Process and method for secure online transactions with calculated risk and against fraud

US 20030120615A1
Filed: 02/04/2000
Published: 06/26/2003
Est. Priority Date: 02/04/2000
Status: Active Grant

First Claim

Patent Images

1. In an electronic commerce online transaction that prevent consumer fraud arises from pirated payment card numbers, involving at least one participating host, as a trusted payment card host, serving between buyers, sellers and payment clearing processors, a process and method comprising the following steps:

buyer selects a participating host;

buyer participant sending order for goods and services online to seller participant, without sending payment card numbers along with said order;

seller participant confirms the said order with the said buyer participant;

buyer participant authorizes the payment of the said order by sending secret keys to the said participating host;

seller participant requests for payment approval from buyer participant'"'"'s payment card issuer, through participating host;

the seller participant fulfills the said order, and requests payment capturing through the said participating host.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An electronic commerce process that facilitates online transactions among multiple participants, that prevents consumer fraud due to pirated payment card numbers, with calculated risk, involving at least one trusted payment card host (3), where buyer'"'"'s payment card number is registered and corresponding secret keys are set up. The buyer (1b) initiates an online transaction by selecting a host from a list of hosts that served by the seller'"'"'s web server (2a). Then, the buyer participant (1a) sends an order online (4), SSL encrypted. The seller participant (2a) receives and decrypts the order, confirms the availability of ordered items, assigns an orderID to the order, and sends a response (5a), SSL encrypted, to the buyer participant (1a) with the assigned orderID. The buyer participant (1a) encrypts and notifies the selected host (3) of this order and orderID, and authorizes the payment (6a) using secret keys. At the same time, the seller participant also encrypts and sends payment approval request (7) for this orderID through the host. The host (3) decrypts and matches up the orderID, retrieves the secret keys, and hashes to obtain the corresponding payment card number. The host then encrypts and send for payment authorization (8a) from the payment card issuer with the payment card number, through payment clearing network. Upon receiving and decrypting the response (9) back from the payment card issuer, the host (3) encrypts and notifies (10a) the seller participant (2a) of the card issuer'"'"'s response (9) for the orderID. After fulfilling the order (11,12), the seller participant encrypts and sends for payment capturing (13a) for this order with orderID, through the host and payment network (14a,15,16).

Citations

9 Claims

1. In an electronic commerce online transaction that prevent consumer fraud arises from pirated payment card numbers, involving at least one participating host, as a trusted payment card host, serving between buyers, sellers and payment clearing processors, a process and method comprising the following steps:
- buyer selects a participating host;
  
  buyer participant sending order for goods and services online to seller participant, without sending payment card numbers along with said order;
  
  seller participant confirms the said order with the said buyer participant;
  
  buyer participant authorizes the payment of the said order by sending secret keys to the said participating host;
  
  seller participant requests for payment approval from buyer participant'"'"'s payment card issuer, through participating host;
  
  the seller participant fulfills the said order, and requests payment capturing through the said participating host.
- View Dependent Claims (2, 2, 3, 3, 4, 4, 5, 5, 5, 6, 7, 8, 8, 9)
- - 2. A process and method as recited in claim 1, wherein selection of participating host further comprising the steps that the said seller participant provides a list of hosts to the said buyer participant, and the said buyer participant selects the said participating host from the said list of hosts.
  - 2.1. 1. A process and method as recited in claim 2, wherein the said seller participant provides a list of hosts to the said buyer participant further including steps that seller participant encrypting the said list of hosts, and buyer participant decrypting the said list of hosts.
  - 3. A process and method as recited in claim 1, wherein buyer participant sending order for goods and services online further comprising the step of sending, alongside the said order, information of the said selected participating host.
  - 3.1. 1. A process and method as recited in claim 3, wherein buyer participant sending order and selected host online further comprising the steps:
    - the buyer participant encrypting the said order together with the said information of selected host;
      
      the seller participant decrypts the said order and selected host.
  - 4. A process and method as recited in claim 1, wherein seller participant confirms the said order to the said buyer participant further comprising additional steps;
    - seller participant generates an unique orderID that identifies the said order;
      
      seller participant sends an independent payment form to the buyer participant for completion, wherein the said payment form includes the said orderID displayed.
  - 4.1. 1. A process and method as recited in claim 4, wherein the seller participant sending a payment form to buyer participant further including steps:
    - the seller participant encrypts the payment form;
      
      the buyer participant decrypts the payment form.
  - 5. A process and method as recited in claim 1, wherein buyer participant authorizes payment for the said orders further comprising additional steps:
    - buyer completes the said payment form by entering secret keys into pertinent spaces, the said secret keys include at least one key for authentication, and another key for authorization;
      
      buyer participant sends the said completed payment authorization form to the said participating host;
      
      buyer participant notify the seller participant that payment authorization form of said orderID is completed and sent.
  - 5.1. 1. A process and method as recited in claim 5, wherein the buyer participant sending the completed payment form to the host, further includes the steps that buyer participant encrypts the completed payment form and the participating host decrypts the said payment form.
  - 5.2. 2. A process and method as recited in claim 5, wherein the buyer participant notifies the seller participant further including the steps of buyer participant encrypting the message of notification, and the seller participant decrypting the said message.
  - 6. A process and method as recited in claim 1, wherein seller participant requests for payment approval through participating host further including the steps:
    - seller participant encrypts the said orderID together with said payment request, and sent to the participating host;
      
      the participating host decrypts the request.
  - 7. A process and method as recited in claim 6, further comprising the following additional steps:
    - the participating host searches for the payment authorization form that matches the exact same orderID as that of the said payment approval request;
      
      the participating host retrieves the secret keys contained in the said payment form of exact same said orderID;
      
      the participating host hash with the said secret keys to obtain the payment card number;
      
      the participating host sent for payment approval authorization with the said payment card number through payment network.
  - 8. A process and method as recited in claim 6, further including the following additional steps:
    - the participating host receives payment approval request response;
      
      the participating host notifies the said seller participant with the said payment approval response, with orderID, but without the payment card number.
  - 8.1. 1 A process and method as recited in claim 8, wherein the participating host notifies the seller participant further comprising the steps:
    - the participating host merges the approval code, from said payment response, and the said orderID, and encrypts it and send the resulting encrypted approval response packet to the said seller participant;
      
      the seller participant decrypts the said approval response packet and secure it in database.
  - 9. A process and method as recited in claim 1, wherein seller participant requests payment capturing through the participating host further including the following steps:
    - the seller participant encrypts the payment capturing request packet, which, at least, includes the said orderID, payment approval code, and money amount, and send the resulting encrypted packet to the participating host;
      
      the participating host decrypts the said payment capturing request packet;
      
      the participating host verifies the payment capturing request;
      
      the participating host send for payment capturing through payment network, with the payment card number that corresponding to the said orderID.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Online Security Portfolio LLC
Original Assignee
B. Todd Patterson
Inventors
Kuo, James Shaw-Han

Granted Patent

US 6,847,953 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/78
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/0855   involving a third party

G06Q 20/12   specially adapted for elect...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/401   Transaction verification

G06Q 30/06   Buying, selling or leasing ...

Process and method for secure online transactions with calculated risk and against fraud

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Process and method for secure online transactions with calculated risk and against fraud

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links