Method and apparatus for creating and using an encrypted digital receipt for electronic transactions

US 5,915,022 A
Filed: 05/30/1996
Issued: 06/22/1999
Est. Priority Date: 05/30/1996
Status: Expired due to Term

First Claim

Patent Images

1. A method of authenticating an electronic transaction between a first party to the transaction and a second party to the transaction comprising the steps of:

conducting an electronic transaction over a public electronic network between a computer of the first party and a computer of the second party;

creating a transaction record comprising information identifying the electronic transaction to the first party;

encrypting the transaction record such that a computer of the first party may decrypt the transaction record and such that decryption of the transaction record by computers of those other than the first party is prevented; and

communicating over the public electronic network the encrypted transaction record from a computer of the first party to a computer of the second party.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for authenticating electronic transactions carried out over public networks such as the Internet is disclosed. A transaction record which identifies the electronic transaction to one party, typically a merchant or institution is created. The transaction record is encrypted by a computer controlled by the merchant or institution so as to allow later decryption by the merchant or institution and to prevent alteration by others. A digital receipt is formed by appending the encrypted transaction record to a plaintext message describing the transaction in plaintext. The digital receipt is then communicated to a computer controlled by the customer. The formation of the digital receipt may take place real-time, so that the second party'"'"'s computer process may remain inactive until the digital receipt is received. The customer may later present the digital receipt to the merchant or institution, who may decrypt the transaction record and compare it to a version previously stored on a database or otherwise authenticate the transaction.

170 Citations

23 Claims

1. A method of authenticating an electronic transaction between a first party to the transaction and a second party to the transaction comprising the steps of:
- conducting an electronic transaction over a public electronic network between a computer of the first party and a computer of the second party;
  
  creating a transaction record comprising information identifying the electronic transaction to the first party;
  
  encrypting the transaction record such that a computer of the first party may decrypt the transaction record and such that decryption of the transaction record by computers of those other than the first party is prevented; and
  
  communicating over the public electronic network the encrypted transaction record from a computer of the first party to a computer of the second party.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1 wherein the step of encrypting further comprises encrypting the transaction record using a DES encryption algorithm.
  - 3. The method of claim 1 wherein the step of conducting an electronic transaction is facilitated over the Internet.
  - 4. The method of claim 1 further comprising the step of causing a computer process of the second party to remain inactive until the encrypted transaction record is communicated to the computer process.
  - 5. The method of claim 1 wherein the transaction record comprises a confirmation number, the confirmation number uniquely identifying the electronic transaction.
  - 6. The method of claim 1 wherein the transaction record comprises the identity of the second party and the time the transaction took place.
  - 7. The method of claim 5 further comprising the steps of:
    - creating with a computer of the first party a plaintext message comprising a description of the transaction; and
      
      appending the encrypted transaction record to the plaintext message to form a digital receipt, and wherein said step of communicating comprises communicating to the second party the digital receipt.
  - 8. The method of claim 7 wherein the transaction record comprises a description of the transaction and the transaction record is stored on a database.
  - 9. The method of claim 8 further comprising the steps of:
    - receiving from a computer of the second party the encrypted transaction record;
      
      decrypting with a computer of the first party the encrypted transaction record; and
      
      comparing the decrypted transaction record with the transaction record stored on the database.
  - 10. The method of claim 1 wherein the first party is a merchant and the second party is a customer.
  - 11. The method of claim 1 wherein the first party is a financial institution and the second party is a customer.

12. A method of authenticating an electronic transaction between a first party to the transaction and a second party to the transaction comprising the steps of:
- conducting an electronic transaction over a public electronic network between a computer of the first party and a computer of the second party;
  
  creating a transaction record, the transaction record comprising information which identifies the electronic transaction to a computer of the first party;
  
  encrypting the transaction record such that a computer of the first party may decrypt the transaction record and such that a computer of the second party may not decrypt the transaction record;
  
  creating with the first party a plaintext message comprising a description of the transaction;
  
  appending the encrypted transaction record to the plaintext message to form a digital receipt;
  
  communicating the digital receipt to the second party such that a computer process under the control of the second party may receive the digital receipt; and
  
  causing the computer process under the control of the second party to remain inactive until the digital receipt is communicated to said computer process.

13. An apparatus for authenticating an electronic transaction between a first party to the transaction and a second party to the transaction comprising:
- a network access device operatively connected to a public electronic network and adapted to facilitate electronic transactions over the public electronic network;
  
  a first computer directed by the first party and operatively connected to said network access device such that said first computer is in transactional communication with a second computer over the public electronic network, said first computer configured and adapted to create a transaction record identifying to the first party a transaction conducted over the public electronic network;
  
  an encryptor operatively connected to said first computer, said encryptor adapted to encrypt the transaction record such that decryption of the transaction record by computers of those other than the first party is prevented, and wherein said first computer communicates a transaction record encrypted by said encryptor to the second computer via the public electronic network.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The apparatus of claim 13 wherein the public electronic network is the Internet.
  - 15. The apparatus of claim 14 wherein the encryptor is adapted to encrypt the transaction record using a DES encryption algorithm.
  - 16. The apparatus of claim 15 wherein said first computer causes the second computer to remain inactive prior to receipt of an encrypted transaction record.
  - 17. The apparatus of claim 13 further comprising a database in communication with said first computer and adapted to store the transaction record.
  - 18. The apparatus of claim 17 further comprising;
    - a decryptor operatively connected to said first computer and adapted to decrypt a transaction record encrypted by said encryptor; and
      
      a comparator operatively connected to said first computer and adapted to compare the decrypted transaction record with a transaction record stored on the database.

19. A computer-readable medium which can be used to direct a computer to authenticate an electronic transaction between a first party to the transaction and second party to the transaction comprising:
- means for directing a computer of the first party to conduct an electronic transaction with a computer of a second party over a public electronic network;
  
  means for directing the computer of the first party to create a transaction record identifying an electronic transaction between the first party and the second party;
  
  means for directing the computer of the first party to encrypt the transaction record such that a computer of the first party may decrypt the transaction record and such that decryption of the transaction record by computers of those other than the first party is prevented; and
  
  means for directing the computer of the first party to communicate the encrypted transaction record to the computer of the second party.
- View Dependent Claims (20, 21, 22, 23)
- - 20. The computer-readable medium of claim 19 further comprising means for directing the computer of the first party to cause the computer of the second party to remain inactive until the encrypted transaction record is received, and wherein the public electronic network is the Internet.
  - 21. The computer-readable medium of claim 20 further comprising:
    - means for directing the computer of the first party to create a plaintext message comprising a description of the transaction;
      
      means for directing the computer of the first party to append the encrypted transaction record to the plaintext message to form a digital receipt, wherein the transaction record comprises a description of the transaction and is stored on a database.
  - 22. The computer-readable medium of claim 21 wherein said means for directing the computer of the first party to encrypt comprises means for directing the computer of the first party to encrypt the transaction record using a DES encryption algorithm.
  - 23. The computer-readable medium of claim 21 further comprising:
    - means for directing the computer of the first party to receive from the computer of the second party the encrypted transaction record;
      
      means for directing the computer of the first party to decrypt the encrypted transaction record by a computer of the first party; and
      
      means for directing the computer of the first party to compare the decrypted transaction record with the transaction record stored on the database.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Financial Internet Solutions Corporation, International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Robinson, Rodney Aaron, Mah, Marvin K.
Primary Examiner(s)
Buczinski, Stephen C.

Application Number

US08/657,720
Time in Patent Office

1,118 Days
Field of Search

380/24, 380/30, 364/705.06, 364/709.04, 364/225.1, 364/227.3, 364/918.1, 702/405
US Class Current

705/75
CPC Class Codes

G06F 2211/008   Public Key, Asymmetric Key,...

G06Q 20/00   Payment architectures, sche...

G06Q 20/047   using payment protocols inv...

G06Q 20/389   Keeping log of transactions...

G06Q 20/401   Transaction verification

G07G 5/00   Receipt-giving machines cas...

Method and apparatus for creating and using an encrypted digital receipt for electronic transactions

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

170 Citations

23 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for creating and using an encrypted digital receipt for electronic transactions

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

170 Citations

23 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others