Secure electronic commerce

US 20020162027A1
Filed: 02/22/2002
Published: 10/31/2002
Est. Priority Date: 02/23/2001
Status: Active Grant

First Claim

Patent Images

1. A method for enhancing security of network transactions, comprising:

receiving, over a public Internet, information relating to a pending transaction between a vendor server and a client;

sending a message addressed to said client over said public Internet with a set of computer readable instructions having transaction-specific information, said set of computer readable instructions comprising access instructions for connecting said client to a transaction server system on a private network such that sensitive information relating to said transaction is directed to said transaction server system.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Secure transactions are achieved over a public network by using a private network to handle the sensitive information of the transaction. When a client requests a product from a vendor server over a public network, the vendor server notifies a facilitation server on the public network. This results in the client receiving a set of computer readable instructions from the facilitation server. The set of instructions provide access instructions to a transaction server system on the private network so that sensitive transaction information is sent to the transaction server system on the private network rather than over the public Internet. Where the sensitive information is credit card information, the transaction server system may obtain authorisation for the transaction from a financial institution and then notify the vendor accordingly. Where the sensitive information is the identity of a user of the client, the transaction server may selectively authorise the transaction without the vendor being apprised of the identity of a user of the client. Secure communications may also be achieved by sending sensitive communications over the private network.

108 Citations

View as Search Results

27 Claims

1. A method for enhancing security of network transactions, comprising:
- receiving, over a public Internet, information relating to a pending transaction between a vendor server and a client;
  
  sending a message addressed to said client over said public Internet with a set of computer readable instructions having transaction-specific information, said set of computer readable instructions comprising access instructions for connecting said client to a transaction server system on a private network such that sensitive information relating to said transaction is directed to said transaction server system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1 further comprising:
    - provisioning said set of computer readable instructions with said transaction-specific information prior to said sending.
  - 3. The method of claim 2 further comprising:
    - receiving a transaction identifier and private network access information from said transaction server system;
      
      and wherein said provisioning comprises provisioning said set of computer readable instructions with said transaction identifier and said private network access information.
  - 4. The method of claim 3 wherein said information relating to a pending transaction comprises a vendor identifier, said transaction identifier, and a purchase amount.
  - 5. The method of claim 4 wherein said private network access information comprises a flat rate telephone number.
  - 6. The method of claim 4 wherein said private network access information comprises a fixed charge per minute telephone number and a number of minutes.
  - 7. The method of claim 2 wherein said sending comprises sending a location of said set of computer readable instructions.
  - 8. The method of claim 7 wherein said location is a universal resource locator (“
    - URL”
      
      ).
  - 9. The method of claim 7 wherein said location of said set of computer readable instructions is sent to one of said vendor server and said client.
  - 10. The method of claim 1 wherein said set of computer readable instructions comprise a first code segment which, when loaded into a processor of said client, cause said client to access said transaction server system on said private network.
  - 11. The method of claim 10 wherein said set of computer readable instructions comprise a second code segment which, when loaded into said processor of said client, cause said client to pass said transaction-specific information to said transaction server system.
  - 12. The method of claim 2 wherein said message is a transaction message and further comprising, prior to said sending said transaction message, sending a set-up message with a set of computer executable instructions for determining resources of said client for connecting to said private network.
  - 13. The method of claim 12 further comprising receiving an indication of resources of said client and wherein said provisioning is based, in part, on said indication of resources.
  - 14. The method of claim 2 wherein said set of computer readable instructions further comprises instructions for determining resources of said client for connecting to said private network.
  - 15. The method of claim 3 further comprising sending said information relating to a pending transaction to said transaction server system over a secure link prior to said receiving a transaction identifier and private network access information.
  - 16. The method of claim 4 wherein said information relating to a pending transaction further comprises a location of a data product which is subject of said pending transaction and access codes for use in accessing said data product.
  - 17. The method of claim 4 wherein said information relating to a pending transaction includes an internet protocol (“
    - IP”
      
      ) address of said client and wherein said private network access information comprises an IP address which an internet service provider (“
      
      ISP”
      
      ) of said client maps to a port connected over said private network to said transaction server system.
  - 18. The method of claim 1 wherein said receiving and said sending are performed at a web server and further comprising, at a transaction server system:
    - receiving customer-sensitive information and transaction identification information consequent upon execution of said set of computer readable instructions at a client;
      
      selectively sending transaction approval information.
  - 19. A computer-readable medium storing statements and instructions for use in the execution in a web server of the method of claim 1.
  - 20. A web server adapted for performing the method of claim 1.

21. A method for enhancing security of network purchase transactions, comprising:
- receiving, over a public Internet, information relating to a pending purchase transaction between a vendor server and a client;
  
  sending a message addressed to said client over said public Internet with a set of computer executable instructions for determining resources of said client for connecting to a private network.

22. A method for enhancing security of network transactions, comprising:
- receiving information relating to a pending transaction over a secure link, said information including a transaction identifier, access information for a data product, and a purchase amount;
  
  determining an appropriate chargeable telephone number based upon said purchase amount;
  
  storing said transaction identifier, said telephone number, and said access information; and
  
  returning said transaction identifier and said telephone number over said secure link.
- View Dependent Claims (23, 24, 25)
- - 23. The method of claim 22 further comprising:
    - receiving a telephone call made to said telephone number from a caller;
      
      during said call, receiving caller identity information;
      
      during said call, receiving said transaction identifier;
      
      storing said caller identity information with said transaction identifier;
      
      providing said access information to said data product to said caller.
  - 24. The method of claim 23 wherein said telephone number is a flat rate number.
  - 25. The method of claim 23 wherein said telephone number is a fixed charge per minute number and wherein said determining further comprises determining a number of minutes based on said purchase amount and storing said number of minutes.

26. A computer readable medium storing computer-readable instructions which, when read by a client, cause the client to:
- dial and establish a connection to a specific telephone number over a telephone network;
  
  send a transaction-specific identifier over said connection;
  
  receive a message over said connection with a universal resource locator (URL) and password;
  
  drop said connection;
  
  connect to said URL over a public Internet; and
  
  display said password.

27. An internet service provider having a border gateway protocol table with an entry mapping at least one Internet Protocol address to a port connected to a private network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Riavera Corp.
Original Assignee
Mark Itwaru
Inventors
Itwaru, Mark

Granted Patent

US 7,949,605 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/10   specially adapted for elect...

G06Q 20/12   specially adapted for elect...

G06Q 20/382   insuring higher security of...

G06Q 20/4014   Identity check for transact...

G06Q 20/425   using two different network...

G06Q 30/0601   Electronic shopping [e-shop...

G06Q 30/0613   Third-party assisted

H04L 2463/102   applying security measure f...

H04L 61/00   Network arrangements, proto...

H04L 61/2514   between local and global IP...

H04L 61/2517   using port numbers

H04L 63/083   using passwords cryptograph...

H04L 63/0838   using one-time-passwords

H04L 63/0846   using time-dependent-passwo...

H04L 63/168   above the transport layer

H04L 63/18   using different networks or...

H04L 67/14   Session management for real...

H04L 67/34   involving the movement of s...

H04L 69/329 : in the application layer [O...

View All

Secure electronic commerce

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

108 Citations

27 Claims

Specification

Use Cases

Quick Links

Others

Secure electronic commerce

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

108 Citations

27 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others