Intrinsic authorization for electronic transactions

US 20020013765A1
Filed: 05/22/2001
Published: 01/31/2002
Est. Priority Date: 05/23/2000
Status: Abandoned Application

First Claim

Patent Images

1. A computer implemented method of authorizing an electronic transaction, comprising the steps of:

receiving a notification of a pending electronic transaction from a first participant therein, wherein another participant therein is an authority responsible for authorizing said pending electronic transaction;

responsive to said notification, associating a transaction identifier with said pending electronic transaction;

communicating said transaction identifier to said first participant, wherein said first participant relays said transaction identifier to at least one other participant in said pending electronic transaction;

thereafter receiving said transaction identifier and a digital certificate that authorizes said pending electronic transaction, said digital certificate being signed by said authority;

verifying said digital certificate; and

providing an indication of said digital certificate.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer implemented system of automated intrinsic authorization of on-line electronic transactions is disclosed. The system involves the use of a merchant transaction tracking service that identifies the transaction, using a unique transaction identifier, and manages the authorization process. The merchant transaction tracking service also provides authentication of aspects of the transaction and its participants during the authorization process. The merchant need not contact the customer'"'"'s credit card company directly, as a communication that includes the transaction identifier is embedded in the merchant'"'"'s payment form. The payment form is transmitted to the customer, and then relayed to the credit card issuer. Authentication is provided automatically, using an encrypted certificate bearing the digital signature of the credit card issuer. The digital certificate is associated with the transaction identifier, and is transferred to the merchant transaction tracking service, which then verifies the transaction to the merchant.

Citations

48 Claims

1. A computer implemented method of authorizing an electronic transaction, comprising the steps of:
- receiving a notification of a pending electronic transaction from a first participant therein, wherein another participant therein is an authority responsible for authorizing said pending electronic transaction;
  
  responsive to said notification, associating a transaction identifier with said pending electronic transaction;
  
  communicating said transaction identifier to said first participant, wherein said first participant relays said transaction identifier to at least one other participant in said pending electronic transaction;
  
  thereafter receiving said transaction identifier and a digital certificate that authorizes said pending electronic transaction, said digital certificate being signed by said authority;
  
  verifying said digital certificate; and
  
  providing an indication of said digital certificate.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method according to claim 1, wherein further comprising the step of authenticating said first participant to a second participant in said electronic transaction upon a request therefrom that is associated with said transaction identifier.
  - 3. The method according to claim 2, wherein said second participant is said authority.
  - 4. The method according to claim 1, wherein said step of providing said indication of said digital certificate is performed by providing said indication to said first participant.
  - 5. The method according to claim 4, wherein said step of providing said indication of said digital certificate is performed responsive to a transaction verification request of said first participant.
  - 6. The method according to claim 4, wherein said step of providing said indication of said digital certificate is performed automatically.
  - 7. The method according to claim 1, wherein said step of associating said transaction identifier is performed by generating said transaction identifier.
  - 8. The method according to claim 1, wherein said step of associating said transaction identifier is performed by providing said first participant with a range of transaction identifiers, wherein said first participant allocates said transaction identifier from said range;
    - and receiving said transaction identifier from said first participant.
  - 9. The method according to claim 1, wherein said step of associating said transaction identifier is performed by providing said first participant with a rule for generating transaction identifiers, wherein said first participant generates said transaction identifier in accordance with said rule;
    - and receiving said transaction identifier from said first participant.
  - 10. The method according to claim 1, wherein said steps of receiving said notification, communicating said transaction identifier, receiving said transaction identifier and said digital certificate, and providing said indication are performing using a data network.
  - 11. The method according to claim 10, wherein said data network is an internet.
  - 12. The method according to claim 1, wherein said digital certificate is encrypted by a private key of said authority.

13. A computer implemented method of authorizing an on-line credit card transaction between a customer and a merchant, comprising the steps of:
- receiving a notification of said on-line credit card transaction from said merchant via a data network;
  
  associating a transaction identifier with said on-line credit card transaction;
  
  communicating said transaction identifier to said merchant via said data network, wherein responsive to receiving said transaction identifier, said merchant includes said transaction identifier in a payment form that is submitted to said customer, and said customer relays said transaction identifier to an authority responsible for authorizing said on-line credit card transaction and returns said payment form to said merchant, an identifier of a credit card account of said customer being communicated with said payment form;
  
  receiving via said data network said transaction identifier and a digital certificate that includes said identifier of said credit card account and authorizes said on-line credit card transaction, said digital certificate being signed by said authority;
  
  verifying said digital certificate; and
  
  providing an indication of said digital certificate to said merchant via said data network.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 14. The method according to claim 13, further comprising the steps of:
    - following said step of communicating said transaction identifier to said merchant, receiving via said data network said transaction identifier and a request from said customer to authenticate said merchant, said request including said transaction identifier; and
      
      responsive to said request, verifying an identity of said merchant to said customer via said data network.
  - 15. The method according to claim 13, further comprising the steps of:
    - following said step of communicating said transaction identifier to said merchant, receiving via said data network said transaction identifier and a request from said authority to authenticate said on-line credit card transaction, said request including said transaction identifier; and
      
      responsive to said request, communicating an authentication of said on-line credit card transaction to said authority via said data network.
  - 16. The method according to claim 13, wherein said digital certificate is received from said authority.
  - 17. The method according to claim 13, wherein said digital certificate is received from said customer.
  - 18. The method according to claim 13, wherein said digital certificate is received from said merchant.
  - 19. The method according to claim 13, wherein said step of providing said indication of said digital certificate is performed responsive to a transaction verification request from said merchant.
  - 20. The method according to claim 13, wherein said step of providing said indication of said digital certificate is performed automatically.
  - 21. The method according to claim 13, wherein said step of associating said transaction identifier is performed by generating said transaction identifier.
  - 22. The method according to claim 13, wherein said step of associating said transaction identifier is performed by providing said merchant with a range of transaction identifiers, wherein said merchant allocates said transaction identifier from said range;
    - and receiving said transaction identifier from said merchant.
  - 23. The method according to claim 13, wherein said step of associating said transaction identifier is performed by providing said merchant with a rule for generating transaction identifiers, wherein said merchant generates said transaction identifier in accordance with said rule;
    - and receiving said transaction identifier from said merchant.
  - 24. The method according to claim 13, wherein said transaction identifier is embedded in a hidden field of said payment form.
  - 25. The method according to claim 13, wherein said transaction identifier is embedded in a visible field of said payment form.
  - 26. The method according to claim 13, wherein said digital certificate is encrypted by a private key of said authority.

27. A computer implemented method of authorizing an on-line credit card transaction between a customer and a merchant, comprising the steps of:
- receiving a notification of said on-line credit card transaction from said customer via a data network;
  
  associating a transaction identifier with said on-line credit card transaction;
  
  communicating said transaction identifier to said customer via said data network, wherein responsive to receiving said transaction identifier, said customer includes said transaction identifier in a communication that is submitted to an authority responsible for authorizing said on-line credit card transaction and returns a payment form to said merchant, an identifier of a credit card account of said customer being communicated with said payment form;
  
  receiving via said data network said transaction identifier and a digital certificate that includes said identifier of said credit card account and authorizes said on-line credit card transaction, said digital certificate being signed by said authority;
  
  verifying said digital certificate; and
  
  providing an indication of said digital certificate to said merchant via said data network.
- View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
- - 28. The method according to claim 27, further comprising the steps of:
    - following said step of communicating said transaction identifier to said customer, receiving via said data network said transaction identifier and a request from said authority to authenticate said on-line credit card transaction, said request including said transaction identifier; and
      
      responsive to said request, providing an authentication of said on-line credit card transaction to said authority via said data network.
  - 29. The method according to claim 27, wherein said digital certificate is received from said authority.
  - 30. The method according to claim 27, wherein said digital certificate is received from said customer.
  - 31. The method according to claim 27, wherein said digital certificate is received from said merchant.
  - 32. The method according to claim 27, wherein said step of providing said indication of said digital certificate is performed responsive to a transaction verification request from said merchant.
  - 33. The method according to claim 27, wherein said step of providing said indication of said digital certificate is performed automatically.
  - 34. The method according to claim 27, wherein said step of associating said transaction identifier is performed by generating said transaction identifier.
  - 35. The method according to claim 27, wherein said step of associating said transaction identifier is performed by providing said customer with a range of transaction identifiers, wherein said customer allocates said transaction identifier from said range;
    - and receiving said transaction identifier from said customer.
  - 36. The method according to claim 27, wherein said step of associating said transaction identifier is performed by providing said customer with a rule for generating transaction identifiers, wherein said customer generates said transaction identifier in accordance with said rule;
    - and receiving said transaction identifier from said customer.
  - 37. The method according to claim 27, wherein said digital certificate is encrypted by a private key of said authority.

38. A computer implemented method of authorizing an on-line credit card transaction between a customer and a merchant, comprising the steps of:
- receiving a notification of said on-line credit card transaction from an authority responsible for authorizing said on-line credit card transaction via a data network;
  
  associating a transaction identifier with said on-line credit card transaction;
  
  communicating said transaction identifier to said authority via said data network, receiving via said data network said transaction identifier and a digital certificate that authorizes said on-line credit card transaction, said digital certificate being signed by said authority;
  
  verifying said digital certificate; and
  
  providing an indication of said digital certificate to said merchant via said data network.
- View Dependent Claims (39, 40, 41, 42, 43, 44, 45, 46, 47, 48)
- - 39. The method according to claim 38, further comprising the steps of:
    - authenticating said on-line credit card transaction; and
      
      providing an authentication of said on-line credit card transaction to one of said customer and said authority via said data network.
  - 40. The method according to claim 38, wherein said digital certificate is received from said authority.
  - 41. The method according to claim 38, wherein said digital certificate is received from said customer.
  - 42. The method according to claim 38, wherein said digital certificate is received from said merchant.
  - 43. The method according to claim 38, wherein said step of providing said indication of said digital certificate is performed responsive to a transaction verification request from said merchant.
  - 44. The method according to claim 38, wherein said step of providing said indication of said digital certificate is performed automatically.
  - 45. The method according to claim 38, wherein said step of associating said transaction identifier is performed by generating said transaction identifier.
  - 46. The method according to claim 38, wherein said step of associating said transaction identifier is performed by providing said authority with a range of transaction identifiers, wherein said authority allocates said transaction identifier from said range;
    - and receiving said transaction identifier from said authority.
  - 47. The method according to claim 38, wherein said step of associating said transaction identifier is performed by providing said authority with a rule for generating transaction identifiers, wherein said authority generates said transaction identifier in accordance with said rule;
    - and receiving said transaction identifier from said authority.
  - 48. The method according to claim 38, wherein said digital certificate is encrypted by a private key of said authority.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Gil Shwartz
Original Assignee
Gil Shwartz
Inventors
Shwartz, Gil

Application Number

US09/863,119
Publication Number

US 20020013765A1
Time in Patent Office

Days
Field of Search
US Class Current

705/39
CPC Class Codes

G06Q 20/04   Payment circuits

G06Q 20/10   specially adapted for elect...

G06Q 20/24   Credit schemes, i.e. "pay a...

G06Q 20/38215   Use of certificates or encr...

G06Q 20/385   using an alias or single-us...

G06Q 30/06   Buying, selling or leasing ...

H04L 2463/102   applying security measure f...

H04L 63/126   the source of the received ...

Intrinsic authorization for electronic transactions

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

48 Claims

Specification

Solutions

Use Cases

Quick Links

Intrinsic authorization for electronic transactions

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

48 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links