Method and apparatus for performing delegated transactions

US 20090198617A1
Filed: 07/28/2008
Published: 08/06/2009
Est. Priority Date: 07/27/2007
Status: Abandoned Application

First Claim

Patent Images

1. A computer implemented method for enabling a third party by a user to execute a transaction on behalf of the user, said method comprising:

generating a token based on at least an account identifier identifying an account of said user, a secret authorization identifier known only by the user and said bank and corresponding to said account of said user, and a transaction definition defining the type of transaction to be performed;

encrypting said token by an encryption method to generate an encrypted token, said encryption method being predefined such that it is known by said bank and can be repeated by said bank;

transferring said encrypted token from said user to said third party to thereby authorize said third party to define the transaction as defined in said transaction definition on behalf of the account of said user specified in said token;

whereinfor executing said transaction said token is transferred to the bank to which the account specified in said token belongs, said bank verifying the authenticity of said token by performing an inverse encryption of said token in order to either allow or refuse said transaction on behalf of the account of said user depending on whether the correctness of said secret authorization identifier corresponding to said account could be verified or not, said method further comprising;

including in said token a list of identifiers identifying the items which should be bought by the third party on behalf of the user, said identifiers being respectively concatenated to random numbers and hashed;

transmitting said hashed values of the one or more items to be bought from the third party to the merchant and from the merchant to the bank; and

allowing the transaction by said bank only if the one or more hash values sent by the merchant are included in said encrypted token.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer implemented method for enabling a third party by a user to execute a transaction on behalf of the user, said method comprising:

generating a token based on at least an account identifier identifying an account of said user, a secret authorization identifier known only by the user and said bank and corresponding to said account of said user, and a transaction definition defining the type of transaction to be performed;
encrypting said token by an encryption method to generate an encrypted token, said encryption method being predefined such that it is known by said bank and can either be performed inversely or can be repeated by said bank;
transferring said encrypted token from said user to said user to said third party to thereby authorize said third party to define the transaction as defined in said transaction definition on behalf of the account of said user specified in said token; wherein
for executing said transaction said token is transferred to the bank to which the account specified in said token belongs, said bank verifying the authenticity of said token by either performing an inverse encryption of said token or by repeating said encryption of said unencrypted token which has been reassembled by said bank in order to either allow or refuse said transaction on behalf of the account of said user depending on whether the correctness of said secret authorization identifier corresponding to said account could be verified or not.

Citations

12 Claims

1. A computer implemented method for enabling a third party by a user to execute a transaction on behalf of the user, said method comprising:
- generating a token based on at least an account identifier identifying an account of said user, a secret authorization identifier known only by the user and said bank and corresponding to said account of said user, and a transaction definition defining the type of transaction to be performed;
  
  encrypting said token by an encryption method to generate an encrypted token, said encryption method being predefined such that it is known by said bank and can be repeated by said bank;
  
  transferring said encrypted token from said user to said third party to thereby authorize said third party to define the transaction as defined in said transaction definition on behalf of the account of said user specified in said token;
  
  whereinfor executing said transaction said token is transferred to the bank to which the account specified in said token belongs, said bank verifying the authenticity of said token by performing an inverse encryption of said token in order to either allow or refuse said transaction on behalf of the account of said user depending on whether the correctness of said secret authorization identifier corresponding to said account could be verified or not, said method further comprising;
  
  including in said token a list of identifiers identifying the items which should be bought by the third party on behalf of the user, said identifiers being respectively concatenated to random numbers and hashed;
  
  transmitting said hashed values of the one or more items to be bought from the third party to the merchant and from the merchant to the bank; and
  
  allowing the transaction by said bank only if the one or more hash values sent by the merchant are included in said encrypted token.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein said encryption of said token comprises one of the following:
    - encrypting said token with the public key of the bank to which the account specified in said token belongs.
  - 3. The method of claim 1, further comprising:
    - transferring said encrypted token from said third party to a merchant in order to pay said merchant, andtransferring said encrypted token from said merchant to said bank for performing said verification in order to either allow or deny said transaction depending on said verification result.
  - 4. The method of claim 1, further comprising:
    - instead of transmitting said hashed values of the one or more items to be bought from the third party to the merchant, transmitting one or more hash functions used and the identifiers (which may be hashed) of the one or more items to be bought and their corresponding random numbers from the third party to the merchant,calculating a hash value based on the identifiers and the corresponding random numbers of the one or more items to be bought and transmitting the hash values from the merchant to the bank; and
      
      allowing the transaction by said bank only if the one or more hash values sent by the merchant are included in said encrypted token.
  - 5. The method of claim 1, wherein said token further includes one or more of the following:
    - an identifier of the third party;
      
      an identifier of the token;
      
      a timestamp;
      
      one or more transaction options;
      
      a maximum amount of money to be spent using the token;
      
      the respective maximum prices for the individual items on the shopping list.
  - 6. The method of claim 1, further comprising:
    - keeping track of he transactions which have been performed by using a certain token by the bank;
      
      deducting the used amount from the token to obtain the remaining credit for the token; and
      
      for each new transaction to be performed, checking whether the token still has sufficient credit to execute this transaction.
  - 7. The method of claim 1, whereininstead of the identifier of the third party there is included in said token the identifier of the user or a unique code or password only known to the user to thereby generate a self-issued traveler cheque to the user by himself.

8. An apparatus for enabling a third party by a user to execute a transaction on behalf of the user, said apparatus comprising:
- a module for generating a token based on at least an account identifier identifying an account of said user, a secret authorization identifier known only by the user and said bank and corresponding to said account of said user, and a transaction definition defining the type of transaction to be performed;
  
  a module for encrypting said token by an encryption method to generate an encrypted token, said encryption method being predefined such that it is known by said bank and can either be performed inversely or can be repeated by said bank;
  
  a module for transferring said encrypted token from said user to said third party to thereby authorize said third party to define the transaction as defined in said transaction definition on behalf of the account of said user specified in said token;
  
  whereina module for transferring said token to the bank to which the account specified in said token belongs for execution, said bank verifying the authenticity of said token by either performing an inverse encryption of said token or by repeating said encryption of said unencrypted token which has been reassembled by said bank in order to either allow or refuse said transaction on behalf of the account of said user depending on whether the correctness of said secret authorization identifier corresponding to said account could be verified or not, said apparatus further comprising;
  
  a module for including in said token a list of identifiers identifying the items which should be bought by the third party on behalf of the user, said identifiers being respectively concatenated to random numbers and hashed;
  
  a module for transmitting said hashed values of the one or more items to be bought from the third party to the merchant and from the merchant to the bank; and
  
  a module for allowing the transaction by said bank only if the one or more hash values sent by the merchant are included in said encrypted token.
- View Dependent Claims (9, 10, 11)
- - 9. The apparatus of claim 8, further comprising:
    - a module for instead of transmitting said hashed values of the one or more items to be bought from the third party to the merchant, transmitting one or more hash functions used and the identifiers (which may be hashed) of the one or more items to be bought and their corresponding random numbers from the third party to the merchant,calculating a hash value based on the identifiers and the corresponding random numbers of the one or more items to be bought and transmitting the hash values from the merchant to the bank; and
      
      allowing the transaction by said bank only if the one or more hash values sent by the merchant are included in said encrypted token.
  - 10. The apparatus of claim 8, wherein said token further includes one or more of the following:
    - an identifier of the third party;
      
      an identifier of the token;
      
      a timestamp;
      
      one or more transaction options;
      
      a maximum amount of money to be spent using the token;
      
      the respective maximum prices for the individual items on the shopping list.
  - 11. The apparatus of claim 8,a module for keeping track of he transactions which have been performed by using a certain token by the bank;
    - a module for deducting the used amount from the token to obtain the remaining credit for the token; and
      
      a module for, for each new transaction to be performed, checking whether the token still has sufficient credit to execute this transaction.

12. A computer program product comprising computer program code, said computer program code comprising:
- computer program code for generating a token based on at least an account identifier identifying an account of said user, a secret authorization identifier known only by the user and said bank and corresponding to said account of said user, and a transaction definition defining the type of transaction to be performed;
  
  computer program code for encrypting said token by an encryption method to generate an encrypted token, said encryption method being predefined such that it is known by said bank and can be repeated by said bank;
  
  computer program code for transferring said encrypted token from said user to said third party to thereby authorize said third party to define the transaction as defined in said transaction definition on behalf of the account of said user specified in said token;
  
  whereinfor executing said transaction said token is transferred to the bank to which the account specified in said token belongs, said bank verifying the authenticity of said token by performing an inverse encryption of said token in order to either allow or refuse said transaction on behalf of the account of said user depending on whether the correctness of said secret authorization identifier corresponding to said account could be verified or not, said computer program code further comprising;
  
  computer program code for including in said token a list of identifiers identifying the items which should be bought by the third party on behalf of the user, said identifiers being respectively concatenated to random numbers and hashed;
  
  computer program code for transmitting said hashed values of the one or more items to be bought from the third party to the merchant and from the merchant to the bank; and
  
  computer program code for allowing the transaction by said bank only if the one or more hash values sent by the merchant are included in said encrypted token.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NTT Docomo Incorporated (Nippon Telegraph and Telephone Corporation)
Original Assignee
NTT Docomo Incorporated (Nippon Telegraph and Telephone Corporation)
Inventors
Soghoian, Christopher, Aad, Imad

Application Number

US12/220,744
Publication Number

US 20090198617A1
Time in Patent Office

Days
Field of Search
US Class Current

705/65
CPC Class Codes

G06Q 20/04   Payment circuits

G06Q 20/367   involving electronic purses...

G06Q 20/3823   combining multiple encrypti...

G06Q 20/3827   Use of message hashing

G06Q 20/385   using an alias or single-us...

G07F 9/001   Interfacing with vending ma...

Method and apparatus for performing delegated transactions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for performing delegated transactions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links