Secure method for communicating credit card data when placing an order on a non-secure network
First Claim
1. A method for communicating confidential data and non-confidential data to an intended recipient at a remote location, comprising the steps of:
- (a) transmitting the non-confidential data and a portion of the confidential data to the intended recipient over a non-secure network, said portion of the confidential data comprising a message reference key;
(b) transmitting the confidential data in a complete form to the intended recipient over a secure network;
(c) comparing a portion of the confidential data in the complete form received at the remote location over the secure network to the message reference key received over the non-secure network to match the non-confidential data with the confidential data in the complete form; and
(d) combining the confidential data in the complete form that were received at the remote location with the non-confidential data matched therewith to form a complete message.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for placing an order charged to a credit card, over an unsecured network. The customer completing an order for goods or services enters information required for the order, such as the shipping and billing addresses and identification of the goods, but enters only a subset of the credit card account number to which the order is to be charged. The order is transmitted over the Internet or other network to a remote merchant location (32) from a customer'"'"'s location (10). A computer (38) at the remote merchant location processes the order to extract the data provided by the customer for storage in a database (40). During a subsequent telephone call to the remote merchant location, the customer enters the complete credit card number, preferably on a touch-tone keypad (28). The touch-tone signals are processed by an automated attendant system (44) for input of the complete credit card number into the computer. Using the portion of the complete credit card number that corresponds to the subset entered by the customer on the order form, the computer identifies the order previously placed and inserts the complete credit card number in the order data stored on the database to finalize the order.
738 Citations
31 Claims
-
1. A method for communicating confidential data and non-confidential data to an intended recipient at a remote location, comprising the steps of:
-
(a) transmitting the non-confidential data and a portion of the confidential data to the intended recipient over a non-secure network, said portion of the confidential data comprising a message reference key; (b) transmitting the confidential data in a complete form to the intended recipient over a secure network; (c) comparing a portion of the confidential data in the complete form received at the remote location over the secure network to the message reference key received over the non-secure network to match the non-confidential data with the confidential data in the complete form; and (d) combining the confidential data in the complete form that were received at the remote location with the non-confidential data matched therewith to form a complete message.
-
-
2. A method for communicating credit card data in connection with a message transmitted over a non-secure network, comprising the steps of:
-
(a) transmitting the message over the non-secure network from a local computer, said message including only a portion of the credit card data; (b) receiving the message with the portion of the credit card data at a remote location that is coupled to the non-secure network, said message being added to a database; (c) calling the remote location via a secure network to finalize the message by entering complete credit card data; and (d) matching the message containing the portion of the credit card data with the complete credit card data by comparing the portion of the credit card data that was included in the message with a corresponding portion of the complete credit card data that was entered via the secure network, said complete credit card data thereby being matched with and entered into the message in the database. - View Dependent Claims (3, 4, 5, 6, 7, 8)
-
-
9. A method for entering an order and/or establishing an account over a non-secure computer network, to make a purchase on credit by reference to a credit card number, comprising the steps of:
-
(a) completing a form that includes purchaser data and a predefined subset of the credit card number, said subset of the credit card number comprising an order key; (b) transmitting data entered to complete the form to a remote location over the non-secure computer network; (c) storing said data in a database of an automated order entry system, said data being associated with a specific customer; (d) placing a telephone call to the remote location and entering the complete credit card number, a subset of said number that corresponds to the subset of the credit card number entered on the form comprising a match key; (e) comparing the match key to the order keys stored in the data base to identify the data entered in the form previously stored in step (c) and to associate the telephone call with the specific customer with which said data are associated; and (f) adding the complete credit card number to said data, to complete an order and/or to establish an account for placing subsequent orders for said specific customer. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A system for receiving messages from a plurality of sites, each message including non-confidential data and a subset of confidential data, said non-confidential data and said subset of the confidential data being conveyed as a message to an intended recipient using a non-secure transmission method, to be completed by adding the complete confidential data, which are transmitted to the intended recipient using a secure transmission method, comprising:
-
(a) a computer for use in receiving said messages, said computer having a central processor that executes instructions, a memory for storing instructions to be executed, and non-volatile storage for storing the messages; (b) an automated attendant system, coupled to the computer, for automatically answering a communication from one of the plurality of sites, said communication having been placed to enter the complete confidential data into the computer using the secure transmission method, a portion of the complete confidential data thus entered, which corresponds to the subset of the confidential data, comprising a match key; and (c) said instructions in the memory of the computer causing the central processor to; (i) store the messages received from the plurality of sites using the non-secure transmission method in the non-volatile storage, said messages including the non-confidential data and the subset of the confidential data, said subset comprising an order key; (ii) compare the match key with the order keys associated with messages stored in the non-volatile storage to identify the message conveyed using the non-secure transmission method from said one of the plurality of sites and to associate the complete confidential data conveyed using the secure transmission method with said message; and (iii) adding the complete confidential data conveyed using the secure transmission method to the message thus identified, for storage in the non-volatile storage, to complete the message. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
Specification