corporation Merchant account activation system
US7293129B2 (en) * 2005-04-22 2007-11-06 Sun Microsystems, Inc. Flexible routing and addressing
US7379906B2 (en) * 2000-04-10 2008-05-27 Johannes Schellmann Method for acquiring and processing data of business transactions
US7685020B2 (en) * 2000-05-08 2010-03-23 Telefonaktiebolaget Lm Ericsson (Publ) Mobile commerce receipt system
US8412733B1 (en) * 2003-03-15 2013-04-02 SQL Stream Inc. Method for distributed RDSMS

Patent Citations (58)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3956615A (en) * 1974-06-25 1976-05-11 Ibm Corporation Transaction execution system with secure data storage and communications
US4264782A (en) * 1979-06-29 1981-04-28 International Business Machines Corporation Method and apparatus for transaction and identity verification
US5371797A (en) * 1993-01-19 1994-12-06 Bellsouth Corporation Secure electronic funds transfer from telephone or unsecured terminal
US5500890A (en) * 1993-08-19 1996-03-19 Exxon Research And Engineering Company Point-of-sale system using multi-threaded transactions and interleaved file transfer
US5526409A (en) * 1993-10-26 1996-06-11 Visa International Service Association Adaptive communication system within a transaction card network
US5621201A (en) * 1994-05-11 1997-04-15 Visa International Automated purchasing control system
US5910987A (en) * 1995-02-13 1999-06-08 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US5651002A (en) * 1995-07-12 1997-07-22 3Com Corporation Internetworking device with enhanced packet header translation and memory
US6302326B1 (en) * 1996-06-10 2001-10-16 Diebold, Incorporated Financial transaction processing system and method
US5812668A (en) * 1996-06-17 1998-09-22 Verifone, Inc. System, method and article of manufacture for verifying the operation of a remote transaction clearance system utilizing a multichannel, extensible, flexible architecture
US5850446A (en) * 1996-06-17 1998-12-15 Verifone, Inc. System, method and article of manufacture for virtual point of sale processing utilizing an extensible, flexible architecture
US5983208A (en) * 1996-06-17 1999-11-09 Verifone, Inc. System, method and article of manufacture for handling transaction results in a gateway payment architecture utilizing a multichannel, extensible, flexible architecture
US6119105A (en) * 1996-06-17 2000-09-12 Verifone, Inc. System, method and article of manufacture for initiation of software distribution from a point of certificate creation utilizing an extensible, flexible architecture
US6058373A (en) * 1996-10-16 2000-05-02 Microsoft Corporation System and method for processing electronic order forms
US5889860A (en) * 1996-11-08 1999-03-30 Sunhawk Corporation, Inc. Encryption system with transaction coded decryption key
US6070798A (en) * 1997-02-21 2000-06-06 Nethery; Kee Purchaser generated transaction recording and negotiable instrument payment system
US5945653A (en) * 1997-06-26 1999-08-31 Walker Asset Management Limited Partnership System and method for establishing and executing functions to affect credit card accounts and transactions
US5903878A (en) * 1997-08-20 1999-05-11 Talati; Kirit K. Method and apparatus for electronic commerce
US6334114B1 (en) * 1997-10-31 2001-12-25 Oracle Corporation Method and apparatus for performing transactions in a stateless web environment which supports a declarative paradigm
US6134588A (en) * 1997-11-12 2000-10-17 International Business Machines Corporation High availability web browser access to servers
US6480894B1 (en) * 1998-03-06 2002-11-12 I2 Technologies Us, Inc. System and method for maintaining a state for a user session using a web system
US20030028481A1 (en) * 1998-03-25 2003-02-06 Orbis Patents, Ltd. Credit card system and method
US6393411B1 (en) * 1998-07-21 2002-05-21 Amdahl Corporation Device and method for authorized funds transfer
US6092053A (en) * 1998-10-07 2000-07-18 Cybercash, Inc. System and method for merchant invoked electronic commerce
US6337861B1 (en) * 1999-02-02 2002-01-08 Cisco Technology, Inc. Method and apparatus to properly route ICMP messages in a tag-switching network
US20060085250A1 (en) * 1999-05-11 2006-04-20 Christopher Kantarjiev Techniques for processing customer service transactions at customer site using mobile computing device
US6760746B1 (en) * 1999-09-01 2004-07-06 Eric Schneider Method, product, and apparatus for processing a data request
US6970849B1 (en) * 1999-12-17 2005-11-29 Microsoft Corporation Inter-server communication using request with encrypted parameter
US20030061156A1 (en) * 1999-12-21 2003-03-27 Sang-Jin Lim Instant settlement system and method for credit card member stores
US7103570B1 (en) * 1999-12-28 2006-09-05 First Data Corporation Merchant account activation system
US6629285B1 (en) * 2000-01-04 2003-09-30 Nokia Corporation Data transmission
US20020156684A1 (en) * 2000-01-10 2002-10-24 Lucinda Stone Method for using computers to facilitate and control the creating of a plurality of functions
US20020169694A1 (en) * 2000-01-10 2002-11-14 Lucinda Stone Method of using a network of computers to facilitate and control access or admission to facility, site, business, or venue
US7379906B2 (en) * 2000-04-10 2008-05-27 Johannes Schellmann Method for acquiring and processing data of business transactions
US20030004828A1 (en) * 2000-04-27 2003-01-02 S/B Exchange Enterprises, Inc. Prepaid card authorization and security system
US7685020B2 (en) * 2000-05-08 2010-03-23 Telefonaktiebolaget Lm Ericsson (Publ) Mobile commerce receipt system
US20030061171A1 (en) * 2000-05-15 2003-03-27 Kevin Gilbert System for and method of effecting an electronic transaction
US20030212904A1 (en) * 2000-05-25 2003-11-13 Randle William M. Standardized transmission and exchange of data with security and non-repudiation functions
US20020023004A1 (en) * 2000-06-23 2002-02-21 Richard Hollander Online store management system
US6966034B2 (en) * 2000-06-30 2005-11-15 Microsoft Corporation Supplemental request header for applications or devices using web browsers
US20040030624A1 (en) * 2000-07-24 2004-02-12 Ip Strategy Incorporated Storage medium storing a disintermediated financial transaction program, disintermediated financial transaction system and disintermediated financial transaction method
US7016875B1 (en) * 2000-08-04 2006-03-21 Enfotrust Networks, Inc. Single sign-on for access to a central data repository
US20020062347A1 (en) * 2000-10-17 2002-05-23 Low Colin Andrew Overview subsystem for information page server
US6785675B1 (en) * 2000-11-13 2004-08-31 Convey Development, Inc. Aggregation of resource requests from multiple individual requestors
US20020069162A1 (en) * 2000-11-15 2002-06-06 Cornelius Boylan Method for payment, user equipment, server, payment system and computer program product
US20020111886A1 (en) * 2001-02-12 2002-08-15 Chenevich William L. Payment management
US20020120846A1 (en) * 2001-02-23 2002-08-29 Stewart Whitney Hilton Electronic payment and authentication system with debit and identification data verification and electronic check capabilities
US20030056092A1 (en) * 2001-04-18 2003-03-20 Edgett Jeff Steven Method and system for associating a plurality of transaction data records generated in a service access system
US20030229590A1 (en) * 2001-12-12 2003-12-11 Byrne Shannon Lee Global integrated payment system
US20030212796A1 (en) * 2002-02-23 2003-11-13 Wow Technologies, Inc. Loadable debit card system and method
US20050192892A1 (en) * 2002-02-23 2005-09-01 Wow! Technologies Automated clearing house compatible loadable debit card system and method
US7051002B2 (en) * 2002-06-12 2006-05-23 Cardinalcommerce Corporation Universal merchant platform for payment authentication
US20040007618A1 (en) * 2002-07-10 2004-01-15 Scott Oram Prepaid credit card method
US7069244B2 (en) * 2002-09-17 2006-06-27 First Data Corporation Method and system for merchant processing of purchase card transactions with expanded card type acceptance
US20040059870A1 (en) * 2002-09-24 2004-03-25 International Business Machines Corporation Method, system, and program for restoring data in cache
US20040128240A1 (en) * 2002-10-07 2004-07-01 Yusin Wendy E. Method and system for managing financial transactions
US8412733B1 (en) * 2003-03-15 2013-04-02 SQL Stream Inc. Method for distributed RDSMS
US7293129B2 (en) * 2005-04-22 2007-11-06 Sun Microsystems, Inc. Flexible routing and addressing

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
"Cassette for VisaNet Supplement," IBM, pgs. 1-81, 1/21/2000. *
"Cassette for VisaNet Supplement," IBM, pgs. 1-92, 6/2003 *
Cox, Tygar, Sirbu. NetBill Security and Tranaction Protocol. Carnegie Mellon University. 1995. pg. 1-12 *
Cox, Tygar, Sirbu. NetBill Security and Transaction Protocol. Carnegie Mellon University. 1995. pg. 1-12 *

Also Published As

Publication number Publication date
US20050015336A1 (en) 2005-01-20
US7853525B2 (en) 2010-12-14

Similar Documents

Publication Publication Date Title
US20110078083A1 (en) Electronic draft capture
JP6599021B2 (en) Method and system for recording point-to-point transaction processing
US8140429B2 (en) Universal merchant platform for payment authentication
US10157375B2 (en) Alternative payment implementation for electronic retailers
CA2950637C (en) Universal merchant platform for payment authentication
AU2003217958B2 (en) Method and system for processing credit card related transactions
CN110582790A (en) system and method for restricted transaction processing
US8448229B2 (en) Methods and systems for providing website hosting security
US20090043677A1 (en) System and method for real time account and account number generation using origination apis
US20040039691A1 (en) Electronic funds transaction system
WO2020242707A1 (en) Methods and systems for dual-to-single message conversion in electronic transactions
AU2006309231B2 (en) Web terminal and bridge that support passing of authentication data to acquirer for payment processing
JP2938437B2 (en) How to handle transaction data
US7761375B2 (en) Transaction switch and a method for use thereof
US20090254603A1 (en) Access server for certifying and validating data in a processing network
US11940993B2 (en) Push interaction including linked data
AU2012200584B2 (en) Web terminal and bridge that support passing of authentication data to acquirer for payment processing
CN116777543A (en) Aggregate payment method and system supporting support and verification integration
WO2009149164A2 (en) Alternative payment implementation for electronic retailers
WO2004034222A9 (en) Method and system for managing financial transactions

Legal Events

Date Code Title Description
AS Assignment

Owner name: MICROSOFT TECHNOLOGY LICENSING, LLC, WASHINGTON

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MICROSOFT CORPORATION;REEL/FRAME:034544/0001

Effective date: 20141014

AS Assignment

Owner name: MICROSOFT CORPORATION, WASHINGTON

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:YEATES, ANTHONY JAMES;DOURNOV, PAVEL ANATOLIEVICH;BALASUBRAMANIAN, BALAJI;AND OTHERS;SIGNING DATES FROM 20030731 TO 20030804;REEL/FRAME:036528/0771

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION