Method and system for verifying the identity of on-line credit card purchasers through a proxy transaction
First Claim
1. A proxy process for emulating card-present credit card transactions in credit card purchase transactions occurring remotely between a credit cardholder'"'"'s computer and a merchant server over a computer network, the process comprising:
- (a) collecting credit card information and identification information at a designated identifier;
(b) transmitting the collected credit card information to an authentication server connected to a computer network;
(c) performing an identification transaction wherein the authentication server determines whether the cardholder is authorized to use the credit card and, if so, the authentication server issues a code temporarily binding the identity of an individual possessing the code, the credit card information and the identification information to that of the credit cardholder who presented the credit card to the identifier;
(d) creating a record of the identification transaction including the credit card information, the code, and the identity of the credit cardholder on the authentication server sending the code to the identifier and cardholder;
(e) entering the credit card information and the code into the cardholder'"'"'s computer and sending the credit card information and code from the cardholder'"'"'s computer to the authentication server over a computer network;
(f) comparing on the authentication server the credit card information and code submitted from the cardholder'"'"'s computer to the credit card information and code stored in the record of the identification transaction;
(g) completing the identification transaction by transmitting a digital certificate from the authentication server to the cardholder'"'"'s computer when the card information and the code submitted from the cardholder'"'"'s computer match the card information and code stored in the record of the identification transaction on the authentication server;
(h) the cardholder entering a purchase transaction with a merchant over a computer network from the cardholder'"'"'s computer to the merchant server by offering the credit card information and digital certificate as payment; and
(i) the merchant web server validating the digital certificate from the authentication web server before authorizing the credit card purchase transaction.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a proxy process and system for emulating card-present credit card transactions in credit card transactions occurring over a computer network. The process involves collecting credit card information and identification information from the cardholder and presenting that information to an identifier. Once the cardholder has been identified by the identifier, an authentication server generates a code and transmits the code to the cardholder to “set up” the credit card. The cardholder possessing both the credit card information and the code then sends that information and code from the cardholder'"'"'s PC to the authentication server, which compares the credit card information and code to the credit card information and code stored from the credit card set up and if they match, a secure pay digital certificate is issued to the cardholder'"'"'s computer. The certificate identifies the cardholder'"'"'s computer as belonging to the person authorized to enter into purchase transactions using the specified credit card. Thereafter, credit card transactions originating from the cardholder computer possessing the secure pay digital certificate can be assumed to be transactions entered into by the positively identified cardholder. The cardholder may tender the credit card information as payment to an online merchant. The merchant checks for the presence of a secure pay certificate from the cardholder'"'"'s PC prior to accepting the credit card information as payment, and verifies the validity of the certificate.
-
Citations
41 Claims
-
1. A proxy process for emulating card-present credit card transactions in credit card purchase transactions occurring remotely between a credit cardholder'"'"'s computer and a merchant server over a computer network, the process comprising:
-
(a) collecting credit card information and identification information at a designated identifier;
(b) transmitting the collected credit card information to an authentication server connected to a computer network;
(c) performing an identification transaction wherein the authentication server determines whether the cardholder is authorized to use the credit card and, if so, the authentication server issues a code temporarily binding the identity of an individual possessing the code, the credit card information and the identification information to that of the credit cardholder who presented the credit card to the identifier;
(d) creating a record of the identification transaction including the credit card information, the code, and the identity of the credit cardholder on the authentication server sending the code to the identifier and cardholder;
(e) entering the credit card information and the code into the cardholder'"'"'s computer and sending the credit card information and code from the cardholder'"'"'s computer to the authentication server over a computer network;
(f) comparing on the authentication server the credit card information and code submitted from the cardholder'"'"'s computer to the credit card information and code stored in the record of the identification transaction;
(g) completing the identification transaction by transmitting a digital certificate from the authentication server to the cardholder'"'"'s computer when the card information and the code submitted from the cardholder'"'"'s computer match the card information and code stored in the record of the identification transaction on the authentication server;
(h) the cardholder entering a purchase transaction with a merchant over a computer network from the cardholder'"'"'s computer to the merchant server by offering the credit card information and digital certificate as payment; and
(i) the merchant web server validating the digital certificate from the authentication web server before authorizing the credit card purchase transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A secure payment method whereby a merchant accepting a credit card as payment from a customer over a computer network may be reasonably assured that the customer tendering the credit card is a person authorized to use the card, the method comprising the steps of:
-
(a) performing a proxy card-present transaction where the customer'"'"'s identity is positively established by submitting the customer'"'"'s credit card information and biometric information to an identification agent;
(b) providing a unique code to the customer whereby it may be presumed that a person possessing information from the face of the credit card and the unique code is the person who presented the credit card during the proxy transaction;
(c) storing a record of the proxy transaction on a database stored in an authentication server;
(d) contacting the authentication server from the customer'"'"'s computer over the network and submitting the unique code and the customer'"'"'s credit card information to the authentication server for comparison with the record of the proxy transaction stored in an authentication server database;
(e) comparing the credit card information and the unique code and, if they match, issuing a secure pay digital certificate to the customer and storing the secure pay digital certificate on the customer'"'"'s computer;
(f) the customer entering transaction data with the merchant over the network and tendering the credit card as payment; and
(g) the merchant checking for the presence of the secure pay digital certificate on the customer'"'"'s computer and, upon finding the secure pay certificate, verifying that the certificate and the credit card information tendered by the customer are valid. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
-
27. A system for providing a proxy card-present transaction for a credit card transaction occurring over a computer network, whereby a merchant receiving payment via the credit card over a computer network may be reasonably assured that a customer tendering the credit card is an individual authorized to use the credit card, the system comprising:
-
(a) an identity verification agent, a customer computer, a merchant server, and an authentication server, all being interconnected over a computer network;
(b) the identity verification agent including means for positively identifying the customer when the customer personally presents the credit card to the identity verification agent, and means for transmitting a record of the positive identification along with information from the credit card to the authentication server;
(c) the authentication web server configured to generate a unique code associated with the positive identification, store the record of the positive identification along with the code, and transmit the code to the identity verification agent for presentation to the customer;
(d) the customer computer including input means for receiving information from the credit card along with the code generated by the authentication server and output means for transmitting the code and credit card information to the authentication server;
(e) the authentication server further including means for comparing the credit card information and code received from the customer computer with that previously stored on the authentication server as a result of the positive identification by the identity verification agent, means for generating a unique digital certificate, and means for transmitting the certificate to customer computer; and
(f) the merchant server including means for determining whether a valid digital certificate issued from the authentication server is present on the customer computer.
-
-
41. A process for increasing security in credit card transactions occurring remotely between a credit cardholder'"'"'s computer and a merchant server over a computer network, the process comprising:
-
(a) reading a credit card containing information at a designated identifier;
(b) performing an identification transaction wherein the identifier determines whether the cardholder is authorized to use the credit card and, if so, an authentication server issues a code temporarily binding the identity of an individual possessing both the code and information printed on the credit card to that of the credit cardholder who presented the credit card to the identifier;
(c) creating a record of the identification transaction including the credit card information, the code, and the identity of the credit cardholder on an authentication server connected to a computer network;
(d) submitting the credit card information and the code from the cardholder'"'"'s computer to the authentication server over a computer network;
(e) comparing the credit card information and code submitted from the cardholder'"'"'s computer to the credit card information and code stored in the record of the identification transaction on the authentication server;
(f) transmitting a digital certificate from the authentication server to the cardholder'"'"'s computer when the card information and the code submitted from the cardholder'"'"'s computer match the card information and code stored in the record of the identification transaction on the authentication server;
whereby the presence of a digital certificate on the cardholder'"'"'s computer indicates to the merchant'"'"'s server in subsequent transactions with the cardholder'"'"'s computer that the cardholder is the owner of the card.
-
Specification