WO2002029666A1 - Method of and system for e-commerce security - Google Patents

Method of and system for e-commerce security Download PDF

Info

Publication number
WO2002029666A1
WO2002029666A1 PCT/US2000/027112 US0027112W WO0229666A1 WO 2002029666 A1 WO2002029666 A1 WO 2002029666A1 US 0027112 W US0027112 W US 0027112W WO 0229666 A1 WO0229666 A1 WO 0229666A1
Authority
WO
WIPO (PCT)
Prior art keywords
user device
information
server
trigger element
authenticator
Prior art date
Application number
PCT/US2000/027112
Other languages
French (fr)
Inventor
Frans Martin Coetzee
Frederick Willem Mostert
Christopher Michael Colfer
Original Assignee
Frans Martin Coetzee
Frederick Willem Mostert
Christopher Michael Colfer
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Frans Martin Coetzee, Frederick Willem Mostert, Christopher Michael Colfer filed Critical Frans Martin Coetzee
Priority to PCT/US2000/027112 priority Critical patent/WO2002029666A1/en
Priority to AU2001211904A priority patent/AU2001211904A1/en
Publication of WO2002029666A1 publication Critical patent/WO2002029666A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/102Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for e-commerce

Definitions

  • This invention relates to a method of and system for e-commerce security.
  • the invention is a strategic and enabling e-commerce tool to increase the level of trust among web consumers and to protect brand owners, individuals and others against loss of privacy.
  • the invention is based upon a unique verification system. More specifically, the invention provides protection for entities or individuals that participate in e-commerce from web sites misrepresenting themselves as genuine merchant web sites or as authorized product dealers for the products offered for sale.
  • This invention relates to a method and system for providing protection to the entities, services and individuals that operate in e-commerce. More specifically, this invention allows a user to verify the identity of a contacted web site to ensure that the web site is not an imposter posing as a genuine merchant web site or web merchant. In addition it can also verify that the web merchant is an authorized dealer or that the web service provided is an authorized source of information. Thus, the invention enables users to protect themselves from rogue web sites and unofficial dealers and enables web merchants, idividuals and services to protect their reputations, product image and, most importantly, their corporate (brand) equity.
  • Verisign has a method in place whereby it issues an icon for display on merchant's web pages upon which a user can click to "activate” it.
  • the icon has certain behind- the-scenes "instructions" associated with it.
  • a new web page is displayed with general information about the genuine web site to which the icon was issued, such as web site location, city or • town, and state. This information is apparently retrieved from the Verisign registration database.
  • the instructions within this new window direct the user to check the displayed web site location against the web site location visited by the user.
  • the icon can easily be copied and placed on a different site, along with modified behind-the-scenes "instructions" thereby allowing an imposter to create a parallel architecture that mimics the look and feel of Verisign's method, but provides misleading information to the user.
  • the user since the user is not directed to the real web site (in the case of a an imposter web site simply copying the icon) , the user could still be misled by the similarity between the textual web site path of the imposter web site and the true web site (e.g. www.whitehouse.gov versus www.whitehouse.com).
  • the user is required to make comparisons of textual web site paths visually as part of the verification process.
  • imposter web sites can likely trick the user by creating believable similarities between the text.
  • the invention provides users with the ability to verify information about web merchants such as the identity of a merchant web site, and the authority of that web merchant to sell its advertised products.
  • the invention provides merchants protection against damage to their good will and product reputation from imitation web sites improperly portraying themselves as a merchant web site.
  • Figure 1 is a diagrammatic view of a system for web merchant identification and verification in accordance with the present invention.
  • Figures 2 through 4, inclusive are process flow diagrams for systems for e-commerce protection involving web merchant information verification in accordance with three preferred embodiments of the present invention.
  • Figures. 5a, 5b and 5c are three alternative process flow diagrams for registration module for a merchant server. More specifically, Figure 5a is the preferred embodiment of the merchant registration process for the first of the three preferred embodiments of the present invention.
  • Figure 5b is the preferred embodiment of the merchant registration process for the second of the three preferred embodiments for the present invention.
  • Figure 5c is the preferred embodiment of the merchant registration process for the third of the three preferred embodiments for the present invention.
  • the specific sequence of steps within Figures 5a, 5b, and 5c may occur, at various points in time and in a different sequence than depicted.
  • the important aspect of these drawings are the steps that are accomplished, not necessarily the order or timing of the various steps.
  • Figures 6a, 6b and 6c are three alternative process flow diagrams for registration module for a user device. More specifically, Figure 6a is an alternative embodiment of the user registration process for the first of the three preferred embodiments of the present invention. Figure 6b is an alternative embodiment of the user registration process for the second of the three preferred embodiments for the present invention. Figure 6c is an alternative embodiment of the user registration process for the third of the three preferred embodiments for the present invention. Again, similar to the merchant registration process, for technological reasons, the specific sequence of steps within Figures 6a, 6b, and 6c may occur at various points in time and in a different sequence than depicted. The important aspect of these drawings are the steps that are accomplished, not necessarily the order or timing of the various steps.
  • Figure 7 is a data flow diagram of the preferred embodiment depicted in Figure 2.
  • Figure 8 is a data flow diagram of the preferred embodiment depicted in Figure 3.
  • Figure 9 is a data flow diagram of the preferred embodiment depicted in Figure _ .
  • the present invention is directed to a method of and a system for e-commerce security.
  • e-commerce is considered as much more than mere sales conducted via computer network connections such as the Internet and the World Wide Web.
  • sales are definitely a part of e-cornmerce, the term has come to include the distribution and dissemination of information and data, whether sales related or not, to the global general public.
  • a user when traversing along the Internet, will navigate to a web site purporting to have the capability to conduct and accept e-commerce sales.
  • the web site will have included on one of its web pages a trigger element.
  • the trigger element may be, but is not limited to such things as an icon, a computer script, HTML comment, an active text, binary, or digitally ' signed string, a Universal Remote Location (URL) field or protocol.
  • the user Upon activation of the trigger element, the user will be provided information about the web merchant so that the user can make determinations about the web merchant such as whether the web merchant is who it purports to be and whether the web merchant is an authorized dealer of the products offered for sale on its web site.
  • FIG. 1 shows a diagram of a system 100 for the provision of e-commerce security in accordance with the preferred embodiments of the present invention.
  • the system 100 includes an authenticator server, including a computer processor and associated memory 110, a user device, including a computer processor and associated memory 120, and at least one merchant server, including a computer processor and associated memory 130, all connected to a common computer network 140.
  • the authenticator server 110, user device 120 and a merchant server 130 can be a personal computer system such as an IBM PC or IBM PC compatible system or an APPLE Macintosh system or a more advanced computer system, although mainframe computer systems or any other internet- accessing device can also be used.
  • the computer network 140 is a global TCP/IP based network such as the Internet or an intranet, although almost any well known LAN, MAN, WAN, or VPN technology can be used.
  • the authenticator server 110 is adapted to transfer and receive information over the computer network 140.
  • the authenticator server 110 is adapted also to store information in, and retrieve information from its associated memory.
  • the authenticator server 110 is adapted further to perform comparisons of information utilizing information received from a user device 120, information received from a merchant server 130, or information retrieved from its associated memory.
  • the authenticator server 110 may be further adapted to modify information associated with, and located on, a merchant server 130.
  • the authenticator server 110 may be further adapted to sign identification information provided by a user device 120 or a merchant server 130.
  • the user device 120 is adapted to transfer and receive information across the computer network 140.
  • the user device 120 is adapted further to implement computer instruction provided by either the authenticator server 110 or a merchant server 130.
  • the merchant server 130 is adapted to transfer and receive information over the computer network 140.
  • the merchant server 130 is adapted also to store information in, and retrieve information from its associated memory.
  • the merchant server 130 is adapted further to implement computer instruction provided by the authenticator server 110.
  • authenticator server 110 user device 120 and merchant server 130 are described in the context of a single web server, one of ordinary skill in the art will appreciate that the described functionality may be implemented across multiple servers.
  • Figure 2 shows a process flow for the first of the three preferred embodiments of the present invention.
  • the user device 120 navigates to a merchant server 130 where the merchant server 130 displays a web page of its web site.
  • a trigger element previously provided to the merchant server 130 by the authenticator server 110 during the merchant registration process as displayed in Figure 5a, and displayed on the web page of the merchant server's 130 web site, is activated.
  • the activated trigger element causes the user device 120 to activate a computer program on the user device 120 that directs the user device 120 to obtain identity information from the merchant server 130.
  • the computer program would be provided by the authenticator server 110 to the user device 120 during the user registration process as displayed in Figure 6a.
  • the user registration process as depicted in Figure 6a is merely the preferred embodiment of the process and may, in fact, occur at any point before or during the first three steps of Figure 2 and in a variety of distribution techniques, including, for example, CD-ROM distribution or incorporation into, and subsequent distribution of, a web browser program.
  • the fourth step 240 the integrity and ownership of the identity information from the merchant server 130 is verified.
  • the computer program on the user device 120 may, for example, establish a secure connection with the merchant server 130 via the well-known Secure Socket Layer (SSL) connectivity process.
  • SSL Secure Socket Layer
  • Another example of a manner by which the fourth step may be accomplished is through the computer program on the user device 120 causing the genuine web page associated with the identity information to be redisplayed, thereby displaying the web page of the real merchant server registered with the Authenticator server 110 to the user device 120.
  • This step in the case were the trigger element was copied onto an imposter web site, puts the user device 120 on notice that the first web page was that of an imposter. Then, in the fifth step 250, the user device 120 sends the identity information received from the merchant server 130 to the authenticator server 110.
  • the authenticator server 110 receives the identity information sent by the user device 120 and retrieves the identity information, along with the various other available pieces of information for the merchant server 120 from the associated memory of the authenticator server 110.
  • the information maintained by the authenticator server 110 may include, but is not limited to, such items as the name, address, and telephone number of the underlying entity, product listings, as well as various other information.
  • the identity information as well as the other pieces of information for the merchant server 120 would be obtained during the merchant registration process as displayed in Figure 5a.
  • the merchant registration process as depicted in Figure 5a is merely the preferred embodiment of the process and may, in fact, occur at any point before or during the first three steps of Figure .2.
  • the authenticator server 110 compares the identity information received from the user device 120 to the identity information retrieved from its associated memory.
  • the result of that comparison possibly along with other pertinent information such as personalized information selected or determined by the user device 120 during the user registration process, is sent to the user device 120-
  • the user device 120 displays the information.
  • Figure 3 shows a process flow for the second of the three preferred embodiments of the present invention.
  • the user device 120 navigates to a merchant server 130 where the merchant server 130 displays a web page of its web site.
  • a trigger element associated with the authenticator server 110 is activated.
  • the trigger element was previously provided to the merchant server 130 by the authenticator server 110 during the merchant registration process as displayed in Figure 5b.
  • the activated trigger element activates a computer program on the user device 120 that directs the user device 120 to obtain identity information from the merchant server 130.
  • the computer program would be provided by the authenticator server 110 to the user device 120 during the user registration process as displayed in Figure 6b.
  • the user registration process as depicted in Figure 6b is merely the preferred embodiment of the process and may, in fact, occur at any point before or during the first three steps of Figure 3 and in a variety of distribution techniques, including, for example, CD-ROM distribution or incorporation into, and subsequent distribution of, a web browser program.
  • the fourth step 340 the integrity and ownership of the identity information from the merchant server 130 is verified.
  • the computer program on the user device 120 may, for example, establish a secure connection with the merchant server 130 via the well-known SSL connectivity process.
  • the fourth step may be accomplished is through the computer program on the user device 120 causing the web page associated with the identity information to be redisplayed, thereby displaying the web page of the real merchant server registered with the Authenticator server 110 to the user device 120 and, in effect, putting the user device 120 on notice that the first web page was that of an imposter) .
  • the user device 120 extracts verifiable extension information from the received identity information, being previously imbedded within the merchant server's 130 identity information by the authenticator server 110 during the merchant registration process as depicted in Figure 5b, the preferred embodiment of the merchant registration process for Figure 3.
  • the verifiable extension information should be information whereby tampering of the information could be detected.
  • the user device 120 displays the extracted information.
  • the user device 120 may also display various other information such as personalized information selected or determined by the user device 120 during the user registration process, intended to provide the user device 120 a high degree of comfort for conducting business with the merchant server 130.
  • Figure 4 shows a process flow for the third of the three preferred embodiments of the present invention.
  • the user device 120 navigates to a merchant server 130 where the merchant server 130 displays a web page of its web site.
  • a trigger element associated with the authenticator server 110 is activated.
  • the trigger element was previously provided to the merchant server 130 by the authenticator server 110 during the merchant registration process as displayed in Figure 5c.
  • the activated trigger element activates a computer- program on the merchant server 130 that directs the user device 120 to establish a connection with the authenticator server 110, and send information about the connection between the user device 120 and the merchant server 130 to the authenticator server 110.
  • the computer program was previously provided by the authenticator server 110 to the merchant server 120 during the merchant registration process as displayed in Figure 5c.
  • the user device 120 again directed by the computer program on the merchant server 120, sends its signed identity information to the authenticator server 110.
  • the signed identity information was provided by the authenticator server 110 to the user device 120 during the user registration process as displayed in Figure 6c.
  • the merchant server 130 through the computer program, establishes a connection with the authenticator server 110 and sends information about the connection between the merchant server 130 and the user device 120 to the authenticator server 110.
  • the authenticator server 110 compares the connection information received from the user device 120 to the connection information received from the merchant server 130.
  • the authenticator server 110 uses the signed identity information, verifies the identity of the user device 120, and may retrieve from its associated memory other personalized information selected or determined by the user device 120 during the user registration process.
  • the authenticator server 110 sends the information, possibly including the retrieved personalized information, to the user device 120.
  • the user device displays the information.
  • Figure 5a shows the process flow of the merchant registration process for the first of the three preferred embodiments of the present invention.
  • the merchant server 130 navigates to the authenticator server 110.
  • the authenticator server 110 prompts the merchant server 130 for registration information that may be used later by the authenticator server 110 to verify the identity and product authorities of the merchant server 130.
  • the authenticator server 110 downloads a trigger element to the merchant server 130 for inclusion on the web page of the web site of the merchant server 130.
  • Figure 5b shows the process flow of the merchant registration process for the second of the three preferred embodiments of the present invention.
  • the merchant server 130 navigates to the authenticator server 110.
  • the authenticator server 110 prompts the merchant server 130 for registration information that may be used later by the authenticator server 110 to verify the identity and product authorities of the merchant server 130.
  • the authenticator server 110 downloads a trigger element to the merchant server 130 for inclusion on the web page of the web site of the merchant server 130.
  • the authenticator server 110 in the final step 540b, imbeds into the identity information of the merchant server 130, a verifiable extension to be used later by a computer program placed on the user device 120 by the authenticator server 110.
  • Figure 5c shows the process flow of the merchant registration process for the third of the three preferred embodiments of the present invention.
  • the merchant server 130 navigates to the authenticator server 110.
  • the authenticator server 110 prompts the merchant server 130 for registration information that may be used later by the authenticator server 110 to verify the identity and product authorities of the merchant server 130.
  • the authenticator server 110 downloads a trigger element to the merchant server 130 for inclusion on the web page of the web site of the merchant server 130.
  • the authenticator server 110 in the final step 540c, downloads a computer program to the merchant server 130.
  • Figure 6a shows the process flow for the user registration process for the first of the three preferred embodiments of the present invention.
  • the user device 120 navigates to the authenticator server 110.
  • the authenticator server 110 prompts the user device 120 for registration information that may be used later by the authenticator server 110 to verify the identity of the user device 120.
  • the authenticator server 110 downloads a computer program to the user device 120.
  • Figure 6b shows the process flow for the user registration process for the second of the three preferred embodiments of the present invention.
  • the user device 120 navigates to the authenticator server 110.
  • the authenticator server 110 prompts the user device 120 for registration information that may be used later by the authenticator server 110 to verify the identity of the user device 120.
  • the authenticator server 110 downloads a computer program to the user device 120.
  • Figure 6c shows the process flow for the user registration process for the third of the three preferred embodiments of the present invention.
  • the user device 120 navigates to the authenticator server 110.
  • the authenticator server 110 prompts the user device 120 for registration information that may be used later by the authenticator server 110 to verify the identity of the user device 120. Once the registration information has been obtained, in the final step 630c, the authenticator server 110 downloads a signed user identity information to the user device 120. Finally, an additional step is considered whereby the authenticator server 110 provides to the user device 120 a computer program that enables the user device 120 to further verify the integrity and ownership of the connection between the user device 120 and the merchant server 130.

Abstract

This invention provides a method and system for secure e-commerce transactions by providing a user (120) with tauthentication tools (110) with which a user can verify the trustedness of a merchant website (120).

Description

TITLE OF THE INVENTION
Method of and System for E-Commerce Security
RELATED UNITED STATES APPLICATIONS/CLAIM OF PRIORITY Not Applicable
FIELD OF THE INVENTION
This invention relates to a method of and system for e-commerce security. The invention is a strategic and enabling e-commerce tool to increase the level of trust among web consumers and to protect brand owners, individuals and others against loss of privacy. The invention is based upon a unique verification system. More specifically, the invention provides protection for entities or individuals that participate in e-commerce from web sites misrepresenting themselves as genuine merchant web sites or as authorized product dealers for the products offered for sale.
BACKGROUND OF THE INVENTION
This invention relates to a method and system for providing protection to the entities, services and individuals that operate in e-commerce. More specifically, this invention allows a user to verify the identity of a contacted web site to ensure that the web site is not an imposter posing as a genuine merchant web site or web merchant. In addition it can also verify that the web merchant is an authorized dealer or that the web service provided is an authorized source of information. Thus, the invention enables users to protect themselves from rogue web sites and unofficial dealers and enables web merchants, idividuals and services to protect their reputations, product image and, most importantly, their corporate (brand) equity.
With the rapid growth of e-commerce as a sales tool, global consumers are using the World Wide Web and Internet as a virtual shopping mall where they purchase the goods and services that they desire or need. As a result of this, millions of users and consumers are daily faced with providing sensitive, personal and financial information to web merchants. This information, if provided to a less- than-ethical web merchant could be used by the web merchant or imposter for improper gain without the knowledge or authorization from the user. Such events could lead to individual identity theft and financial damage in terms of credit history, credit worthiness an financial loss. Thus web users and consumers who shop or obtain services via the Internet and World Wide Web have a real interest in protecting themselves against fraud and misrepresentation by fraudulent and unethical web merchants. Equally, entities (including sports teams), services and individuals
(including celebrities) are able to protect and enable their brands and services at the same time.
Presently, there are a limited number of "verification" systems in use on the World Wide Web and the Internet. Examples of the systems currently deployed include Verisign's "Click To Verify" System, WebTrust's system, and a proposed system by TradeSafely.com. However, as explained in greater detail below, these systems, although proclaiming to provide security to e-commerce participants, may provide little to no real protection from imposter web sites or unethical web merchants. Verisign has a method in place whereby it issues an icon for display on merchant's web pages upon which a user can click to "activate" it. The icon has certain behind- the-scenes "instructions" associated with it. Once activated, a new web page is displayed with general information about the genuine web site to which the icon was issued, such as web site location, city or • town, and state. This information is apparently retrieved from the Verisign registration database. The instructions within this new window direct the user to check the displayed web site location against the web site location visited by the user.
However, no detailed security steps are taken and the method is at risk of attack by rogue web sites and unethical web merchants. For example, the icon can easily be copied and placed on a different site, along with modified behind-the-scenes "instructions" thereby allowing an imposter to create a parallel architecture that mimics the look and feel of Verisign's method, but provides misleading information to the user. Moreover, since the user is not directed to the real web site (in the case of a an imposter web site simply copying the icon) , the user could still be misled by the similarity between the textual web site path of the imposter web site and the true web site (e.g. www.whitehouse.gov versus www.whitehouse.com). Finally, hecause the server certificate for the merchant web site is never, in fact, verified or authenticated during this procedure, an imposter web site could easily breach of the Verisign method. Another example of a present attempt to provide e- commerce security is called WebTrust. This method also involves an icon on the merchant's web page, activated by the user causing a new web page to be displayed with instructions to the user as to how to proceed through a series of maneuvers in order to "verify" the merchant web site. Again, however, the method is subject to breach by imposter web sites.
First, the user is required to make comparisons of textual web site paths visually as part of the verification process. As discussed above, imposter web sites can likely trick the user by creating believable similarities between the text. Second, in the case of an imposter web site inappropriately displaying the icon, the user is never taken to the web page of the genuine merchant web site on which the icon should appear. Thus the user could be fooled unless he or she carefully compares the two text web site paths. Third, since the merchant's server certificate corresponding to the page on which the icon appears may never, in fact, be verified or authenticated, an imposter web site may be able to copy the WebTrust icon and create an alternate, similar infrastructure that mimics the process of the WebTrust method but, in fact, misleads the user. Finally, there is a third method being advertised, yet seemingly not available yet, called TradeSafely. Although this method purports to utilize a triangulation scheme having some general similarities with the third embodiment of the present invention, from the high level descriptions of the method, there appears to be two critical distinctions between them. First, the TradeSafely method implies a sustained, trusted connection between the merchant server and the TradeSafely system, whereas the first two preferred embodiments of the present invention do not require such extensive communication. Second, the TradeSafely method implies that a secure user authentication step is not performed, thereby creating an opening for attack by imposter web sites via the well known "man in the middle" technique.
Therefore, a need exists for a method and system that provides protection to e-commerce by providing real security to users and web sites and by eliminating the possibility of attack and interception by imposter web sites.
SUMMARY OF THE INVENTION
In accordance with one aspect of the present invention there is provided a method and system for e-commerce protection. First, the invention provides users with the ability to verify information about web merchants such as the identity of a merchant web site, and the authority of that web merchant to sell its advertised products. Second, the invention provides merchants protection against damage to their good will and product reputation from imitation web sites improperly portraying themselves as a merchant web site.
These and other aspects, features and advantages of the present invention will become better understood with regard to the following description, accompanying drawings and appended claims.
BRIEF DESCRIPTION OF THE DRAWINGS
Exemplary embodiments of the present invention are now briefly described with reference to the following drawings:
Figure 1 is a diagrammatic view of a system for web merchant identification and verification in accordance with the present invention.
Figures 2 through 4, inclusive, are process flow diagrams for systems for e-commerce protection involving web merchant information verification in accordance with three preferred embodiments of the present invention. Figures. 5a, 5b and 5c are three alternative process flow diagrams for registration module for a merchant server. More specifically, Figure 5a is the preferred embodiment of the merchant registration process for the first of the three preferred embodiments of the present invention. Figure 5b is the preferred embodiment of the merchant registration process for the second of the three preferred embodiments for the present invention. Figure 5c is the preferred embodiment of the merchant registration process for the third of the three preferred embodiments for the present invention. For technological reasons, the specific sequence of steps within Figures 5a, 5b, and 5c may occur, at various points in time and in a different sequence than depicted. The important aspect of these drawings are the steps that are accomplished, not necessarily the order or timing of the various steps.
Figures 6a, 6b and 6c are three alternative process flow diagrams for registration module for a user device. More specifically, Figure 6a is an alternative embodiment of the user registration process for the first of the three preferred embodiments of the present invention. Figure 6b is an alternative embodiment of the user registration process for the second of the three preferred embodiments for the present invention. Figure 6c is an alternative embodiment of the user registration process for the third of the three preferred embodiments for the present invention. Again, similar to the merchant registration process, for technological reasons, the specific sequence of steps within Figures 6a, 6b, and 6c may occur at various points in time and in a different sequence than depicted. The important aspect of these drawings are the steps that are accomplished, not necessarily the order or timing of the various steps. Figure 7 is a data flow diagram of the preferred embodiment depicted in Figure 2.
Figure 8 is a data flow diagram of the preferred embodiment depicted in Figure 3.
Figure 9 is a data flow diagram of the preferred embodiment depicted in Figure _ .
DETAILED DESCRIPTION OF THE INVENTION
In the following detailed description of the embodiments, reference is made to the accompanying drawings which form a part hereof, and in which is shown by way of illustration specific embodiments in which the invention may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention, and it is to be understood that other embodiments may be utilized and that structural, logical and electrical changes may be made without departing from the spirit and scope of the present inventions. The following detailed description is, therefore, not to be taken in a limiting sense, and the scope of the present inventions is defined only by the appended claims. The leading digit (s) of the reference numbers in the Figures usually correspond to the figure number, with the exception that identical components which appear in multiple figures are identified by the same reference numbers.
The present invention is directed to a method of and a system for e-commerce security. In today's high-tech environment, e-commerce is considered as much more than mere sales conducted via computer network connections such as the Internet and the World Wide Web. Although sales are definitely a part of e-cornmerce, the term has come to include the distribution and dissemination of information and data, whether sales related or not, to the global general public.
Typically, a user, when traversing along the Internet, will navigate to a web site purporting to have the capability to conduct and accept e-commerce sales. The web site will have included on one of its web pages a trigger element. The trigger element may be, but is not limited to such things as an icon, a computer script, HTML comment, an active text, binary, or digitally' signed string, a Universal Remote Location (URL) field or protocol. Upon activation of the trigger element, the user will be provided information about the web merchant so that the user can make determinations about the web merchant such as whether the web merchant is who it purports to be and whether the web merchant is an authorized dealer of the products offered for sale on its web site.
Figure 1 shows a diagram of a system 100 for the provision of e-commerce security in accordance with the preferred embodiments of the present invention. The system 100 includes an authenticator server, including a computer processor and associated memory 110, a user device, including a computer processor and associated memory 120, and at least one merchant server, including a computer processor and associated memory 130, all connected to a common computer network 140. Preferably, the authenticator server 110, user device 120 and a merchant server 130 can be a personal computer system such as an IBM PC or IBM PC compatible system or an APPLE Macintosh system or a more advanced computer system, although mainframe computer systems or any other internet- accessing device can also be used.
Preferably, the computer network 140 is a global TCP/IP based network such as the Internet or an intranet, although almost any well known LAN, MAN, WAN, or VPN technology can be used. The authenticator server 110 is adapted to transfer and receive information over the computer network 140. The authenticator server 110 is adapted also to store information in, and retrieve information from its associated memory. The authenticator server 110 is adapted further to perform comparisons of information utilizing information received from a user device 120, information received from a merchant server 130, or information retrieved from its associated memory. The authenticator server 110 may be further adapted to modify information associated with, and located on, a merchant server 130. The authenticator server 110 may be further adapted to sign identification information provided by a user device 120 or a merchant server 130. The user device 120 is adapted to transfer and receive information across the computer network 140. The user device 120 is adapted further to implement computer instruction provided by either the authenticator server 110 or a merchant server 130. The merchant server 130 is adapted to transfer and receive information over the computer network 140. The merchant server 130 is adapted also to store information in, and retrieve information from its associated memory. The merchant server 130 is adapted further to implement computer instruction provided by the authenticator server 110.
Additionally, although authenticator server 110, user device 120 and merchant server 130 are described in the context of a single web server, one of ordinary skill in the art will appreciate that the described functionality may be implemented across multiple servers.
Figure 2 shows a process flow for the first of the three preferred embodiments of the present invention. In the first step 210, the user device 120 navigates to a merchant server 130 where the merchant server 130 displays a web page of its web site. In the second step, 220, a trigger element previously provided to the merchant server 130 by the authenticator server 110 during the merchant registration process as displayed in Figure 5a, and displayed on the web page of the merchant server's 130 web site, is activated. In the third step 230, the activated trigger element causes the user device 120 to activate a computer program on the user device 120 that directs the user device 120 to obtain identity information from the merchant server 130. Typically, the computer program would be provided by the authenticator server 110 to the user device 120 during the user registration process as displayed in Figure 6a. However, the user registration process as depicted in Figure 6a is merely the preferred embodiment of the process and may, in fact, occur at any point before or during the first three steps of Figure 2 and in a variety of distribution techniques, including, for example, CD-ROM distribution or incorporation into, and subsequent distribution of, a web browser program. In the fourth step 240, the integrity and ownership of the identity information from the merchant server 130 is verified. To accomplish this fourth step, the computer program on the user device 120 may, for example, establish a secure connection with the merchant server 130 via the well-known Secure Socket Layer (SSL) connectivity process. Another example of a manner by which the fourth step may be accomplished is through the computer program on the user device 120 causing the genuine web page associated with the identity information to be redisplayed, thereby displaying the web page of the real merchant server registered with the Authenticator server 110 to the user device 120. This step, in the case were the trigger element was copied onto an imposter web site, puts the user device 120 on notice that the first web page was that of an imposter. Then, in the fifth step 250, the user device 120 sends the identity information received from the merchant server 130 to the authenticator server 110. In the sixth step 260, the authenticator server 110 receives the identity information sent by the user device 120 and retrieves the identity information, along with the various other available pieces of information for the merchant server 120 from the associated memory of the authenticator server 110. The information maintained by the authenticator server 110 may include, but is not limited to, such items as the name, address, and telephone number of the underlying entity, product listings, as well as various other information. Again, typically, the identity information as well as the other pieces of information for the merchant server 120 would be obtained during the merchant registration process as displayed in Figure 5a. However, the merchant registration process as depicted in Figure 5a is merely the preferred embodiment of the process and may, in fact, occur at any point before or during the first three steps of Figure .2. Next, in the seventh step 270, the authenticator server 110 compares the identity information received from the user device 120 to the identity information retrieved from its associated memory. In the eighth step 280, the result of that comparison, possibly along with other pertinent information such as personalized information selected or determined by the user device 120 during the user registration process, is sent to the user device 120- Finally, in the ninth step 290, the user device 120 displays the information.
Figure 3 shows a process flow for the second of the three preferred embodiments of the present invention. In the first step 310, the user device 120 navigates to a merchant server 130 where the merchant server 130 displays a web page of its web site. In the second step, 320, a trigger element associated with the authenticator server 110, and displayed on the web page of the merchant server's 130 web site, is activated. The trigger element was previously provided to the merchant server 130 by the authenticator server 110 during the merchant registration process as displayed in Figure 5b. In the third step 330, the activated trigger element activates a computer program on the user device 120 that directs the user device 120 to obtain identity information from the merchant server 130. Typically, the computer program would be provided by the authenticator server 110 to the user device 120 during the user registration process as displayed in Figure 6b. However, the user registration process as depicted in Figure 6b is merely the preferred embodiment of the process and may, in fact, occur at any point before or during the first three steps of Figure 3 and in a variety of distribution techniques, including, for example, CD-ROM distribution or incorporation into, and subsequent distribution of, a web browser program. In the fourth step 340, the integrity and ownership of the identity information from the merchant server 130 is verified. To accomplish this fourth step, the computer program on the user device 120 may, for example, establish a secure connection with the merchant server 130 via the well-known SSL connectivity process. Another example of a manner by which the fourth step may be accomplished is through the computer program on the user device 120 causing the web page associated with the identity information to be redisplayed, thereby displaying the web page of the real merchant server registered with the Authenticator server 110 to the user device 120 and, in effect, putting the user device 120 on notice that the first web page was that of an imposter) . In the fifth step 350, - the user device 120 extracts verifiable extension information from the received identity information, being previously imbedded within the merchant server's 130 identity information by the authenticator server 110 during the merchant registration process as depicted in Figure 5b, the preferred embodiment of the merchant registration process for Figure 3. The verifiable extension information should be information whereby tampering of the information could be detected. Then, in the sixth step 360, the user device 120 displays the extracted information. The user device 120 may also display various other information such as personalized information selected or determined by the user device 120 during the user registration process, intended to provide the user device 120 a high degree of comfort for conducting business with the merchant server 130.
Figure 4 shows a process flow for the third of the three preferred embodiments of the present invention. In the first step 410, the user device 120 navigates to a merchant server 130 where the merchant server 130 displays a web page of its web site. In the second step, 420, a trigger element associated with the authenticator server 110, and displayed on the web page of the merchant server's 130 web site, is activated. The trigger element was previously provided to the merchant server 130 by the authenticator server 110 during the merchant registration process as displayed in Figure 5c. In the third step 430, the activated trigger element activates a computer- program on the merchant server 130 that directs the user device 120 to establish a connection with the authenticator server 110, and send information about the connection between the user device 120 and the merchant server 130 to the authenticator server 110. The computer program was previously provided by the authenticator server 110 to the merchant server 120 during the merchant registration process as displayed in Figure 5c. In the fourth step 440, the user device 120, again directed by the computer program on the merchant server 120, sends its signed identity information to the authenticator server 110. The signed identity information was provided by the authenticator server 110 to the user device 120 during the user registration process as displayed in Figure 6c. Next, in the fifth step 450, the merchant server 130, through the computer program, establishes a connection with the authenticator server 110 and sends information about the connection between the merchant server 130 and the user device 120 to the authenticator server 110. Then, in the sixth step 460, the authenticator server 110 compares the connection information received from the user device 120 to the connection information received from the merchant server 130. In the seventh step, the authenticator server 110, using the signed identity information, verifies the identity of the user device 120, and may retrieve from its associated memory other personalized information selected or determined by the user device 120 during the user registration process. Next, in the eighth step 480, the authenticator server 110 sends the information, possibly including the retrieved personalized information, to the user device 120. Finally, in the ninth step 490, the user device displays the information.
Figure 5a shows the process flow of the merchant registration process for the first of the three preferred embodiments of the present invention. In the first step 510a, the merchant server 130 navigates to the authenticator server 110. Then, in the second step 520a, the authenticator server 110 prompts the merchant server 130 for registration information that may be used later by the authenticator server 110 to verify the identity and product authorities of the merchant server 130. Once the registration information has been obtained, in the final step 530a, the authenticator server 110 downloads a trigger element to the merchant server 130 for inclusion on the web page of the web site of the merchant server 130.
Figure 5b shows the process flow of the merchant registration process for the second of the three preferred embodiments of the present invention. In the first step 510b, the merchant server 130 navigates to the authenticator server 110. Then, in the second step 520b, the authenticator server 110 prompts the merchant server 130 for registration information that may be used later by the authenticator server 110 to verify the identity and product authorities of the merchant server 130. Once the registration information has been obtained, in the next step 530b, the authenticator server 110 downloads a trigger element to the merchant server 130 for inclusion on the web page of the web site of the merchant server 130. In addition to the trigger element, the authenticator server 110, in the final step 540b, imbeds into the identity information of the merchant server 130, a verifiable extension to be used later by a computer program placed on the user device 120 by the authenticator server 110.
Figure 5c shows the process flow of the merchant registration process for the third of the three preferred embodiments of the present invention. In the first step 510c, the merchant server 130 navigates to the authenticator server 110. Then, in the second step 520c, the authenticator server 110 prompts the merchant server 130 for registration information that may be used later by the authenticator server 110 to verify the identity and product authorities of the merchant server 130. Once the registration information has been obtained, in the next step 530c, the authenticator server 110 downloads a trigger element to the merchant server 130 for inclusion on the web page of the web site of the merchant server 130. In addition to the trigger element, the authenticator server 110, in the final step 540c, downloads a computer program to the merchant server 130.
Figure 6a shows the process flow for the user registration process for the first of the three preferred embodiments of the present invention. In the first step 610a, the user device 120 navigates to the authenticator server 110. Then, in the second step 620a, the authenticator server 110 prompts the user device 120 for registration information that may be used later by the authenticator server 110 to verify the identity of the user device 120. Once the registration information has been obtained, in the final step 630a, the authenticator server 110 downloads a computer program to the user device 120.
Figure 6b shows the process flow for the user registration process for the second of the three preferred embodiments of the present invention. In the first step 610b, the user device 120 navigates to the authenticator server 110. Then, in the second step 620b, the authenticator server 110 prompts the user device 120 for registration information that may be used later by the authenticator server 110 to verify the identity of the user device 120. Once the registration information has been obtained, in the final step 630b, the authenticator server 110 downloads a computer program to the user device 120. Figure 6c shows the process flow for the user registration process for the third of the three preferred embodiments of the present invention. In the first step 610c, the user device 120 navigates to the authenticator server 110. Then, in the second step 620c, the authenticator server 110 prompts the user device 120 for registration information that may be used later by the authenticator server 110 to verify the identity of the user device 120. Once the registration information has been obtained, in the final step 630c, the authenticator server 110 downloads a signed user identity information to the user device 120. Finally, an additional step is considered whereby the authenticator server 110 provides to the user device 120 a computer program that enables the user device 120 to further verify the integrity and ownership of the connection between the user device 120 and the merchant server 130.
Having now described one or more preferred embodiments of the invention, it should be apparent to those skilled in the art that the foregoing is illustrative only and not limiting, having been presented by way of example only. All the features disclosed in this specification (including any accompanying claims, abstract, and drawings) may be replaced by alternative features serving the same purpose, equivalents or similar purpose, unless expressly stated otherwise. Therefore, numerous other embodiments of the modifications thereof are contemplated as falling within the scope of the present invention as defined by the appended claims and equivalents thereto.

Claims

CLAIMS What is claimed is:
1. A system for allowing a user to verify information about servers on a computer network, comprising: a computer network; an authenticator server connected to said computer network; a first merchant server connected to said computer network; a user device connected to said computer network; said authenticator server being adapted to: receive first identity information from said user device; retrieve second identity information from associated memory; compare said first identity information to said second identity information; and provide said comparison results to user device; said first merchant server being adapted to: display a trigger element on the web pages of its web site; and provide said first identity information to said user device; and said user device being adapted to: obtain said first identity information from said first merchant server; verify the integrity of said first identity; verify ownership of said first identity; provide said first identity information to said authenticator server; receive said comparison results from said authenticator server; and display said comparison results.
2. A system according to claim 1 wherein said comparison results include information personalized by said user.
3. A system according to claim 1 wherein said comparison results include information related to consumer products.
4. A system according to claim 1 wherein said comparison results include information related to said merchant server's business.
5. A system according to claim 1 wherein said trigger element is provided by said authenticator server.
6. A system according to claim 1 wherein said trigger element is provided by a third party.
7. A system according to claim 1 wherein said trigger element is activated by said user device.
8. A system according to claim 1 wherein said trigger element is self-activating.
9. A method for allowing a user to verify information about servers on a computer network, comprising the steps of: providing a web page containing a trigger element from a first merchant server to a user device; obtaining first identity information by said user device from said first merchant server; and verifying the integrity of said first identity; verifying ownership of said first identity; providing said first identity information by said user device to an authenticator server; retrieving second identity information from associated memory by said authenticator server; comparing said first identity information to a second identity information by said authenticator server; sending said comparison results by said authenticator server to said user device; and displaying said comparison results by said user device.
10. A method according to claim 9 wherein said comparison results include information personalized by said user.
11. A method according to claim 9 wherein said comparison results include information related to consumer products.
12. A method according to claim 9 wherein said comparison results include information related to said merchant server's business.
13. A method according to claim 9 wherein, prior to the first step, said trigger element is provided to said user device.
14. A method according to claim 13 wherein said authenticator server provides said trigger element.
15. A method according to claim 13 wherein a third party provides said trigger element.
16. A method according to claim 9 wherein said trigger element is activated by said user device.
17. A method according to claim 9 wherein said trigger element is self-activating.
18. A method according to claim 13 wherein, prior to said trigger element being provided, said first merchant server provides registration information to said authenticator server.
19. A method according to claim 18 wherein said registration information includes said second identity information.
20. A method according to claim 9 wherein, prior to the first step, a computer program is provided to said user device, said computer program for: obtaining first identity information by said user device from said first merchant server; and verifying the integrity of said first identity information; verifying ownership of said first identity information; providing said first identity information by said user device to said authenticator server.
21. A method according to claim 20 wherein, prior to said computer program being provided to said user device, said user device provides registration information to said authenticator server.
22. A method according to claim 20 wherein said computer program is provided to said user device by said authenticator server.
23. A method according to claim 20 wherein said computer program is provided to said user device by a third party.
24. A system for allowing a user to verify information about servers on a computer network, comprising: a computer network; an authenticator server connected to said computer network; a first merchant server connected to said computer network; a user device connected to said computer network; said authenticator server being adapted to imbed extension information into identity information of said first merchant server; said first merchant server being adapted to: display a trigger element on the web pages of its web site; and provide said identity information to said user device; said user device being adapted to: obtain said identity information from said first merchant server; verify the integrity of said identity information; verify ownership of said identity information; extract said extension information from said identity information; and display said extension information.
25. A system according to claim 24 wherein said user device is further adapted to retrieve and display information personalized by said user from said user device.
26. A system according to claim 24 wherein said extension information includes information related to consumer products.
27. A system according to claim 24 wherein said extension information includes information related to said merchant server's business.
28. A system according to claim 24 wherein said trigger element is provided by said authenticator server.
29. A system according to claim 24 wherein said trigger element is provided by a third party.
30. A system according to claim 24 wherein said trigger element is activated by said user device.
31. A system according to claim 24 wherein said trigger element is self-activating.
32. A method for allowing a user to verify information about servers on a computer network, comprising the steps of: providing a web page containing a trigger element from a first merchant server to a user device; obtaining identity information by said user device from said first merchant server; verifying the integrity of said identity information; verifying ownership of said identity information- extracting extension information by said user device from said identity information; and displaying said extension information by said user device.
33. A method according to claim 32 wherein, following . the display of said extension information, said user device retrieves and displays information personalized by said user from said user device.
34. A method according to claim 32 wherein said extension information includes information related to consumer products.
35. A method according to claim 32 wherein said extension information includes information related to said merchant server's business.
36. A method according to claim 32 wherein, prior to the first step, said trigger element is provided to said user device.
37. A method according to claim 32 wherein said authenticator server provides said trigger element.
38. A method according to claim 32 wherein a third party provides said trigger element.
39. A method according to claim 32 wherein said trigger element is activated by said user device.
40. A method according to claim 32 wherein said trigger element is self-activating.
41. A method according to claim 32 wherein, prior to the first step, said authenticator server: imbeds said extension information into the identity information.
42. A method according to claim 32 wherein, prior to the first step, said first merchant server provides registration information to said authenticator server.
43. A method according to claim 32 wherein, prior to the first step, a computer program is provided to said user device, said computer program for: obtaining identity information by said user device from said first merchant server; verifying the integrity of said identity information; verifying ownership of said identity information; extracting extension information by said user device from said identity information; and displaying said extension information by said user device.
44. A method according to claim 43 wherein, prior to said computer program being provided to said user device, said user device provides registration information to said authentication server.
45. A system for allowing a user to verify information about servers on a computer network, comprising: a computer network; an authenticator server connected to said computer network; a first merchant server connected to said computer network; a user device connected to said computer network; said authenticator server being adapted to: receive first connection information from said user device; receive second connection information from said first merchant server; compare said first connection information to said second connection information; and provide said comparison results to said user device; said first merchant server being adapted to: display a trigger element on the web pages of its web site; and provide said second connection information to said authenticator server; and said user device being adapted to: provide first connection information to said authenticator server; receive said comparison results from said authenticator server; and display said comparison results.
46. A system according to claim 45 wherein said first connection information includes signed identity information .
47. A system according to claim 45 wherein said second connection information includes signed identity information.
48. A system according to claim 45 wherein said comparison results include information personalized by said user.
49. A system according to claim 45 wherein said comparison results include information related to consumer products.
50. A system according to claim 45 wherein said comparison results include information related to said merchant server's business.
51. A system according to claim 45 wherein said trigger element is provided by said authenticator server.
52. A system according to claim 45 wherein said trigger element is provided by a third party.
53. A system according to claim 45 wherein said trigger element is activated by said user device.
54. A system according to claim 45 wherein said trigger element is self-activating.
55. A system according to claim 45 wherein said authenticator server is further adapted to provide a computer program to said user device, said computer program for verifying the integrity and ownership of said first connection information.
56. A method for allowing a user to verify information about servers on a computer network, comprising the steps of: providing a web page containing a trigger element from said first merchant server to a user device; sending first connection information from said user device to an authenticator server; providing second connection information from said first merchant server to said authenticator server; comparing said first connection information to said second connection information by said authenticator server; sending said comparison results from said authenticator server to said user device; and displaying said comparison results by said user device.
57. A method according to claim 56 wherein said first connection information includes signed identity information.
58. A method according to claim 56 wherein said second connection information includes signed identity information.
59. A method according to claim 56 wherein said comparison results include information personalized by said user.
60. A method according to claim 56 wherein said comparison results include information related to consumer products.
61. A method according to claim 56 wherein said comparison results include information related to said merchant server's business.
62. A method according to claim 56 wherein, prior to the first step, said trigger element is provided to said first merchant server.
63. A method according to claim 62 wherein said authenticator server provides said trigger element.
6 . A method according to claim 62 wherein a third party provides said trigger element.
65. A method according to claim 56 wherein said trigger element is activated by said user device.
66. A method according to claim 56 wherein said trigger element is self-activating.
67. A method according to claim 56 wherein, prior to the first step, a trigger element is provided to said first merchant server, said computer program for directing said user device.
68. A method according to claim 67 wherein, prior to receiving said computer program, said first merchant server provides registration information to said authenticator server.
69. A method according to claim 56 wherein, prior to the first step: said user device sends identity information to said authenticator server; said authenticator server signs said identity information; and said authenticator server sends said signed identity information to said user device.
70. A method according to claim 69 wherein, prior to said authenticator server sending said signed identity information to said user device, user device provides registration information to said authenticator server.
71. A method according to claim 56 wherein, prior to the first step, a computer program is provided to said user device, said computer program for: verifying the integrity of said first connection information; and verifying ownership of said first connection information.
PCT/US2000/027112 2000-09-29 2000-09-29 Method of and system for e-commerce security WO2002029666A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/US2000/027112 WO2002029666A1 (en) 2000-09-29 2000-09-29 Method of and system for e-commerce security
AU2001211904A AU2001211904A1 (en) 2000-09-29 2000-09-29 Method of and system for e-commerce security

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2000/027112 WO2002029666A1 (en) 2000-09-29 2000-09-29 Method of and system for e-commerce security

Publications (1)

Publication Number Publication Date
WO2002029666A1 true WO2002029666A1 (en) 2002-04-11

Family

ID=21741834

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2000/027112 WO2002029666A1 (en) 2000-09-29 2000-09-29 Method of and system for e-commerce security

Country Status (2)

Country Link
AU (1) AU2001211904A1 (en)
WO (1) WO2002029666A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5892900A (en) * 1996-08-30 1999-04-06 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US5940591A (en) * 1991-07-11 1999-08-17 Itt Corporation Apparatus and method for providing network security
US6085224A (en) * 1997-03-11 2000-07-04 Intracept, Inc. Method and system for responding to hidden data and programs in a datastream

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5940591A (en) * 1991-07-11 1999-08-17 Itt Corporation Apparatus and method for providing network security
US5892900A (en) * 1996-08-30 1999-04-06 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US6085224A (en) * 1997-03-11 2000-07-04 Intracept, Inc. Method and system for responding to hidden data and programs in a datastream

Also Published As

Publication number Publication date
AU2001211904A1 (en) 2002-04-15

Similar Documents

Publication Publication Date Title
US9196004B2 (en) Systems and methods for detection of session tampering and fraud prevention
JP5439322B2 (en) Method and apparatus for conducting electronic transactions
US9021254B2 (en) Multi-platform user device malicious website protection system
US7725718B2 (en) Authenticating images identified by a software application
CA2410746C (en) Method, system and computer readable medium for web site account and e-commerce management from a central location
EP1260079B1 (en) Method and apparatus for internet web site verification
US7392534B2 (en) System and method for preventing identity theft using a secure computing device
US6937976B2 (en) Method and system for temporary network identity
US9037514B2 (en) Authentication for service server in wireless internet and settlement using the same
US20020138354A1 (en) Delivery of goods from internet vendors to anonymous customers
US20070288323A1 (en) Method and System for Verifying the Integrity of an On-Line Vendor
CN101449548A (en) Secure internet transaction method and apparatus
JPH11239129A (en) Method for certifying electronic data
WO2002029666A1 (en) Method of and system for e-commerce security
EP1510984A2 (en) Method, system and computer readable medium for web site account and e-commerce management from a central location
Nagaty E-Commerce Business Models: Part 1
JP4064700B2 (en) Information providing method, information providing program, and information providing apparatus
Ali et al. Security Vulnerabilities and Solution for Electronic Commerce in Iraq
AU2004240196B1 (en) Authenticating images identified by a software application
Byron et al. e-Business & e-Commerce
Mahajan Security Issues and Guidelines for a Successful E-Commerce System
JP2009140208A (en) Age authentication method, and management system for age authentication information generation means
Franklin et al. Internet Security
Byron et al. e-Business & e-Commerce (on CD)
Turgut et al. Design and Development of E-Commerce Businesses

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP