Method and apparatus for purchasing and delivering digital goods over a network
First Claim
1. A method for purchasing and delivering digital goods over a network, comprising the steps of:
- identifying a digital good to be purchased;
establishing a purchase price for the digital good;
sending a purchase request to the merchant for the digital good;
encrypting the digital good;
calculating a first cryptographic checksum for the encrypted good;
transmitting the encrypted digital good and a timestamp to the customer;
receiving the encrypted digital good and the timestamp;
calculating a second cryptographic checksum for the received encrypted digital good;
creating an electronic payment order containing information identifying the transaction, the second cryptographic checksum, and the timestamp;
transmitting the electronic payment order to the merchant;
adding an electronic signature of the merchant and a decryption key to the electronic payment order when the first and second checksums match;
submitting the merchant signed electronic payment order and key for review;
reviewing the information in the electronic payment order and sending a message to the merchant in response to the review; and
forwarding a message containing the key to the customer when the review is positive.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for purchasing and delivering goods over a network is comprised of the steps of identifying a digital good to be purchased. A purchase price for the digital good is negotiated. After the negotiation step, an authenticated purchase request is sent to the merchant. The merchant encrypts the desired digital good and calculates a first cryptographic checksum for the encrypted good. The encrypted digital good and the first cryptographic checksum together with a timestamp are then transmitted to the customer. The customer calculates a second cryptographic checksum for the received encrypted digital good. The customer creates an electronic payment order containing information identifying the transaction, the second cryptographic checksum, credentials, and the timestamp. The electronic payment order is transmitted to the merchant. The merchant compares the first and second cryptographic checksums to ensure that they match, and if so, the merchant adds an electronic signature and a decryption key to the electronic payment order. The merchant submits the merchant signed electronic payment order and the key to an account server for review. The account server reviews the information in the electronic payment order and sends a message, including the key if the review is positive, to the merchant. The merchant forwards the message to the customer. If the message contained the key, the customer uses the key to decrypt the goods.
900 Citations
128 Claims
-
1. A method for purchasing and delivering digital goods over a network, comprising the steps of:
-
identifying a digital good to be purchased; establishing a purchase price for the digital good; sending a purchase request to the merchant for the digital good; encrypting the digital good; calculating a first cryptographic checksum for the encrypted good; transmitting the encrypted digital good and a timestamp to the customer; receiving the encrypted digital good and the timestamp; calculating a second cryptographic checksum for the received encrypted digital good; creating an electronic payment order containing information identifying the transaction, the second cryptographic checksum, and the timestamp; transmitting the electronic payment order to the merchant; adding an electronic signature of the merchant and a decryption key to the electronic payment order when the first and second checksums match; submitting the merchant signed electronic payment order and key for review; reviewing the information in the electronic payment order and sending a message to the merchant in response to the review; and forwarding a message containing the key to the customer when the review is positive. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A method for purchasing and delivering digital goods over a network, comprising the steps of:
-
(a) identifying a digital good to be purchased; (b) sending a message indicating what price for the digital good is acceptable to the customer; (c) determining if the price is acceptable to the merchant, and when the price is acceptable; (d) encrypting the digital good; (e) calculating a first cryptographic checksum for the encrypted good; (f) transmitting the encrypted digital good and a timestamp to the customer; (g) receiving the encrypted digital good and the timestamp; (h) calculating a second cryptographic checksum for the received encrypted digital good; (i) creating an electronic payment order containing information identifying the transaction, the second cryptographic checksum, and the timestamp; (j) transmitting the electronic payment order to the merchant; (k) adding an electronic signature of the merchant and a decryption key to the electronic payment order when the first and second checksums match; (l) submitting the merchant signed electronic payment order and key for review; (m) reviewing the information in the electronic payment order and sending a message to the merchant in response to the review; and (n) forwarding a message containing the key to the customer when the review is positive. - View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56)
-
-
57. A method for ordering and delivering digital goods over a network, comprising the steps of:
-
(a) identifying a digital good to be delivered; (b) sending a message requesting delivery of the digital good if the price is zero; (c) determining if the price of the good is zero, and when the price of the good is zero; (d) encrypting the digital good; (e) calculating a first cryptographic checksum for the encrypted good; (f) transmitting the encrypted digital good and a timestamp to the customer; (g) receiving the encrypted digital good and the timestamp; (h) calculating a second cryptographic checksum for the received encrypted digital good; (i) creating an electronic payment order containing information identifying the transaction, the second cryptographic checksum, and the timestamp; (j) transmitting the electronic payment order to the merchant; and (k) reviewing the information in the electronic payment order and sending a message containing the key to the customer when the review is positive. - View Dependent Claims (58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75)
-
-
76. A method for purchasing and delivering digital goods over a network, comprising the steps of:
-
(a) identifying a digital good to be delivered; (b) sending a message requesting delivery of the digital good if the price is zero; (c) determining if the price of the good is zero, and when the price of the good is zero, then; encrypting the digital good under a session key shared with the customer; calculating a first cryptographic checksum for the encrypted good; transmitting the encrypted digital good and a timestamp to the customer; receiving the encrypted digital good and the timestamp; calculating a second cryptographic checksum for the received encrypted digital good; creating an electronic message containing information identifying the transaction, the second cryptographic checksum, and the timestamp; transmitting the electronic message to the merchant; reviewing the information in the electronic message; and sending a message to the customer indicating the results of the review. - View Dependent Claims (77)
-
-
78. A method for purchasing and delivering digital goods over a network, comprising the steps of:
-
(a) identifying a digital good to be delivered; (b) sending a message requesting delivery of the digital good if the price is zero, the message including a credential; (c) determining if the price of the good is zero at least in part on the presented credential, and when the price of the good is zero; encrypting the digital good under a session key shared with the consumer; calculating a first cryptographic checksum for the encrypted good; transmitting the encrypted digital good, the first cryptographic checksum, and a timestamp to the customer; receiving the encrypted digital good, the first cryptographic checksum, and the timestamp; calculating a second cryptographic checksum for the received encrypted digital good; decrypting the encrypted digital good with the shared session key; comparing the first cryptographic checksum to the second cryptographic checksum; and alerting the customer if the checksums don'"'"'t match.
-
-
79. A method for purchasing and delivering digital goods over a network, comprising the steps of:
-
identifying a digital good to be purchased; obtaining a credential containing a cryptographic checksum of a nonce, an account number, and a copy of the nonce; establishing a purchase price for the digital good after the merchant is made aware of the credential; sending a purchase request to the merchant for the digital good; encrypting the digital good; calculating a first cryptographic checksum for the encrypted good; transmitting the encrypted digital good and a timestamp to the customer; receiving the encrypted digital good and the timestamp; calculating a second cryptographic checksum for the received encrypted digital good; creating an electronic payment order containing information identifying the transaction, the second cryptographic checksum, the timestamp, the account number to be charged, the nonce, the cryptographic checksum of the nonce, and the account number copied from the credential used to establish the purchase price; transmitting the electronic payment order to the merchant; adding an electronic signature of the merchant, the credential, and a decryption key to the electronic payment order when the first and second checksums match; submitting the merchant signed electronic payment order, credential, and key for review; reviewing the submitted information and sending a message to the merchant in response to the review; and forwarding a message containing the key to the customer when the review is positive. - View Dependent Claims (80, 81, 82, 83)
-
-
84. A method of purchasing and receiving a digital good over a network, comprising the steps of:
-
creating a purchase request for a digital good; transmitting the purchase request to a merchant; receiving the digital good in encrypted form and a timestamp; calculating a cryptographic checksum for the received encrypted digital good; creating an electronic payment order containing information identifying the transaction, the cryptographic checksum, and the timestamp; transmitting the electronic payment order to the merchant; and receiving a key for decrypting the encrypted digital good. - View Dependent Claims (85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96)
-
-
97. Apparatus for purchasing and receiving a digital good over a network, comprising:
-
means for creating a purchase request for a digital good; means for transmitting the purchase request to a merchant; means for receiving the digital good in encrypted form and a timestamp; means for calculating a cryptographic checksum for the received encrypted digital good; means for creating an electronic payment order containing information identifying the transaction, the cryptographic checksum, and the timestamp; said means for transmitting transmitting the electronic payment order to the merchant and said means for receiving receiving a key; and means responsive to said received key for decrypting the encrypted digital good.
-
-
98. A method of selling and delivering a digital good over a network, comprising the steps of:
-
receiving a purchase request for a digital good from a customer; encrypting the digital good; calculating a first cryptographic checksum for the encrypted good; generating a timestamp; transmitting the encrypted digital good and the timestamp to the customer; receiving an electronic payment order from the customer containing information identifying the transaction, a second cryptographic checksum, and the timestamp; adding an electronic signature of the merchant and a decryption key to the electronic payment order when the first and second checksums match; and transmitting the merchant signed electronic payment order and key for review. - View Dependent Claims (99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112)
-
-
113. Apparatus for selling and delivering a digital good over a network, comprising:
-
means for receiving a purchase request for a digital good from a customer; means, responsive to said means for receiving, for encrypting the digital good; means for calculating a first cryptographic checksum for the encrypted good; means for generating a timestamp; means for transmitting the encrypted digital good and the timestamp to the customer; said means for receiving receiving an electronic payment order from the customer containing information identifying the transaction, a second cryptographic checksum, and the timestamp; means for comparing the first and second checksums; means, responsive to said means for comparing, for adding an electronic signature of the merchant and a decryption key to the electronic payment order when the first and second checksums match; said means for transmitting transmitting the merchant signed electronic payment order and key for review.
-
-
114. A method of reviewing the sale of a digital good over a network, comprising the steps of:
-
reviewing the information in an electronic payment order signed by a merchant and containing a decryption key; sending a message to the merchant in response to the review; debiting the customer'"'"'s account when the review is positive; crediting the merchant'"'"'s account when the review is positive; logging the transaction in response to the review; and saving a copy of the key. - View Dependent Claims (115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125)
-
-
126. Apparatus for reviewing the sale of a digital good over a network, comprising:
-
means for receiving an electronic payment order signed by a merchant and containing a decryption key; means for reviewing the information in the received electronic payment order and the merchant signature; means for sending a message to the merchant in response to the review; means for debiting the customer'"'"'s account when the review is positive; means for crediting the merchant'"'"'s account when the review is positive; means for logging the transaction in response to the review; and means for saving a copy of the key in response to the review.
-
-
127. A method of establishing a shared session key between a client and server over a computer network comprising the steps of:
-
(a) generating a one-time random symmetric key; (b) generating a message consisting of the one-time random symmetric key, the identity of the server, the identity of the client, and a timestamp; (c) encrypting the message with the public key of the server; (d) adding the client'"'"'s digital signature to the encrypted message; (e) transmitting the signed encrypted message from the client to the server; (f) receiving the message by the server; (g) verifying the customer'"'"'s signature; (h) decrypting the message; (i) constructing a return message consisting of a randomly generated symmetric session key and a Kerberos-style ticket containing the key; (j) encrypting the return message using the one-time random symmetric key received from the client; (k) transmitting the return message from the server to the client; (l) receiving the return message by the client; and (m) decrypting the return message using the one-time random symmetric key to recover the Kerberos-style ticket and session key. - View Dependent Claims (128)
-
Specification