Digital active advertising
First Claim
1. An open network payment system for providing for real time authorization of payment transactions, comprising:
- a plurality of client computers; and
a payment computer;
the client computers and the payment computer being interconnected by a public packet switched communications network;
each one of the client computers being programmed to construct a payment request message specifying a payment amount to be transferred from a sender to a beneficiary, and to cause the payment request message to be transmitted to the payment computer over the public packet switched communications network;
the payment computer being programmed to verify that the sender has adequate funds or credit having real monetary value, and to transmit an authorization message to the client computer over the public packet switched communications network, conditioned on at least one message transmitted over the public packet switched communications network in connection with the real-time authorization not being a replay of a message previously transmitted over the public packet switched communications network;
at least one of the payment request message and the authorization message comprising at least one digital signature of components that include components derived from the at least one message, at least one of which digital signatures protects the at least one message from forgery, including authenticating an identity of one of a plurality of principals as an originator of the at least one message, at least one of which digital signatures protects the at least one message from all replay attacks that result in loss of value, and at least one of which digital signatures is verified based on a principal-specific or source-specific public key.
10 Assignments
0 Petitions
Accused Products
Abstract
A complete system for the purchasing of goods or information over a computer network is presented. Merchant computers on the network maintain databases of digital advertisements that are accessed by buyer computers. In response to user inquiries, buyer computers retrieve and display digital advertisements from merchant computers. A digital advertisement can further include a program that is interpreted by a buyer'"'"'s computer. The buyer computers include a means for a user to purchase the product described by a digital advertisement. If a user has not specified a means of payment at the time of purchase, it can be requested after a purchase transaction is initiated. A network payment system performs payment order authorization in a network with untrusted switching, transmission, and host components. Payment orders are backed by accounts in an external financial system network, and the payment system obtains account authorizations from this external network in real-time. Payment orders are signed with authenticators that can be based on any combination of a secret function of the payment order parameters, a single-use transaction identifier, or a specified network address.
-
Citations
28 Claims
-
1. An open network payment system for providing for real time authorization of payment transactions, comprising:
-
a plurality of client computers; and
a payment computer;
the client computers and the payment computer being interconnected by a public packet switched communications network;
each one of the client computers being programmed to construct a payment request message specifying a payment amount to be transferred from a sender to a beneficiary, and to cause the payment request message to be transmitted to the payment computer over the public packet switched communications network;
the payment computer being programmed to verify that the sender has adequate funds or credit having real monetary value, and to transmit an authorization message to the client computer over the public packet switched communications network, conditioned on at least one message transmitted over the public packet switched communications network in connection with the real-time authorization not being a replay of a message previously transmitted over the public packet switched communications network;
at least one of the payment request message and the authorization message comprising at least one digital signature of components that include components derived from the at least one message, at least one of which digital signatures protects the at least one message from forgery, including authenticating an identity of one of a plurality of principals as an originator of the at least one message, at least one of which digital signatures protects the at least one message from all replay attacks that result in loss of value, and at least one of which digital signatures is verified based on a principal-specific or source-specific public key. - View Dependent Claims (2, 3, 4, 16, 20)
-
-
5. A method of providing for real-time authorization of purchase transactions in a public packet switched communications network interconnecting a plurality of client computers and a payment computer, and comprising the steps of:
-
constructing a payment request message at one of the client computers specifying a payment amount to be transferred from a sender to a beneficiary, and causing the payment request message to be transmitted to the payment computer over the public packet switched communications network; and
verifying, at the payment computer, that the sender has adequate funds or credit having real monetary value, and transmitting an authorization message from the payment computer to the client computer over the public packet switched communications network, conditioned on at least one message transmitted over the public packet switched communications network in connection with the real-time authorization not being a replay of a message previously transmitted over the public packet switched communications network;
at least one of the payment request message and the authorization message comprising at least one digital signature of components that include components derived from the at least one message, at least one of which digital signatures protects the at least one message from forgery, including authenticating an identity of one of a plurality of principals as an originator of the at least one message, at least one of which digital signatures protects the at least one message from all replay attacks that result in loss of value, and at least one of which digital signatures is verified based on a principal-specific or source-specific public key. - View Dependent Claims (6, 9, 17, 21)
-
-
7. A payment computer for use in providing real-time authorization of payment transactions, the payment computer being programmed to receive, over a public packet switched communications network, a payment request message specifying a payment amount to be transferred from the sender to the beneficiary, the payment computer further being programmed to authenticate the payment request message, to verify that the sender has adequate funds or credit having real monetary value, and to transmit an authorization message over the public packet switched communications network, the authorization message comprising an authenticator proving that the payment computer originated the authorization message, conditioned on at least one message transmitted over the public packet switched communications network in connection with the real-time authorization not being a replay of a message previously transmitted over the public packet switched communications network;
at least one of the payment request message and the authorization message comprising at least one digital signature of components that include components derived from the at least one message, at least one of which digital signatures protects the at least one message from forgery, including authenticating an identity of one of a plurality of principals as an originator of the at least one message, at least one of which digital signatures protects the at least one message from all replay attacks that result in loss of value, and at least one of which digital signatures is verified based on a principal-specific or source-specific public key. - View Dependent Claims (8, 22)
-
10. An open network payment system for providing for real-time authorization of payment transactions, comprising:
-
a plurality of client computers; and
a payment computer;
the client computers and the payment computer being interconnected by a public packet switched communications network;
each one of the client computers being programmed to construct a payment request message specifying a payment amount to be transferred from a sender to a beneficiary, and to cause the payment request message to be transmitted to the payment computer over the public packet switched communications network;
the payment computer being programmed to verify that the sender has adequate funds or credit having real monetary value, and to transmit an authorization message to the client computer over the public packet switched communications network, conditioned on at least one message transmitted over the public packet switched communications network in connection with the real-time authorization not being a replay of a message previously transmitted over the public packet switched communications network;
the authorization message comprising at least one digital signature of components that include components derived from the authorization message, at least one of which digital signatures protects the authorization message from forgery, at least one of which digital signatures protects the authorization message from all replay attacks that result in loss of value; and
the authorization message comprising an authenticator proving that the payment computer originated the authorization message and being capable of validation without use of a secret key. - View Dependent Claims (11, 12, 18)
-
-
13. A method of providing for real-time authorization of purchase transactions in a public packet switched communications network interconnecting a plurality of client computers and a payment computer, and comprising the steps of:
-
constructing a payment request message at one of the client computers specifying a payment amount to be transferred from a sender to a beneficiary, and causing the payment request message to be transmitted to the payment computer over the public packet switched communications network; and
verifying, at the payment computer, that the sender has adequate funds or credit having real monetary value, and transmitting an authorization message from the payment computer to the client computer over the public packet switched communications network, conditioned on at least one message transmitted over the public packet switched communications network in connection with the real-time authorization not being a replay of a message previously transmitted over the public packet switched communications network;
the authorization message comprising at least one digital signature of components that include components derived from the authorization message, at least one of which digital signatures protects the authorization message from forgery, and at least one of which digital signatures protects the authorization message from all replay attacks that result in loss of value; and
the authorization message comprising an authenticator proving that the payment computer originated the authorization message and being capable of validation without use of a secret key. - View Dependent Claims (14, 15, 19)
-
-
23. An open network payment system for providing for real-time authorization of payment transactions, comprising:
-
a plurality of client computers; and
a payment computer;
the client computers and the payment computer being interconnected by a public packet switched communications network;
each one of the client computers being programmed to construct a payment request message specifying a payment amount to be transferred from a sender to a beneficiary, and to cause the payment request message to be transmitted to the payment computer over the public packet switched communications network;
the payment computer being programmed to verify that the sender has adequate funds or credit having real monetary value, and to transmit an authorization message to the client computer over the public packet switched communications network, conditioned on at least one message transmitted over the public packet switched communications network in connection with the real-time authorization not being a replay of a message previously transmitted over the public packet switched communications network;
at least one of the payment request message and the authorization message comprising at least one digital signature of components that include components derived from the at least one message, at least one of which digital signatures protects the at least one message from forgery, including authenticating an identity of one of a plurality of principals as an originator of the at least one message, at least one of which digital signatures protects the at least one message from all replay attacks that result in loss of value, and at least one of which digital signatures is computed based on a principal-specific or source-specific secret key. - View Dependent Claims (24)
-
-
25. A method of providing for real-time authorization of purchase transactions in a public packet switched communications network interconnecting a plurality of client computers and a payment computer, and comprising the steps of:
-
constructing a payment request message at one of the client computers specifying a payment amount to be transferred from a sender to a beneficiary, and causing the payment request message to be transmitted to the payment computer over the public packet switched communications network; and
verifying, at the payment computer, that the sender has adequate funds or credit having real monetary value, and transmitting an authorization message from the payment computer to the client computer over the public packet switched communications network, conditioned on at least one message transmitted over the public packet switched communications network in connection with the real-time authorization not being a replay of a message previously transmitted over the public packet switched communications network;
at least one of the payment request message and the authorization message comprising at least one digital signature of components that include components derived from the at least one message, at least one of which digital signatures protects the at least one message from forgery, including authenticating an identity of one of a plurality of principals as an originator of the at least one message, at least one of which digital signatures protects the at least one message from all replay attacks that result in loss of value, and at least one of which digital signatures is computed based on a principal-specific or source-specific secret key. - View Dependent Claims (26)
-
-
27. A payment computer for use in providing real-time authorization of payment transactions, the payment computer being programmed to receive, over a public packet switched communications network, a payment request message specifying a payment amount to be transferred from the sender to the beneficiary, the payment computer further being programmed to authenticate the payment request message, to verify that the sender has adequate funds or credit having real monetary value, and to transmit an authorization message over the public packet switched communications network, the authorization message comprising an authenticator proving that the payment computer originated the authorization message, conditioned on at least one message transmitted over the public packet switched communications network in connection with the real-time authorization not being a replay of a message previously transmitted over the public packet switched communications network;
at least one of the payment request message and the authorization message comprising at least one digital signature of components that include components derived from the at least one message, at least one of which digital signatures protects the at least one message from forgery, including authenticating an identity of one of a plurality of principals as an originator of the at least one message, at least one of which digital signatures protects the at least one message from all replay attacks that result in loss of value, and at least one of which digital signatures is computed based on a principal-specific or source-specific secret key. - View Dependent Claims (28)
Specification