Secure electronic payment
First Claim
1. A method of authorizing a secure electronic payment from a payer to a payee, the method comprising:
- receiving, at a digital identity system, an electronic message, which comprises a payer credential and identifies a payee system;
at the digital identity system, accessing a digital identity associated with the payer credential, wherein the digital identity comprises;
1) at least one identity attribute or data for deriving at least one identity attribute, and2) a payment token or data for obtaining a payment token, the payment token for effecting an electronic payment from the payer to a recipient of the payment token;
and transmitting at least one electronic message from the digital identity system to the payee system to render the identity attribute of the payer digital identity and the payment token of the payer digital identity available to the payee system, for determining, based on the identity attribute rendered available to the payee system, whether to use the available payment token of the payer digital identity to effect an electronic payment from the payer to the payee;
wherein the payment token or the data for obtaining the payment token are stored at the digital identity system in an encrypted form and at least one payer key is required to decrypt them, wherein the payer key is provided to a device of the payer and is not retained at the digital identity system, and wherein the method comprises receiving at the digital identity system the at least one payer key from the payer device and using it at the digital identity system to decrypt the payment token or the data for obtaining the payment token for rendering available to the payee system.
4 Assignments
0 Petitions
Accused Products
Abstract
A method of authorizing a secure electronic payment from a payer to a payee. At a digital identity system, an electronic message is received, which comprises a payer credential and identifies a payee system, and a digital identity associated with the payer credential is accessed, the digital identity comprising: 1) at least one identity attribute or data for deriving at least one identity attribute, and 2) a payment token or data for obtaining a payment token, the payment token for effecting an electronic payment from the payer to a recipient of the payment token. At least one electronic message is transmitted from the digital identity system to the payee system to render the identity attribute and the payment token available to the payee system, for determining, based on the identity attribute rendered available to the payee device, whether to use the available payment token to effect the electronic payment.
-
Citations
20 Claims
-
1. A method of authorizing a secure electronic payment from a payer to a payee, the method comprising:
-
receiving, at a digital identity system, an electronic message, which comprises a payer credential and identifies a payee system; at the digital identity system, accessing a digital identity associated with the payer credential, wherein the digital identity comprises; 1) at least one identity attribute or data for deriving at least one identity attribute, and 2) a payment token or data for obtaining a payment token, the payment token for effecting an electronic payment from the payer to a recipient of the payment token; and transmitting at least one electronic message from the digital identity system to the payee system to render the identity attribute of the payer digital identity and the payment token of the payer digital identity available to the payee system, for determining, based on the identity attribute rendered available to the payee system, whether to use the available payment token of the payer digital identity to effect an electronic payment from the payer to the payee; wherein the payment token or the data for obtaining the payment token are stored at the digital identity system in an encrypted form and at least one payer key is required to decrypt them, wherein the payer key is provided to a device of the payer and is not retained at the digital identity system, and wherein the method comprises receiving at the digital identity system the at least one payer key from the payer device and using it at the digital identity system to decrypt the payment token or the data for obtaining the payment token for rendering available to the payee system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 20)
-
-
18. A non-transitory computer readable medium having executable instructions for authorizing a secure electronic payment from a payer to a payee, the instructions configured, when executed at a digital identity system, to implement the following steps:
-
receiving an electronic message, which comprises a payer credential and identifies a payee system; accessing a digital identity associated with the payer credential, wherein the digital identity comprises; 1) at least one identity attribute or data for deriving at least one identity attribute, and 2) a payment token or data for obtaining a payment token, the payment token for effecting an electronic payment from the payer to a recipient of the payment token; and
transmitting at least one electronic message from the digital identity system to the payee system to render the identity attribute of the payer digital identity and the payment token of the payer digital identity available to the payee system, for determining, based on the identity attribute rendered available to the payee system, whether to use the available payment token of the payer digital identity to effect an electronic payment from the payer to the payee;wherein the payment token or the data for obtaining the payment token are stored at the digital identity system in an encrypted form and at least one payer key is required to decrypt them, wherein the payer key is provided to a device of the payer and is not retained at the digital identity system, and wherein the method comprises receiving at the digital identity system the at least one payer key from the payer device and using it at the digital identity system to decrypt the payment token or the data for obtaining the payment token for rendering available to the payee system.
-
-
19. A digital identity system comprising:
-
a computer interface configured to receive an electronic message, which comprises a payer credential and identifies a payee system; and at least one processor configured to implement the following steps; accessing a digital identity associated with the payer credential, wherein the digital identity comprises; 1) at least one identity attribute or data for deriving at least one identity attribute, and 2) a payment token or data for obtaining a payment token, the payment token for effecting an electronic payment from the payer to a recipient of the payment token; and
transmitting at least one electronic message from the digital identity system to the payee device to render the identity attribute of the payer digital identity and the payment token of the payer digital identity available to the payee device, for determining, based on the identity attribute rendered available to the payee device, whether to use the available payment token of the payer digital identity to effect an electronic payment from the payer to the payee;wherein the payment token or the data for obtaining the payment token are stored at the digital identity system in an encrypted form and at least one payer key is required to decrypt them, wherein the payer key is provided to a device of the payer and is not retained at the digital identity system, and wherein the method comprises receiving at the digital identity system the at least one payer key from the payer device and using it at the digital identity system to decrypt the payment token or the data for obtaining the payment token for rendering available to the payee system.
-
Specification