Digital active advertising

US 5,724,424 A
Filed: 11/29/1995
Issued: 03/03/1998
Est. Priority Date: 12/16/1993
Status: Expired due to Term

First Claim

Patent Images

1. An open network sales system providing for real-time authorization of purchase transactions, comprising:

a plurality of buyer computers; and

a plurality of merchant computers;

said plurality of buyer computers and said plurality of merchant computers being interconnected by a public packet switched communications network;

at least one of said plurality of merchant computers being programmed to store digital advertisements in a database;

each one of said buyer computers being programmed to receive a user inquiry and, in response to said user inquiry, to select at least one of said merchant computers and to transmit a network request thereto over said public packet switched communications network;

at least one of said merchant computers being programmed to cause one of said digital advertisements to be communicated to said one of said buyer computers over said public packet switched communications network in response to said network request from said buyer computer;

said one of said buyer computers being programmed to display said one of said digital advertisements, and, in response to a user request, to transmit over said public packet switched communications network to at least one of said merchant computers a purchase message and to cause a payment request, comprising a payment amount, to be transmitted over said public packet switched communications network into a payment system comprising a financial authorization network external to said public packet switched communications network, in order to initiate authorization of purchase of a product having real monetary value advertised in said one of said digital advertisements and in order to initiate recordation of information pertaining to said payment request and an authorization in a settlement database;

at least one of said merchant computers being programmed to receive said purchase message, and to cause said product to be sent to a party conditioned on said purchase transaction having been authorized in real time by said financial authorization network external to said public packet switched communications network, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to a principal making said payment, and conditioned on at least one message transmitted over said public packet switched communications network in connection with purchase of said product not being a replay attack of a message previously transmitted over said public packet switched communications network;

said payment request comprising at least one digital signature of components that include components derived from said payment request, at least one of which digital signatures protects said payment request from forgery, including authenticating an identity of one of a plurality of principals as an originator of said payment request, at least one of which digital signatures protects said payment request from replay attack, and at least one of which digital signatures is computed based on a principal-specific secret key.

View all claims

16 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A complete system for the purchasing of goods or information over a computer network is presented. Merchant computers on the network maintain databases of digital advertisements that are accessed by buyer computers. In response to user inquiries, buyer computers retrieve and display digital advertisements from merchant computers. A digital advertisement can further include a program that is interpreted by a buyer'"'"'s computer. The buyer computers include a means for a user to purchase the product described by a digital advertisement. If a user has not specified a means of payment at the time of purchase, it can be requested after a purchase transaction is initiated. A network payment system performs payment order authorization in a network with untrusted switching, transmission, and host components. Payment orders are backed by accounts in an external financial system network, and the payment system obtains account authorizations from this external network in real-time. Payment orders are signed with authenticators that can be based on any combination of a secret function of the payment order parameters, a single-use transaction identifier, or a specified network address.

Citations

58 Claims

1. An open network sales system providing for real-time authorization of purchase transactions, comprising:
- a plurality of buyer computers; and
  
  a plurality of merchant computers;
  
  said plurality of buyer computers and said plurality of merchant computers being interconnected by a public packet switched communications network;
  
  at least one of said plurality of merchant computers being programmed to store digital advertisements in a database;
  
  each one of said buyer computers being programmed to receive a user inquiry and, in response to said user inquiry, to select at least one of said merchant computers and to transmit a network request thereto over said public packet switched communications network;
  
  at least one of said merchant computers being programmed to cause one of said digital advertisements to be communicated to said one of said buyer computers over said public packet switched communications network in response to said network request from said buyer computer;
  
  said one of said buyer computers being programmed to display said one of said digital advertisements, and, in response to a user request, to transmit over said public packet switched communications network to at least one of said merchant computers a purchase message and to cause a payment request, comprising a payment amount, to be transmitted over said public packet switched communications network into a payment system comprising a financial authorization network external to said public packet switched communications network, in order to initiate authorization of purchase of a product having real monetary value advertised in said one of said digital advertisements and in order to initiate recordation of information pertaining to said payment request and an authorization in a settlement database;
  
  at least one of said merchant computers being programmed to receive said purchase message, and to cause said product to be sent to a party conditioned on said purchase transaction having been authorized in real time by said financial authorization network external to said public packet switched communications network, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to a principal making said payment, and conditioned on at least one message transmitted over said public packet switched communications network in connection with purchase of said product not being a replay attack of a message previously transmitted over said public packet switched communications network;
  
  said payment request comprising at least one digital signature of components that include components derived from said payment request, at least one of which digital signatures protects said payment request from forgery, including authenticating an identity of one of a plurality of principals as an originator of said payment request, at least one of which digital signatures protects said payment request from replay attack, and at least one of which digital signatures is computed based on a principal-specific secret key.
- View Dependent Claims (2, 3, 4, 5, 36, 40, 41)
- - 2. A network sales system in accordance with claim 1, wherein said payment system is configured to perform a replay check of said payment request to determine whether an identical payment request was previously transmitted to said payment system.
  - 3. A network sales system in accordance with claim 1, wherein at least one of said merchant computers is programmed to communicate a missing payment information request message to said buyer computer to obtain missing payment information, said buyer computer is programmed to query a user for said missing payment information and to transmit said missing payment information to at least one of said merchant computers.
  - 4. A network sales system in accordance with claim 1, wherein said payment request comprises a payment order that describes the identity of a sender, a payment amount, a beneficiary, and a nonce.
  - 5. A network sales system in accordance with claim 1, wherein said demand deposit account comprises a debit card account.
  - 36. A network sales system in accordance with claim 1, wherein said payment system, upon verification of said authenticator, sends an authorization request to said financial authorization network and receives authorization from said financial authorization network.
  - 40. An open network sales system in accordance with claim 1, wherein said one of said buyer computers is programmed to display said one of said digital advertisements by executing a portion of said one of said digital advertisements as a program, and to perform actions as specified by said program including interacting with said user to compute said user request.
  - 41. An open network sales system in accordance with claim 1, wherein said digital signature in said payment request is a digest, encrypted by said secret key, of components including components of said payment request.

6. An open network payment system for transferring funds having real monetary value from a sender to a beneficiary and providing for real-time authorization of payment transactions by a financial authorization network external to said network payment system, comprising:
- a plurality of client computers; and
  
  at least one payment computer;
  
  said client computers and said payment computer being interconnected by a public packet switched communications network;
  
  each one of said client computers being programmed to construct a payment request specifying a payment amount to be transferred from a sender to a beneficiary, and to cause said payment request to be transmitted to said payment computer over said public packet switched communications network;
  
  said payment computer being programmed to cause a message to be transmitted into said financial authorization network external to said public packet switched communications network, in order to verify that said sender has adequate funds or credit having real monetary value, to receive an authorization from said financial authorization network in response to said message, to transmit an authorization message to said client computer over said public packet switched communications network, to cause information pertaining to said payment request and authorization to be recorded in a settlement database, and to cause funds having real monetary value to be transferred from said sender to said beneficiary conditioned on said payment request having been authorized in real time by said financial authorization network external to said public packet switched communications network, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to said sender, and conditioned on at least one message transmitted over said public packet switched communications network in connection with transfer of said funds not being a replay of a message previously transmitted over said public packet switched communications network;
  
  said payment request comprising at least one digital signature of components that include components derived from said payment request, at least one of which digital signature protects said payment request from forgery, including authenticating an identity of one of a plurality of principals as an originator of said payment request, at least one of which digital signatures protects said payment request from replay attack, and at least one of which digital signatures is computed based on a principal-specific secret key.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 47)
- - 7. A network payment system in accordance with claim 6, wherein said payment computer is programmed to perform a replay check of said payment request to determine whether an identical payment request was previously transmitted to said payment computer.
  - 8. A network payment system in accordance with claim 6, wherein said payment request comprises at least a partial delivery address, and wherein said payment computer is programmed to cause said delivery address to be checked against a database of allowed delivery addresses for said sender.
  - 9. A network payment system in accordance with claim 6, wherein said payment computer is programmed to cause at least partial allowed delivery addresses for said sender to be determined, and wherein said authorization message comprises said at least partial allowed delivery addresses.
  - 10. A network payment system in accordance with claim 6, wherein said authorization message comprises an authenticator.
  - 11. A network payment system in accordance with claim 6, wherein said client computer is programmed to cause an authenticator that verifies to said payment computer the identity of said sender to be transmitted to said payment computer, and wherein said payment computer is programmed to examine said authenticator to verify said identity of said sender.
  - 12. A network payment system in accordance with claim 11, wherein said client computer is programmed to generate a next expected transaction identifier for said sender and to use it to create said authenticator, and wherein said payment computer is programmed to generate said next expected transaction identifier for said sender and to verify that said authenticator was created using said next expected transaction identifier.
  - 13. A network payment system in accordance with claim 11, wherein said client computer is programmed to generate said authenticator using an external device, and wherein said payment computer is programmed to verify that said authenticator was created using said external device.
  - 14. A network payment system in accordance with claim 11, wherein said payment request comprises a network address of said client computer, and wherein said payment computer is programmed to verify that said payment request was constructed at said network address.
  - 15. A network payment system in accordance with claim 10, wherein said payment request comprises a network address of said client computer, and wherein said payment computer is programmed to check said network address against a database of allowed client addresses for said sender.
  - 16. A network payment system in accordance with claim 6, wherein said payment computer is programmed to determine whether real-time authorization is necessary and to cause said message to be transmitted into said financial authorization network to verify that said sender has adequate funds or credit only if said payment computer has determined that real-time authorization is necessary.
  - 17. A network payment system in accordance with claim 6, wherein said demand deposit account comprises a debit card account.
  - 47. An open network payment system in accordance with claim 6 wherein said at least one signature comprises one signature that protects said payment request from forgery, including authenticating an identity of one of a plurality of principals as an originator of said payment request, protects said payment request from replay attack, and is computed based on a principal-specific secret key.

18. A method of effecting sales over a network sales system comprising a plurality of buyer computers and a plurality of merchant computers interconnected by a public packet switched communications network, said method providing for real-time authorization of purchase transactions and comprising the steps of:
- storing digital advertisements in a database;
  
  receiving a user inquiry at one of said buyer computers and, in response to said user inquiry, selecting one of said merchant computers, and transmitting a network request from said one of said buyer computers thereto over said public packet switched communications network;
  
  communicating one of said digital advertisements from one of said merchant computers to said one of said buyer computers over said public packet switched communications network in response to said network request from said buyer computer;
  
  displaying said one of said digital advertisements at said one of said buyer computers, and, in response to a user request, transmitting over said public packet switched communications network from said one of said buyer computers to one of said merchant computers a purchase message, and causing a payment request, comprising a payment amount, to be transmitted over said public packet switched communications network into a payment system comprising a financial authorization network external to said public packet switched communications network, in order to initiate authorization of purchase of a product having real monetary value advertised in said one of said digital advertisements and in order to initiate recordation of information pertaining to said payment request and an authorization in a settlement database; and
  
  receiving said purchase message at one of said merchant computers, and causing said product to be sent to a party conditioned on said purchase transaction having been authorized in real time by said financial authorization network external to said public packet switched communications network, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to a principal making said payment, and conditioned on at least one message transmitted over said public packet switched communications network in connection with said purchase transaction not being a replay of a message previously transmitted over said public packet switched communications network;
  
  said payment request comprising at least one digital signature of components that include components derived from said payment request, at least one of which digital signatures protects said payment request from forgery, including authenticating an identity of one of a plurality of principals as an originator of said payment request, at least one of which digital signatures protects said payment request from replay attack, and at least one of which digital signatures is computed based on a principal-specific secret key.
- View Dependent Claims (19, 20, 21, 22, 23, 37, 42)
- - 19. A method in accordance with claim 18, further comprising the step of performing a replay check, at said payment system, of said payment request to determine whether an identical payment request was previously transmitted to said payment system.
  - 20. A method in accordance with claim 18, wherein said method further comprises the steps of verifying, at said payment computer, an authenticator in order to verify said identity of said principal making payment.
  - 21. A method in accordance with claim 18, further comprising the steps of communicating a missing payment information request message from one of said merchant computers to said buyer computer to obtain missing payment information, querying a user for said missing payment information, and transmitting said missing payment information from said buyer computer to one of said merchant computers.
  - 22. A method in accordance with claim 18, wherein said payment request comprises a payment order that describes the identity of a sender, a payment amount, a beneficiary, and a nonce.
  - 23. A method in accordance with claim 18, wherein said demand deposit account comprises a debit card account.
  - 37. A method in accordance with claim 20, further comprising the steps of, upon verification of said authenticator, sending an authorization request from said payment computer to said financial authorization network, and receiving at said payment computer authorization from said financial authorization network.
  - 42. An method in accordance with claim 18, wherein said step of displaying said one of said digital advertisements at said one of said buyer computers comprises executing a portion of said one of said digital advertisements as a program, and wherein said method further comprises the step of performing actions, at said one of said buyer computers, as specified by said program including interacting with said user to compute said user request.

24. A method of transferring funds having real monetary value from a sender to a beneficiary using a network payment system comprising a plurality of client computers and at least one payment computer interconnected by a public packet switched communications network, said method providing for real-time authorization of purchase transactions by a financial authorization network external to said public packet switched communications network, and comprising the steps of:
- constructing a payment request at one of said client computers specifying a payment amount to be transferred from a sender to a beneficiary, and causing said payment request to be transmitted to said payment computer over said public packet switched communications network; and
  
  causing a message to be transmitted into said financial authorization network external to said public packet switched communications network, in order to verify that said sender has adequate funds or credit having real monetary value, receiving, at said payment computer, an authorization from said financial authorization system in response to said message, transmitting an authorization message from said payment computer to said client computer over said public packet switched communications network, causing information pertaining to said payment request and authorization to be recorded in a settlement database, and causing funds having real monetary value to be transferred from said sender to said beneficiary conditioned on said payment request having been authorized in real time by said financial authorization system external to said public packet switched communications network, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to said sender, and conditioned on at least one message transmitted over said public packet switched communications network in connection with transfer of said funds not being a replay of a message previously transmitted over said public packet switched communications network;
  
  said payment request comprising at least one digital signature of components that include components derived from said payment request, at least one of which digital signatures protects said payment request from forgery, including authenticating an identity of one of a plurality of principals as an originator of said payment request, at least one of which digital signatures protects said payment request from replay attack, and at least one of which digital signatures is computed based on a principal-specific secret key.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
- - 25. A method in accordance with claim 24, further comprising the step of performing a replay check, at said payment computer, of said payment request to determine whether an identical payment request was previously transmitted to said payment computer.
  - 26. A method in accordance with claim 24, wherein said payment request comprises at least a partial delivery address, and wherein said method further comprises the step of checking said delivery address against a database of allowed delivery addresses for said sender.
  - 27. A method in accordance with claim 24, further comprising the steps of determining at least partial allowed delivery addresses for said sender, and wherein said authorization message comprises said at least partial allowed delivery addresses.
  - 28. A method in accordance with claim 24, wherein said authorization message comprises an authenticator.
  - 29. A method in accordance with claim 24, wherein further comprising the steps of causing an authenticator that verifies to said payment computer the identity of said sender to be transmitted to said payment computer, and examining said authenticator at said payment computer to verify said identity of said sender.
  - 30. A method in accordance with claim 24, further comprising the steps of generating, at said client computer, a next expected transaction identifier for said sender and using it to create said authenticator, and generating, at said payment computer said next expected transaction identifier for said sender, and verifying, at said payment computer, that said authenticator was created using said next expected transaction identifier.
  - 31. A method in accordance with claim 24, further comprising the steps of generating said authenticator at said client computer using an external device, and verifying, at said payment computer that said authenticator was created using said external device.
  - 32. A method in accordance with claim 24, wherein said payment request comprises a network address of said client computer, and wherein said method further comprises verifying, at said payment computer, that said payment request was constructed at said network address.
  - 33. A method in accordance with claim 24, wherein said payment request comprises a network address of said client computer, and wherein said method further comprises the step of checking, at said payment computer, said network address against a database of allowed client addresses for said sender.
  - 34. A method in accordance with claim 24, further comprising the steps of determining, at said payment computer, whether real-time authorization is necessary, and causing said message to be transmitted into said financial authorization system to verify that said sender has adequate funds or credit only if said payment computer has determined that real-time authorization is necessary.
  - 35. A method in accordance with claim 24, wherein said demand deposit account comprises a debit card account.

38. An open network sales system providing for real-time authorization of purchase transactions, comprising:
- a plurality of buyer computers; and
  
  a plurality of merchant computers;
  
  said plurality of buyer computers and said plurality of merchant computers being interconnected by a public packet switched communications network;
  
  each of said buyer computers being programmed to transmit over said public packet switched communications network to at least one of said merchant computers, in response to a user request, a purchase message and to cause a payment request, comprising a payment amount, to be transmitted over said public packet switched communications network into a payment system comprising a financial authorization network external to said public packet switched communications network, in order to initiate authorization of purchase of a product having real monetary value and in order to initiate recordation of information pertaining to said payment request and an authorization in a settlement database;
  
  at least one of said merchant computers being programmed to receive said purchase message, and to cause said product to be sent to a party conditioned on said purchase transaction having been authorized in real time by said financial authorization network external to said public packet switched communications network, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to a principal making said payment, and conditioned on at least one message transmitted over said public packet switched communications network in connection with purchase of said product not being a replay of a message previously transmitted over said public packet switched communications network;
  
  said payment request comprising at least one digital signature of components that include components derived from said payment request, at least one of which digital signatures protects said payment request from forgery, including authenticating an identity of one of a plurality of principals as an originator of said payment request, at least one of which digital signatures protects said payment request from replay attack, and at least one of which digital signatures is computed based on a principal-specific secret key.
- View Dependent Claims (48)
- - 48. An open network payment system in accordance with claim 38 wherein said at least one signature comprises one signature that protects said payment request from forgery, including authenticating an identity of one of a plurality of principals as an originator of said payment request, protects said payment request from replay attack, and is computed based on a principal-specific secret key.

39. A method of effecting sales over a network sales system comprising a plurality of buyer computers and a plurality of merchant computers interconnected by a public packet switched communications network, said method providing for real-time authorization of purchase transactions and comprising the steps of:
- in response to a user request, transmitting over said public packet switched communications network from one of said buyer computers to one of said merchant computers a purchase message, and causing a payment request, comprising a payment amount, to be transmitted over said public packet switched communications network into a payment system comprising a financial authorization network external to said public packet switched communications network, in order to initiate authorization of purchase of a product having real monetary value and in order to initiate recordation of information pertaining to said payment request and an authorization in a settlement database; and
  
  receiving said purchase message at one of said merchant computers, and causing said product to be sent to a party conditioned on said purchase transaction having been authorized in real time by said financial authorization network external to said public packet switched communications network, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to a principal making said payment, and conditioned on at least one message transmitted over said public packet switched communications network in connection with said purchase transaction not being a replay of a message previously transmitted over said public packet switched communications network;
  
  said payment request comprising at least one digital signature of components that include components derived from said payment request, at least one of which digital signatures protects said payment request from forgery, including authenticating an identity of one of a plurality of principals as an originator of said payment request, at least one of which digital signatures protects said payment request from replay attack, and at least one of which digital signatures is computed based on a principal-specific secret key.

43. An open network payment system for transferring funds having real monetary value from a sender to a beneficiary and providing for real-time authorization of payment transactions by a financial authorization network external to said network payment system, comprising:
- a plurality of client computers; and
  
  at least one payment computer;
  
  said client computers and said payment computer being interconnected by a public packet switched communications network;
  
  each one of said client computers being programmed to construct a payment request specifying a payment amount to be transferred from a sender to a beneficiary, and to cause said payment request to be transmitted to said payment computer over said public packet switched communications network;
  
  said payment computer being programmed to cause a message to be transmitted into said financial authorization network external to said public packet switched communications network, in order to verify that said sender has adequate funds or credit having real monetary value, to receive an authorization from said financial authorization network in response to said message, to transmit an authorization message to said client computer over said public packet switched communications network, to cause information pertaining to said payment request and said authorization to be recorded in a settlement database, and to cause funds having real monetary value to be transferred from said sender to said beneficiary conditioned on said payment request having been authorized in real time by said financial authorization network external to said public packet switched communications network, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to said sender, and conditioned on at least one message transmitted over said public packet switched communications network in connection with transfer of said funds not being a replay of a message previously transmitted over said public packet switched communications network;
  
  said payment request comprising at least one digital signature of components that include components derived from said payment request, at least one of which digital signatures protects said payment request from forgery, including authenticating an identity of one of a plurality of principals as an originator of said payment request, at least one of which digital signatures protects said payment request from replay attack, and at least one of which digital signatures is computed based on a principal-specific secret key;
  
  said authorization message comprising an authenticator proving that said payment computer originated said authorization message and being capable of validation without use of a secret key.

44. A method of transferring funds having real monetary value from a sender to a beneficiary using a network payment system comprising a plurality of client computers and at least one payment computer interconnected by a public packet switched communications network, said method providing for real-time authorization of purchase transactions by a financial authorization network external to said public packet switched communications network, and comprising the steps of:
- constructing a payment request at one of said client computers specifying a payment amount to be transferred from a sender to a beneficiary, and causing said payment request to be transmitted to said payment computer over said public packet switched communications network; and
  
  causing a message to be transmitted into said financial authorization network external to said public packet switched communications network, in order to verify that said sender has adequate funds or credit having real monetary value, receiving, at said payment computer, an authorization from said financial authorization system in response to said message, transmitting an authorization message from said payment computer to said client computer over said public packet switched communications network, causing information pertaining to said payment request and said authorization to be recorded in a settlement database, and causing funds having real monetary value to be transferred from said sender to said beneficiary conditioned on said payment request having been authorized in real time by said financial authorization system external to said public packet switched communications network, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to said sender, and conditioned on at least one message transmitted over said public packet switched communications network in connection with transfer of said funds not being a replay of a message previously transmitted over said public packet switched communications network;
  
  said payment request comprising at least one digital signature of components that include components derived from said payment request, at least one of which digital signatures protects said payment request from forgery, including authenticating an identity of one of a plurality of principals as an originator of said payment request, at least one of which digital signatures protects said payment request from replay attack, and at least one of which digital signatures is computed based on a principal-specific secret key;
  
  said authorization message comprising an authenticator proving that said payment computer originated said authorization message and being capable of validation without use of a secret key.

45. A payment computer for use in transferring funds having real monetary value from a sender to a beneficiary, said payment computer being programmed to receive, over a public packet switched communications network, a payment request specifying a payment amount to be transferred from said sender to said beneficiary, said payment request comprising at least one digital signature of components that include components derived from said payment request, at least one of which digital signatures protects said payment request from forgery, including authenticating an identity of one of a plurality of principals as an originator of said payment request, at least one of which digital signatures protects said payment request from replay attack, and at least one of which digital signatures is computed based on a principal-specific secret key, said payment computer further being programmed to authenticate said payment request, to cause a message to be transmitted into a financial authorization network external to said network payment system, in order to verify that said sender has adequate funds or credit having real monetary value, to receive an authorization from said financial authorization network in response to said message, to transmit an authorization message over said public packet switched communications network, said authorization message comprising an authenticator proving that said payment computer originated said authorization message, to cause information pertaining to said payment request and authorization to be recorded in a settlement database, and to cause funds having real monetary value to be transferred from said sender to said beneficiary conditioned on said payment request having been authorized in real time by said financial authorization network external to said public packet switched communications network, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to said sender, and conditioned on at least one message transmitted over said public packet switched communications network in connection with transfer of said funds not being a replay of a message previously transmitted over said public packet switched communications network.

46. A payment computer for use in transferring funds having real monetary value from a sender to a beneficiary, said payment computer being programmed to receive, over a public packet switched communications network, a payment request specifying a payment amount to be transferred from said sender to said beneficiary, said payment request comprising at least one digital signature of components that include components derived from said payment request, at least one of which digital signatures protects said payment request from forgery, including authenticating an identity of one of a plurality of principals as an originator of said payment request, at least one of which digital signatures protects said payment request from replay attack, and at least one of which digital signatures is computed based on a principal-specific secret key, said payment computer further being programmed to authenticate said payment request, to cause a message to be transmitted into a financial authorization network external to said network payment system, in order to verify that said sender has adequate funds or credit having real monetary value, to receive an authorization from said financial authorization network in response to said message, to transmit an authorization message over said public packet switched communications network, said authorization message comprising an authenticator proving that said payment computer originated said authorization message and being capable of validation without use of a secret key, to cause information pertaining to said payment request and authorization to be recorded in a settlement database, and to cause funds having real monetary value to be transferred from said sender to said beneficiary conditioned on said payment request having been authorized in real time by said financial authorization network external to said public packet switched communications network, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to said sender, and conditioned on at least one message transmitted over said public packet switched communications network in connection with transfer of said funds not being a replay of a message previously transmitted over said public packet switched communications network.

49. An open network sales system providing for real-time authorization of purchase transactions, comprising:
- a plurality of buyer computers; and
  
  a plurality of merchant computers;
  
  said plurality of buyer computers and said plurality of merchant computers being interconnected by a public packet switched communications network;
  
  at least one of said plurality of merchant computers being programmed to store digital advertisements in a database;
  
  each one of said buyer computers being programmed to receive a user inquiry and, in response to said user inquiry, to select at least one of said merchant computers and to transmit a network request thereto over said public packet switched communications network;
  
  at least one of said merchant computers being programmed to cause one of said digital advertisements to be communicated to said one of said buyer computers over said public packet switched communications network in response to said network request from said buyer computer;
  
  said one of said buyer computers being programmed to display said one of said digital advertisements, and, in response to a user request, to transmit over said public packet switched communications network to at least one of said merchant computers a purchase message and to cause a payment request, comprising a payment amount, to be transmitted over said public packet switched communications network into a payment system comprising a financial authorization network external to said public packet switched communications network, in order to initiate authorization of purchase of a product having real monetary value advertised in said one of said digital advertisements and in order to initiate recordation of information pertaining to said payment request and an authorization in a settlement database;
  
  at least one of said merchant computers being programmed to receive said purchase message, and to cause said product to be sent to a party conditioned on said purchase transaction having been authorized in real time by said financial authorization network external to said public packet switched communications network as evidenced by a payment response from said payment system, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to a principal making said payment, and conditioned on at least one message transmitted over said public packet switched communications network in connection with purchase of said product not being a replay attack of a message previously transmitted over said public packet switched communications network;
  
  said payment response comprising at least one digital signature of components that include components derived from said payment response, at least one of which digital signatures protects said payment response from forgery, including authenticating an identity of a source as an originator of said payment response, at least one of which digital signatures protects said payment response from replay attack, and at least one of which digital signatures is computed based on a source-specific secret key.

50. An open network payment system for transferring funds having real monetary value from a sender to a beneficiary and providing for real-time authorization of payment transactions by a financial authorization network external to said network payment system, comprising:
- a plurality of client computers; and
  
  at least one payment computer;
  
  said client computers and said payment computer being interconnected by a public packet switched communications network;
  
  each one of said client computers being programmed to construct a payment request specifying a payment amount to be transferred from a sender to a beneficiary, and to cause said payment request to be transmitted to said payment computer over said public packet switched communications network;
  
  said payment computer being programmed to cause a message to be transmitted into said financial authorization network external to said public packet switched communications network, in order to verify that said sender has adequate funds or credit having real monetary value, to receive an authorization from said financial authorization network in response to said message, to transmit an authorization message to said client computer over said public packet switched communications network, to cause information pertaining to said payment request and authorization to be recorded in a settlement database, and to cause funds having real monetary value to be transferred from said sender to said beneficiary conditioned on said payment request having been authorized in real time by said financial authorization network external to said public packet switched communications network, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to said sender, and conditioned on at least one message transmitted over said public packet switched communications network in connection with transfer of said funds not being a replay of a message previously transmitted over said public packet switched communications network;
  
  said authorization message comprising at least one digital signature of components that include components derived from said authorization message, at least one of which digital signatures protects said authorization message from forgery, including authenticating an identity of a source as an originator of said authorization message, at least one of which digital signatures protects said authorization message from replay attack, and at least one of which digital signatures is computed based on a source-specific secret key.

51. A method of effecting sales over a network sales system comprising a plurality of buyer computers and a plurality of merchant computers interconnected by a public packet switched communications network, said method providing for real-time authorization of purchase transactions and comprising the steps of:
- storing digital advertisements in a database;
  
  receiving a user inquiry at one of said buyer computers and, in response to said user inquiry, selecting one of said merchant computers, and transmitting a network request from said one of said buyer computers thereto over said public packet switched communications network;
  
  communicating one of said digital advertisements from one of said merchant computers to said one of said buyer computers over said public packet switched communications network in response to said network request from said buyer computer;
  
  displaying said one of said digital advertisements at said one of said buyer computers, and, in response to a user request, transmitting over said public packet switched communications network from said one of said buyer computers to one of said merchant computers a purchase message, and causing a payment request, comprising a payment amount, to be transmitted over said public packet switched communications network into a payment system comprising a financial authorization network external to said public packet switched communications network, in order to initiate authorization of purchase of a product having real monetary value advertised in said one of said digital advertisements and in order to initiate recordation of information pertaining to said payment request and an authorization in a settlement database; and
  
  receiving said purchase message at one of said merchant computers, and causing said product to be sent to a party conditioned on said purchase transaction having been authorized in real time by said financial authorization network external to said public packet switched communications network as evidenced by a payment response from said payment system, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to a principal making said payment, and conditioned on at least one message transmitted over said public packet switched communications network in connection with said purchase transaction not being a replay of a message previously transmitted over said public packet switched communications network;
  
  said payment response comprising at least one digital signature of components that include components derived from said payment response, at least one of which digital signatures protects said payment response from forgery, including authenticating an identity of a source as an originator of said payment response, at least one of which digital signatures protects said payment response from replay attack, and at least one of which digital signatures is computed based on a source-specific secret key.

52. A method of transferring funds having real monetary value from a sender to a beneficiary using a network payment system comprising a plurality of client computers and at least one payment computer interconnected by a public packet switched communications network, said method providing for real-time authorization of purchase transactions by a financial authorization network external to said public packet switched communications network, and comprising the steps of:
- constructing a payment request at one of said client computers specifying a payment amount to be transferred from a sender to a beneficiary, and causing said payment request to be transmitted to said payment computer over said public packet switched communications network; and
  
  causing a message to be transmitted into said financial authorization network external to said public packet switched communications network, in order to verify that said sender has adequate funds or credit having real monetary value, receiving, at said payment computer, an authorization from said financial authorization system in response to said message, transmitting an authorization message from said payment computer to said client computer over said public packet switched communications network, causing information pertaining to said payment request and authorization to be recorded in a settlement database, and causing funds having real monetary value to be transferred from said sender to said beneficiary conditioned on said payment request having been authorized in real time by said financial authorization system external to said public packet switched communications network, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to said sender, and conditioned on at least one message transmitted over said public packet switched communications network in connection with transfer of said funds not being a replay of a message previously transmitted over said public packet switched communications network;
  
  said authorization message comprising at least one digital signature of components that include components derived from said authorization message, at least one of which digital signatures protects said authorization message from forgery, including authenticating an identity of a source as an originator of said authorization message, at least one of which digital signatures protects said authorization message from replay attack, and at least one of which digital signatures is computed based on a source-specific secret key.

53. An open network sales system providing for real-time authorization of purchase transactions, comprising:
- a plurality of buyer computers; and
  
  a plurality of merchant computers;
  
  said plurality of buyer computers and said plurality of merchant computers being interconnected by a public packet switched communications network;
  
  each of said buyer computers being programmed to transmit over said public packet switched communications network to at least one of said merchant computers, in response to a user request, a purchase message and to cause a payment request, comprising a payment amount, to be transmitted over said public packet switched communications network into a payment system comprising a financial authorization network external to said public packet switched communications network, in order to initiate authorization of purchase of a product having real monetary value and in order to initiate recordation of information pertaining to said payment request and an authorization in a settlement database;
  
  at least one of said merchant computers being programmed to receive said purchase message, and to cause said product to be sent to a party conditioned on said purchase transaction having been authorized in real time by said financial authorization network external to said public packet switched communications network as evidenced by a payment response from said payment system, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to a principal making said payment, and conditioned on at least one message transmitted over said public packet switched communications network in connection with purchase of said product not being a replay of a message previously transmitted over said public packet switched communications network;
  
  said payment response comprising at least one digital signature of components that include components derived from said payment response, at least one of which digital signatures protects said payment response from forgery, including authenticating an identity of a source as an originator of said payment response, at least one of which digital signatures protects said payment response from replay attack, and at least one of which digital signatures is computed based on a source-specific secret key.

54. A method of effecting sales over a network sales system comprising a plurality of buyer computers and a plurality of merchant computers interconnected by a public packet switched communications network, said method providing for real-time authorization of purchase transactions and comprising the steps of:
- in response to a user request, transmitting over said public packet switched communications network from one of said buyer computers to one of said merchant computers a purchase message, and causing a payment request, comprising a payment amount, to be transmitted over said public packet switched communications network into a payment system comprising a financial authorization network external to said public packet switched communications network, in order to initiate authorization of purchase of a product having real monetary value and in order to initiate recordation of information pertaining to said payment request and an authorization in a settlement database; and
  
  receiving said purchase message at one of said merchant computers, and causing said product to be sent to a party conditioned on said purchase transaction having been authorized in real time by said financial authorization network external to said public packet switched communications network as evidenced by a payment response from said financial authorization network, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to a principal making said payment, and conditioned on at least one message transmitted over said public packet switched communications network in connection with said purchase transaction not being a replay of a message previously transmitted over said public packet switched communications network;
  
  said payment response comprising at least one digital signature of components that include components derived from said payment response, at least one of which digital signatures protects said payment response from forgery, including authenticating an identity of a source as an originator of said payment response, at least one of which digital signatures protects said payment response from replay attack, and at least one of which digital signatures is computed based on a source-specific secret key.

55. An open network payment system for transferring funds having real monetary value from a sender to a beneficiary and providing for real-time authorization of payment transactions by a financial authorization network external to said network payment system, comprising:
- a plurality of client computers; and
  
  at least one payment computer;
  
  said client computers and said payment computer being interconnected by a public packet switched communications network;
  
  each one of said client computers being programmed to construct a payment request specifying a payment amount to be transferred from a sender to a beneficiary, and to cause said payment request to be transmitted to said payment computer over said public packet switched communications network;
  
  said payment computer being programmed to cause a message to be transmitted into said financial authorization network external to said public packet switched communications network, in order to verify that said sender has adequate funds or credit having real monetary value, to receive an authorization from said financial authorization network in response to said message, to transmit an authorization message to said client computer over said public packet switched communications network, to cause information pertaining to said payment request and said authorization to be recorded in a settlement database, and to cause funds having real monetary value to be transferred from said sender to said beneficiary conditioned on said payment request having been authorized in real time by said financial authorization network external to said public packet switched communications network, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to said sender, and conditioned on at least one message transmitted over said public packet switched communications network in connection with transfer of said funds not being a replay of a message previously transmitted over said public packet switched communications network;
  
  said authorization message comprising at least one digital signature of components that include components derived from said authorization message, at least one of which digital signatures protects said authorization message from forgery, at least one of which digital signatures protects said authorization message from replay attack; and
  
  said authorization message comprising an authenticator proving that said payment computer originated said authorization message and being capable of validation without use of a secret key.
- View Dependent Claims (56)
- - 56. The system of claim 55 wherein said authenticator is a digital signature.

57. A method of transferring funds having real monetary value from a sender to a beneficiary using a network payment system comprising a plurality of client computers and at least one payment computer interconnected by a public packet switched communications network, said method providing for real-time authorization of purchase transactions by a financial authorization network external to said public packet switched communications network, and comprising the steps of:
- constructing a payment request at one of said client computers specifying a payment amount to be transferred from a sender to a beneficiary, and causing said payment request to be transmitted to said payment computer over said public packet switched communications network; and
  
  causing a message to be transmitted into said financial authorization network external to said public packet switched communications network, in order to verify that said sender has adequate funds or credit having real monetary value, receiving, at said payment computer, an authorization from said financial authorization system in response to said message, transmitting an authorization message from said payment computer to said client computer over said public packet switched communications network, causing information pertaining to said payment request and said authorization to be recorded in a settlement database, and causing funds having real monetary value to be transferred from said sender to said beneficiary conditioned on said payment request having been authorized in real time by said financial authorization system external to said public packet switched communications network, based on an external credit card account or an external demand deposit account having sufficient credit or funds of real monetary value available to said sender, and conditioned on at least one message transmitted over said public packet switched communications network in connection with transfer of said funds not being a replay of a message previously transmitted over said public packet switched communications network;
  
  said authorization message comprising at least one digital signature of components that include components derived from said authorization message, at least one of which digital signatures protects said authorization message from forgery, and at least one of which digital signatures protects said authorization message from replay attack; and
  
  said authorization message comprising an authenticator proving that said payment computer originated said authorization message and being capable of validation without use of a secret key.
- View Dependent Claims (58)
- - 58. The method of claim 57 wherein said authenticator is a digital signature.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Soverain IP, LLC
Original Assignee
Open Market, Inc. (Divine Technology Ventures)
Inventors
Gifford, David K.
Primary Examiner(s)
CAIN, DAVID C

Application Number

US08/563,745
Time in Patent Office

825 Days
Field of Search

380/24, 380/23, 380/25, 380/28, 380/30, 364/401, 364/406, 364/408, 340/825.33, 902/1, 902/2, 902/24
US Class Current

705/79
CPC Class Codes

G06Q 10/087   Inventory or stock manageme...

G06Q 20/02   involving a neutral party, ...

G06Q 20/023   the neutral party being a c...

G06Q 20/027   involving a payment switch ...

G06Q 20/04   Payment circuits

G06Q 20/085   involving remote charge det...

G06Q 20/10   specially adapted for elect...

G06Q 20/12   specially adapted for elect...

G06Q 20/385   using an alias or single-us...

G06Q 20/401   Transaction verification

G06Q 30/02   Marketing; Price estimation...

G06Q 30/0251   Targeted advertisements

G06Q 30/0253   During e-commerce, i.e. onl...

G06Q 30/0277   Online advertisement

G06Q 30/06   Buying, selling or leasing ...

G06Q 30/0601   Electronic shopping [e-shop...

G06Q 30/0609   Buyer or seller confidence ...

G07F 7/00   Mechanisms actuated by obje...

Digital active advertising

First Claim

16 Assignments

0 Petitions

Accused Products

Abstract

Citations

58 Claims

Specification

Solutions

Use Cases

Quick Links

Digital active advertising

First Claim

16 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

58 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links