User interface and anti-phishing functions for an anti-spam micropayments system
First Claim
1. A process for authenticating the source of an email in a distributed email system having a secure micropayment server coupled via a wide area network to a plurality of sender and receiver client computers, comprising:
- A) receiving in a receiver client computer from a secure micropayment server at least a transaction number for a protected email sent from a sender client computer to a receiver client computer after said sender client computer has carried out a micropayment protocol with said secure micropayment server and said secure micropayment server has generated a transaction number as a result of said micropayment protocol;
B) receiving in said receiver client computer said protected email, said protected email having a header containing an encrypted version of a secure micropayment account number of the sender of said email, said secure micropayment account number being securely stored in a secure micropayment server and encrypted with an encryption key which is stored in said secure micropayment server and associated with said transaction number such that said encryption key can be retrieved using said transaction number;
C) displaying said protected email or selected information identifying said protected email in a browser window or email client application window of a browser or email client application executing on said receiver client computer along with an indication of from whom said protected email purports to be from;
D) displaying a user interface mechanism on said receiver client computer which can be invoked by a user when said user wishes to authenticate the source of said email;
E) receiving user input invoking said user interface mechanism and responding thereto by sending an authentication request message to said secure micropayment server requesting authentication of the source of said protected email and including with said message said encrypted secure micropayment account number from said header of said protected email to be authenticated;
F) receiving a reply message back from said secure micropayment server after said micropayment server has looked up the identity of the person or entity which owns the secure micropayment account number included with said authentication request message, said reply message indicating whether said protected email is from the source it purports to be from; and
G) displaying on said receiver client computer and indication as to whether said protected email is or is not from the source it purports to be from.
2 Assignments
0 Petitions
Accused Products
Abstract
A protocol for protected email transmission using micropayments and a segregated inbox in which protected emails are displayed. The protocol also involves authentication of the sender to defeat phishers and an opt out protocol which can be used to block protected emails from sources from which the user no longer wishes to receive emails even if the source has made a micropayment. Branded email is also taught wherein a sender of protected emails can pay extra to have a miniature version of its brand logo or trademark displayed with its email in the segregated inbox. A white list is maintained on the protected email server (along with the opt out black list) so that recipients can designate specific senders who may send email to that recipient without paying a micropayment and still have the protected email displayed in the segregated inbox.
91 Citations
11 Claims
-
1. A process for authenticating the source of an email in a distributed email system having a secure micropayment server coupled via a wide area network to a plurality of sender and receiver client computers, comprising:
-
A) receiving in a receiver client computer from a secure micropayment server at least a transaction number for a protected email sent from a sender client computer to a receiver client computer after said sender client computer has carried out a micropayment protocol with said secure micropayment server and said secure micropayment server has generated a transaction number as a result of said micropayment protocol;
B) receiving in said receiver client computer said protected email, said protected email having a header containing an encrypted version of a secure micropayment account number of the sender of said email, said secure micropayment account number being securely stored in a secure micropayment server and encrypted with an encryption key which is stored in said secure micropayment server and associated with said transaction number such that said encryption key can be retrieved using said transaction number;
C) displaying said protected email or selected information identifying said protected email in a browser window or email client application window of a browser or email client application executing on said receiver client computer along with an indication of from whom said protected email purports to be from;
D) displaying a user interface mechanism on said receiver client computer which can be invoked by a user when said user wishes to authenticate the source of said email;
E) receiving user input invoking said user interface mechanism and responding thereto by sending an authentication request message to said secure micropayment server requesting authentication of the source of said protected email and including with said message said encrypted secure micropayment account number from said header of said protected email to be authenticated;
F) receiving a reply message back from said secure micropayment server after said micropayment server has looked up the identity of the person or entity which owns the secure micropayment account number included with said authentication request message, said reply message indicating whether said protected email is from the source it purports to be from; and
G) displaying on said receiver client computer and indication as to whether said protected email is or is not from the source it purports to be from. - View Dependent Claims (2)
-
-
3. A process for automatic authentication of protected emails in a distributed email system having a secure micropayment server coupled via a wide area network to a plurality of sender and receiver client computers wherein a sender computer sends to said secure micropayments computer a message including at least an encrypted password or encrypted micropayment account number and requests a stemp, said message also including the header of an email to be sent to a particular recipient, comprising:
-
decrypting an encrypted password or encrypted micropayment account number and using said decrypted information to verify the identity of the sender of said request;
verifying the sender so identified has a micropayments account with sufficient balance to cover the cost of the micropayment requested and deducting the cost of the micropayment, or determining if the sender is on a white list of the intended recipient of the message;
if the sender has a valid micropayment account with sufficient balance or is on a white list of the recipient, encrypting a Truemark, generic stemp or white list stemp with the micropayment account number of the sender and a transaction number for the email and saving the encryption key and sending the encrypted Truemark, generic stemp or white list stemp back to a sender computer;
sending the transaction number and the Truemark, generic stemp or white list stemp to a recipient computer to which said protected email is to be sent.
-
-
4. A process for manually authenticating a sender in a protected email system having a protected email server coupled via a wide area network to a plurality of recipient computers and a plurality of sever computers, comprising the steps:
-
A) in a recipient computer, launching a browser application to establish a separate browser window separate and apart from a browser window displayed on said recipient computer in which is displayed a segregated email window in which protected emails are displayed;
B) receiving data defining a predetermined URL in a URL address bar of said separate browser window, said predetermined URL being the address of an authentication web page provided by a protected email server or another server coupled to said recipient computer;
C) receiving data at said recipient computer which defines the appearance and functionality of said authentication web page and which defines on a display of said authentication web page a box or other selection area to which Truemarks, stemps or generic logos are to dragged;
D) receiving user input which selects a particular Truemark, generic stemp or white list stemp and drags it to said box or other selection area displayed in said separate browser window;
E) responding to dragging of said Truemark, generic stemp or white list stemp to said selection area by sending to a protected email server or other server executing software which presents said authentication web page information from a header of an email whose Truemark, generic stemp or white list stemp was dragged to said selection area, said information being information needed to authenticate the source of said selected email including said Truemark, generic stemp or white list stemp;
F) in said protected email server or other server executing code implementing said authentication page, dehashing said Truemark, generic stemp or white list stemp received from said recipient computer and decrypting said Truemark, generic stemp or white list stemp to retrieve a transaction number encoded therein;
G) using said transaction number to look up an appropriate key to decrypt an account number encrypted in said Truemark, generic stemp or white list stemp and using said key to decrypt said account number;
H) using said account number to look up the identity of the sender of the email which contained said Truemark, generic stemp or white list stemp and sending said identity back to said recipient computer.
-
-
5. A process for managing opt out requests from recipients of protected email received in a micropayments environment having a protected email server coupled via a wide area network to a plurality of recipient computers and a plurality of sever computers, comprising the steps:
-
A) receiving said opt out request message from one of said recipient computers containing an encrypted micropayment account number and a transaction number related to a protected email selected by a user of said recipient computer for opt out;
B) using said transaction number to look up an encryption key used to encrypt said micropayment account number which was encrypted in a Truemark or logo in the header which was sent back to a sender computer which requested a micropayment transaction to send an email which became said selected Exsis email on said recipient computer;
C) using said encryption key to attempt to decrypt said encrypted micropayment account number received from said recipient computer with said authentication request message;
D) if said encrypted micropayment account number does not decrypt properly, sending a message to said recipient computer that said selected Exsis email is not from who it purports to be from;
E) if said encrypted micropayment account number does decrypt properly, using said micropayment account number to look up the identity of the sender of said selected Exsis email;
F) adding the identity of the sender to an opt out list maintained on said protected email server for the recipient of said selected Exsis email;
G) when a request to send an email to said recipient computer which requested opt out from emails from said sender arrives from a sender computer operated by the sender who was added to said recipient'"'"'s opt out list, checking to determine if said sender is on said opt out list for said recipient, and, determining that said sender is on said opt out list and blocking said email transaction by refusing to send back to said sender computer a stemp or Truemark or logo encrypted with data indicating a micropayment has been made.
-
-
6. A recipient client computer for coupling to a protected email server and a plurality of sender client computers via a wide area network, comprising:
-
a display;
a keyboard;
a pointing device;
a network interface;
a central processing unit coupled to said display, keyboard, network interface and pointing device and programmed with an operating system and one or more application programs which control said central processing unit to perform the following process;
A) receiving in said receiver client computer from a secure micropayment server at least a transaction number for a protected email sent from a sender client computer to a receiver client computer after said sender client computer has carried out a micropayment protocol with said secure micropayment server and said secure micropayment server has generated a transaction number as a result of said micropayment protocol;
B) receiving in said recipient client computer a protected email, said protected email having a header containing an encrypted version of a secure micropayment account number of the sender of said email, said secure micropayment account number being securely stored in a secure micropayment server and encrypted with an encryption key which is stored in said secure micropayment server and associated with said transaction number such that said encryption key can be retrieved using said transaction number;
C) displaying said protected email or selected information identifying said protected email in a browser window or email client application window of a browser or email client application executing on said receiver client computer along with an indication of from whom said protected email purports to be from;
D) displaying a user interface mechanism on said receiver client computer which can be invoked by a user when said user wishes to authenticate the source of said email;
E) receiving user input invoking said user interface mechanism and responding thereto by sending an authentication request message to said secure micropayment server requesting authentication of the source of said protected email and including with said message said encrypted secure micropayment account number from said header of said protected email to be authenticated;
F) receiving a reply message back from said secure micropayment server after said micropayment server has looked up the identity of the person or entity which owns the secure micropayment account number included with said authentication request message, said reply message indicating whether said protected email is from the source it purports to be from; and
G) displaying on said receiver client computer and indication as to whether said protected email is or is not from the source it purports to be from.
-
-
7. A recipient client computer for coupling to a protected email server and a plurality of sender client computers via a wide area network, comprising:
-
a display;
a keyboard;
a pointing device;
a central processing unit coupled to said display, keyboard, network interface and pointing device and programmed with an operating system and one or more application programs which control said central processing unit to perform the following process;
A) in said recipient client computer, launching a browser application to establish a separate browser window separate and apart from a browser window displayed on said recipient client computer in which is displayed a segregated email window in which protected emails are displayed;
B) receiving data defining a predetermined URL in a URL address bar of said separate browser window, said predetermined URL being the address of an authentication web page provided by a protected email server or another server coupled to said recipient computer;
C) receiving data at said recipient client computer which defines the appearance and functionality of said authentication web page and which defines on a display of said authentication web page a box or other selection area to which Truemarks, stemps or generic logos are to dragged;
D) receiving user input which selects a particular Truemark, generic stemp or white list stemp and drags it to said box or other selection area displayed in said separate browser window;
E) responding to dragging of said Truemark, generic stemp or white list stemp to said selection area by sending to a protected email server or other server executing software which presents said authentication web page information from a header of an email whose Truemark, generic stemp or white list stemp was dragged to said selection area, said information being information needed to authenticate the source of said selected email including said Truemark, generic stemp or white list stemp;
F) in said protected email server or other server executing code implementing said authentication page, dehashing said Truemark, generic stemp or white list stemp received from said recipient computer and decrypting said Truemark, generic stemp or white list stemp to retrieve a transaction number encoded therein;
G) using said transaction number to look up an appropriate key to decrypt an account number encrypted in said Truemark, generic stemp or white list stemp and using said key to decrypt said account number;
H) using said account number to look up the identity of the sender of the email which contained said Truemark, generic stemp or white list stemp and sending said identity back to said recipient client computer.
-
-
8. A protected email server computer for coupling to a plurality of sender client computers and a plurality of recipient client computers via a wide area network, comprising:
-
a display;
a keyboard;
a pointing device;
a network interface;
a central processing unit coupled to said display, keyboard, network interface and pointing device and programmed with an operating system and one or more application programs which control said central processing unit to perform the following process;
A) receiving opt out request message from one of said recipient computers containing an encrypted micropayment account number and a transaction number related to a protected email selected by a user of said recipient computer for opt out;
B) using said transaction number to look up an encryption key used to encrypt said micropayment account number which was encrypted in a Truemark or logo in the header which was sent back to a sender computer which requested a micropayment transaction to send an email which became said selected Exsis email on said recipient computer;
C) using said encryption key to attempt to decrypt said encrypted micropayment account number received from said recipient computer with said authentication request message;
D) if said encrypted micropayment account number does not decrypt properly, sending a message to said recipient computer that said selected Exsis email is not from who it purports to be from;
E) if said encrypted micropayment account number does decrypt properly, using said micropayment account number to look up the identity of the sender of said selected Exsis email;
F) adding the identity of the sender to an opt out list maintained on said protected email server for the recipient of said selected Exsis email;
G) when a request to send an email to said recipient computer which requested opt out from emails from said sender arrives from a sender computer operated by the sender who was added to said recipient'"'"'s opt out list, checking to determine if said sender is on said opt out list for said recipient, and, determining that said sender is on said opt out list and blocking said email transaction by refusing to send back to said sender computer a stemp or Truemark or logo encrypted with data indicating a micropayment has been made.
-
-
9. A computer readable medium containing computer readable instructions which, when programmed into a protected email server computer coupled via a wide area network to a plurality of recipient client computers and a plurality of sender client computers, control said computer to perform the following process:
-
A) receiving opt out request message from one of said recipient computers containing an encrypted micropayment account number and a transaction number related to a protected email selected by a user of said recipient computer for opt out;
B) using said transaction number to look up an encryption key used to encrypt said micropayment account number which was encrypted in a Truemark or logo in the header which was sent back to a sender computer which requested a micropayment transaction to send an email which became said selected Exsis email on said recipient computer;
C) using said encryption key to attempt to decrypt said encrypted micropayment account number received from said recipient computer with said authentication request message;
D) if said encrypted micropayment account number does not decrypt properly, sending a message to said recipient computer that said selected Exsis email is not from who it purports to be from;
E) if said encrypted micropayment account number does decrypt properly, using said micropayment account number to look up the identity of the sender of said selected Exsis email;
F) adding the identity of the sender to an opt out list maintained on said protected email server for the recipient of said selected Exsis email;
G) when a request to send an email to said recipient computer which requested opt out from emails from said sender arrives from a sender computer operated by the sender who was added to said recipient'"'"'s opt out list, checking to determine if said sender is on said opt out list for said recipient, and, determining that said sender is on said opt out list and blocking said email transaction by refusing to send back to said sender computer a stemp or Truemark or logo encrypted with data indicating a micropayment has been made.
-
-
10. A computer readable medium containing computer readable instructions which, when programmed into a recipient client computer coupled via a wide area network to a plurality of server client computers and a protected email server computer, control said computer to perform the following process:
-
A) in said recipient client computer, launching a browser application to establish a separate browser window separate and apart from a browser window displayed on said recipient client computer in which is displayed a segregated email window in which protected emails are displayed;
B) receiving data defining a predetermined URL in a URL address bar of said separate browser window, said predetermined URL being the address of an authentication web page provided by a protected email server or another server coupled to said recipient computer;
C) receiving data at said recipient client computer which defines the appearance and functionality of said authentication web page and which defines on a display of said authentication web page a box or other selection area to which Truemarks, stemps or generic logos are to dragged;
D) receiving user input which selects a particular Truemark, generic stemp or white list stemp and drags it to said box or other selection area displayed in said separate browser window;
E) responding to dragging of said Truemark, generic stemp or white list stemp to said selection area by sending to said protected email server or other server executing software which presents said authentication web page information from a header of an email whose Truemark, generic stemp or white list stemp was dragged to said selection area, said information being information needed to authenticate the source of said selected email including said Truemark, generic stemp or white list stemp.
-
-
11. A computer readable medium containing computer readable instructions which, when programmed into a protected email server computer coupled via a wide area network to a plurality of recipient client computers and a plurality of sender client computers, control said computer to perform the following authentication process:
-
A) dehashing a Truemark, generic stemp or white list stemp received from one of said recipient computers and decrypting said Truemark, generic stemp or white list stemp to retrieve a transaction number and micropayments account number encoded therein;
B) using said transaction number to look up an appropriate key to decrypt said recovered micropayments account number encrypted in said Truemark, generic stemp or white list stemp and using said key to decrypt said micropayments account number;
C) using said account number to look up the identity of the sender of a user selected, protected email received by said recipient client computer and which contained said Truemark, generic stemp or white list stemp said receipient client computer sent to said protected email server with a request for authentication;
D) sending the identity determined in step C back to said recipient client computer, or sending a messaging indicating whether or not said user selected, protected email is or is not from the sender it purports to be from.
-
Specification