Method and system for a virtual safe
First Claim
1. A method of performing a secure electronic commerce transaction over a network using a smart card, said network having a client terminal, a merchant server, a payment server, and an authentication server, said smart card being a physical smart card or a virtual smart card, said smart card being associated with a user at said client terminal, said smart card having associated smart card information, said smart card information including an account balance, said smart card information being stored at said client terminal and at said authentication server, said method comprising the steps of:
- sending a transaction request message from said client terminal to said merchant server identifying a product for said transaction, said product having associated product information, said product information being displayed on a first web page supported by said merchant server, said user being able to view said web page at said client terminal using a browser;
sending transaction information from said merchant server to said client terminal in response to said transaction request message, said transaction information being contained in a second web page generated by said merchant server and displayable to said user through said browser, said transaction information including a price for said product, an IP address of said payment server, a transaction identifier, and a merchant identifier, said transaction identifier for tracking said transaction by said merchant server and by said payment server, said merchant identifier for tracking said transaction by said client terminal and said payment server;
receiving a user identifier and a PIN from said user at said client terminal for authorizing said transaction;
sending said user identifier, said PIN, and said transaction information from said client terminal to said authentication server;
comparing said price of said product to said account balance for said smart card at said authentication server to determine if said transaction can proceed, said account balance being stored at said authentication server and being accessed using said user identifier and said PIN, said transaction being terminated and a first termination message being sent from said authentication server to said client terminal for display to said user if said price exceeds said account balance by a predetermined amount;
sending a draw request message from said authentication server to said payment server using said IP address of said payment server, said draw request message containing said transaction information;
sending said draw request message from said payment server to said client terminal;
sending a debit request message from said client terminal to said payment server in response to said draw request message, said debit request message including a first digital signature, said first digital signature for verifying that said debit request message originated from said client terminal, said first digital signature being generated at said client terminal using said smart card information stored at said client terminal;
sending said debit request message from said payment server to said authentication server;
comparing at said authentication server said first digital signature contained in said debit request message to a first check digital signature generated at said authentication server using said smart card information stored at said authentication server to determine if said transaction can proceed, said transaction being terminated and a second termination message being sent from said authentication server to said client terminal for display to said user if said first digital signature does not match said first check digital signature;
updating said smart card information by debiting said account balance by paid price to produce an updated account balance and storing said updated account balance at said authentication server;
sending a debit response message from said authentication server to said payment server, said debit response message including a second digital signature, said second digital signature for verifying that said debit response message originated from said authentication server and for verifying that said account balance has been debited, said second digital signature being generated at said authentication server using said smart card information stored at said authentication server;
sending said debit response message from said payment server to said client terminal;
comparing at said client terminal said second digital signature contained in said debit response message to a second check digital signature generated at said client terminal using said smart card information stored at said client terminal, said smart card information stored at said client terminal including an expected updated account balance, to determine if said transaction can proceed, said transaction being terminated and a third termination message being displayed to said user if said second digital signature does not match said second check digital signature;
updating said smart card information by debiting said account balance by paid price to produce an updated account balance and storing said updated account balance at said client terminal;
sending a verification response message from said client terminal to said payment server, said verification response message including an indication that said second digital signature matches said second check digital signature and that said transaction can proceed;
logging said indication and said transaction information at said payment server;
sending a debit result message from said payment server to said authentication server, said debit result message for confirming that said transaction has been logged and that said transaction can proceed, said debit result message including said indication and said transaction information;
logging said debit result message at said authentication server;
sending said debit result message from said authentication server to said client terminal to confirm that said transaction has been logged and that said transaction can proceed;
sending said debit result message from said client terminal to said merchant server to confirm that said transaction has been logged and that said product can be released to said user; and
, sending a purchase receipt message from said merchant server to said client terminal, said purchase receipt message indicating that said product has been released to said user, thereby completing said secure electronic commerce transaction.
0 Assignments
0 Petitions
Accused Products
Abstract
A transaction server for performing a transaction over a network using a virtual smart card the server comprising, a virtual smart card database having a plurality of records each record including a virtual card identification and a value corresponding to a single virtual smart card; a security module; an emulator for emulating a smart card, the emulator for receiving smart card commands and processing the commands in conjunction with the virtual smart card database and the security module; and a virtual card reader module for receiving the smart card commands and relaying the commands to the smart card emulator whereby transactions are performed over the network using one or more the records and the virtual smart card database.
-
Citations
6 Claims
-
1. A method of performing a secure electronic commerce transaction over a network using a smart card, said network having a client terminal, a merchant server, a payment server, and an authentication server, said smart card being a physical smart card or a virtual smart card, said smart card being associated with a user at said client terminal, said smart card having associated smart card information, said smart card information including an account balance, said smart card information being stored at said client terminal and at said authentication server, said method comprising the steps of:
-
sending a transaction request message from said client terminal to said merchant server identifying a product for said transaction, said product having associated product information, said product information being displayed on a first web page supported by said merchant server, said user being able to view said web page at said client terminal using a browser;
sending transaction information from said merchant server to said client terminal in response to said transaction request message, said transaction information being contained in a second web page generated by said merchant server and displayable to said user through said browser, said transaction information including a price for said product, an IP address of said payment server, a transaction identifier, and a merchant identifier, said transaction identifier for tracking said transaction by said merchant server and by said payment server, said merchant identifier for tracking said transaction by said client terminal and said payment server;
receiving a user identifier and a PIN from said user at said client terminal for authorizing said transaction;
sending said user identifier, said PIN, and said transaction information from said client terminal to said authentication server;
comparing said price of said product to said account balance for said smart card at said authentication server to determine if said transaction can proceed, said account balance being stored at said authentication server and being accessed using said user identifier and said PIN, said transaction being terminated and a first termination message being sent from said authentication server to said client terminal for display to said user if said price exceeds said account balance by a predetermined amount;
sending a draw request message from said authentication server to said payment server using said IP address of said payment server, said draw request message containing said transaction information;
sending said draw request message from said payment server to said client terminal;
sending a debit request message from said client terminal to said payment server in response to said draw request message, said debit request message including a first digital signature, said first digital signature for verifying that said debit request message originated from said client terminal, said first digital signature being generated at said client terminal using said smart card information stored at said client terminal;
sending said debit request message from said payment server to said authentication server;
comparing at said authentication server said first digital signature contained in said debit request message to a first check digital signature generated at said authentication server using said smart card information stored at said authentication server to determine if said transaction can proceed, said transaction being terminated and a second termination message being sent from said authentication server to said client terminal for display to said user if said first digital signature does not match said first check digital signature;
updating said smart card information by debiting said account balance by paid price to produce an updated account balance and storing said updated account balance at said authentication server;
sending a debit response message from said authentication server to said payment server, said debit response message including a second digital signature, said second digital signature for verifying that said debit response message originated from said authentication server and for verifying that said account balance has been debited, said second digital signature being generated at said authentication server using said smart card information stored at said authentication server;
sending said debit response message from said payment server to said client terminal;
comparing at said client terminal said second digital signature contained in said debit response message to a second check digital signature generated at said client terminal using said smart card information stored at said client terminal, said smart card information stored at said client terminal including an expected updated account balance, to determine if said transaction can proceed, said transaction being terminated and a third termination message being displayed to said user if said second digital signature does not match said second check digital signature;
updating said smart card information by debiting said account balance by paid price to produce an updated account balance and storing said updated account balance at said client terminal;
sending a verification response message from said client terminal to said payment server, said verification response message including an indication that said second digital signature matches said second check digital signature and that said transaction can proceed;
logging said indication and said transaction information at said payment server;
sending a debit result message from said payment server to said authentication server, said debit result message for confirming that said transaction has been logged and that said transaction can proceed, said debit result message including said indication and said transaction information;
logging said debit result message at said authentication server;
sending said debit result message from said authentication server to said client terminal to confirm that said transaction has been logged and that said transaction can proceed;
sending said debit result message from said client terminal to said merchant server to confirm that said transaction has been logged and that said product can be released to said user; and
,sending a purchase receipt message from said merchant server to said client terminal, said purchase receipt message indicating that said product has been released to said user, thereby completing said secure electronic commerce transaction. - View Dependent Claims (2, 3)
-
-
4. A transaction server for performing a transaction over a network using a virtual smart card said server comprising:
-
a) a virtual smart card database having a plurality of records each record including a virtual card identification and a value corresponding to a single virtual smart card;
b) a security module;
c) an emulator for emulating a smart card, said emulator for receiving smart card commands and processing said commands in conjunction with said virtual smart card database and said security module; and
d) a virtual card reader module for receiving said smart card commands and relaying said commands to said smart card emulator whereby transactions are performed over said network using one or more said records and said virtual smart card database. - View Dependent Claims (6)
-
-
5. A method for performing a transaction over a network using a virtual smart card and a server, said method comprising the steps of:
-
a) creating a plurality of records on a virtual smart card database, each record including a virtual card identifier and a value corresponding to a single virtual smart card;
b) receiving smart card commands via a smart card emulator and processing said commands in conjunction with said virtual smart card database and a security module; and
c) receiving said smart card commands via a virtual card reader module and relaying said commands to said smart card emulator whereby transactions are performed over said network using said server and one or more of said records in said virtual smart card database.
-
Specification