Method for electronic commerce using security token and apparatus thereof
First Claim
1. An electronic commerce method using a security token comprising:
- a transaction approval institution generating a security token based on a security assertion markup language (SAML), using credit information of a purchaser who requests to issue a security token, and transmitting the security token to the purchaser;
the purchaser writing an electronic signature on an order and transmitting the order together with the security token to a seller;
the seller verifying the received order and security token, and then delivering goods according to the order to the purchaser; and
the transaction approval institution performing payment for the seller and the purchaser.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for electronic commerce using a security token and an apparatus thereof are provided. The electronic commerce method using a security token comprises a transaction approval institution generating a security token based on a security assertion markup language (SAML), using credit information of a purchaser who requests to issue a security token, and transmitting the security token to the purchaser; the purchaser writing an electronic signature on an order and transmitting the order together with the security token to a seller; the seller verifying the received order and security token, and then delivering goods according to the order to the purchaser; and the transaction approval institution performing payment for the seller and the purchaser. The method can solve the problems of personal information leakage and privacy infringement that may happen when a purchaser sends his personal information to a seller for electronic commerce. Since the token is one-time-use data, even if a security token sent is counterfeited or stolen, the loss can be minimized. In addition, by writing an extensible markup language (XML) electronic signature in the security token, authentication, integrity, and non-repudiation for a transmitted message can be guaranteed and through simple object access protocol (SOAP) security technology, confidentiality is maintained.
121 Citations
11 Claims
-
1. An electronic commerce method using a security token comprising:
-
a transaction approval institution generating a security token based on a security assertion markup language (SAML), using credit information of a purchaser who requests to issue a security token, and transmitting the security token to the purchaser;
the purchaser writing an electronic signature on an order and transmitting the order together with the security token to a seller;
the seller verifying the received order and security token, and then delivering goods according to the order to the purchaser; and
the transaction approval institution performing payment for the seller and the purchaser. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A security token generation system comprising:
-
a customer information storage unit which stores customer information;
a security token generation unit which if a security token generation request signal is input, searches the customer information storage unit and performs authentication and then outputs a one-time-use security token; and
an electronic signature unit which receives the security token, writes an electronic signature, and outputs the security token to the customer requesting to issue the security token. - View Dependent Claims (7, 8)
-
-
9. An electronic token generation method of an electronic transaction approval institution based on credit information of a purchaser comprising:
-
generating a one-time-use security token based on an XML;
writing an electronic signature in the security token; and
encrypting the electronically signed security token as a part of POST payload and transmitting to the purchaser. - View Dependent Claims (10, 11)
-
Specification