METHODS AND APPARATUS FOR CONDUCTING ELECTRONIC TRANSACTIONS
First Claim
1. A method comprising:
- receiving, by a server comprising a processor and a non-transitory, tangible memory, a transaction request from a user for a transaction at a merchant server;
issuing, by the server, a challenge;
forwarding, by the server, the challenge to the user, wherein the challenge is passed to an intelligent token for processing the challenge, and wherein the intelligent token generates a response to the challenge;
receiving, by the server, the response from the user based upon the challenge;
processing, by the server, the response;
verifying, by the server, the intelligent token;
assembling, by the server, credentials for the transaction, wherein the credentials comprise a key;
providing, by the server, at least a portion of the assembled credentials to the user;
receiving, by the server, a second request from the user, wherein the second request includes the portion of the assembled credentials provided to the user;
validating, by the server, the portion of the assembled credentials provided to the user with the key of the assembled credentials providing access to a transaction service;
initiating, by the server, a transaction session for use with the transaction service;
receiving, by the server, a third party request comprising executable commands being associated with a selected programming language;
scanning, by the server and while in the transaction session, the third party request to find executable commands; and
at least one of editing and removing, by the server, at least a portion of the executable commands, wherein the at least one of editing and removing comprises at least one of;
rendering the executable commands unexecutable by a network client by removing a character of the executable commands, andrendering the executable commands unexecutable by the network client by replacing particular characters within the executable commands.
8 Assignments
0 Petitions
Accused Products
Abstract
A system and method for conducting electronic commerce are disclosed. In various embodiments, the electronic transaction is a purchase transaction. A user is provided with an intelligent token, such as a smartcard containing a digital certificate. The intelligent token suitably authenticates with a server on a network that conducts all or portions of the transaction on behalf of the user. In various embodiments a wallet server interacts with a security server to provide enhanced reliability and confidence in the transaction. In various embodiments, the wallet server includes a toolbar. In various embodiments, the digital wallet pre-fills forms. Forms may be pre-filled using an auto-remember component.
108 Citations
19 Claims
-
1. A method comprising:
-
receiving, by a server comprising a processor and a non-transitory, tangible memory, a transaction request from a user for a transaction at a merchant server; issuing, by the server, a challenge; forwarding, by the server, the challenge to the user, wherein the challenge is passed to an intelligent token for processing the challenge, and wherein the intelligent token generates a response to the challenge; receiving, by the server, the response from the user based upon the challenge; processing, by the server, the response; verifying, by the server, the intelligent token; assembling, by the server, credentials for the transaction, wherein the credentials comprise a key; providing, by the server, at least a portion of the assembled credentials to the user; receiving, by the server, a second request from the user, wherein the second request includes the portion of the assembled credentials provided to the user; validating, by the server, the portion of the assembled credentials provided to the user with the key of the assembled credentials providing access to a transaction service; initiating, by the server, a transaction session for use with the transaction service; receiving, by the server, a third party request comprising executable commands being associated with a selected programming language; scanning, by the server and while in the transaction session, the third party request to find executable commands; and at least one of editing and removing, by the server, at least a portion of the executable commands, wherein the at least one of editing and removing comprises at least one of; rendering the executable commands unexecutable by a network client by removing a character of the executable commands, and rendering the executable commands unexecutable by the network client by replacing particular characters within the executable commands. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. An article of manufacture including a non-transitory, tangible computer readable medium having instructions stored thereon that, in response to execution by a server, cause the server to perform operations comprising:
-
receiving, by the server, a transaction request from a user for a transaction at a merchant server; issuing, by the server, a challenge; forwarding, by the server, the challenge to the user, wherein the challenge is passed to an intelligent token for processing the challenge, and wherein the intelligent token generates a response to the challenge; receiving, by the server, the response from the user based upon the challenge; processing, by the server, the response; verifying, by the server, the intelligent token; assembling, by the server, credentials for the transaction, wherein the credentials comprise a key; providing, by the server, at least a portion of the assembled credentials to the user; receiving, by the server, a second request from the user, wherein the second request includes the portion of the assembled credentials provided to the user; validating, by the server, the portion of the assembled credentials provided to the user with the key of the assembled credentials providing access to a transaction service; initiating, by the server, a transaction session for use with the transaction service; receiving, by the server, a third party request comprising executable commands being associated with a selected programming language; scanning, by the server and while in the transaction session, the third party request to find executable commands; and at least one of editing and removing, by the server, at least a portion of the executable commands, wherein the at least one of editing and removing comprises at least one of; rendering the executable commands unexecutable by a network client by removing a character of the executable commands, and rendering the executable commands unexecutable by the network client by replacing particular characters within the executable commands.
-
-
19. A system comprising:
-
a tangible, non-transitory memory communicating with a server, the tangible, non-transitory memory having instructions stored thereon that, in response to execution by the server, cause the server to perform operations comprising; receiving, by the server, a transaction request from a user for a transaction at a merchant server; issuing, by the server, a challenge; forwarding, by the server, the challenge to the user, wherein the challenge is passed to an intelligent token for processing the challenge, and wherein the intelligent token generates a response to the challenge; receiving, by the server, the response from the user based upon the challenge; processing, by the server, the response; verifying, by the server, the intelligent token; assembling, by the server, credentials for the transaction, wherein the credentials comprise a key; providing, by the server, at least a portion of the assembled credentials to the user; receiving, by the server, a second request from the user, wherein the second request includes the portion of the assembled credentials provided to the user; validating, by the server, the portion of the assembled credentials provided to the user with the key of the assembled credentials providing access to a transaction service; initiating, by the server, a transaction session for use with the transaction service; receiving, by the server, a third party request comprising executable commands being associated with a selected programming language; scanning, by the server and while in the transaction session, the third party request to find executable commands; and at least one of editing and removing, by the server, at least a portion of the executable commands, wherein the at least one of editing and removing comprises at least one of; rendering the executable commands unexecutable by a network client by removing a character of the executable commands, and rendering the executable commands unexecutable by the network client by replacing particular characters within the executable commands.
-
Specification