Secure interactive electronic account statement delivery system
First Claim
1. A method for delivering account statement data from a statement issuer to a customer using a communications network comprising:
- directing application information for a customer certificate transmitted from a customer to a certificated bank;
sending said customer certificate from said certificated bank to said customer;
informing said customer whether a statement issuer is a participant in an electronic billing system;
providing said customer with an e-mail address which belongs to said statement issuer;
receiving an electronic statement activation request, a customer digital signature, and a copy of said customer certificate transmitted from said customer to said statement issuer through use of the e-mail address;
authenticating, by said statement issuer, of said electronic statement activation request;
updating, by said statement issuer, a customer data base following successful authentication;
activating said electronic billing system between the statement issuer and the customer;
issuing a statement issuer certificate from a first certificate issuer to said statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer;
issuing said customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer;
generating a customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate; and
transmitting said customer statement message from said statement issuer to said customer using said communications network.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention consists of a secure interactive electronic account statement delivery system suitable for use over open networks such as the Internet. The invention utilizes a certification hierarchy to insure that electronic bills, invoices, and other account statements can be securely sent over open networks. The participants in the system are a certification authority, certificated banks, billers, and customers. The certification authority grants digital certificates to the certificated banks, which in turn grant digital certificates to billers and customers. Digital certificates form the basis for encryption and authentication of network communications, using public and private keys. The certificates associate a customer and biller with a certificated bank and with the electronic billing system, much like payment cards associate a customer with a payment card issuer and a particular payment card system. Digital signatures are used for authentication and non-repudiation. The certificates may be stored as digital data on storage media of a customer'"'"'s or biller'"'"'s computer system, or may be contained in integrated circuit or chip cards physically issued to billers and customers. The electronic bill itself may be a simple text message containing the equivalent of summary information for the bill, or may be more elaborate. In one embodiment of the invention, the electronic bill contains a number of embedded links, for example an embedded URL of a biller'"'"'s world wide web server that allows the customer to interactively bring up detailed billing information by activating the link. The e-mail message may also include links to third party websites.
-
Citations
69 Claims
-
1. A method for delivering account statement data from a statement issuer to a customer using a communications network comprising:
-
directing application information for a customer certificate transmitted from a customer to a certificated bank;
sending said customer certificate from said certificated bank to said customer;
informing said customer whether a statement issuer is a participant in an electronic billing system;
providing said customer with an e-mail address which belongs to said statement issuer;
receiving an electronic statement activation request, a customer digital signature, and a copy of said customer certificate transmitted from said customer to said statement issuer through use of the e-mail address;
authenticating, by said statement issuer, of said electronic statement activation request;
updating, by said statement issuer, a customer data base following successful authentication;
activating said electronic billing system between the statement issuer and the customer;
issuing a statement issuer certificate from a first certificate issuer to said statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer;
issuing said customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer;
generating a customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate; and
transmitting said customer statement message from said statement issuer to said customer using said communications network. - View Dependent Claims (2, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
verifying an authenticity of said copy of said customer certificate included with said electronic statement activation request; and
verifying an authenticity of said electronic statement activation request by verifying said customer digital signature.
-
-
5. The method of claims 1 or 3 wherein said statement issuer certificate comprises a first certificate issuer certificate.
-
6. The method of claim 5 wherein said first certificate issuer certificate comprises a digital signature of a certification authority.
-
7. The method of claims 1 or 3 wherein said first certificate issuer is a certificated bank.
-
8. The method of claims 1 or 3 wherein said second certificate issuer is a certificated bank.
-
9. The method of claims 1 or 3 wherein said statement issuer is a biller.
-
10. The method of claims 1 or 3 wherein said statement issuer certificate comprises data related to said statement issuer and wherein said digital signature of said first certificate issuer comprises an encrypted message digest of said data related to said statement issuer.
-
11. The method of claim 10 wherein said data related to said statement issuer comprises an identification number for said statement issuer.
-
12. The method of claim 11 wherein said data related to said statement issuer comprises a public key of said statement issuer.
-
13. The method of claim 10 wherein said encrypted message digest is encrypted using a private key of said first certificate issuer.
-
14. The method of claim 10 wherein said statement issuer certificate comprises a first certificate issuer certificate,
wherein said first certificate issuer certificate comprises a digital signature of a certification authority, and wherein said first certificate issuer certificate comprises data related to said first certificate issuer and wherein said digital signature of said certification authority comprises an encrypted message digest of said data related to said first certificate issuer. -
15. The method of claim 14 wherein said data related to said first certificate issuer comprises an identification number for said first certificate issuer.
-
16. The method of claim 15 wherein said data related to said first certificate issuer comprises a public key of said first certificate issuer.
-
17. The method of claims 1 or 3 wherein said customer certificate comprises data related to said customer and wherein said digital signature of said first certificate issuer or said second certificate issuer comprises an encrypted message digest of said data related to said customer.
-
18. The method of claim 17 wherein said data related to said customer comprises an id identification number for said customer.
-
19. The method of claim 18 wherein said data related to said customer comprises a public key of said customer.
-
20. The method of claim 17 wherein said encrypted message digest is encrypted using a private key of said first certificate issuer or said second certificate issuer.
-
21. The method of claim 1 further comprising:
-
receiving said customer statement message transmitted from said statement issuer to said customer;
verifying an authenticity of said copy of said statement issuer certificate included in said customer statement message; and
verifying an authenticity of said account statement data by verifying said statement issuer digital signature included in said customer statement message.
-
-
22. The method of claims 21 or 3 wherein said statement issuer certificate comprises data related to said statement issuer, and wherein said digital signature of said first certificate issuer comprises an encrypted first message digest of said data related to said statement issuer.
-
23. The method of claim 22 wherein said verifying an authenticity of said copy of said statement issuer certificate comprises:
-
decrypting said digital signature of said first certificate issuer using a public key of said first certificate issuer to obtain an unencrypted first message digest of said data related to said statement issuer;
deriving a second message digest of said data related to said statement issuer included in said copy of said statement issuer certificate included in said customer statement message received by said customer; and
comparing said first message digest and said second message digest.
-
-
24. The method of claims 21 or 3 wherein said digital signature of said statement issuer comprises an encrypted first message digest of said account statement data for said customer and wherein said verifying an authenticity of said account statement data is performed by verifying said statement issuer digital signature included in said customer statement message comprises:
-
deriving a second message digest of said account statement data for said customer included in said customer statement message; and
comparing said first message digest and said second message digest.
-
-
25. The method of claims 1 or 3 wherein said customer statement message comprises an electronic mail message.
-
26. The method of claim 21 further comprising displaying a summary bill which is contained within said customer statement message on a display screen.
-
27. The method of claims 26 or 3 further comprising sending a notification message to said statement issuer notifying said statement issuer that said customer statement message has been displayed.
-
28. The method of claim 26 wherein said customer statement message comprises link activation information displayed as a link activation area when said summary bill is displayed on said display screen.
-
29. The method of claim 28 wherein activation of said link activation area activates a communication to a server computer using said communications network.
-
30. The method of claims 29 or 3 wherein said server computer provides additional customer account statement data to said customer in response to said communication.
-
31. The method of claims 29 or 3 wherein said server computer provides advertising data to said customer in response to said communication.
-
32. The method of claim 31 wherein said advertising data provided by said server computer to said customer depends upon a time at which said communication is made.
-
33. The method of claim 31 wherein said advertising data provided by said server computer to said customer depends upon a geographic location of said customer.
-
34. The method of claim 31 wherein said advertising data provided by said server computer to said customer depends upon a parameter related to said customer.
-
35. The method of claim 27 wherein said customer account statement data comprises amount due data further comprising:
displaying an electronic payment activation area on said display screen.
-
36. The method of is claim 35 wherein activating said electronic payment activation area activates an electronic payment process that may be used by said customer to pay said amount due.
-
3. A method for delivering account statement data from a statement issuer to a customer using a communications network comprising:
-
issuing a statement issuer certificate from a first certificate issuer to a statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer;
issuing a customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer;
generating a customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate, transmitting said customer statement message from said statement issuer to said customer using said communications network;
receiving said customer statement message transmitted from said statement issuer to said customer;
verifying an authenticity of said copy of said statement issuer certificate included in said customer statement message;
verifying an authenticity of said account statement data by verifying said statement issuer digital signature included in said customer statement message;
displaying a summary bill which is contained within said customer statement message on a display screen, said customer statement message comprises link activation information displayed as a link activation area when said summary bill is displayed on said display screen, wherein activation of said link activation area activates a communication to a server computer using said communications network;
receiving a request for detailed bill information transmitted from said customer to said server computer;
authenticating said request for said detailed bill information at said server computer;
retrieving a set of detailed bill data;
retrieving an appropriate detailed bill form;
entering said set of detailed bill data into said appropriate detailed bill form; and
thereafter sending said appropriate detailed bill form containing said detailed bill data to said customer. - View Dependent Claims (4)
receiving and authenticating said detailed bill form containing said detailed bill data transmitted from said customer; and
displaying said detailed bill form containing said detailed bill data on said display screen.
-
-
37. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform operations for delivering account statement data from a statement issuer to a customer using a communications network, said method comprising:
-
directing application information for a customer certificate transmitted from a customer to a certificated bank;
sending said customer certificate from said certificated bank to said customer;
informing said customer whether a statement issuer is a participant in an electronic billing system;
providing said customer with an e-mail address which belongs to said statement issuer;
receiving an electronic statement activation request, a customer digital signature, and a copy of said customer certificate transmitted from said customer to said statement issuer through use of the e-mail address;
authenticating, by said statement issuer, of said electronic statement activation request;
updating, by said statement issuer, a customer data base following successful authentication;
activating said electronic billing system between the statement issuer and the customer;
issuing a statement issuer certificate from a first certificate issuer to said statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer;
issuing said customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer;
generating a customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate; and
transmitting said customer statement message from said statement issuer to said customer using said communications network. - View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69)
wherein said first certificate issuer certificate comprises a digital signature of a certification authority, and wherein said first certificate issuer certificate comprises data related to said first certificate issuer and wherein said digital signature of said certification authority comprises an encrypted message digest of said data related to said first certificate issuer. -
48. The program storage device of claim 46 wherein said data related to said first certificate issuer comprises an identification number for said first certificate issuer.
-
49. The program storage device of claim 48 wherein said data related to said first certificate issuer comprises a public key of said first issuer.
-
50. The program storage device of claim 37 wherein said customer certificate comprises data related to said customer and wherein said digital signature of said certificate issuer or said second certificate issuer comprises an encrypted message digest of said data related to said customer.
-
51. The program storage device of claim 50 wherein said data related to said customer comprises an identification number for said customer.
-
52. The program storage device of claim 51 wherein said data related to said customer comprises a public key of said customer.
-
53. The program storage device of claim 50 wherein said encrypted message digest is encrypted using a private key of said first certificate issuer or said second certificate issuer.
-
54. The program storage device of claim 37 wherein said method further comprises:
-
receiving said customer statement message transmitted from said statement issuer to said customer;
verifying an authenticity of said copy of said statement issuer certificate included in said customer statement message; and
verifying an authenticity of said account statement data by verifying said statement issuer digital signature included in said customer statement message.
-
-
55. The program storage device of claim 54 wherein said statement issuer certificate comprises data related to said statement issuer, and wherein said digital signature of said first certificate issuer comprises an encrypted first message digest of said data related to said statement issuer.
-
56. The program storage device of claim 55 wherein said verifying an authenticity of said copy of said statement issuer certificate comprises:
-
decrypting said digital signature of said first certificate issuer using a public key of said first certificate issuer to obtain an unencrypted first message digest of said data related to said statement issuer;
deriving a second message digest of said data related to said statement issuer included in said copy of said statement issuer certificate included in said customer statement message received by said customer; and
comparing said first message digest and said second message digest.
-
-
57. The program storage device of claim 54 wherein said digital signature of said statement issuer comprises an encrypted first message digest of said account statement data for said customer and wherein said verifying an authenticity of said account statement data is performed by verifying said statement issuer digital signature included in said customer statement message comprises:
-
deriving a second message digest of said account statement data for said customer included in said customer statement message; and
comparing said first message digest and said second message digest.
-
-
58. The program storage device of claim 37 wherein said customer statement message comprises an electronic mail message.
-
59. The program storage device of claim 54 further comprising displaying said customer statement message on a display screen.
-
60. The program storage device of claim 59 wherein said method further comprises sending a notification message to said statement issuer notifying said statement issuer that said customer statement message has been displayed.
-
61. The program storage device of claim 59 wherein said customer statement message comprises link activation information displayed as a link activation area when said customer statement message is displayed on said display screen.
-
62. The program storage device of claim 61 wherein activation of said link activation area activates a communication to a server computer using said communications network.
-
63. The program storage device of claim 62 wherein said server computer provides additional customer account statement data to said customer in response to said communication.
-
64. The program storage device of claim 62 wherein said server computer provides advertising data to said customer in response to said communication.
-
65. The program storage device of claim 64 wherein said advertising data provided by said server computer to said customer depends upon a time at which said communication is made.
-
66. The program storage device of claim 64 wherein said advertising data provided by said server computer to said customer depends upon a geographic location of said customer.
-
67. The program storage device of claim 64 wherein said advertising data provided by said server computer to said customer depends upon a parameter related to said customer.
-
68. The program storage device of claim 60 wherein said customer account statement data comprises amount due data and wherein said method further comprises:
displaying an electronic payment activation area on said display screen.
-
69. The program storage device of claim 68 wherein activating said electronic payment activation area activates an electronic payment process that may be used by said customer to pay said amount due.
-
Specification