System and method for user-controlled on-line transactions
First Claim
1. A method for authorizing a purchase transaction between a merchant and a purchaser over a network comprising:
- from a user computer, sending a purchase request to a merchant computer;
from the merchant computer, sending transaction data and an identifier indicative of an authentication methodology to the user computer and a clearinghouse computer;
proffering a biometric identifier to the user computer, wherein the user computer determines whether the proffered biometric identifier and a stored biometric identifier match;
in the event the proffered biometric identifier and the stored biometric identifier match, at the user computer sending an authentication dataset of purchaser identifying information associated with the authentication identifier and transaction information to the clearinghouse computer; and
at the clearinghouse computer, applying the authentication methodology associated with the authentication identifier to the authentication dataset of purchaser identifying information received from the user computer and to an authentication dataset of purchaser identifying information stored on the clearinghouse computer to authenticate the purchaser;
whereupon successful authentication of the purchaser, the transaction is authorized by the clearinghouse without any purchaser registration data being provided to the merchant.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention is a system and method for user-controlled on-line transactions. A user computer sends a request to purchase to a merchant computer. The merchant computer sends transaction data and an identifier indicative of an authentication methodology to the user computer and a clearinghouse computer. The purchaser proffers his or her biometric identifier to the user computer. If proffered biometric identifier matches a biometric identifier stored only on the user computer, the user computer sends an authentication dataset of purchaser identifying information associated with the authentication identifier and transaction information to the clearinghouse computer. The clearinghouse computer applies the authentication methodology associated with the authentication identifier to the authentication dataset of purchaser identifying information received from the user computer and to an authentication dataset of purchaser identifying information stored on the clearinghouse computer to authenticate the purchaser. If the purchaser is authenticated, the transaction is authorized by the clearinghouse without any purchaser registration data being provided to the merchant.
80 Citations
36 Claims
-
1. A method for authorizing a purchase transaction between a merchant and a purchaser over a network comprising:
-
from a user computer, sending a purchase request to a merchant computer;
from the merchant computer, sending transaction data and an identifier indicative of an authentication methodology to the user computer and a clearinghouse computer;
proffering a biometric identifier to the user computer, wherein the user computer determines whether the proffered biometric identifier and a stored biometric identifier match;
in the event the proffered biometric identifier and the stored biometric identifier match, at the user computer sending an authentication dataset of purchaser identifying information associated with the authentication identifier and transaction information to the clearinghouse computer; and
at the clearinghouse computer, applying the authentication methodology associated with the authentication identifier to the authentication dataset of purchaser identifying information received from the user computer and to an authentication dataset of purchaser identifying information stored on the clearinghouse computer to authenticate the purchaser;
whereupon successful authentication of the purchaser, the transaction is authorized by the clearinghouse without any purchaser registration data being provided to the merchant. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for authorizing a purchase transaction between a merchant and a purchaser over a network comprising:
-
storing on a user computer purchaser transaction information and a plurality of authentication datasets of purchaser identifying information (herein collectively, “
purchaser registration data”
), wherein each authentication dataset is associated with a unique authentication methodology;
uniquely associating the purchaser with the purchaser registration data stored on the user computer using a biometric identifier obtained from the purchaser and stored solely on the user computer;
storing the purchaser registration data on a clearinghouse computer;
from the user computer, sending a request to purchase to the merchant computer;
from the merchant computer, sending a bookmark index, a purchase transaction number specific to the transaction, and a purchase receipt to the user computer and sending the bookmark index the transaction number to the clearinghouse computer;
proffering a biometric identifier to the user computer, wherein the user computer determines whether the proffered biometric identifier and the stored biometric identifier match;
in the event the proffered biometric identifier and the stored biometric identifier match, at the user computer;
generating an authentication identifier, wherein the authentication identifier is associated with a unique authentication methodology;
generating a sequence string;
inserting the authentication identifier at a location within the sequence string determined by the bookmark index;
generating the particular one of the plurality of authentication datasets associated with the unique authentication method designated by the authentication identifier; and
sending the sequence string, the particular one of the plurality of authentication datasets, the transaction number and the purchase receipt to the clearinghouse computer;
at the clearinghouse computer, locating the authentication identifier in the sequence string using the bookmark index received from the merchant;
applying the unique authentication methodology associated with the authentication identifier to the particular one of the plurality of authentication datasets received from the user computer to authenticate the purchaser; and
in the event the application of the unique authentication methodology associated with the authentication identifier to the particular one of the plurality of authentication datasets is successful, authorizing the transaction without any purchaser registration data being provided to the merchant and without the use of complex mathematical encryption algorithms. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A system for conducting a purchase transaction over a network, the system comprising a buyer computer, a merchant computer and a clearinghouse computer each connected to the network, and wherein:
-
the merchant computer is adapted to;
receive from the buyer computer a purchase transaction request;
create a bookmark index, a purchase transaction number specific to the transaction, and a purchase receipt; and
send the bookmark index, the purchase transaction number specific to the transaction, and the purchase receipt to the user computer and send the bookmark index the transaction number to the clearinghouse computer; and
the buyer computer comprises a resident biometric identifier, computer purchaser transaction information and a plurality of authentication datasets of purchaser identifying information (herein collectively, “
purchaser registration data”
), wherein each authentication dataset is associated with a unique authentication methodology and wherein the buyer computer is adapted to;
send a purchase transaction request to the merchant computer;
receive from the merchant computer bookmark index, the purchase transaction number specific to the transaction, and the purchase receipt;
receive a proffered biometric identifier from the buyer;
make a determination whether the proffered biometric identifier matches the resident biometric identifier;
in the event the proffered biometric identifier matches the resident biometric identifier— generate an authentication identifier, wherein the authentication identifier is associated with a unique authentication methodology;
generate a sequence string;
insert the authentication identifier at a location within the sequence string determined by the bookmark index;
generate the particular one of the plurality of authentication datasets associated with the unique authentication method designated by the authentication identifier; and
send the sequence string, the particular one of the plurality of authentication datasets, the transaction number and the purchase receipt to the clearinghouse computer; and
the clearinghouse computer comprises purchaser registration data and is adapted to;
locate the authentication identifier in the sequence string using the bookmark index received from the merchant; and
apply the unique authentication methodology associated with the authentication identifier to the particular one of the plurality of authentication datasets received from the user computer to authenticate the purchaser; and
in the event the application of the unique authentication methodology associated with the authentication identifier to the particular one of the plurality of authentication datasets is successful, authorize the transaction without any purchaser registration data being provided to the merchant. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A method for authenticating a participant in a transaction conducted over a network, the method comprising:
-
generating a bookmark index at the computer of a first participant and sending the bookmark index to a clearinghouse computer and the computer of a second participant; and
at the computer of the second participant;
generating an authentication identifier, wherein the authentication identifier is associated with a unique authentication methodology;
generating a sequence string;
inserting the authentication identifier at a location within the sequence string determined by the bookmark index;
generating the particular one of the plurality of authentication datasets associated with the unique authentication method designated by the authentication identifier; and
sending the sequence string and the particular one of the plurality of authentication datasets to the clearinghouse computer.
-
-
36. A method for authenticating a participant in a transaction conducted over a network, the method comprising:
-
receiving at a clearinghouse computer a bookmark index from a first participant and a sequence string from a second participant;
locating an authentication identifier in the sequence string using the bookmark index received from the first participant; and
applying an authentication methodology associated with the authentication identifier to a particular one of the plurality of authentication datasets associated with the second participant;
in the event the application of the unique authentication methodology associated with the authentication identifier to the particular one of the plurality of authentication datasets is successful, authenticating the second participant.
-
Specification