Smartcard internet authorization system
First Claim
1. A method for conducting a transaction, the method comprising:
- a. receiving a request to authenticate a transaction from a user at a server;
b. requiring the user to provide an instrument for verification;
c. receiving an instrument input response from the user based upon said requirement;
d. processing said instrument input as an input to a security processor;
e. assembling forms for the transaction, said forms comprising said security processor authorization of said input to said security processor;
f. providing said forms incident to said transaction and sending a request to said security processor for a second authorization of said forms; and
g. validating said transaction with said second authorization of said forms received from said security processor.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method are disclosed for conducting electronic commerce such as a virtual purchase transaction with an on-line merchant. A user is provided with an intelligent token, such as a smart card containing a digital certificate. The intelligent token suitably authenticates with a wallet server on a network that conducts all or portions of the transaction on behalf of the user with out requiring changes to the merchant'"'"'s server. The wallet server interacts with a security server of a selected financial service to provide authentication of the transaction. Upon authentication, the digital wallet pre-fills forms which are transmitted to the merchant who contacts the security server for validation of the forms and upon validation, completes the transaction with the user.
89 Citations
38 Claims
-
1. A method for conducting a transaction, the method comprising:
-
a. receiving a request to authenticate a transaction from a user at a server;
b. requiring the user to provide an instrument for verification;
c. receiving an instrument input response from the user based upon said requirement;
d. processing said instrument input as an input to a security processor;
e. assembling forms for the transaction, said forms comprising said security processor authorization of said input to said security processor;
f. providing said forms incident to said transaction and sending a request to said security processor for a second authorization of said forms; and
g. validating said transaction with said second authorization of said forms received from said security processor. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for providing secure virtual transactions between a user and a an on-line merchant without requiring changes at the merchants location, the method comprising:
-
a. developing a first query for transmission to a credit provider;
b. receiving a response from said credit provider and transmitting same to said merchant;
c. said merchant querying said credit provider for authentication of said credit provider response; and
d. completing said virtual transaction using authorization from said credit provider. - View Dependent Claims (7, 8, 9, 10, 11)
-
-
12. A method for conducting a transaction, the method comprising:
-
a. receiving a request to authenticate a transaction with a merchant from a server;
b. requiring an instrument for providing verification;
c. receiving an instrument input response based upon said requirement;
d. processing said instrument input as an input to a security processor;
e. assembling forms for the transaction, said forms comprising said security processor authorization of said input to said security processor;
f. providing said forms incident to said merchant;
g. said merchant processing said forms and sending a request to said security processor for a second authorization of said forms; and
h. validating said transaction with said second authorization of said forms received from said security processor. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A method for conducting a transaction, the method comprising:
-
a. receiving a request to authenticate a transaction at a server;
b. requiring an instrument for verification of said request;
c. receiving an instrument input response based upon said requirement;
d. processing said instrument input as an input to a security processor;
e. assembling forms for the transaction, said forms comprising said security processor authorization of said input to said security processor;
f. providing said forms for authorization;
g. processing said forms and sending a request to said security processor for a second authorization of said forms; and
h. validating said transaction with said second authorization of said forms received from said security processor. - View Dependent Claims (18, 19, 20, 21)
-
-
22. A method for conducting a transaction, the method comprising:
-
a. receiving a request to authenticate a transaction with a merchant from a user at a server;
b. requiring the user to provide an instrument for verification;
c. receiving an instrument input response from the user based upon said requirement;
d. processing said instrument input as an input to a security processor;
e. assembling forms for the transaction, said forms comprising said security processor authorization of said input to said security processor;
f. providing said forms to said merchant;
g. said merchant processing said forms and sending a request to said security processor for a second authorization of said forms; and
h. validating said transaction with said second authorization of said forms received from said security processor. - View Dependent Claims (23, 24, 25, 26)
-
-
27. A transaction system, comprising:
-
a. a data network, including at least one instrument and operative to permit initiation of a transaction;
b. an authorization server coupled to receive said initiation of said transaction as an input and transmit same to a security server;
c. said security server operative to receive said input from said authorization server and generate and transmit an authorization to said authorization server;
d. said authorization server coupled to receive said authorization from said security server and operative to generate and transmit an authorization form; and
e. an interface coupled to said security server and operative to permit validation of said form and complete a secure on-line virtual transaction. - View Dependent Claims (28, 29, 30)
-
-
31. A transaction system, comprising:
-
a. a data network operative to permit a user to initiate a transaction;
b. an authorization server coupled to receive an input from said user and transmit same to a security server;
c. said security server coupled to receive said input from said authorization server and operative to generate and transmit an authorization to said authorization server;
d. said authorization server coupled to receive said authorization from said security server and operative to generate and transmit an authorization form; and
e. an interface coupled to said security server and operative to permit validation of said form and complete a secure on-line virtual transaction with said user. - View Dependent Claims (32, 33, 34)
-
-
35. A transaction system, comprising:
-
a. a data network operative to permit initiation of a transaction with a merchant;
b. an authorization server coupled to receive said transaction initiation as an input and transmit same to a security server;
c. said security server coupled to receive said input from said authorization server and operative to generate and transmit an authorization to said authorization server;
d. said authorization server coupled to receive said authorization from said security server and operative to generate and transmit an authorization form; and
e. an interface coupled to said security server and operative to permit validation of said form and complete a secure on-line virtual transaction with said user. - View Dependent Claims (36, 37, 38)
-
Specification