System and method for conversion between internet and non-internet based transactions

US 10,210,511 B2
Filed: 08/29/2014
Issued: 02/19/2019
Est. Priority Date: 01/28/2005
Status: Active Grant

First Claim

Patent Images

1. A transaction conversion system that bridges commercial transactions between a first network and a plurality of diverse second networks that employ communication protocols that are different from a communication protocol employed by the first network, wherein the commercial transactions are performed according to authenticated payment initiatives, the system comprising:

an interface server operatively connected to the plurality of diverse second networks, the interface server configured to selectively exchange messages between one or more application container servers of the transaction conversion system and account holders participating in commercial transactions via the plurality of diverse second networks;

the one or more application container servers configured to establish account information for a payment instrument being used in a transaction of the commercial transactions, wherein the account information includes an account holder name and a card number associated with the payment instrument being used in the transaction, and wherein the one or more application container servers are configured to establish the account information by;

obtaining a telephone number associated with an end user device; and

obtaining the account information from a database in response to the obtained telephone number; and

a hardware security module (HSM) including a corresponding pair of private and public HSM keys, the HSM configured to;

receive data encrypted with the public HSM key, the public HSM key distributed publicly;

decrypt the received data with the private HSM key;

initiate a secure session over the first network with a targeted network entity to obtain a public session key; and

re-encrypt data communicated from the HSM to the target network entity via the secure session using the public session key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is provided for completing an authenticated commercial transaction over an internet protocol (IP) network (40) for an account holder (60) engaged in the transaction via a non-IP based telecommunications platform (30). The method includes: receiving a first message from the account holder (60) via the non-IP based telecommunications platform (30), the first message triggering authentication of the account holder (60) and being in a first communication format; establishing account information for a payment instrument being used in the transaction based upon content in the first message; generating a second message using a second communication format different from the first format, the second message including the established account information; submitting the second message via the IP network (40) to a network entity (110, 200) such that an authentication document is generated (120), the authentication document (120) containing an input field (122); generating a third message using the first format, the third message being submitted to the account holder (60) via the non-IP based telecommunications platform (30) such that the account holder (60) is prompted to enter a security code; receiving a fourth message containing the entered security code from the account holder (60) via the non-IP based telecommunications platform (30), the fourth message being in the first format; and, accessing the authentication document (120) via the IP network (40) to fill-in the input field (122) of the authentication document (120) with the security code contained in the fourth message.

31 Citations

16 Claims

1. A transaction conversion system that bridges commercial transactions between a first network and a plurality of diverse second networks that employ communication protocols that are different from a communication protocol employed by the first network, wherein the commercial transactions are performed according to authenticated payment initiatives, the system comprising:
- an interface server operatively connected to the plurality of diverse second networks, the interface server configured to selectively exchange messages between one or more application container servers of the transaction conversion system and account holders participating in commercial transactions via the plurality of diverse second networks;
  
  the one or more application container servers configured to establish account information for a payment instrument being used in a transaction of the commercial transactions, wherein the account information includes an account holder name and a card number associated with the payment instrument being used in the transaction, and wherein the one or more application container servers are configured to establish the account information by;
  
  obtaining a telephone number associated with an end user device; and
  
  obtaining the account information from a database in response to the obtained telephone number; and
  
  a hardware security module (HSM) including a corresponding pair of private and public HSM keys, the HSM configured to;
  
  receive data encrypted with the public HSM key, the public HSM key distributed publicly;
  
  decrypt the received data with the private HSM key;
  
  initiate a secure session over the first network with a targeted network entity to obtain a public session key; and
  
  re-encrypt data communicated from the HSM to the target network entity via the secure session using the public session key.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The transaction conversion system of claim 1, further comprising:
    - a network robot server operatively connected to the first network, the network robot server configured to;
      
      access one or more authentication documents and one or more network entities via the first network to selectively obtain data therefrom and to selectively enter data therein; and
      
      simulate the account holders on the first network, wherein the one or more authentication documents are configured for direct interaction with the account holders; and
      
      ,wherein the one or more application container servers are configured to direct operation of the network robot server, and control data flow between the network robot server and the interface server, while performing a plurality of tasks, the plurality of tasks including;
      
      receiving a payment message for a transaction between a first party and a second party, the transaction message received from the first party and received over the second networks through the interface server;
      
      submitting the established account information to a network entity different than the second party over the first network to generate an authentication document, the submitting independent of the second party and the authentication document including an input field;
      
      receiving a security credential from the first party over the second networks through the interface server; and
      
      ,entering the received security credential into the input field of the generated authentication document over the first network through the network robot server.
  - 3. The transaction conversion system of claim 2, wherein the plurality of tasks further include:
    - receiving instructions from an account holder via the interface server to make a payment;
      
      submitting account information over the first network with the network robot server to a designated location in response to the instructions;
      
      receiving confirmation of the payment over the first network; and
      
      ,relaying the confirmation to the account holder via the interface server.
  - 4. The transaction conversion system of claim 1, wherein the plurality of diverse second networks includes a wireless telecommunications network, an interactive voice response system and a point-of-sale system.
  - 5. The transaction conversion system of claim 4, wherein the first network is the Internet.
  - 6. The transaction conversion system of claim 2, wherein the network robot server is configured to parse the one or more authentication documents.
  - 7. The transaction conversion system of claim 2, wherein an authentication document of the one or more authentication documents includes a security message, the security message uniquely identifying the source of the authentication document, and wherein the plurality of tasks further include:
    - prompting the first user to enter the security credential, wherein the prompt includes the security message and wherein the security message is perceivable to the account holder prior to the account holder entering the security code.

8. A method of bridging commercial transactions between a first network and a plurality of diverse second networks, wherein the first network and the plurality of diverse second networks employ different communication protocols, the method comprising:
- with an interface server operatively connected to the plurality of diverse second networks, selectively exchange messages between one or more application container servers and account holders participating in commercial transactions via the plurality of diverse second networks;
  
  with the one or more application container servers, establish account information for a payment instrument being used in a transaction of the commercial transactions, wherein the account information includes an account holder name and a card number associated with the payment instrument being used in the transaction, and wherein the account information is established by;
  
  obtaining a telephone number associated with an end user device; and
  
  ,obtaining the account information from a database in response to the obtained telephone number; and
  
  with a hardware security module (HSM) including a corresponding pair of private and public HSM keys;
  
  receive data encrypted with the public HSM key, the public HSM key distributed publicly;
  
  decrypt the received data with the private HSM key;
  
  initiate a secure session over the first network with a targeted network entity to obtain a public session key; and
  
  re-encrypt data communicated from the HSM to the target network entity via the secure session using the public session key.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The method of claim 8, further comprising:
    - with a network robot server operatively connected to the first network;
      
      access one or more authentication documents and one or more network entities via the first network to selectively obtain data therefrom and to selectively enter data therein; and
      
      simulate the account holders on the first network, wherein the one or more authentication documents are configured for direct interaction with the account holders; and
      
      ,with the one or more application container servers, direct operation of the network robot server, and control data flow between the network robot server and the interface server, while performing a plurality of tasks, the plurality of tasks including;
      
      receiving a payment message for a transaction between a first party and a second party, the transaction message received from the first party and received over the second networks through the interface server;
      
      establishing account information of the first party for a payment instrument being used in the transaction based upon the received payment message;
      
      submitting the established account information to a network entity different than the second party over the first network to generate an authentication document, the submitting independent of the second party and the authentication document including an input field;
      
      receiving a security credential from the first party over the second networks through the interface server; and
      
      ,entering the received security credential into the input field of the generated authentication document over the first network through the network robot server.
  - 10. The method of claim 9, wherein the plurality of tasks further include:
    - receiving instructions from an account holder via the interface server to make a payment;
      
      submitting account information over the first network with the network robot server to a designated location in response to the instructions;
      
      receiving confirmation of the payment over the first network; and
      
      ,relaying the confirmation to the account holder via the interface server.
  - 11. The method of claim 8, wherein the plurality of diverse second networks includes a wireless telecommunications network, an interactive voice response system and a point-of-sale system.
  - 12. The method of claim 11, wherein the first network is the Internet.
  - 13. The method of claim 9, further comprising:
    - with the network robot server, parsing the one or more authentication documents.
  - 14. The method of claim 8, wherein a plurality of:
    - 1) the interface server;
      
      2) a network robot server; and
      
      3) at least one of the one or more application container servers are the same server.
  - 15. The method of claim 9, wherein an authentication document of the one or more authentication documents includes a security message, the security message uniquely identifying the source of the authentication document, and wherein the plurality of tasks further include:
    - prompting the first user to enter the security credential, wherein the prompt includes the security message and wherein the security message is perceivable to the account holder prior to the account holder entering the security code.

16. A transaction conversion system that bridges commercial transactions between a first network and a plurality of diverse second networks that employ communication protocols that are different from a communication protocol employed by the first network, wherein the commercial transactions are performed according to authenticated payment initiatives, the system comprising:
- an interface server operatively connected to the plurality of diverse second networks, the interface server configured to selectively exchange messages between one or more application container servers of the transaction conversion system and account holders participating in commercial transactions via the plurality of diverse second networks;
  
  the one or more application container servers configured to establish account information for a payment instrument being used in a transaction of the commercial transactions, wherein the account information includes an account holder name and a card number associated with the payment instrument being used in the transaction, and wherein the account information is established by;
  
  obtaining a mobile subscriber identity number (MSIDN) associated with an end user device; and
  
  ,obtaining the account information from a database in response to the obtained MSIDN; and
  
  a hardware security module (HSM) including a corresponding pair of private and public HSM keys, the HSM configured to;
  
  receive data encrypted with the public HSM key, the public HSM key distributed publicly;
  
  decrypt the received data with the private HSM key;
  
  initiate a secure session over the first network with a targeted network entity to obtain a public session key; and
  
  re-encrypt data communicated from the HSM to the target network entity via the secure session using the public session key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CardinalCommerce Corporation (Visa, Inc.)
Original Assignee
CardinalCommerce Corporation (Visa, Inc.)
Inventors
Balasubramanian, Chandra, Sherwin, Francis, Keresman, III, Michael A.
Primary Examiner(s)
Nigh, James D

Application Number

US14/472,874
Publication Number

US 20140372323A1
Time in Patent Office

1,635 Days
Field of Search

705 64
US Class Current
CPC Class Codes

G06Q 20/04   Payment circuits

G06Q 20/32   using wireless devices

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/3823   combining multiple encrypti...

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/403   Solvency checks

G06Q 20/425   using two different network...

G06Q 30/02   Marketing; Price estimation...

G06Q 30/06   Buying, selling or leasing ...

System and method for conversion between internet and non-internet based transactions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

31 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for conversion between internet and non-internet based transactions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links