Microchip-enabled online transaction system
First Claim
1. A microchip-enabled online transaction method, comprising the steps of:
- authenticating, by a host system, a user whose communication channel with a merchant, is redirected from said merchant to said host system;
obtaining, by said host system, user'"'"'s transaction account number; and
transmitting transaction information from said host system to said merchant to facilitate a transaction.
1 Assignment
0 Petitions
Accused Products
Abstract
A microchip-enabled online transaction system and method that emulates a “card-present” transaction in an online or remote environment by using an improved authentication and transaction system. More specifically, this system uses an authenticating instrument (e.g., smart card), an authenticating instrument reader (e.g., smart card reader), and a user-specific identification signature (e.g., user PIN) to better authenticate an online purchaser. Additionally, this system may also employ techniques (1) for transmitting to a merchant a secondary transaction number in place of the user'"'"'s primary transaction account number, and (2) for automatically filling an online merchant'"'"'s payment and shipping web pages with the appropriate profiled user information.
321 Citations
24 Claims
-
1. A microchip-enabled online transaction method, comprising the steps of:
-
authenticating, by a host system, a user whose communication channel with a merchant, is redirected from said merchant to said host system;
obtaining, by said host system, user'"'"'s transaction account number; and
transmitting transaction information from said host system to said merchant to facilitate a transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 15, 16, 18, 20, 21)
-
-
12. A computer-implemented online user authentication method, comprising the steps of:
-
determining, by a merchant, the presence of an authentication instrument reader on a user'"'"'s computer system;
redirecting said user from a merchant website to a host system website;
issuing, by said host system, a challenge string to said user;
prompting said user to cause an authenticating instrument to communicate with said authenticating instrument reader;
prompting said user to provide a user-specific identification signature;
receiving, from said user, a digital certificate that is associated with a transaction account number and a signed challenge string; and
comparing said digital certificate and said signed challenge with host system data to determine if said user is authorized to use said transaction account number.
-
-
14. A microchip-enabled online transaction method, comprising the steps of:
-
recognizing the presence of an authentication instrument reader on said user system when said user is browsing a merchant website;
upon recognizing the presence of said authentication instrument reader on the user system, posting a hyperlink button to said user'"'"'s browser, where upon selection of said hyperlink button by said user, redirecting said user'"'"'s browser to a host system website; and
receiving user transaction data from said host system to facilitate a transaction with said user.
-
-
17. A microchip-enabled online transaction method, comprising the steps of:
-
ascertaining (1) an authentication instrument that is associated with a primary transaction account, and (2) a user-specific identification;
browsing a merchant'"'"'s website for goods or services;
selecting a product or service to purchase;
clicking on a hyperlink button that redirects a user'"'"'s browser to a host system website and causing a host system to request user authentication information; and
responding to said host system request by facilitating the communication of said authentication instrument with an authentication instrument reader and providing said user-specific identification signature.
-
-
19. A computerized host system configured to facilitate a microchip-enabled online transaction, comprising:
-
a web server for maintaining a host system website; and
an authentication server configured to receive a digital certificate and a signed challenge string in order to determine if said user is authorized to use a particular transaction account number.
-
-
22. A microchip-enabled online transaction method, comprising the steps of:
-
profiling a plurality of merchant websites to determine the appropriate transaction fields for completing transactions with each of said plurality of merchant websites;
storing in a host system profile database said profile for each of said plurality of merchant websites;
communicating with a user system over the internet, wherein upon establishing said communication with said user system, it is determined that a user desires to complete a transaction with a particular merchant;
recognizing the presence of a smart card reader on said user system;
prompting said user to cause user'"'"'s smart card to communicate with said smart card reader;
issuing to said user a challenge string;
prompting said user to enter a user-specific passcode;
receiving a smart card-specific digital certificate;
receiving a signed challenge string;
comparing said smart card-specific digital certificate and said signed challenge string to facilitate two-factor authentication to verify that said user is authorized to use a transaction account number;
generating a secondary transaction number and associating said secondary transaction number with said transaction account number; and
providing said secondary transaction number to a merchant to facilitate the completion of a transaction between said user and said merchant.
-
-
23. A microchip-enabled online transaction method, comprising the steps of:
-
authenticating a user whose web browser was redirected from a merchant website to a host system website;
retrieving from a host system database a transaction account number associated with said user;
generating a secondary transaction number and associating said secondary transaction number with said transaction account number; and
transmitting information comprising the secondary transaction number to said merchant in order to facilitate a transaction.
-
-
24. A microchip-enabled online transaction system and method, comprising the steps of:
-
configuring a merchant website to send an applet to a user system to determine if said user system is configured with a host system authentication instrument reader and software;
posting to a user'"'"'s web browser a hyperlink button capable of redirecting a user from said merchant website to a host system website in order to facilitate user authentication;
receiving from said host system transaction data associated with said user; and
completing said transaction with said user.
-
Specification