System and method for conducting secure payment transaction
First Claim
1. A method for conducting a payment transaction using payment account identification data associated with a payment account, the method comprising:
- a. sending an authentication request message from a user processor to an authentication processor, the authentication request message comprising at least one of a user name, a password, transaction data, and the payment account identification data;
b. authenticating the authentication request message by the authentication processor; and
c. if the authenticating step is successful, performing a first set of steps, the first set of steps comprising the following steps;
i. sending an authentication response message from the authentication processor to the user processor, the authentication response message comprising authentication data, ii. sending from the user processor to a merchant processor at least one of the authentication response message and data derived from the authentication response message, and iii. sending a first authorization request message from the merchant processor to at least one of an acquirer processor and a payment organization processor, the first authorization request message comprising at least one of the authentication data and first data derived from the authentication data.
1 Assignment
0 Petitions
Accused Products
Abstract
In a secure electronic payment system, authentication data based on a payment account (e.g., a credit card account) is sent from an authentication server, through a user'"'"'s Web browser, to a merchant'"'"'s computer. The merchant'"'"'s computer sends the authentication data to a computer operated by the issuer of the payment account, either through a payment organization computer or through an acquirer computer operated by the merchant'"'"'s acquirer. The issuer'"'"'s computer verifies the authorization request message, thereby generating an authorization response message. The authorization response message is forwarded to the merchant'"'"'s computer, either through the payment organization computer or through the acquirer computer. If the authorization response message indicates that the verification was successful, the transaction is completed.
-
Citations
18 Claims
-
1. A method for conducting a payment transaction using payment account identification data associated with a payment account, the method comprising:
-
a. sending an authentication request message from a user processor to an authentication processor, the authentication request message comprising at least one of a user name, a password, transaction data, and the payment account identification data;
b. authenticating the authentication request message by the authentication processor; and
c. if the authenticating step is successful, performing a first set of steps, the first set of steps comprising the following steps;
i. sending an authentication response message from the authentication processor to the user processor, the authentication response message comprising authentication data, ii. sending from the user processor to a merchant processor at least one of the authentication response message and data derived from the authentication response message, and iii. sending a first authorization request message from the merchant processor to at least one of an acquirer processor and a payment organization processor, the first authorization request message comprising at least one of the authentication data and first data derived from the authentication data. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for conducting a payment transaction using payment account identification data associated with a payment account, the system comprising a processing arrangement configured to perform the steps of:
-
a. sending an authentication request message from a user processor to an authentication processor, the authentication request message comprising at least one of a user name, a password, transaction data, and the payment account identification data;
b. authenticating the authentication request message by the authentication processor; and
c. if the authenticating step is successful, performing a first set of steps, the first set of steps comprising the following steps;
i. sending an authentication response message from the authentication processor to the user processor, the authentication response message comprising authentication data, ii. sending from the user processor to a merchant processor at least one of the authentication response message and data derived from the authentication response message, and iii. sending a first authorization request message from the merchant processor to at least one of an acquirer processor and a payment organization processor, the first authorization request message comprising at least one of the authentication data and first data derived from the authentication data. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer-readable medium for conducting a payment transaction using payment account identification data associated with a payment account, the computer-readable medium having a set of instructions operable to direct at least one processor to perform the steps of:
-
a. sending an authentication request message from a user processor to an authentication processor, the authentication request message comprising at least one of a user name, a password, transaction data, and the payment account identification data;
b. authenticating the authentication request message by the authentication processor; and
c. if the authenticating step is successful, performing a first set of steps, the first set of steps comprising the following steps;
i. sending an authentication response message from the authentication processor to the user processor, the authentication response message comprising authentication data, ii. sending from the user processor to a merchant processor at least one of the authentication response message and data derived from the authentication response message, and iii. sending a first authorization request message from the merchant processor to at least one of an acquirer processor and a payment organization processor, the first authorization request message comprising at least one of the authentication data and first data derived from the authentication data. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification