Method and apparatus for purchasing and delivering digital goods over a network

US 5,809,144 A
Filed: 08/24/1995
Issued: 09/15/1998
Est. Priority Date: 08/24/1995
Status: Expired due to Fees

First Claim

Patent Images

1. A method for purchasing and delivering digital goods over a network, comprising the steps of:

identifying a digital good to be purchased;

establishing a purchase price for the digital good;

sending a purchase request to the merchant for the digital good;

encrypting the digital good;

calculating a first cryptographic checksum for the encrypted good;

transmitting the encrypted digital good and a timestamp to the customer;

receiving the encrypted digital good and the timestamp;

calculating a second cryptographic checksum for the received encrypted digital good;

creating an electronic payment order containing information identifying the transaction, the second cryptographic checksum, and the timestamp;

transmitting the electronic payment order to the merchant;

adding an electronic signature of the merchant and a decryption key to the electronic payment order when the first and second checksums match;

submitting the merchant signed electronic payment order and key for review;

reviewing the information in the electronic payment order and sending a message to the merchant in response to the review; and

forwarding a message containing the key to the customer when the review is positive.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for purchasing and delivering goods over a network is comprised of the steps of identifying a digital good to be purchased. A purchase price for the digital good is negotiated. After the negotiation step, an authenticated purchase request is sent to the merchant. The merchant encrypts the desired digital good and calculates a first cryptographic checksum for the encrypted good. The encrypted digital good and the first cryptographic checksum together with a timestamp are then transmitted to the customer. The customer calculates a second cryptographic checksum for the received encrypted digital good. The customer creates an electronic payment order containing information identifying the transaction, the second cryptographic checksum, credentials, and the timestamp. The electronic payment order is transmitted to the merchant. The merchant compares the first and second cryptographic checksums to ensure that they match, and if so, the merchant adds an electronic signature and a decryption key to the electronic payment order. The merchant submits the merchant signed electronic payment order and the key to an account server for review. The account server reviews the information in the electronic payment order and sends a message, including the key if the review is positive, to the merchant. The merchant forwards the message to the customer. If the message contained the key, the customer uses the key to decrypt the goods.

900 Citations

128 Claims

1. A method for purchasing and delivering digital goods over a network, comprising the steps of:
- identifying a digital good to be purchased;
  
  establishing a purchase price for the digital good;
  
  sending a purchase request to the merchant for the digital good;
  
  encrypting the digital good;
  
  calculating a first cryptographic checksum for the encrypted good;
  
  transmitting the encrypted digital good and a timestamp to the customer;
  
  receiving the encrypted digital good and the timestamp;
  
  calculating a second cryptographic checksum for the received encrypted digital good;
  
  creating an electronic payment order containing information identifying the transaction, the second cryptographic checksum, and the timestamp;
  
  transmitting the electronic payment order to the merchant;
  
  adding an electronic signature of the merchant and a decryption key to the electronic payment order when the first and second checksums match;
  
  submitting the merchant signed electronic payment order and key for review;
  
  reviewing the information in the electronic payment order and sending a message to the merchant in response to the review; and
  
  forwarding a message containing the key to the customer when the review is positive.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 2. The method of claim 1 wherein said step of establishing a purchase price includes the step of negotiating a purchase price.
  - 3. The method of claim 1 wherein said step of establishing a purchase price includes the step of looking up a purchase price from a list.
  - 4. The method of claim 1 wherein said step of establishing a purchase price includes the step of identifying the customer, and wherein the price is established in part on the identity of the customer.
  - 5. The method of claim 4 additionally comprising the step of determining the customer'"'"'s frequency of purchases, and wherein the price is established in part on the customer'"'"'s frequency of purchases.
  - 6. The method of claim 4 additionally comprising the steps of presenting a credential and evaluating the credential before establishing the purchase price.
  - 7. The method of claim 4 additionally comprising the steps of presenting a coupon and evaluating the coupon before establishing the purchase price.
  - 8. The method of claim 1 wherein said step of sending a purchase request includes sending a customer identifier and a digital good identifier.
  - 9. The method of claim 1 wherein said step of creating an electronic payment order includes an electronic payment order having a digital signature of the customer.
  - 10. The method of claim 9 wherein said step of creating an electronic payment order includes an electronic payment order having a customer identifier, a digital good identifier, the purchase price, and a merchant identifier.
  - 11. The method of claim 10 wherein said step of creating an electronic payment order includes an electronic payment order having a customer account number and a customer memo field.
  - 12. The method of claim 1 additionally comprising the steps of:
    - retransmitting the encrypted digital good and a timestamp to the customer when the first and second checksums do not match;
      
      receiving the retransmitted encrypted digital good and the timestamp;
      
      calculating a second cryptographic checksum for the received retransmitted encrypted digital good;
      
      creating an electronic payment order containing information identifying the transaction, the second cryptographic checksum, and the timestamp; and
      
      transmitting the electronic payment order to the merchant.
  - 13. The method of claim 1 additionally comprising the step of aborting the purchase.
  - 14. The method of claim 13 wherein said step of aborting the purchase is performed when the first and second checksums do not match.
  - 15. The method of claim 1 wherein the electronic payment order includes a digital signature of the customer, and wherein said step of reviewing the information includes the step of verifying the customer'"'"'s signature and the merchant'"'"'s signature.
  - 16. The method of claim 1 wherein said step of reviewing the information includes the step of verifying that the customer has the funds needed to make the purchase.
  - 17. The method of claim 1 wherein said step of reviewing the information includes the step of verifying that the customer has the credit needed to make the purchase.
  - 18. The method of claim 1 wherein said step of reviewing the information includes the step of verifying that the customer is authorized to make the purchase.
  - 19. The method of claim 1 wherein the timestamp is generated so as to be fresh at the end of the transmission of the encrypted digital good.
  - 20. The method of claim 19 wherein said step of reviewing the information includes the step of reviewing the timestamp to determine if the transaction is stale.
  - 21. The method of claim 1 additionally comprising the step of adding a unique serial number to the electronic payment order, and wherein said step of reviewing the information includes the step of reviewing the serial number.
  - 22. The method of claim 1 additionally comprising the steps of:
    - debiting the customer'"'"'s account;
      
      crediting the merchant'"'"'s account;
      
      logging the transaction; and
      
      saving a copy of the key.
  - 23. The method of claim 1 additionally comprising the step of transmitting the first cryptographic checksum to the customer, and wherein the customer compares the first and second checksums.
  - 24. The method of claim 1 wherein said step of forwarding a message containing the key is performed by the merchant.
  - 25. The method of claim 24 additionally comprising the step of the information reviewer forwarding a message containing the key to the customer when the merchant fails to forward the message.
  - 26. The method of claim 1 wherein said step of forwarding a message containing the key is performed by the information reviewer.
  - 27. The method of claim 1 wherein the digital good includes a digitized receipt for a nondigital good.
  - 28. The method of claim 1 wherein the message sent in response to the review includes a message having a digital signature of the reviewer.

29. A method for purchasing and delivering digital goods over a network, comprising the steps of:
- (a) identifying a digital good to be purchased;
  
  (b) sending a message indicating what price for the digital good is acceptable to the customer;
  
  (c) determining if the price is acceptable to the merchant, and when the price is acceptable;
  
  (d) encrypting the digital good;
  
  (e) calculating a first cryptographic checksum for the encrypted good;
  
  (f) transmitting the encrypted digital good and a timestamp to the customer;
  
  (g) receiving the encrypted digital good and the timestamp;
  
  (h) calculating a second cryptographic checksum for the received encrypted digital good;
  
  (i) creating an electronic payment order containing information identifying the transaction, the second cryptographic checksum, and the timestamp;
  
  (j) transmitting the electronic payment order to the merchant;
  
  (k) adding an electronic signature of the merchant and a decryption key to the electronic payment order when the first and second checksums match;
  
  (l) submitting the merchant signed electronic payment order and key for review;
  
  (m) reviewing the information in the electronic payment order and sending a message to the merchant in response to the review; and
  
  (n) forwarding a message containing the key to the customer when the review is positive.
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56)
- - 30. The method of claim 29 additionally comprising the step of aborting the transaction if the price is not acceptable to the merchant.
  - 31. The method of claim 29 additionally comprising the steps of negotiating a price when the price in the message is not acceptable to the merchant, and performing steps (d) through (n) when a price has been agreed upon.
  - 32. The method of claim 29 additionally comprising the step of identifying the customer before determining if the price is acceptable to the merchant.
  - 33. The method of claim 32 additionally comprising the steps of presenting a credential and evaluating the credential before determining if the price is acceptable to the merchant.
  - 34. The method of claim 32 additionally comprising the steps of presenting a coupon and evaluating the coupon before determining if the price is acceptable to the merchant.
  - 35. The method of claim 29 wherein said step of sending a message includes sending a message including a customer identifier and a digital good identifier.
  - 36. The method of claim 29 wherein said step of creating an electronic payment order includes creating an electronic payment order having a digital signature of the customer.
  - 37. The method of claim 36 wherein said step of creating an electronic payment order includes an electronic payment order having a customer identifier, a digital good identifier, the purchase price, and a merchant identifier.
  - 38. The method of claim 37 wherein said step of creating an electronic payment order includes an electronic payment order having a customer account number and a customer memo field.
  - 39. The method of claim 29 additionally comprising the steps of:
    - retransmitting the encrypted digital good and a timestamp to the customer when the first and second checksums do not match;
      
      receiving the retransmitted encrypted digital good and the timestamp;
      
      calculating a second cryptographic checksum for the received retransmitted encrypted digital good;
      
      creating an electronic payment order containing information identifying the transaction, the second cryptographic checksum, and the timestamp; and
      
      transmitting the electronic payment order to the merchant.
  - 40. The method of claim 29 additionally comprising the step of aborting the purchase.
  - 41. The method of claim 40 wherein said step of aborting the purchase is performed when the first and second checksums do not match.
  - 42. The method of claim 29 wherein the electronic payment order includes a digital signature of the customer, and wherein said step of reviewing the information includes the step of verifying the customer'"'"'s signature and the merchant'"'"'s signature.
  - 43. The method of claim 29 wherein said step of reviewing the information includes the step of verifying that the customer has the funds needed to make the purchase.
  - 44. The method of claim 29 wherein said step of reviewing the information includes the step of verifying that the customer has the credit needed to make the purchase.
  - 45. The method of claim 29 wherein said step of reviewing the information includes the step of verifying that the customer is authorized to make the purchase.
  - 46. The method of claim 29 wherein the timestamp is generated so as to be fresh at the end of the transmission of the encrypted digital good.
  - 47. The method of claim 46 wherein said step of reviewing the information includes the step of reviewing the timestamp to determine if the transaction is stale.
  - 48. The method of claim 29 additionally comprising the step of adding a unique serial number to the electronic payment order, and wherein said step of reviewing the information includes the step of reviewing the serial number.
  - 49. The method of claim 29 additionally comprising the steps of:
    - debiting the customer'"'"'s account;
      
      crediting the merchant'"'"'s account;
      
      logging the transaction; and
      
      saving a copy of the key.
  - 50. The method of claim 29 additionally comprising the step of transmitting the first cryptographic checksum to the customer, and wherein the customer compares the first and second checksums.
  - 51. The method of claim 29 wherein said step of forwarding a message containing the key is performed by the merchant.
  - 52. The method of claim 51 additionally comprising the step of the information reviewer forwarding a message containing the key to the customer when the merchant fails to forward the message.
  - 53. The method of claim 29 wherein said step of forwarding a message containing the key is performed by the information reviewer.
  - 54. The method of claim 29 wherein the digital good includes a digitized receipt for a nondigital good.
  - 55. The method of claim 29 wherein the price indicated in the message is zero.
  - 56. The method of claim 29 wherein the message sent in response to the review includes a message having a digital signature of the reviewer.

57. A method for ordering and delivering digital goods over a network, comprising the steps of:
- (a) identifying a digital good to be delivered;
  
  (b) sending a message requesting delivery of the digital good if the price is zero;
  
  (c) determining if the price of the good is zero, and when the price of the good is zero;
  
  (d) encrypting the digital good;
  
  (e) calculating a first cryptographic checksum for the encrypted good;
  
  (f) transmitting the encrypted digital good and a timestamp to the customer;
  
  (g) receiving the encrypted digital good and the timestamp;
  
  (h) calculating a second cryptographic checksum for the received encrypted digital good;
  
  (i) creating an electronic payment order containing information identifying the transaction, the second cryptographic checksum, and the timestamp;
  
  (j) transmitting the electronic payment order to the merchant; and
  
  (k) reviewing the information in the electronic payment order and sending a message containing the key to the customer when the review is positive.
- View Dependent Claims (58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75)
- - 58. The method of claim 57 additionally comprising the step of aborting the transaction if the price of the goods is not zero.
  - 59. The method of claim 57 wherein said step of reviewing the information includes the step of comparing the first and second cryptographic checksums.
  - 60. The method of claim 57 additionally comprising the step of identifying the customer before determining if the price of the good is zero.
  - 61. The method of claim 60 additionally comprising the steps of presenting a credential and evaluating the credential before determining if the price of the good is zero.
  - 62. The method of claim 60 additionally comprising the steps of presenting a coupon and evaluating the coupon before determining if the price of the good is zero.
  - 63. The method of claim 60 wherein said step of reviewing the information includes the step of verifying that the customer is authorized to receive the good.
  - 64. The method of claim 57 wherein said step of sending a purchase request includes sending a purchase request having a customer identifier and a digital good identifier.
  - 65. The method of claim 57 additionally comprising the steps of:
    - retransmitting the encrypted digital good and a timestamp to the customer when the first and second checksums do not match;
      
      receiving the retransmitted encrypted digital good and the timestamp;
      
      calculating a second cryptographic checksum for the received retransmitted encrypted digital good;
      
      creating an electronic payment order containing information identifying the transaction, the second cryptographic checksum, and the timestamp; and
      
      transmitting the electronic payment order to the merchant.
  - 66. The method of claim 57 additionally comprising the step of aborting the transaction.
  - 67. The method of claim 66 wherein said step of aborting the transaction is performed when the first and second checksums do not match.
  - 68. The method of claim 57 wherein the electronic payment order includes a digital signature of the customer, and wherein said step of reviewing the information includes the step of verifying the customer'"'"'s signature.
  - 69. The method of claim 57 wherein the timestamp is generated so as to be fresh at the end of the transmission of the encrypted digital good.
  - 70. The method of claim 69 wherein said step of reviewing the information includes the step of reviewing the timestamp to determine if the transaction is stale.
  - 71. The method of claim 57 additionally comprising the step of adding a unique serial number to the electronic payment order, and wherein said step of reviewing the information includes the step of reviewing the serial number.
  - 72. The method of claim 57 additionally comprising the steps of:
    - logging the transaction; and
      
      saving a copy of the key.
  - 73. The method of claim 57 additionally comprising the step of transmitting the first cryptographic checksum to the customer, and wherein the customer compares the first and second checksums.
  - 74. The method of claim 57 wherein the digital good includes a digitized receipt for a nondigital good.
  - 75. The method of claim 57 wherein the message sent in response to the review includes a message having a digital signature of the reviewer.

76. A method for purchasing and delivering digital goods over a network, comprising the steps of:
- (a) identifying a digital good to be delivered;
  
  (b) sending a message requesting delivery of the digital good if the price is zero;
  
  (c) determining if the price of the good is zero, and when the price of the good is zero, then;
  
  encrypting the digital good under a session key shared with the customer;
  
  calculating a first cryptographic checksum for the encrypted good;
  
  transmitting the encrypted digital good and a timestamp to the customer;
  
  receiving the encrypted digital good and the timestamp;
  
  calculating a second cryptographic checksum for the received encrypted digital good;
  
  creating an electronic message containing information identifying the transaction, the second cryptographic checksum, and the timestamp;
  
  transmitting the electronic message to the merchant;
  
  reviewing the information in the electronic message; and
  
  sending a message to the customer indicating the results of the review.
- View Dependent Claims (77)
- - 77. The method of claim 76 wherein said step of reviewing the information in the electronic message includes comparing the first and second cryptographic checksums.

78. A method for purchasing and delivering digital goods over a network, comprising the steps of:
- (a) identifying a digital good to be delivered;
  
  (b) sending a message requesting delivery of the digital good if the price is zero, the message including a credential;
  
  (c) determining if the price of the good is zero at least in part on the presented credential, and when the price of the good is zero;
  
  encrypting the digital good under a session key shared with the consumer;
  
  calculating a first cryptographic checksum for the encrypted good;
  
  transmitting the encrypted digital good, the first cryptographic checksum, and a timestamp to the customer;
  
  receiving the encrypted digital good, the first cryptographic checksum, and the timestamp;
  
  calculating a second cryptographic checksum for the received encrypted digital good;
  
  decrypting the encrypted digital good with the shared session key;
  
  comparing the first cryptographic checksum to the second cryptographic checksum; and
  
  alerting the customer if the checksums don'"'"'t match.

79. A method for purchasing and delivering digital goods over a network, comprising the steps of:
- identifying a digital good to be purchased;
  
  obtaining a credential containing a cryptographic checksum of a nonce, an account number, and a copy of the nonce;
  
  establishing a purchase price for the digital good after the merchant is made aware of the credential;
  
  sending a purchase request to the merchant for the digital good;
  
  encrypting the digital good;
  
  calculating a first cryptographic checksum for the encrypted good;
  
  transmitting the encrypted digital good and a timestamp to the customer;
  
  receiving the encrypted digital good and the timestamp;
  
  calculating a second cryptographic checksum for the received encrypted digital good;
  
  creating an electronic payment order containing information identifying the transaction, the second cryptographic checksum, the timestamp, the account number to be charged, the nonce, the cryptographic checksum of the nonce, and the account number copied from the credential used to establish the purchase price;
  
  transmitting the electronic payment order to the merchant;
  
  adding an electronic signature of the merchant, the credential, and a decryption key to the electronic payment order when the first and second checksums match;
  
  submitting the merchant signed electronic payment order, credential, and key for review;
  
  reviewing the submitted information and sending a message to the merchant in response to the review; and
  
  forwarding a message containing the key to the customer when the review is positive.
- View Dependent Claims (80, 81, 82, 83)
- - 80. The method of claim 79 wherein said step of reviewing the information includes the step of determining if the customer is authorized to used the account identified in the credential.
  - 81. The method of claim 79 wherein said step of obtaining a credential includes the step of specifying the account number to be used in the credential.
  - 82. The method of claim 81 wherein said step of reviewing the information includes the step of determining if the account being charged is the same account as was specified when the credential was obtained.
  - 83. The method of claim 79 wherein the account number and the nonce in the electronic payment order are encrypted so as to be readable only by the information reviewer.

84. A method of purchasing and receiving a digital good over a network, comprising the steps of:
- creating a purchase request for a digital good;
  
  transmitting the purchase request to a merchant;
  
  receiving the digital good in encrypted form and a timestamp;
  
  calculating a cryptographic checksum for the received encrypted digital good;
  
  creating an electronic payment order containing information identifying the transaction, the cryptographic checksum, and the timestamp;
  
  transmitting the electronic payment order to the merchant; and
  
  receiving a key for decrypting the encrypted digital good.
- View Dependent Claims (85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96)
- - 85. The method of claim 84 additionally comprising the step of negotiating a purchase price.
  - 86. The method of claim 84 additionally comprising the step of identifying the customer to the merchant.
  - 87. The method of claim 86 additionally comprising the step of presenting a credential to the merchant.
  - 88. The method of claim 86 additionally comprising the steps of presenting a coupon to the merchant.
  - 89. The method of claim 84 wherein said step of creating a purchase request includes a purchase request having a customer identifier and a digital good identifier.
  - 90. The method of claim 84 wherein said step of creating an electronic payment order includes an electronic payment order having a digital signature of the customer.
  - 91. The method of claim 90 wherein said step of creating an electronic payment order includes an electronic payment order having a customer identifier, a digital good identifier, the purchase price, and a merchant identifier.
  - 92. The method of claim 91 wherein said step of creating an electronic payment order includes an electronic payment order having a customer account number and a customer memo field.
  - 93. The method of claim 84 additionally comprising the step of aborting the purchase.
  - 94. The method of claim 93 additionally comprising the steps of receiving a cryptographic checksum and comparing the calculated checksum to the received checksum.
  - 95. The method of claim 94 wherein said step of aborting the purchase is performed when the received and calculated checksums do not match.
  - 96. The method of claim 84 wherein the digital good includes a digitized receipt for a nondigital good.

97. Apparatus for purchasing and receiving a digital good over a network, comprising:
- means for creating a purchase request for a digital good;
  
  means for transmitting the purchase request to a merchant;
  
  means for receiving the digital good in encrypted form and a timestamp;
  
  means for calculating a cryptographic checksum for the received encrypted digital good;
  
  means for creating an electronic payment order containing information identifying the transaction, the cryptographic checksum, and the timestamp;
  
  said means for transmitting transmitting the electronic payment order to the merchant and said means for receiving receiving a key; and
  
  means responsive to said received key for decrypting the encrypted digital good.

98. A method of selling and delivering a digital good over a network, comprising the steps of:
- receiving a purchase request for a digital good from a customer;
  
  encrypting the digital good;
  
  calculating a first cryptographic checksum for the encrypted good;
  
  generating a timestamp;
  
  transmitting the encrypted digital good and the timestamp to the customer;
  
  receiving an electronic payment order from the customer containing information identifying the transaction, a second cryptographic checksum, and the timestamp;
  
  adding an electronic signature of the merchant and a decryption key to the electronic payment order when the first and second checksums match; and
  
  transmitting the merchant signed electronic payment order and key for review.
- View Dependent Claims (99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112)
- - 99. The method of claim 98 additionally comprising the step of establishing a purchase price .
  - 100. The method of claim 99 wherein said step of establishing a purchase price includes the step of negotiating a purchase price.
  - 101. The method of claim 99 wherein said step of establishing a purchase price includes the step of looking up a purchase price from a list.
  - 102. The method of claim 99 wherein said step of establishing a purchase price includes the step of identifying the customer, and wherein the price is established in part on the identity of the customer.
  - 103. The method of claim 99 additionally comprising the step evaluating a credential presented by the customer before establishing the purchase price.
  - 104. The method of claim 99 additionally comprising the step of evaluating a coupon presented by the customer before establishing the purchase price.
  - 105. The method of claim 98 additionally comprising the step of retransmitting the encrypted digital good and a timestamp to the customer when the first and second checksums do not match.
  - 106. The method of claim 98 additionally comprising the step of aborting the purchase.
  - 107. The method of claim 106 wherein said step of aborting the purchase is performed when the first and second checksums do not match.
  - 108. The method of claim 98 wherein the timestamp is generated so as to be fresh at the end of the transmission of the encrypted digital good.
  - 109. The method of claim 98 additionally comprising the step of adding a unique serial number to the electronic payment order.
  - 110. The method of claim 98 additionally comprising the step of transmitting the first cryptographic checksum to the customer.
  - 111. The method of claim 98 additionally comprising the step of forwarding a message containing a decryption key to the customer.
  - 112. The method of claim 98 wherein the digital good includes a digitized receipt for a nondigital good.

113. Apparatus for selling and delivering a digital good over a network, comprising:
- means for receiving a purchase request for a digital good from a customer;
  
  means, responsive to said means for receiving, for encrypting the digital good;
  
  means for calculating a first cryptographic checksum for the encrypted good;
  
  means for generating a timestamp;
  
  means for transmitting the encrypted digital good and the timestamp to the customer;
  
  said means for receiving receiving an electronic payment order from the customer containing information identifying the transaction, a second cryptographic checksum, and the timestamp;
  
  means for comparing the first and second checksums;
  
  means, responsive to said means for comparing, for adding an electronic signature of the merchant and a decryption key to the electronic payment order when the first and second checksums match;
  
  said means for transmitting transmitting the merchant signed electronic payment order and key for review.

114. A method of reviewing the sale of a digital good over a network, comprising the steps of:
- reviewing the information in an electronic payment order signed by a merchant and containing a decryption key;
  
  sending a message to the merchant in response to the review;
  
  debiting the customer'"'"'s account when the review is positive;
  
  crediting the merchant'"'"'s account when the review is positive;
  
  logging the transaction in response to the review; and
  
  saving a copy of the key.
- View Dependent Claims (115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125)
- - 115. The method of claim 114 wherein the electronic payment order includes a digital signature of the customer, and wherein said step of reviewing the information includes the step of verifying the customer'"'"'s signature and the merchant'"'"'s signature.
  - 116. The method of claim 114 wherein said step of reviewing the information includes the step of verifying that the customer has the funds needed to make the purchase.
  - 117. The method of claim 114 wherein said step of reviewing the information includes the step of verifying that the customer has the credit needed to make the purchase.
  - 118. The method of claim 114 wherein said step of reviewing the information includes the step of verifying that the customer is authorized to make the purchase.
  - 119. The method of claim 114 wherein said step of reviewing the information includes the step of reviewing a timestamp to determine if the transaction is stale.
  - 120. The method of claim 114 wherein said step of reviewing the information includes the step of reviewing a serial number.
  - 121. The method of claim 114 additionally comprising the step of a sending a message containing a decryption key.
  - 122. The method of claim 114 wherein the digital good includes a digitized receipt for a nondigital good.
  - 123. The method of claim 114 additionally comprising the step of providing an update of the status of the review.
  - 124. The method of claim 114 additionally comprising the step of providing an update of the status of the customer'"'"'s account.
  - 125. The method of claim 114 additionally comprising the step of providing an update of the status of the merchant'"'"'s account.

126. Apparatus for reviewing the sale of a digital good over a network, comprising:
- means for receiving an electronic payment order signed by a merchant and containing a decryption key;
  
  means for reviewing the information in the received electronic payment order and the merchant signature;
  
  means for sending a message to the merchant in response to the review;
  
  means for debiting the customer'"'"'s account when the review is positive;
  
  means for crediting the merchant'"'"'s account when the review is positive;
  
  means for logging the transaction in response to the review; and
  
  means for saving a copy of the key in response to the review.

127. A method of establishing a shared session key between a client and server over a computer network comprising the steps of:
- (a) generating a one-time random symmetric key;
  
  (b) generating a message consisting of the one-time random symmetric key, the identity of the server, the identity of the client, and a timestamp;
  
  (c) encrypting the message with the public key of the server;
  
  (d) adding the client'"'"'s digital signature to the encrypted message;
  
  (e) transmitting the signed encrypted message from the client to the server;
  
  (f) receiving the message by the server;
  
  (g) verifying the customer'"'"'s signature;
  
  (h) decrypting the message;
  
  (i) constructing a return message consisting of a randomly generated symmetric session key and a Kerberos-style ticket containing the key;
  
  (j) encrypting the return message using the one-time random symmetric key received from the client;
  
  (k) transmitting the return message from the server to the client;
  
  (l) receiving the return message by the client; and
  
  (m) decrypting the return message using the one-time random symmetric key to recover the Kerberos-style ticket and session key.
- View Dependent Claims (128)
- - 128. The method of claim 127 additionally comprising the step of encrypting the Kerberos-style ticket with a key known only to the server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Carnegie Mellon University
Original Assignee
Carnegie Mellon University
Inventors
Wagner, Thomas, Cox, Benjamin T. H., Sirbu, Marvin A., Tygar, J. D.
Primary Examiner(s)
Gregory, Bernarr E.

Application Number

US08/519,074
Time in Patent Office

1,118 Days
Field of Search

380/4, 380/9, 380/23, 380/24, 380/25, 380/21, 380/29, 380/30, 380/44, 380/46, 380/49, 380/50, 380/59, 395/226, 395/227, 395/230, 395/235, 395/239, 395/240, 395/242, 395/244, 705/26, 705/27, 705/39, 705/40, 705/41, 705/42, 705/43, 705/44, 705/45
US Class Current

705/53
CPC Class Codes

G06Q 20/04   Payment circuits

G06Q 20/0855   involving a third party

G06Q 20/12   specially adapted for elect...

G06Q 20/123   Shopping for digital content

G06Q 20/3825   Use of electronic signatures

G06Q 20/401   Transaction verification

G06Q 30/0609   Buyer or seller confidence ...

G06Q 50/188   Electronic negotiation

G07F 17/0042   for hiring of objects

H04L 2209/56   Financial cryptography, e.g...

H04L 9/3236   using cryptographic hash fu...

H04L 9/3297   involving time stamps, e.g....

Method and apparatus for purchasing and delivering digital goods over a network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

900 Citations

128 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for purchasing and delivering digital goods over a network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

900 Citations

128 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links