System and method for conversion between internet and non-internet based transactions
First Claim
1. A transaction conversion system that bridges commercial transactions between a first network and a plurality of diverse second networks that employ communication protocols that are different from a communication protocol employed by the first network, wherein the commercial transactions are performed according to authenticated payment initiatives, the system comprising:
- an interface server operatively connected to the plurality of diverse second networks, the interface server configured to selectively exchange messages between one or more application container servers of the transaction conversion system and account holders participating in commercial transactions via the plurality of diverse second networks;
the one or more application container servers configured to establish account information for a payment instrument being used in a transaction of the commercial transactions, wherein the account information includes an account holder name and a card number associated with the payment instrument being used in the transaction, and wherein the one or more application container servers are configured to establish the account information by;
obtaining a telephone number associated with an end user device; and
obtaining the account information from a database in response to the obtained telephone number; and
a hardware security module (HSM) including a corresponding pair of private and public HSM keys, the HSM configured to;
receive data encrypted with the public HSM key, the public HSM key distributed publicly;
decrypt the received data with the private HSM key;
initiate a secure session over the first network with a targeted network entity to obtain a public session key; and
re-encrypt data communicated from the HSM to the target network entity via the secure session using the public session key.
1 Assignment
0 Petitions
Accused Products
Abstract
A method is provided for completing an authenticated commercial transaction over an internet protocol (IP) network (40) for an account holder (60) engaged in the transaction via a non-IP based telecommunications platform (30). The method includes: receiving a first message from the account holder (60) via the non-IP based telecommunications platform (30), the first message triggering authentication of the account holder (60) and being in a first communication format; establishing account information for a payment instrument being used in the transaction based upon content in the first message; generating a second message using a second communication format different from the first format, the second message including the established account information; submitting the second message via the IP network (40) to a network entity (110, 200) such that an authentication document is generated (120), the authentication document (120) containing an input field (122); generating a third message using the first format, the third message being submitted to the account holder (60) via the non-IP based telecommunications platform (30) such that the account holder (60) is prompted to enter a security code; receiving a fourth message containing the entered security code from the account holder (60) via the non-IP based telecommunications platform (30), the fourth message being in the first format; and, accessing the authentication document (120) via the IP network (40) to fill-in the input field (122) of the authentication document (120) with the security code contained in the fourth message.
31 Citations
16 Claims
-
1. A transaction conversion system that bridges commercial transactions between a first network and a plurality of diverse second networks that employ communication protocols that are different from a communication protocol employed by the first network, wherein the commercial transactions are performed according to authenticated payment initiatives, the system comprising:
-
an interface server operatively connected to the plurality of diverse second networks, the interface server configured to selectively exchange messages between one or more application container servers of the transaction conversion system and account holders participating in commercial transactions via the plurality of diverse second networks; the one or more application container servers configured to establish account information for a payment instrument being used in a transaction of the commercial transactions, wherein the account information includes an account holder name and a card number associated with the payment instrument being used in the transaction, and wherein the one or more application container servers are configured to establish the account information by; obtaining a telephone number associated with an end user device; and obtaining the account information from a database in response to the obtained telephone number; and a hardware security module (HSM) including a corresponding pair of private and public HSM keys, the HSM configured to; receive data encrypted with the public HSM key, the public HSM key distributed publicly; decrypt the received data with the private HSM key; initiate a secure session over the first network with a targeted network entity to obtain a public session key; and re-encrypt data communicated from the HSM to the target network entity via the secure session using the public session key. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of bridging commercial transactions between a first network and a plurality of diverse second networks, wherein the first network and the plurality of diverse second networks employ different communication protocols, the method comprising:
-
with an interface server operatively connected to the plurality of diverse second networks, selectively exchange messages between one or more application container servers and account holders participating in commercial transactions via the plurality of diverse second networks; with the one or more application container servers, establish account information for a payment instrument being used in a transaction of the commercial transactions, wherein the account information includes an account holder name and a card number associated with the payment instrument being used in the transaction, and wherein the account information is established by; obtaining a telephone number associated with an end user device; and
,obtaining the account information from a database in response to the obtained telephone number; and with a hardware security module (HSM) including a corresponding pair of private and public HSM keys; receive data encrypted with the public HSM key, the public HSM key distributed publicly; decrypt the received data with the private HSM key; initiate a secure session over the first network with a targeted network entity to obtain a public session key; and re-encrypt data communicated from the HSM to the target network entity via the secure session using the public session key. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A transaction conversion system that bridges commercial transactions between a first network and a plurality of diverse second networks that employ communication protocols that are different from a communication protocol employed by the first network, wherein the commercial transactions are performed according to authenticated payment initiatives, the system comprising:
-
an interface server operatively connected to the plurality of diverse second networks, the interface server configured to selectively exchange messages between one or more application container servers of the transaction conversion system and account holders participating in commercial transactions via the plurality of diverse second networks; the one or more application container servers configured to establish account information for a payment instrument being used in a transaction of the commercial transactions, wherein the account information includes an account holder name and a card number associated with the payment instrument being used in the transaction, and wherein the account information is established by; obtaining a mobile subscriber identity number (MSIDN) associated with an end user device; and
,obtaining the account information from a database in response to the obtained MSIDN; and a hardware security module (HSM) including a corresponding pair of private and public HSM keys, the HSM configured to; receive data encrypted with the public HSM key, the public HSM key distributed publicly; decrypt the received data with the private HSM key; initiate a secure session over the first network with a targeted network entity to obtain a public session key; and re-encrypt data communicated from the HSM to the target network entity via the secure session using the public session key.
-
Specification