Method and apparatus for creating and using an encrypted digital receipt for electronic transactions
First Claim
1. A method of authenticating an electronic transaction between a first party to the transaction and a second party to the transaction comprising the steps of:
- conducting an electronic transaction over a public electronic network between a computer of the first party and a computer of the second party;
creating a transaction record comprising information identifying the electronic transaction to the first party;
encrypting the transaction record such that a computer of the first party may decrypt the transaction record and such that decryption of the transaction record by computers of those other than the first party is prevented; and
communicating over the public electronic network the encrypted transaction record from a computer of the first party to a computer of the second party.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for authenticating electronic transactions carried out over public networks such as the Internet is disclosed. A transaction record which identifies the electronic transaction to one party, typically a merchant or institution is created. The transaction record is encrypted by a computer controlled by the merchant or institution so as to allow later decryption by the merchant or institution and to prevent alteration by others. A digital receipt is formed by appending the encrypted transaction record to a plaintext message describing the transaction in plaintext. The digital receipt is then communicated to a computer controlled by the customer. The formation of the digital receipt may take place real-time, so that the second party'"'"'s computer process may remain inactive until the digital receipt is received. The customer may later present the digital receipt to the merchant or institution, who may decrypt the transaction record and compare it to a version previously stored on a database or otherwise authenticate the transaction.
170 Citations
23 Claims
-
1. A method of authenticating an electronic transaction between a first party to the transaction and a second party to the transaction comprising the steps of:
-
conducting an electronic transaction over a public electronic network between a computer of the first party and a computer of the second party; creating a transaction record comprising information identifying the electronic transaction to the first party; encrypting the transaction record such that a computer of the first party may decrypt the transaction record and such that decryption of the transaction record by computers of those other than the first party is prevented; and communicating over the public electronic network the encrypted transaction record from a computer of the first party to a computer of the second party. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of authenticating an electronic transaction between a first party to the transaction and a second party to the transaction comprising the steps of:
-
conducting an electronic transaction over a public electronic network between a computer of the first party and a computer of the second party; creating a transaction record, the transaction record comprising information which identifies the electronic transaction to a computer of the first party; encrypting the transaction record such that a computer of the first party may decrypt the transaction record and such that a computer of the second party may not decrypt the transaction record; creating with the first party a plaintext message comprising a description of the transaction; appending the encrypted transaction record to the plaintext message to form a digital receipt; communicating the digital receipt to the second party such that a computer process under the control of the second party may receive the digital receipt; and causing the computer process under the control of the second party to remain inactive until the digital receipt is communicated to said computer process.
-
-
13. An apparatus for authenticating an electronic transaction between a first party to the transaction and a second party to the transaction comprising:
-
a network access device operatively connected to a public electronic network and adapted to facilitate electronic transactions over the public electronic network; a first computer directed by the first party and operatively connected to said network access device such that said first computer is in transactional communication with a second computer over the public electronic network, said first computer configured and adapted to create a transaction record identifying to the first party a transaction conducted over the public electronic network; an encryptor operatively connected to said first computer, said encryptor adapted to encrypt the transaction record such that decryption of the transaction record by computers of those other than the first party is prevented, and wherein said first computer communicates a transaction record encrypted by said encryptor to the second computer via the public electronic network. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A computer-readable medium which can be used to direct a computer to authenticate an electronic transaction between a first party to the transaction and second party to the transaction comprising:
-
means for directing a computer of the first party to conduct an electronic transaction with a computer of a second party over a public electronic network; means for directing the computer of the first party to create a transaction record identifying an electronic transaction between the first party and the second party; means for directing the computer of the first party to encrypt the transaction record such that a computer of the first party may decrypt the transaction record and such that decryption of the transaction record by computers of those other than the first party is prevented; and means for directing the computer of the first party to communicate the encrypted transaction record to the computer of the second party. - View Dependent Claims (20, 21, 22, 23)
-
Specification