Electronic online commerce card with customer generated transaction proxy number for online transactions

US 6,000,832 A
Filed: 09/24/1997
Issued: 12/14/1999
Est. Priority Date: 09/24/1997
Status: Expired due to Term

First Claim

Patent Images

1. A method for facilitating online commerce, comprising the following steps:

issuing an electronic commerce card to a customer during a registration phase, the commerce card having a customer account number and a customer-related secret associated therewith; and

during an online commerce transaction phase, generating at the customer a proxy number suitable for the online commerce transaction, the proxy number resembling the customer account number but having embedded therein a code number derived at least in part on the customer-related secret.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An online commerce system facilitates online commerce over a public network using an online commerce card. The "card" does not exist in physical form, but instead exists in digital form. It is assigned a customer account number that includes digits for a prefix number for bank-handling information, digits for a customer identification number, digits reserved for an embedded code number, and a digit for check sum. The bank also gives the customer a private key. During an online transaction, the customer computer retrieves the private key and customer account number from storage. The customer computer generates a code number as a function of the private key, customer-specific data (e.g, card-holder'"'"'s name, account number, etc.) and transaction-specific data (e.g., transaction amount, merchant ID, goods ID, time, transaction date, etc.). The customer computer embeds the code number in the reserved digits of the customer account number to create a transaction number specific to the transaction. The customer submits that transaction number to the merchant as a proxy for a regular card number. When the merchant submits the number for approval, the issuing institution recognizes it as a proxy transaction number, indexes the customer account record, and looks up the associated private key and customer-specific data. The institution computes a test code number using the same function and input parameters as the customer computer. The issuing institution compares the test code number with the code number embedded in the transaction number. If the two numbers match, the issuing institution accepts the transaction number as valid.

Citations

53 Claims

1. A method for facilitating online commerce, comprising the following steps:
- issuing an electronic commerce card to a customer during a registration phase, the commerce card having a customer account number and a customer-related secret associated therewith; and
  
  during an online commerce transaction phase, generating at the customer a proxy number suitable for the online commerce transaction, the proxy number resembling the customer account number but having embedded therein a code number derived at least in part on the customer-related secret.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. A method as recited in claim 1, wherein the generating step comprises the step of deriving the embedded code number from the customer-related secret and transaction-specific data.
  - 3. A method as recited in claim 1, wherein the generating step comprises the step of deriving the embedded code number from the customer-related secret and transaction-specific data, the transaction-specific data being selected from a group comprising time, transaction amount, transaction date, merchant identification, and goods identification.
  - 4. A method as recited in claim 1, wherein the generating step comprises the step of computing the embedded code number from a cryptographic hashing function of the customer-related secret and transaction-specific data.
  - 5. A method as recited in claim 1, wherein the generating step comprises the step of generating a 16-digit proxy number that resembles a credit card number, wherein some of the digits are used for the code number.
  - 6. A method as recited in claim 1, wherein the generating step comprises the step of generating a 16-digit proxy number that resembles a credit card number, the proxy number having a five- to seven-digit prefix, a four-digit customer identification number, a four- to six-digit code number, and a one-digit check sum.
  - 7. A method as recited in claim 1, wherein the generating step comprises the following steps:
    - deriving the code number from the customer-related secret and transaction-specific data;
      
      concatenating the code number with a pre-known prefix and customer identification number;
      
      computing a check sum from the prefix, the code number and the customer identification number; and
      
      appending the check sum to the prefix, the code number and the customer identification number.
  - 8. A method as recited in claim 1, wherein the generating step comprises the step of generating a proxy number having a finite period of time within which the proxy number can be used.
  - 9. A method as recited in claim 1, wherein the issuing step is performed online.
  - 10. A method as recited in claim 1, further comprising the step of using the proxy number during the online commerce transaction.
  - 11. A method as recited in claim 1, wherein prior to the issuing step, the method comprises the following additional steps:
    - initiating, from the customer, a request for the commerce card from an issuing authority; and
      
      downloading software code to the customer to assist in a card registration process.
  - 12. A method as recited in claim 1, wherein prior to the issuing step, the method comprises the following additional steps:
    - obtaining an application for the commerce card from an issuing authority;
      
      supplying as part of the application a customer-selected secret; and
      
      creating at the issuing institution a customer account having a customer identification number and the customer-selected secret associated therewith.
  - 13. A method as recited in claim 1, wherein the step of issuing the commerce card comprises the step of supplying to the customer a private key unique to the customer and software code effective to compute the code number using the private key.
  - 14. A method as recited in claim 1, wherein the step of issuing the commerce card comprises the step of supplying to the customer software code that supports a user interface button that invokes a user interface for generating the proxy number.
  - 15. A graphical user interface embodied on a computer-readable medium that presents the user interface button as recited in claim 14.
  - 16. An electronic commerce card embodied on a computer-readable medium that is created as a result of the steps in the method as recited in claim 1.
  - 17. A computer-readable medium having computer-executable instructions for performing the steps in the method as recited in claim 1.
  - 18. A computer programmed to perform the steps in the method as recited in claim 1.

19. A method for registering for an online commerce card, comprising the following steps:
- initiating, at the customer, a request for an online commerce card application;
  
  downloading software code from a card issuing authority to the customer to assist in completing the card application;
  
  submitting the application for the commerce card from the customer to the issuing authority;
  
  creating at the issuing institution a customer account for the customer, the customer account being associated with a customer identification number and a customer-related secret; and
  
  providing to the customer the customer-related secret, a customer account number that includes the customer identification number, and proxy number generating code, the proxy generating code being capable of creating a code number using the customer-related secret and embedding the code number into the customer account number to form a proxy number for use in place of the customer account number in an online commerce transaction.
- View Dependent Claims (20, 21, 22, 23, 24)
- - 20. A method as recited in claim 19, wherein the providing step comprises the step of providing a private key to the customer, the proxy number generating code using a cryptographic hashing function and the private key to create the code number.
  - 21. A method as recited in claim 19, wherein the providing step comprises the step of supplying the customer account number, the customer-related secret, and the proxy number generating code to the customer by means other than online transmission.
  - 22. A method as recited in claim 19, wherein the downloading step comprises downloading software code that supports a user interface button to invoke a user interface for facilitating online commerce transactions.
  - 23. A graphical user interface embodied on a computer-readable medium that presents the user interface button as recited in claim 22.
  - 24. Computer-readable media resident at the customer and the issuing authority having computer-executable instructions for performing the steps in the method as recited in claim 19.

25. A method for utilizing an online commerce card in conducting online commerce transactions between a customer and a merchant, the commerce card having a customer account number associated therewith, comprising the following steps:
- generating a code number at the customer based at least in part on a customer-related secret;
  
  embedding the code number in the customer account number;
  
  sending the customer account number with embedded code number to the merchant to commence the online commerce transaction.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33)
- - 26. A method as recited in claim 25, wherein the generating step comprises the step of deriving the code number from the customer-related secret and transaction-specific data.
  - 27. A method as recited in claim 25, wherein the generating step comprises the step of deriving the code number from the customer-related secret and transaction-specific data, the transaction-specific data being selected from a group comprising time, transaction amount, transaction date, merchant identification, and goods identification.
  - 28. A method as recited in claim 25, wherein the generating step comprises the step of generating the code number from a cryptographic hashing function of the customer-related secret and transaction-specific data.
  - 29. A method as recited in claim 25, wherein the customer-related secret is a private key and the generating step comprises the step of generating the code number from a cryptographic hashing function of the private key and transaction-specific data.
  - 30. A method as recited in claim 25, wherein the generating and embedding steps yield a 16-digit customer account number that resembles a credit card number, but includes an embedded code number.
  - 31. A method as recited in claim 25, wherein the generating and embedding steps yield a 16-digit customer account number that resembles a credit card number, the customer account number having a five- to seven-digit prefix, a four-digit customer identification number, a four- to six-digit portion for the embedded code number, and a one-digit check sum.
  - 32. A method as recited in claim 25, further comprising the step of displaying the customer account number with the embedded code number to the customer.
  - 33. A computer-readable medium having computer-executable instructions for performing the steps in the method as recited in claim 25.

34. At an authority responsible for authorizing an online commerce transaction involving payment by an electronically transmitted account number, a computer-implemented method for handling an authorization request to honor the account number and accept payment, the authorization request involving a transaction number and containing transaction-specific data, the method comprising the following steps:
- locating a customer account that is associated with the transaction number, the customer account having a customer-related secret associated therewith;
  
  computing a test code number from the customer-related secret and the transaction-specific data; and
  
  comparing the test code number with a code number embedded in the transaction number to verify whether the transaction number was generated by a customer associated with the customer account.
- View Dependent Claims (35, 36, 37, 38)
- - 35. A computer-implemented method as recited in claim 34, further comprising the following steps:
    - substituting a customer account number associated with the customer account in place of the transaction number; and
      
      processing the authorization request using the associated customer account number.
  - 36. A computer-implemented method as recited in claim 35, wherein after the processing step, the method further comprising the following steps:
    - substituting the transaction number in place of the customer account number; and
      
      replying to the authorization request using the transaction number in lieu of the customer account number.
  - 37. A computer-readable medium having computer-executable instructions for performing the steps in the computer-implemented method as recited in claim 34.
  - 38. A computer programmed to perform the steps in the computer-implemented method as recited in claim 34.

39. A method for facilitating online commerce, comprising the following steps:
- (A) conducting a registration phase between a customer and an issuing authority comprising the following steps;
  
  (1) initiating, at the customer, a request for an online commerce card application;
  
  (2) downloading software code from a card issuing authority to the customer to assist in completing the card application;
  
  (3) submitting the application for the commerce card from the customer to the issuing authority;
  
  (4) creating at the issuing institution a customer account for the customer, the customer account being associated with a customer identification number and a customer-related secret;
  
  (5) providing to the customer the customer-related secret, a customer account number that includes the customer identification number, and proxy number generating code to create a code lumber based on the customer-related secret; and
  
  (6) providing to the customer software code that supports a user interface button to invoke a user interface for facilitating online commerce transactions;
  
  (B) utilizing the online commerce card to conduct an online commerce transaction phase between the customer and a merchant comprising the following steps;
  
  (1) generating the code number at the customer using the proxy number generating code and the customer-related secret;
  
  (2) embedding the code number in the customer account number; and
  
  (3) sending the customer account number with embedded code number to the merchant to commence the online commerce transaction;
  
  (C) conducting a payment authorization phase at the issuing authority in response to receiving an authorization request from the merchant to honor the transaction number and accept payment, the authorization request containing transaction-specific data, comprising the following steps;
  
  (1) locating a customer account that is associated with the transaction number, the customer account containing the customer-related secret associated therewith;
  
  (2) computing a test code number from the customer-related secret and the transaction-specific data; and
  
  (3) comparing the test code number with the code number embedded in the transaction number to verify whether the transaction number was generated by a customer associated with the customer account.

40. A system for facilitating online commerce, comprising:
- a customer computing unit resident at a customer site, the customer computing unit being configured with an online commerce card for use in an online commerce transaction, the online commerce card being associated with a customer account number and a customer-related secret;
  
  the customer computing unit being configured to generate a proxy number that resembles the customer account number but has embedded therein a code number derived at least in part on the customer-related secret, the customer computing unit submitting the proxy number to a merchant during the online commerce transaction; and
  
  an authority computing system resident at an authority site, the authority computing system having a database to hold the customer account number and the customer-related secret, the authority computing system being configured to receive from the merchant an authorization request for approval of the transaction number, the authority computing system verifying the transaction number based on the code number and the customer-related secret.
- View Dependent Claims (41, 42, 43, 44)
- - 41. A system as recited in claim 40, wherein the customer computing unit computes the code number as a function of the customer-related secret and transaction-specific data.
  - 42. A system as recited in claim 40, wherein the customer computing unit computes the code number as a cryptographic hashing function of the customer-related secret and transaction-specific data.
  - 43. A system as recited in claim 40, wherein the customer computing unit generates a 16-digit customer account number that resembles a credit card number, but includes an embedded code number.
  - 44. A system as recited in claim 40, wherein the customer computing unit generates a 16-digit proxy number that resembles a credit card number, the proxy number having a five- to seven-digit prefix, a four-digit customer identification number, a four- to six-digit code number, and a one-digit check sum.

45. In an online commerce system, a customer system for engaging in an online commerce transaction with a merchant, comprising:
- a data storage for holding a private key and a customer account number;
  
  a coding unit to create a code number as a function of the private key and transaction-specific data related to the online commerce transaction; and
  
  wherein the code number is embedded into the customer account number to form a transaction number for sending to the merchant to commence the online commerce transaction.
- View Dependent Claims (46, 47, 48)
- - 46. A customer system as recited in claim 45, wherein the coding unit creates the code number as a cryptographic hashing function of the private key and the transaction-specific data.
  - 47. A customer system as recited in claim 45, wherein the resulting customer account number comprises a 16-digit customer account number that resembles a credit card number, but includes an embedded code number.
  - 48. A customer system as recited in claim 45, wherein the resulting customer account number comprises a 16-digit proxy number that resembles a credit card number, the proxy number having a five- to seven-digit prefix, a four-digit customer identification number, a four- to six-digit code number, and a one-digit check sum.

49. In an online commerce system, a system for handling an authorization request to approve an electronically transmittable number, the request containing transaction-specific data, comprising:
- a customer account manager to cross-reference a customer account using the transaction number and to look-up a customer-related secret associated with the customer account;
  
  a coding unit to generate a test code number as a function of the customer-related secret and the transaction-specific data; and
  
  a comparator to compare the test code number to a code number embedded in the transaction number to verify the transaction number.
- View Dependent Claims (50, 51, 52)
- - 50. A system as recited in claim 49, wherein the customer account manager is configured to substitute the customer account number for the transaction number for processing.
  - 51. A system as recited in claim 50, wherein the customer account manager is configured to reverse substitute the transaction number back for the customer account number after the processing.
  - 52. A software program embodied on a computer-readable medium incorporating the system as recited in claim 49.

53. An electronically realizable commerce card embodied on a computer-readable medium comprising:
- a first data field to hold a permanent customer account number having a predefined format that is recognized as an acceptable card number format;
  
  a second data field to hold a temporary transaction number that serves as a proxy for the customer account number, the transaction number having some like digits and an identical format as the customer account number but including an embedded code number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Simon, Daniel R., Benaloh, Josh, Rosen, Daniel, Franklin, D. Chase
Primary Examiner(s)
Pitts, Harold I.

Application Number

US08/935,485
Time in Patent Office

811 Days
Field of Search

235/379, 235/380, 364/479.02
US Class Current

700/232
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/26   Debit schemes, e.g. "pay now"

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/342   Cards defining paid or bill...

G06Q 20/385   using an alias or single-us...

G06Q 20/4093   Monitoring of device authen...

G06Q 30/06   Buying, selling or leasing ...

G07F 7/025   by means, e.g. cards, provi...

G07F 7/1008   Active credit-cards provide...

Electronic online commerce card with customer generated transaction proxy number for online transactions

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

53 Claims

Specification

Solutions

Use Cases

Quick Links

Electronic online commerce card with customer generated transaction proxy number for online transactions

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

53 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links