Methods and systems for securing electronic transactions

US 20070027820A1
Filed: 07/28/2005
Published: 02/01/2007
Est. Priority Date: 07/28/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method of securing a prospective electronic transaction between a first party and a second party, the first party using a client computer, the method comprising:

generating a transaction indicia for the electronic transaction;

sending the transaction indicia to the client computer, wherein receipt of the transaction indicia by the client computer causes encryption of the transaction indicia and account information associated with the first party into encrypted data;

responsive to receipt of the transaction indicia and the account information from a data center to which the client computer has communicated the encrypted data, completing the electronic transaction on a basis of the account information.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for securing a prospective electronic transaction between a first party and a second party. The system comprises an authentication entity adapted for generating a transaction indicia for the electronic transaction and sending the transaction indicia to the client computer, wherein receipt of the transaction indicia by a client computer used by the first party causes encryption of the transaction indicia and account information associated with the first party into encrypted data. Also, the system comprises a data center adapted for receiving the encrypted data from the client computer; decrypting the encrypted data to obtain the transaction indicia and the account information associated with the first party; and sending the transaction indicia and the account information to the authentication entity for completion of the electronic transaction on a basis of the account information.

25 Citations

View as Search Results

34 Claims

1. A method of securing a prospective electronic transaction between a first party and a second party, the first party using a client computer, the method comprising:
- generating a transaction indicia for the electronic transaction;
  
  sending the transaction indicia to the client computer, wherein receipt of the transaction indicia by the client computer causes encryption of the transaction indicia and account information associated with the first party into encrypted data;
  
  responsive to receipt of the transaction indicia and the account information from a data center to which the client computer has communicated the encrypted data, completing the electronic transaction on a basis of the account information.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method defined in claim 1, the electronic transaction being a commercial transaction, the first party being a consumer, the second party being a merchant.
  - 3. The method defined in claim 1, the electronic transaction being a login transaction, the first party being a user, the second party being a service provider.
  - 4. The method defined in claim 1, wherein said sending the transaction indicia to the client computer comprises sending the transaction indicia to the client computer via the second party.
  - 5. The method defined in claim 1, wherein the client computer and the second party communicate over the Internet.
  - 6. The method defined in claim 1, wherein said encryption of the transaction indicia and account information associated with the first party is performed by an portable memory device communicatively coupled to the client computer.

7. A method of securing a prospective electronic transaction between a first party and a second party, the first party using a client computer, the method comprising:
- receiving encrypted data from the client computer, the encrypted data comprising (I) an encrypted version of a transaction indicia obtained by the client computer from an authentication entity and (II) an encrypted version of account information associated with the first party obtained from a portable memory device communicatively coupled to the client computer;
  
  decrypting the encrypted data using decryption parameters to obtain the transaction indicia and the account information;
  
  sending the transaction indicia and the account information to the authentication entity for completion of the electronic transaction on a basis of the account information.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15)
- - 8. The method defined in claim 7, further comprising consulting a database to obtain the decryption parameters.
  - 9. The method defined in claim 8, further comprising receiving an identifier of the portable memory device in association with the encrypted data.
  - 10. The method defined in claim 9, wherein the database is organized into records indexed by respective identifiers, wherein consulting the database to obtain the decryption parameters comprises providing the identifier of the portable memory device as an index to the database and obtaining the decryption parameters in response thereto.
  - 11. The method defined in claim 7, further comprising:
    - generating a confirmation indicia for the electronic transaction;
      
      sending the confirmation indicia to the client computer, wherein receipt of the confirmation indicia by the client computer causes encryption of the confirmation indicia into second encrypted data;
      
      sending the confirmation indicia to the authentication entity for decryption at the authentication entity of the second encrypted data into decrypted data and comparison of the decrypted data with the confirmation indicia in order to confirm authenticity of the electronic transaction.
  - 12. The method defined in claim 11, further comprising sending the decryption parameters to the authentication entity for said decryption of the second encrypted data.
  - 13. The method defined in claim 7, wherein the portable memory device uses first encryption parameters to encrypt the transaction indicia and the account information, the method further comprising:
    - generating second encryption parameters for use by the client computer in encrypting a future transaction indicia and other account information that is also associated with the first party;
      
      sending the second encryption parameters to the client computer.
  - 14. The method defined in claim 7, the electronic transaction being a commercial transaction.
  - 15. The method defined in claim 7, the electronic transaction being a login transaction.

16. A system for securing a prospective electronic transaction between a first party and a second party, the first party using a client computer, the system comprising:
- an authentication entity adapted for;
  
  generating a transaction indicia for the electronic transaction;
  
  sending the transaction indicia to the client computer, wherein receipt of the transaction indicia by the client computer causes encryption of the transaction indicia and account information associated with the first party into encrypted data;
  
  a data center adapted for;
  
  receiving the encrypted data from the client computer;
  
  decrypting the encrypted data to obtain the transaction indicia and the account information associated with the first party;
  
  sending the transaction indicia and the account information to the authentication entity for completion of the electronic transaction on a basis of the account information.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The system defined in claim 16, further comprising a portable memory device communicatively coupled to the client computer, the portable memory device being adapted to perform said encryption of the transaction indicia and account information associated with the first party.
  - 18. The system defined in claim 16, the authentication entity being integrated with the second party.
  - 19. The system defined in claim 16, the authentication entity being connected to the second party via a gateway.
  - 20. The system defined in claim 16, the authentication entity being connected to the second party over a public data network.

21. A portable memory device for facilitating on-line transactions performed via a computer running a browser, said portable memory device comprising:
- a data storage medium for holding data indicative of account information;
  
  a communication interface for allowing said portable memory device to establish a temporary data communication pathway with the computer to supply via the data communication pathway the account information for use by the browser in effecting an on-line transaction.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 22. A portable memory device as defined in claim 21, wherein said communication interface is adapted for establishing a wireless connection with the computer.
  - 23. A portable memory device as defined in claim 21, wherein said communication interface includes a connector for establishing an electrical connection with the computer.
  - 24. A portable memory device as defined in claim 23, wherein said communication interface includes a USB connector.
  - 25. A portable memory device as defined in claim 24, wherein the account information pertains to a credit account.
  - 26. A portable memory device as defined in claim 24, wherein the account information pertains to a login account.
  - 27. A portable memory device as defined in claim 21, further comprising a processing unit in communication with said data storage medium for managing a transfer of data from said data storage medium to the computer via the data communication pathway.
  - 28. A portable memory device as defined in claim 27, wherein said processing unit is capable of performing a user authentication process.
  - 29. A portable memory device as defined in claim 28, wherein the user authentication process includes processing user authentication information supplied by a user.
  - 30. A portable memory device as defined in claim 29, wherein the user authentication information is entered at the computer and communicated to said processing unit via the data communication pathway.
  - 31. A portable memory device as defined in claim 30, wherein said processing unit is adapted to preclude transmission of the account information on the data communication pathway if the user authentication process fails.

32. A device for securing electronic transactions between a first party and a second party, the first party using a client computer, the device comprising:
- an input/output interface for interfacing with the client computer;
  
  a memory storing at least one account information record for the first party, each of the account information record storing account information and being accessible by a respective identifier;
  
  a processing unit having encryption functionality and adapted to interact with a browser executing on the client computer, the processing unit being responsive to receipt of a particular identifier to encrypt the account information in the account information record corresponding to the particular identifier into encrypted data and provide the encrypted data to the client computer via the input/output interface.

33. Computer-readable media tangibly embodying an application program executable by a client computer to perform a method of securing electronic transactions between the client computer and a server, the application program comprising:
- computer-readable program code means for being attentive to receipt of an identification of a desired account to be used in an electronic transaction;
  
  computer-readable program code means for signaling to the server a desire to effect the electronic transaction;
  
  computer-readable program code means for being attentive to receipt from an authentication entity of a transaction indicia for the electronic transaction;
  
  computer-readable program code means for supplying the transaction indicia and the identification of the desired account to a device communicatively coupled with the client computer;
  
  computer-readable program code means for being attentive to receipt from the device of an information packet comprising an encrypted version of the transaction indicia and an encrypted version of account information associated with the desired account;
  
  computer-readable program code means for releasing the information packet to a data center capable of decrypting the information packet and forwarding the transaction indicia and the account information to the authentication entity for completion of the electronic transaction.
- View Dependent Claims (34)
- - 34. Computer-readable media defined in claim 33, the application program further comprising:
    - computer-readable program code means for being attentive to receipt of an identification of a desired shipping or billing address to be used in the electronic transaction;
      
      computer-readable program code means for supplying the identification of the desired shipping or billing address to the device;
      
      computer-readable program code means for being attentive to receipt of address information associated with the desired shipping or billing address;
      
      computer-readable program code means for releasing the address information to the server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amir Elharar, Moshe Hezrony
Original Assignee
Amir Elharar, Moshe Hezrony
Inventors
Elharar, Amir, Hezrony, Moshe

Application Number

US11/191,718
Publication Number

US 20070027820A1
Time in Patent Office

Days
Field of Search
US Class Current

705/76
CPC Class Codes

G06Q 20/12   specially adapted for elect...

G06Q 20/3821   Electronic credentials

G06Q 20/403   Solvency checks

G06Q 20/42   Confirmation, e.g. check or...

Methods and systems for securing electronic transactions

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

25 Citations

34 Claims

Specification

Use Cases

Quick Links

Others

Methods and systems for securing electronic transactions

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

34 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others