Trusted agents for open electronic commerce

US 5,557,518 A
Filed: 04/28/1994
Issued: 09/17/1996
Est. Priority Date: 04/28/1994
Status: Expired due to Term

First Claim

Patent Images

1. A system for open electronic commerce where both customers and merchants can securely transact comprising:

a customer trusted agent;

a first money module associated with said customer trusted agent, and capable of securely communicating with said customer trusted agent;

a merchant trusted agent capable of establishing a first cryptographically secure session with said customer trusted agent;

a second money module associated with said merchant trusted agent and capable of securely communicating with said merchant trusted agent, and capable of establishing a second cryptographically secure session with said first money module;

where said merchant trusted agent transfers electronic merchandise, via said first cryptographically secure session, to said customer trusted agent which provisionally retains said electronic merchandise;

where said customer trusted agent provides first payment information to said first money module and said merchant trusted agent provides second payment information to said second money module;

where said first money module transfers electronic money, in an amount consistent with said first and second payment information, to said second money module via said second cryptographically secure session;

where said first money module informs said customer trusted agent upon successful transfer of said electronic money, whereupon said retention of electronic merchandise is no longer provisional, and where said second money module informs said merchant trusted agent upon successful receipt of said electronic money.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for open electronic commerce having a customer trusted agent securely communicating with a first money module, and a merchant trusted agent securely communicating with a second money module. Both trusted agents are capable of establishing a first cryptographically secure session, and both money modules are capable of establishing a second cryptographically secure session. The merchant trusted agent transfers electronic merchandise to the customer trusted agent, and the first money module transfers electronic money to the second money module. The money modules inform their trusted agents of the successful completion of payment, and the customer may use the purchased electronic merchandise.

1408 Citations

49 Claims

1. A system for open electronic commerce where both customers and merchants can securely transact comprising:
- a customer trusted agent;
  
  a first money module associated with said customer trusted agent, and capable of securely communicating with said customer trusted agent;
  
  a merchant trusted agent capable of establishing a first cryptographically secure session with said customer trusted agent;
  
  a second money module associated with said merchant trusted agent and capable of securely communicating with said merchant trusted agent, and capable of establishing a second cryptographically secure session with said first money module;
  
  where said merchant trusted agent transfers electronic merchandise, via said first cryptographically secure session, to said customer trusted agent which provisionally retains said electronic merchandise;
  
  where said customer trusted agent provides first payment information to said first money module and said merchant trusted agent provides second payment information to said second money module;
  
  where said first money module transfers electronic money, in an amount consistent with said first and second payment information, to said second money module via said second cryptographically secure session;
  
  where said first money module informs said customer trusted agent upon successful transfer of said electronic money, whereupon said retention of electronic merchandise is no longer provisional, and where said second money module informs said merchant trusted agent upon successful receipt of said electronic money.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The system of claim 1, wherein said first payment information includes a payment amount and said second payment information includes a verification of said payment amount.
  - 3. The system of claim 1, wherein said second payment information includes a payment amount and said first payment information includes a verification of said payment amount.
  - 4. The system of claim 1, wherein said electronic merchandise comprises a ticket.
  - 5. The system of claim 1, wherein said electronic merchandise comprises an encrypted electronic object and a decryption ticket capable of decrypting said encrypted electronic object.
  - 6. The system of claim 5, wherein said decryption ticket includes the following sections:
    - identifier, components, issuer signature, issuer certificate, transfer history, and sender signatures.
  - 7. The system of claim 1, wherein said ticket includes the following sections:
    - identifier, components, issuer signature, issuer certificate, transfer history, and sender signatures.
  - 8. The system of claim 7, wherein said ticket is a credential ticket.
  - 9. The system of claim 7, wherein said ticket is a transportation ticket.
  - 10. The system of claim 7, wherein said ticket is an event ticket.
  - 11. The system of claim 7, wherein said ticket is a communications ticket.
  - 12. The system of claim 7, wherein said ticket is a physical object ticket.
  - 13. The system of claim 1, wherein said customer trusted agent and said first money module are part of a customer transaction device further including a first host processor and a first bus connecting said customer trusted agent, said first money module, and said first host processor.
  - 14. The system of claim 13, wherein said merchant trusted agent and said second money module are part of a merchant transaction device further including a second host processor and a second bus connecting said merchant trusted agent, said second money module, and said second host processor.
  - 15. The system of claim 1, wherein a trusted agent comprises application software executed on a processor, and a money module comprises application software executed on a separate processor, where said processors are tamper-proof.
  - 16. The system of claim 1, wherein a trusted agent and a money module comprise application software both executed on the same tamper-proof processor.

17. For use in the secure purchase of electronic merchandise with the aid of a merchant trusted agent and first and second money modules capable of establishing a second cryptographically secure session, a customer trusted agent comprising:
- a processor adapted for the following;
  
  establishing a first cryptographically secure session with said merchant trusted agent;
  
  securely communicating with said first money module associated with said customer trusted agent;
  
  receiving and provisionally retaining electronic merchandise from said merchant trusted agent via said first cryptographically secure session; and
  
  providing payment information to said first money module;
  
  where said first money module transfers electronic money, in an amount consistent with said payment information, via said second cryptographically secure session, to said second money module associated with said merchant trusted agent; and
  
  where said customer trusted agent is informed by said first money module upon successful transfer of said electronic money, whereupon said retention of said electronic merchandise is no longer provisional and said electronic merchandise may be used by the customer.
- View Dependent Claims (18, 19, 20, 21, 22, 23)
- - 18. The customer trusted agent of claim 17, wherein said payment information includes a payment amount.
  - 19. The customer trusted agent of claim 17, wherein said payment information includes a verification of a payment amount.
  - 20. The customer trusted agent of claim 17, wherein said electronic merchandise comprises a ticket.
  - 21. The customer trusted agent of claim 17, wherein said electronic merchandise comprises an encrypted electronic object and a decryption ticket capable of decrypting said encrypted electronic object.
  - 22. The apparatus of claim 17, wherein said customer trusted agent comprises application software executed on said processor, and said first money module comprises application software executed on a separate processor, where said processors are tamper-proof.
  - 23. The apparatus of claim 17, wherein said customer trusted agent and said first money module comprise application software both executed on said processor which is tamper-proof.

24. For use in the secure sale of electronic merchandise with the aid of a customer trusted agent and first and second money modules capable of establishing a second cryptographically secure session, a merchant trusted agent comprising:
- a processor adapted for the following;
  
  establishing a first cryptographically secure session with said customer trusted agent;
  
  securely communicating with said second money module associated with said merchant trusted agent;
  
  transferring electronic merchandise, via said first cryptographically secure session to said customer trusted agent which provisionally retains said electronic merchandise; and
  
  providing payment information to said second money module;
  
  where said second money module receives electronic money, in an amount indicated by said payment information, via said second cryptographically secure session, from said first money module associated with said customer trusted agent; and
  
  where said merchant trusted agent is informed by said second money module upon successful receipt of said electronic money whereupon the merchant'"'"'s sale is logged.
- View Dependent Claims (25, 26, 27, 28, 29, 30)
- - 25. The merchant trusted agent of claim 24, wherein said payment information includes a payment amount.
  - 26. The merchant trusted agent of claim 24, wherein said payment information includes a verification of a payment amount.
  - 27. The merchant trusted agent of claim 24, wherein said electronic merchandise comprises a ticket.
  - 28. The merchant trusted agent of claim 24, wherein said electronic merchandise comprises an encrypted electronic object and a decryption ticket capable of decrypting said encrypted electronic object.
  - 29. The apparatus of claim 24, wherein said merchant trusted agent comprises application software executed on said processor, and said second money module comprises application software executed on a separate processor, where said processors are tamper-proof.
  - 30. The apparatus of claim 24, wherein said merchant trusted agent and said second money module comprise application software both executed on said processor which is tamper-proof.

31. A method for securely exchanging an electronic ticket and electronic money utilizing a customer trusted agent, a first money module, a merchant trusted agent, and a second money module, comprising the steps of:
- (a) establishing a first cryptographically secure session between said customer trusted agent and said merchant trusted agent;
  
  (b) said merchant trusted agent transferring said electronic ticket, via said first cryptographically secure session, to said customer trusted agent which provisionally retains said electronic ticket;
  
  (c) establishing a second cryptographically secure session between said first money module and said second money module;
  
  (d) said customer trusted agent securely providing first payment information to said first money module;
  
  (e) said merchant trusted agent securely providing second payment information to said second money module;
  
  (f) said first money module transferring, via said second cryptographically secure session, said electronic money in an amount consistent with said first and second payment information, to said second money module which provisionally retains said electronic money;
  
  (g) said first money module committing and securely informing said customer trusted agent of successful electronic money transfer;
  
  (h) said second money module committing, whereupon said retention of said electronic money is no longer provisional, and securely informing said merchant trusted agent of successful electronic money receipt;
  
  (i) said customer trusted agent committing, whereupon said retention of said electronic ticket is no longer provisional; and
  
  (j) said merchant trusted agent committing.
- View Dependent Claims (32, 33, 34, 35, 36, 37)
- - 32. The method of claim 31, wherein said first payment information includes a payment amount and said second payment information includes a verification of said payment amount, further including between steps (d) and (e) the steps of:
    - said first money module transferring, via said second cryptographically secure session, said payment amount to said second money module; and
      
      said second money module securely informing said merchant trusted agent of said payment amount.
  - 33. The method of claim 31, wherein said second payment information includes a payment amount and said first payment information includes a verification of said payment amount, further including between steps (d) and (e) the steps of:
    - said second money module transferring, via said second cryptographically secure session, said payment amount to said first money module; and
      
      said first money module securely informing said customer trusted agent of said payment amount.
  - 34. The method of claim 31, further including the step of:
    - after step (b), said customer trusted agent processing said electronic ticket to verify the correctness of said electronic ticket.
  - 35. The method of claim 31, wherein said electronic ticket is a decryption ticket used for decrypting an encrypted electronic object.
  - 36. The method of claim 31, wherein steps (g) and (h) comprise the substeps of:
    - said second money module sending a Ready-To-Commit message to said first money module via said second cryptographically secure session;
      
      said first money module updating a first transaction log and informing said customer trusted agent of successful electronic money transfer; and
      
      said second money module updating a second transaction log and securely informing said merchant trusted agent of successful electronic money receipt.
  - 37. The method of claim 31, wherein the steps of committing by said customer trusted agent, said merchant trusted agent, said first money module, and said second money module include logging a transaction wherein it can no longer abort said transaction by rolling-back its state.

38. A method for securely exchanging an electronic ticket and electronic money utilizing a customer trusted agent, a first money module, a merchant trusted agent, and a second money module, comprising the steps of:
- establishing a first cryptographically secure session between said customer trusted agent and said merchant trusted agent;
  
  establishing a second cryptographically secure session between said first money module and said second money module;
  
  said customer trusted agent securely providing first payment information to said first money module;
  
  said merchant trusted agent securely providing second payment information to said second money module;
  
  said first money module transferring, via said second cryptographically secure session, said electronic money in an amount consistent with said first and second payment information, to said second money module which provisionally retains said electronic money;
  
  said merchant trusted agent transferring said electronic ticket, via said first cryptographically secure session, to said customer trusted agent which provisionally retains said electronic ticket;
  
  said customer trusted agent securely instructing said first money module to commit;
  
  said first money module committing and securely informing said customer trusted agent of successful electronic money transfer;
  
  said second money module committing, whereupon said retention of said electronic money is no longer provisional, and securely informing said merchant trusted agent of successful electronic money receipt;
  
  said customer trusted agent committing, whereupon said retention of said electronic ticket is no longer provisional; and
  
  said merchant trusted agent committing.

39. A method utilizing a tamper-proof customer trusted agent and a tamper-proof merchant trusted agent to perform an authorization-based payment transaction, comprising:
- (a) establishing a cryptographically secure session between said customer trusted agent and said merchant trusted agent, wherein said customer trusted agent and said merchant trusted agent exchange digitally signed trusted agent certificates that each include a trusted agent identifier;
  
  (b) transferring electronic merchandise from said merchant trusted agent to said customer trusted agent, via said cryptographically secure session, where said customer trusted agent provisionally retains said electronic merchandise;
  
  (c) said customer trusted agent validating said electronic merchandise;
  
  (d) said customer trusted agent transferring a payment credential to said merchant trusted agent via said cryptographically secure session, wherein said payment credential includes a receiver trusted agent identifier;
  
  (e) said merchant trusted agent validating said payment credential, wherein said trusted agent identifier from said customer trusted agent'"'"'s certificate is compared to said receiver trusted agent identifier;
  
  (f) said merchant trusted agent sending said payment credential and a price corresponding to said electronic merchandise to an authorization network for payment authorization;
  
  (g) said merchant trusted agent receiving a payment authorization;
  
  (h) said merchant trusted agent sending a payment authorized message to said customer trusted agent via said cryptographically secure session and committing to said authorization-based payment transaction; and
  
  (i) said customer trusted agent committing to said authorization-based payment transaction, whereupon said retention of said electronic merchandise is no longer provisional.
- View Dependent Claims (40, 41, 42, 43, 44, 45)
- - 40. The method of claim 39, wherein said customer and merchant trusted agents record log information of said transaction, where said log information is non-provisionally maintained following said committing steps.
  - 41. The method of claim 40, wherein said electronic merchandise comprises a ticket.
  - 42. The method of claim 41, wherein said customer trusted agent'"'"'s log information includes ticket information and payment data.
  - 43. The method of claim 39, wherein said electronic merchandise comprises a decryption ticket provisionally retained by said customer trusted agent upon transfer, and an encrypted electronic object that may be stored separately from said merchant trusted agent and decrypted by said decryption ticket.
  - 44. The method of claim 39, further including the steps of:
    - after step (a), said merchant trusted agent sending a merchant credential to said customer trusted agent via said cryptographically secure session; and
      
      said customer trusted agent processing said merchant credential to validate said merchant credential.
  - 45. The method of claim 39, wherein the steps of committing by said customer trusted agent and said merchant trusted agent include logging a transaction wherein it can no longer abort said transaction by rolling-back its state.

46. A method for an identity-based money module payment utilizing tamper-proof devices including a first trusted agent, a first money module, a second trusted agent, and a second money module, comprising the stepsestablishing a first cryptographically secure session between said first trusted agent and said second trusted agent;
- said second trusted agent sending a second trusted agent credential to said first trusted agent, via said first cryptographically secure session;
  
  said first trusted agent validating said second trusted agent credential and provisionally retaining said credential;
  
  said first trusted agent sending payment information to said second trusted agent, via said first cryptographically secure session; and
  
  said first trusted agent initiating an electronic money payment from said first money module to said second money module, in an amount consistent with said payment information and via a second cryptographically secure session between said first and second money modules;
  
  said first trusted agent committing after receiving payment successful information from said first money module, whereupon said first trusted agent non-provisionally maintains log information including said second trusted agent credential and data corresponding to said payment information; and
  
  said second trusted agent committing after receiving payment successful information from said second money module.
- View Dependent Claims (47)
- - 47. The method of claim 46, further comprising the steps of said first trusted agent sending a message to said second trusted agent inquiring whether a first trusted agent credential is requested;
    - said first trusted agent sending a first trusted agent credential to said second trusted agent, via said first cryptographically secure session; and
      
      said second trusted agent validating said first trusted agent credential.

48. A system for securing simultaneous payment of electronic money to delivery of electronic merchandise over a communication network, comprising:
- a tamper-proof first electronic agent having a first processor;
  
  a tamper-proof first money module associated with and capable of securely communicating with said first electronic agent, and having a second processor;
  
  a tamper-proof second electronic agent capable of establishing a first cryptographically secure session with said first electronic agent over said communications network, and having a third processor;
  
  a tamper-proof second money module associated with and capable of securely communicating with said second electronic agent, and capable of establishing a second cryptographically secure session with said first money module, and having a fourth processor;
  
  where said first electronic agent and said first money module are remotely located from said second electronic agent and said second money module;
  
  where said third processor is adapted to transfer electronic merchandise, via said first cryptographically secure session, to said first electronic agent;
  
  where said first processor is adapted to receive said electronic merchandise and not permit free external access to said electronic merchandise pending receipt of a message indicative of successful payment from said first money module;
  
  where said second processor is adapted to transfer electronic money, via said second cryptographically secure session, to said second money module, and to subsequently send said message indicative of successful payment to said first processor; and
  
  where said fourth processor is adapted to receive said electronic money.
- View Dependent Claims (49)
- - 49. The method of claim 48, wherein said first electronic agent does not provide any information identifying its owner to said second electronic agent during a remote purchase transaction over said communications network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citibank (South Dakota) NA (Citigroup Incorporated)
Original Assignee
Citibank (South Dakota) NA (Citigroup Incorporated)
Inventors
Rosen, Sholom S.
Primary Examiner(s)
Weinhardt, Robert A.
Assistant Examiner(s)
Tkacs, Stephen R.

Application Number

US08/234,461
Time in Patent Office

873 Days
Field of Search

364/401, 364/405, 364/406, 364/407, 364/408, 364/409, 235/375, 235/379, 235/380, 235/381, 235/382, 235/384, 340/541, 340/550, 380/1, 380/2, 380/3, 380/4, 380/21, 380/23, 380/24, 380/25, 380/28, 380/29, 380/30
US Class Current

705/69
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/06   Private payment circuits, e...

G06Q 20/085   involving remote charge det...

G06Q 20/0855   involving a third party

G06Q 20/10   specially adapted for elect...

G06Q 20/105   involving programming of a ...

G06Q 20/12   specially adapted for elect...

G06Q 20/204   comprising interface for re...

G06Q 20/209   Specified transaction journ...

G06Q 20/26   Debit schemes, e.g. "pay now"

G06Q 20/367   involving electronic purses...

G06Q 20/3674   involving authentication

G06Q 20/3676   Balancing accounts

G06Q 20/3678   e-cash details, e.g. blinde...

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/3829   involving key management

G06Q 20/383   Anonymous user system

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401 : Transaction verification

G06Q 30/06 : Buying, selling or leasing ...

G06Q 30/0601 : Electronic shopping [e-shop...

G06Q 50/188 : Electronic negotiation

G07F 17/16 : for devices exhibiting adve...

G07F 7/0866 : by active credit-cards adap...

H04L 2209/42 : Anonymization, e.g. involvi...

H04L 2209/56 : Financial cryptography, e.g...

H04L 63/123 : received data contents, e.g...

H04L 9/3213 : using tickets or tokens, e....

H04L 9/3247 : involving digital signatures

H04L 9/3263 : involving certificates, e.g...

View All

Trusted agents for open electronic commerce

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

1408 Citations

49 Claims

Specification

Solutions

Use Cases

Quick Links

Trusted agents for open electronic commerce

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

1408 Citations

49 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links