Electronic transfer system and method

US 5,870,473 A
Filed: 12/14/1995
Issued: 02/09/1999
Est. Priority Date: 12/14/1995
Status: Expired due to Term

First Claim

Patent Images

1. A method for securely communicating in a communication system, wherein the communication system comprises a first device at a first party'"'"'s location, a second device at a second party'"'"'s location, and a server in communication therewith, wherein the method comprises:

(a) creating a first session associated with the first party, wherein said first session has first use parameters for limiting the duration that said first session can be used and a first set of data, wherein said first use parameters and said first set of data are identifiable by the server;

(b) creating a second session associated with the second party, wherein said second session has second use parameters for limiting the duration that said second session can be used and a second set of data, wherein said second use parameters and said second set of data are identifiable by the server; and

(c) linking a portion of said first session with a portion of said second session in the communication system, wherein said portion of said first session includes said first set of data and said first use parameters and said portion of said second session includes said second set of data and said second use parameters;

(d) verifying the first and second parties based upon at least portions of said first and second sets of data by the server; and

(e) determining whether said first and second sessions can be used based upon said first and second use parameters by the serverso that when the server verifies the first and second parties and determines that said first and second sessions can be used, the first and second parties are assured of communicating securely in the communication system.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method relating to secure communications in a communication network is disclosed. The invention uses sessions having limited duration to enable parties to communicate securely in the communication network. The session of one party is independent from the session of another party. The sessions are linked at a server which confirms that the sessions are valid.

In a preferred embodiment, the secure communications occur in an electronic transfer system. In the electronic transfer system, a customer and a merchant can conduct a transaction wherein the customer can purchase a product from the merchant and pay for the product using electronic funds.

423 Citations

25 Claims

1. A method for securely communicating in a communication system, wherein the communication system comprises a first device at a first party'"'"'s location, a second device at a second party'"'"'s location, and a server in communication therewith, wherein the method comprises:
- (a) creating a first session associated with the first party, wherein said first session has first use parameters for limiting the duration that said first session can be used and a first set of data, wherein said first use parameters and said first set of data are identifiable by the server;
  
  (b) creating a second session associated with the second party, wherein said second session has second use parameters for limiting the duration that said second session can be used and a second set of data, wherein said second use parameters and said second set of data are identifiable by the server; and
  
  (c) linking a portion of said first session with a portion of said second session in the communication system, wherein said portion of said first session includes said first set of data and said first use parameters and said portion of said second session includes said second set of data and said second use parameters;
  
  (d) verifying the first and second parties based upon at least portions of said first and second sets of data by the server; and
  
  (e) determining whether said first and second sessions can be used based upon said first and second use parameters by the serverso that when the server verifies the first and second parties and determines that said first and second sessions can be used, the first and second parties are assured of communicating securely in the communication system.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 wherein certain of said first set of data is not transmitted between the first device and the server after said first session is created and certain of said second set of data is not transmitted between the second device and the server after said second session is created.
  - 3. The method of claim 2 wherein said first and second sets of data include first and second keys, respectively, and wherein the server verifies the first and second parties using said first and second keys.
  - 4. The method of claim 1 wherein said first use parameters are determined by the first party and said second use parameters are determined by the second party.
  - 5. The method of claim 1 wherein said first and second use parameters are determined by the server.
  - 6. The method of claim 1 wherein said amount of electronic funds have (a) an amount of electronic funds available to the first party for the duration of said first session, (b) a length of time that said first session will last and (c) a number of transactions that the first party may perform during said first session.
  - 7. The method of claim 1 wherein said second use parameters comprise (a) a length of time that said second session will last and (b) a number of transactions that the second party may perform during said second session.

8. A method for securely communicating in a communication system, wherein the communication system has a device at a user'"'"'s location and a server in communication therewith, wherein the method comprises:
- a. transmitting a request from the device to the server for creating a session having use parameters associated therewith;
  
  b. encrypting a first key with a second key by the server;
  
  c. transmitting said encrypted first key and said use parameters associated with said session from the server to the device;
  
  d. receiving said encrypted first key and said use parameters by the device and decrypting said encrypted first key so that the device can communicate securely in the communication system by using said decrypted first key according to said use parameters.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
- - 9. The method of claim 8, wherein said first key is a DES key.
  - 10. The method of claim 9, wherein said second key is a DES key.
  - 11. The method of claim 8, wherein said secure communication is at a security level greater than DES.
  - 12. The method of claim 8, further comprising a second device at a second user'"'"'s location wherein said second device is also in communication with the user'"'"'s device and the server and wherein the method further comprises:
    - a. transmitting a second request from the second device to the server for creating a second session having second use parameters associated therewith;
      
      b. encrypting a third key with a fourth key by the server;
      
      c. transmitting said encrypted third key and said second use parameters from the server to the second device;
      
      d. receiving said encrypted third key and said second use parameters by the second device and decrypting said third key so that the second device can communicate securely in the communication system by using said decrypted third key according to said second use parameters.
  - 13. The method of claim 12, wherein said third key is a DES key.
  - 14. The method of claim 12, wherein said fourth key is a DES key.
  - 15. The method of claim 12, wherein said secure communication is at a security level greater than DES.
  - 16. The method of claim 12, further comprising:
    - a. transmitting a first set of data from the user'"'"'s device to the second device, wherein said first set of data includes an encrypted portion and an unencrypted portion, wherein said encrypted portion is encrypted using said decrypted first key and at least a portion of said unencrypted portion of said first set of data;
      
      b. receiving said first set of data by the second device and transmitting a second set of data together with said encrypted portion of said first set of data from the second device to the server, wherein said second set of data includes an encrypted portion and an unencrypted portion, wherein said encrypted portion of said second set of data includes at least a portion of said unencrypted portion of said first set of data, and wherein said encrypted portion of said second set of data is encrypted using said decrypted third key and at least a portion of said unencrypted portion of said second set of data; and
      
      c. receiving said second set of data transmitted from said second device by the server and decrypting said encrypted portion of said second set of data using said third key and said portion of said unencrypted portion of said second set of data so that said portion of said first set of data included in said encrypted portion of said second set of data is decrypted, and decrypting said encrypted portion of said first set of data using said first key and said portion of said decrypted portion of said first set of data,so that the user is verified by the server using said first key and the second user is verified by the server using said third key.

17. An electronic transfer system in a communication network for processing a transaction between a customer having a customer device, a merchant having a merchant device, and a server connected therewith, wherein the transaction has terms associated therewith and wherein the server transfers electronic funds from the customer to the merchant so that the merchant can provide a product to the customer, wherein the electronic transfer system comprises:
- a. the merchant device for(1) obtaining a first session from the server,(2) transmitting an invoice including at least a portion of the terms of the transaction to the customer device,(3) receiving a customer response to said invoice from the customer device and transmitting a first set of data representing the transaction to the server, wherein said first set of data includes at least a portion of said customer response,(4) receiving a second set of data from the server indicating whether the transaction has been approved by the server, wherein said second set of data includes a merchant part and a customer part, wherein said merchant part and said customer part of said second set of data include at least a portion of said first set of data; and
  
  (5) transmitting said customer part of said second set of data to the customer device;
  
  b. the customer device for(1) obtaining a second session from the server,(2) receiving said invoice including said portion of the terms of the transaction from said merchant device and transmitting said portion of said customer response to the merchant device, and(3) receiving said customer part of said second set of data from the merchant device;
  
  c. the server having a merchant persona and customer persona stored therein, wherein said merchant persona represents the merchant and said customer persona represents the customer, wherein said merchant persona has a merchant electronic funds storage structure associated therewith for storing electronic funds received by the merchant and said customer persona has a customer electronic funds storage structure associated therewith for storing electronic funds of the customer, wherein the server is for(1) providing said first session to said merchant device and said second session to said customer device,(2) receiving said first set of data representing the transaction from the merchant device and processing said first set of data to determine whether the transaction has been approved,(3) transferring electronic funds from said customer electronic funds storage structure to said merchant electronic funds storage structure if the transaction has been approved, and(4) transmitting said second set of data to the merchant device indicating whether the transaction has been approvedso that if the transaction has been approved, the merchant can provide the product to the customer.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25)
- - 18. The electronic transfer system of claim 17, wherein the merchant device further comprises communicating with the server to bind a first financial instrument to said merchant persona;
    - andwherein the customer device further comprises communicating with the server to bind a second financial instrument to said customer persona.
  - 19. The electronic transfer system of claim 18, wherein the customer device further comprises transmitting a request to the server to transfer funds from said second financial instrument to said customer electronic funds storage structure;
    - andwherein the server further comprises receiving and processing said request to transfer funds and for transferring funds from said second financial instrument to said customer electronic funds storage structure.
  - 20. The electronic transfer system of claim 19, wherein the customer device includes a customer session container for storing electronic funds of the customer during said second session, and further comprises transmitting a second request to the server for transferring electronic funds from said customer electronic funds storage structure to said customer session container;
    - andwherein the server further comprises processing said second request and transferring the electronic funds from said customer electronic funds storage structure to said customer session container.
  - 21. The electronic transfer system of claim 20, wherein the use of said first session is limited by first use parameters comprising (a) a length of time that said first session may last and (b) a number of transactions that the merchant may perform during said first session;
    - andwherein the use of said second session is limited by second use parameters comprising (a) an amount of electronic cash available to the customer during said second session, (b) a length of time that said second session may last and (c) a number of transactions that the customer may perform during said second session.
  - 22. The electronic transfer system of claim 21, wherein the merchant device further comprises transmitting a third request for transferring electronic funds from said merchant session container to said merchant electronic funds storage structure;
    - andwherein the customer device further comprises transmitting a fourth request for transferring electronic funds from said customer session container to said customer electronic funds storage structure; and
      
      the server further comprising processing said third request and for transferring electronic funds from said merchant session container to said merchant electronic funds storage structure and for processing said fourth request and for transferring electronic funds from said customer session container to said customer electronic funds storage structure.
  - 23. The electronic transfer system of claim 21, wherein the server further comprisestransferring electronic funds from said merchant session container to said merchant electronic funds storage structure when at least one of said first use parameters is satisfied;
    - andtransferring electronic funds from said customer session container to said customer electronic funds storage structure when at least one of said second use parameters is satisfied.
  - 24. The electronic transfer system of claim 22 wherein the server further comprises terminating said first and second sessions when at least one of said first and second use parameters have been satisfied.
  - 25. The electronic transfer system of claim 23, wherein the merchant device further comprises transmitting a fifth request to the server for transferring electronic cash funds from said merchant electronic funds storage structure to said first financial instrument;
    - andthe server for processing said fifth request and for transferring electronic funds from said merchant electronic funds storage structure to said first financial instrument.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.), Paypal International Limited (PayPal Holdings, Inc.)
Original Assignee
Cybercash, Inc. (VeriSign, Inc.)
Inventors
Hart, Alden Sherburne Jr., Lindenberg, Robert A., Crocker, Stephen David, Paredes, Denise Marie, Eastlake, Donald Eggleston III, Boesch, Brian Paul
Primary Examiner(s)
Cain, David C.

Application Number

US08/572,425
Time in Patent Office

1,153 Days
Field of Search

380/21, 380/25, 380/23, 380/30, 380/29
US Class Current

705/78
CPC Class Codes

G06Q 20/00   Payment architectures, sche...

G06Q 20/02   involving a neutral party, ...

G06Q 20/06   Private payment circuits, e...

G06Q 20/0855   involving a third party

G06Q 20/12   specially adapted for elect...

G06Q 20/3829   involving key management

G06Q 20/4014   Identity check for transact...

H04L 2463/102   applying security measure f...

H04L 63/0428   wherein the data content is...

H04L 63/0435   wherein the sending and rec...

H04L 63/068   using time-dependent keys, ...

H04L 63/108   when the policy decisions a...

H04L 63/12   Applying verification of th...

H04L 9/40   Network security protocols

Electronic transfer system and method

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

423 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Electronic transfer system and method

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

423 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links