Method and apparatus for performing delegated transactions
First Claim
Patent Images
1. A computer implemented method for enabling a third party by a user to execute a transaction on behalf of the user, said method comprising:
- generating a token based on at least an account identifier identifying an account of said user, a secret authorization identifier known only by the user and said bank and corresponding to said account of said user, and a transaction definition defining the type of transaction to be performed;
encrypting said token by an encryption method to generate an encrypted token, said encryption method being predefined such that it is known by said bank and can be repeated by said bank;
transferring said encrypted token from said user to said third party to thereby authorize said third party to define the transaction as defined in said transaction definition on behalf of the account of said user specified in said token;
whereinfor executing said transaction said token is transferred to the bank to which the account specified in said token belongs, said bank verifying the authenticity of said token by performing an inverse encryption of said token in order to either allow or refuse said transaction on behalf of the account of said user depending on whether the correctness of said secret authorization identifier corresponding to said account could be verified or not, said method further comprising;
including in said token a list of identifiers identifying the items which should be bought by the third party on behalf of the user, said identifiers being respectively concatenated to random numbers and hashed;
transmitting said hashed values of the one or more items to be bought from the third party to the merchant and from the merchant to the bank; and
allowing the transaction by said bank only if the one or more hash values sent by the merchant are included in said encrypted token.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer implemented method for enabling a third party by a user to execute a transaction on behalf of the user, said method comprising:
- generating a token based on at least an account identifier identifying an account of said user, a secret authorization identifier known only by the user and said bank and corresponding to said account of said user, and a transaction definition defining the type of transaction to be performed;
- encrypting said token by an encryption method to generate an encrypted token, said encryption method being predefined such that it is known by said bank and can either be performed inversely or can be repeated by said bank;
- transferring said encrypted token from said user to said user to said third party to thereby authorize said third party to define the transaction as defined in said transaction definition on behalf of the account of said user specified in said token; wherein
- for executing said transaction said token is transferred to the bank to which the account specified in said token belongs, said bank verifying the authenticity of said token by either performing an inverse encryption of said token or by repeating said encryption of said unencrypted token which has been reassembled by said bank in order to either allow or refuse said transaction on behalf of the account of said user depending on whether the correctness of said secret authorization identifier corresponding to said account could be verified or not.
-
Citations
12 Claims
-
1. A computer implemented method for enabling a third party by a user to execute a transaction on behalf of the user, said method comprising:
-
generating a token based on at least an account identifier identifying an account of said user, a secret authorization identifier known only by the user and said bank and corresponding to said account of said user, and a transaction definition defining the type of transaction to be performed; encrypting said token by an encryption method to generate an encrypted token, said encryption method being predefined such that it is known by said bank and can be repeated by said bank; transferring said encrypted token from said user to said third party to thereby authorize said third party to define the transaction as defined in said transaction definition on behalf of the account of said user specified in said token;
whereinfor executing said transaction said token is transferred to the bank to which the account specified in said token belongs, said bank verifying the authenticity of said token by performing an inverse encryption of said token in order to either allow or refuse said transaction on behalf of the account of said user depending on whether the correctness of said secret authorization identifier corresponding to said account could be verified or not, said method further comprising; including in said token a list of identifiers identifying the items which should be bought by the third party on behalf of the user, said identifiers being respectively concatenated to random numbers and hashed; transmitting said hashed values of the one or more items to be bought from the third party to the merchant and from the merchant to the bank; and allowing the transaction by said bank only if the one or more hash values sent by the merchant are included in said encrypted token. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus for enabling a third party by a user to execute a transaction on behalf of the user, said apparatus comprising:
-
a module for generating a token based on at least an account identifier identifying an account of said user, a secret authorization identifier known only by the user and said bank and corresponding to said account of said user, and a transaction definition defining the type of transaction to be performed; a module for encrypting said token by an encryption method to generate an encrypted token, said encryption method being predefined such that it is known by said bank and can either be performed inversely or can be repeated by said bank; a module for transferring said encrypted token from said user to said third party to thereby authorize said third party to define the transaction as defined in said transaction definition on behalf of the account of said user specified in said token;
whereina module for transferring said token to the bank to which the account specified in said token belongs for execution, said bank verifying the authenticity of said token by either performing an inverse encryption of said token or by repeating said encryption of said unencrypted token which has been reassembled by said bank in order to either allow or refuse said transaction on behalf of the account of said user depending on whether the correctness of said secret authorization identifier corresponding to said account could be verified or not, said apparatus further comprising; a module for including in said token a list of identifiers identifying the items which should be bought by the third party on behalf of the user, said identifiers being respectively concatenated to random numbers and hashed; a module for transmitting said hashed values of the one or more items to be bought from the third party to the merchant and from the merchant to the bank; and a module for allowing the transaction by said bank only if the one or more hash values sent by the merchant are included in said encrypted token. - View Dependent Claims (9, 10, 11)
-
-
12. A computer program product comprising computer program code, said computer program code comprising:
-
computer program code for generating a token based on at least an account identifier identifying an account of said user, a secret authorization identifier known only by the user and said bank and corresponding to said account of said user, and a transaction definition defining the type of transaction to be performed; computer program code for encrypting said token by an encryption method to generate an encrypted token, said encryption method being predefined such that it is known by said bank and can be repeated by said bank; computer program code for transferring said encrypted token from said user to said third party to thereby authorize said third party to define the transaction as defined in said transaction definition on behalf of the account of said user specified in said token;
whereinfor executing said transaction said token is transferred to the bank to which the account specified in said token belongs, said bank verifying the authenticity of said token by performing an inverse encryption of said token in order to either allow or refuse said transaction on behalf of the account of said user depending on whether the correctness of said secret authorization identifier corresponding to said account could be verified or not, said computer program code further comprising; computer program code for including in said token a list of identifiers identifying the items which should be bought by the third party on behalf of the user, said identifiers being respectively concatenated to random numbers and hashed; computer program code for transmitting said hashed values of the one or more items to be bought from the third party to the merchant and from the merchant to the bank; and computer program code for allowing the transaction by said bank only if the one or more hash values sent by the merchant are included in said encrypted token.
-
Specification