AUTHENTICATING ELECTRONIC FINANCIAL TRANSACTIONS
1 Assignment
0 Petitions
Accused Products
Abstract
To improve security and simplify financial transactions in electronic communications environments, a cryptographic Private Key is securely stored in a storage device of a user. A Public Key Certificate corresponding to the Private Key is also created and can be stored in an online repository for merchant access. The Public Key Certificate identifies a payment card of the user, and is signed by or on behalf of a financial institution issuing the payment card. When initiating a payment card transaction with a merchant, a data item is signed using the Private Key. The signed data item and the Public Key Certificate are conveyed to the merchant, which enables the merchant to authenticate the transaction without needing to communicate with the user'"'"'s financial institution, and while avoiding the inconvenience and privacy issues associated with obtaining other card details and user details.
34 Citations
54 Claims
-
1-34. -34. (canceled)
-
35. A method for securing a financial transaction in an electronic communications environment, the method comprising:
-
securely storing in a storage device of a user a cryptographic Private Key; and creating a Public Key Certificate corresponding to said Private Key, the PublicKey Certificate identifying a payment card of the user, and the Public Key Certificate being signed by or on behalf of a financial institution issuing the payment card; whereby at a time of initiating a payment card transaction with a merchant, a data item associated with said transaction is signed using the Private Key, and the signed data item and the Public Key Certificate are conveyed to the merchant. - View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44)
-
-
45. A client application for effecting secure financial transactions in an electronic communications environment, the client application comprising:
-
code for effecting communication with a merchant via the electronic communications environment in relation to a transaction; code for causing a Private Key associated with a payment card of a user to sign a data item which is associated with said transaction; code for causing the signed data item to be conveyed to the merchant to effect the transaction, whereby the merchant uses a Public Key Certificate corresponding to said Private Key to authenticate the signed data item, the Public Key Certificate identifying the payment card and being signed by or on behalf of a financial institution issuing the payment card. - View Dependent Claims (46, 47, 48, 49, 50, 51)
-
-
52. A merchant application for effecting secure financial transactions in an electronic communications environment, the merchant application comprising:
-
code for effecting communication with a customer via the electronic communications environment in relation to a transaction; code for receiving a Public Key Certificate identifying the payment card of the customer, and for authenticating that the Public Key Certificate has been signed by or on behalf of an issuing financial institution; and code for using a Public Key contained in the Public Key Certificate to authenticate that a signed data item associated with said transaction was signed by a Private Key associated with the payment card, and for making completion of the transaction conditional upon such authentication. - View Dependent Claims (53, 54)
-
Specification