Apparatus, and associated method, for updating a location register in a mobile, packet radio communication system
First Claim
1. A method for authorizing a transaction between a consumer and a merchant over a network where the anonymity of the consumer with respect to the merchant is maintained while still validating the authenticity of the consumer prior to completing the transaction, the method comprising:
- registering consumer payment information at a payment server;
launching a charge slip application including securely transferring unique transaction information for display to the consumer;
digitally signing the charge slip by the consumer, encrypting the charge slip and consumer digital signature with a payment server key;
digitally signing the encrypted charge slip data for the merchant;
authenticating the consumer, the merchant and the transaction details at the payment server; and
requesting authorization of the transaction from a card processor and, upon approval, returning an approval and shipping information for the consumer to the merchant so that the transaction can be completed.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for authorizing a transaction between a consumer and a merchant over a network where the anonymity of the consumer with respect to the merchant is maintained while still validating the authenticity of the consumer prior to completing the transaction. The method includes registering consumer payment information at a payment server and launching a charge slip application including securely transferring unique transaction information for display to the consumer. The consumer digitally signs the charge slip and encrypts the charge slip and consumer digital signature with a payment server key. The merchant digitally signs the encrypted charge slip data. The payment server authenticates the consumer, the merchant and the transaction details at the payment server and requests authorization of the transaction from a card processor. Upon approval, the payment server returns an approval and shipping information for the consumer to the merchant so that the transaction can be completed.
-
Citations
72 Claims
-
1. A method for authorizing a transaction between a consumer and a merchant over a network where the anonymity of the consumer with respect to the merchant is maintained while still validating the authenticity of the consumer prior to completing the transaction, the method comprising:
-
registering consumer payment information at a payment server;
launching a charge slip application including securely transferring unique transaction information for display to the consumer;
digitally signing the charge slip by the consumer, encrypting the charge slip and consumer digital signature with a payment server key;
digitally signing the encrypted charge slip data for the merchant;
authenticating the consumer, the merchant and the transaction details at the payment server; and
requesting authorization of the transaction from a card processor and, upon approval, returning an approval and shipping information for the consumer to the merchant so that the transaction can be completed. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 72)
retrieving the consumer'"'"'s aliases for payment information from the payment server; and
completing the charge slip including selecting payment information aliases to set a payment method and shipping address.
-
-
4. The method of claim 1, wherein the step of digitally signing the encrypted charge slip for the merchant includes signing at the merchant'"'"'s computer.
-
5. The method of claim 1, wherein the step of registering consumer payment information includes creating aliases pointing to the payment information, the payment information including the consumer charge card information and one or more authorized addresses where purchases can be shipped, each alias identifying one of a registered charge card or a valid shipping address.
-
6. The method of claim 5 further comprising:
-
retrieving the consumer'"'"'s aliases for payment information from the payment server; and
completing the charge slip including selecting one charge card alias and shipping address alias.
-
-
7. The method of claim 6, wherein the step of completing the charge slip includes not selecting one of the available shipping address aliases and entering a new shipping address on the charge slip for the transaction.
-
8. The method of claim 7, wherein entering a new shipping address includes designating an alias for the new shipping address and updating the payment information stored at the payment server to include the new shipping address and associated alias.
-
9. The method of claim 1 further comprising linking the payment information to an E-mail address associated with the consumer.
-
10. The method of claim 1 further comprising receiving a request at the merchant to authorize payment for the transaction.
-
11. The method of claim 1 further comprising retrieving a merchant time stamp certificate.
-
12. The method of claim 11, wherein the step of launching a charge slip on the consumer'"'"'s computer includes transferring unique transaction information and the merchant'"'"'s time stamp certificate to the consumer.
-
13. The method of claim 12 further comprising:
-
retrieving a consumer time stamp certificate; and
combining the consumer time stamp certificate and the charge slip prior to digitally signing the charge slip.
-
-
14. The method of claim 13 further comprising transferring the encrypted charge slip, consumer digital signature, merchant time stamp certificate and consumer time stamp certificate back to the merchant.
-
15. The method of claim 11 further comprising:
-
retrieving merchant validation information and consumer aliases for payment information from the payment server; and
authenticating the merchant and charge slip data using the merchant time stamp certificate and retrieved validation information.
-
-
16. The method of claim 1 further comprising:
-
retrieving a consumer time stamp certificate; and
combining the consumer time stamp certificate and the charge slip prior to digitally signing the charge slip.
-
-
17. The method of claim 1 further comprising combining the encrypted charge slip and consumer digital signature with confirming data;
-
digitally signing the newly combined information for the merchant; and
transferring the digitally signed newly combined information to the payment server.
-
-
18. The method of claim 1 further comprising notifying the consumer of the completed transaction;
- and
notifying the payment server that the merchant has received the approval from the payment server so that the transaction can be completed.
- and
-
19. The method of claim 1, wherein communications between the consumer and merchant are encrypted using a session key created at the consumer'"'"'s computer.
-
20. The method of claim 1, wherein the step of launching a charge slip includes displaying transaction details and a merchant logo on the charge slip.
-
21. The method of claim 1 further comprising:
if approval is denied due to insufficient credit for the selected payment option, prompting the consumer to select another payment option including selecting a different payment information alias.
-
22. The method of claim 1 further comprising logging each partial transaction with the payment server including logging requests for aliases, approvals and notifications to the merchant in a transaction log at payment server.
-
23. The method of claim 1, wherein the payment information includes a consumer E-mail notification selection, the E-mail notification selection configurable by the consumer to enable one of a plurality of notification options.
-
24. The method of claim 23, wherein the notification options are selected from direct E-mail and forward proxy, and where the method further includes
determining which notification option has been selected; -
if the direct E-mail option is selected, providing the consumer'"'"'s E-mail address to the merchant with the approval thereby allowing the merchant to contact the consumer to complete any details of the transaction; and
if the forward proxy option is selected, creating a consumer E-mail address alias, returning the alias to the merchant along with the approval and forwarding to the consumer messages from the merchant that are addressed to the E-mail address alias.
-
-
25. The method of claim 1 further comprising retrieving a merchant time stamp certificate and consumer time stamp certificate where the time stamp certificates are self-authenticating.
-
26. The method of claim 25, wherein a time stamp certificate is authenticated by a certificate chain that is rooted from at least one public key known by the program code.
-
27. The method of claim 1, wherein the digital signatures are self-validating.
-
28. The method of claim 1 frothier comprising generating, at the payment server, a report of transactions completed for a consumer.
-
29. The method of claim 28, wherein the reports are generated on a periodic basis according to a pre-defined schedule.
-
30. The method of claim 28, wherein the reports are generated upon request from the consumer.
-
31. The method of claim 1 further comprising completing the charge slip including not selecting the registered payment information and entering new payment information on the charge slip for the transaction.
-
32. The method of claim 31 further comprising registering the new payment information at the payment server.
-
33. The method of claim 1 further comprising:
if approval is denied due to insufficient credit for the selected payment option, prompting the consumer to enter new payment information.
-
34. The method of claim 1, wherein communications from the consumer to the payment server are encrypted using a symmetric key encryption.
-
72. The apparatus of claim 1, wherein each of the consumer and payment server include encryption means for encrypting communications from the consumer to the payment server using symmetric key encryption.
-
35. A method for authorizing a transaction between a consumer and a merchant over a network where the anonymity of the consumer with respect to the merchant is maintained while still validating the authenticity of the consumer prior to completing the transaction, the method comprising:
-
registering consumer payment information at a payment server including creating aliases for the payment information, the payment information including the consumer charge card information and one or more authorized addresses where purchases can be shipped, each alias identifying either a registered charge card or a valid shipping address;
launching a charge slip on the consumer'"'"'s computer including transferring unique transaction information and a merchant'"'"'s time stamp certificate to the consumer;
retrieving merchant validation information and the consumer'"'"'s aliases for payment information from the payment server;
authenticating the merchant and transaction details using the validation information and the merchant'"'"'s time stamp certificate;
completing the charge slip including selecting a payment alias and shipping address alias;
retrieving a consumer time stamp certificate;
combining the consumer and merchant time stamp certificates and the completed charge slip including digitally signing and encrypting the combined data with a payment server key;
transferring the encrypted combined data back to the merchant;
digitally signing the encrypted combined data for the merchant;
transferring the encrypted combined data and merchant digital signature to the payment server;
authenticating the consumer, the merchant and the transaction details at the payment server; and
requesting authorization of the transaction from a card processor and, upon approval, returning an approval and shipping information for the consumer to the merchant so that the transaction can be completed.
-
-
36. A method for authorizing a transaction between a consumer and a merchant over the Internet where the anonymity of the consumer with respect to the merchant is maintained while still validating the authenticity of the consumer prior to completing the transaction, the method comprising:
-
registering consumer payment information at a payment server including creating aliases pointing to the payment information, the payment information including the consumer charge card information and one or more authorized addresses where purchases can be shipped, each alias identifying one of a registered charge card or a valid shipping address;
linking the payment information to an E-mail address associated with the consumer;
receiving a request at the merchant to authorize payment for the transaction;
retrieving a merchant time stamp certificate;
launching a charge slip on the consumer'"'"'s computer including securely transferring unique transaction information and the merchant'"'"'s time stamp certificate to the consumer;
retrieving merchant validation information and the consumer'"'"'s aliases for payment information from the payment server;
authenticating the merchant and charge slip data using the merchant time stamp certificate and retrieved validation information;
completing the charge slip including selecting one payment alias and shipping address alias;
retrieving a consumer time stamp certificate;
combining the charge slip, consumer time stamp certificate and merchant time stamp certificate;
digitally signing the combined information;
encrypting the digitally signed information with a payment server key;
transferring the encrypted information back to the merchant;
combining the transferred information with confirming data;
digitally signing the newly combined information for the merchant;
transferring the digitally signed newly combined information to the payment server;
authenticating the consumer, the merchant and the transaction details at the payment server;
requesting authorization of the transaction from a charge card processor and, upon approval, returning an approval and shipping information for the consumer to the merchant;
notifying the consumer of the completed transaction; and
notifying the payment server that the merchant has received the approval from the payment server so that the transaction can be completed. - View Dependent Claims (37, 38, 39)
-
-
40. A method for authorizing a transaction between a consumer and a merchant over the Internet where the anonymity of the consumer with respect to the merchant is maintained while still validating the authenticity of the consumer prior to completing the transaction, the method comprising:
-
receiving a request at the merchant to authorize payment for the transaction;
retrieving a merchant time stamp certificate;
launching a charge slip on the consumer'"'"'s computer including transferring unique transaction information and the merchant'"'"'s time stamp certificate to the consumer;
receiving an encrypted completed charge slip including the merchant time stamp certificate, a consumer time stamp certificate and consumer digital signature;
digitally signing the encrypted completed charge slip producing a merchant digital signature;
transferring the encrypted completed charge slip and a merchant digital signature to the payment server;
requesting authorization of the transaction from the payment server and, upon approval, receiving an approval and shipping information for the consumer so that the transaction can be completed;
notifying the consumer of the completed transaction; and
notifying the payment server that the approval was received. - View Dependent Claims (41, 42, 43, 44)
combining the encrypted completed charge slip and confirming data; and
digitally signing the combined data.
-
-
42. The method of claim 41, wherein the confirming data is transaction specific information provided from the merchant to the consumer when launching a charge slip for the transaction.
-
43. The method of claim 42, wherein the confirming data is a hash of transaction specific data.
-
44. The method of claim 40 further comprising:
-
combining the encrypted completed charge slip and confirming data;
digitally signing the combined data; and
encrypting the digitally signed combined data.
-
-
45. A method for authorizing a transaction between a consumer and a merchant over the Internet where the anonymity of the consumer with respect to the merchant is maintained while still validating the authenticity of the consumer prior to completing the transaction, the method comprising:
-
registering consumer payment information at a payment server including creating aliases for the payment information, the payment information including the consumer charge card information and one or more authorized addresses where purchases can be shipped, each alias identifying either a registered charge card or a valid shipping address;
requesting an authorization for payment for the transaction including sending a request to the merchant;
receiving instructions to launch a charge slip on the consumer is computer and a merchant time stamp certificate;
displaying the charge slip including unique transaction information;
retrieving the merchant validation information and the consumer'"'"'s aliases for payment information from the payment server;
authenticating the merchant and the transaction details using the merchant time stamp certificate and validation information;
completing the charge slip including selecting a payment alias and shipping address alias;
retrieving a consumer time stamp certificate;
combining the completed charge slip, consumer time stamp certificate and merchant time stamp certificate;
digitally signing the combined information;
encrypting the digitally signed information with a payment server key;
transferring the encrypted information back to the merchant for forwarding to the payment server; and
receiving notice of a transaction approval. - View Dependent Claims (46, 48, 49, 50)
-
-
47. A method for authorizing a transaction by a payment server between a consumer and a merchant over the Internet where the anonymity of the consumer with respect to the merchant is maintained while still validating the authenticity of the consumer prior to completing the transaction, the method comprising:
-
storing consumer payment information including aliases, the payment information including the consumer charge card information and one or more authorized addresses where purchases can be shipped, each alias identifying either a registered charge card or a valid shipping address;
retrieving the consumer'"'"'s aliases for payment information and merchant validation information when prompted by the consumer and returning the aliases and validation information to the consumer;
receiving a request for payment authorization from the merchant, the request including an encrypted completed charge slip produced by the consumer, confirming information produced by the merchant, a consumer digital signature, a merchant digital signature, a consumer time stamp certificate and a merchant time stamp certificate;
authenticating the consumer and the merchant using the digital signatures;
validating the transaction by comparing unique transaction information found inside the encrypted charge slip produced by the consumer with confirming data received from the merchant; and
requesting authorization of the transaction from a card processor and, upon approval, returning an approval and shipping information for the consumer to the merchant so that the transaction can be completed.
-
-
51. An apparatus for authorizing a transaction between a consumer and a merchant over a network where the anonymity of the consumer with respect to the merchant is maintained while still validating the authenticity of the consumer prior to completing the transaction, the apparatus comprising:
-
a payment server including server application operable to register consumer payment information and store the payment information in a member database;
a merchant application operable to launch a charge slip application including securely transferring unique transaction information for display to the consumer;
a consumer application including a user interface for displaying a charge slip, a digital signature engine for digitally sign the charge slip for the consumer, an encryption engine for encrypting the charge slip and consumer digital signature with a payment server key, and a transfer engine for transferring the encrypted charge slip and consumer digital signature to the merchant;
where the merchant application includes a digital signature engine for digitally signing the encrypted charge slip data for the merchant and transfer engine for transferring the digitally signed encrypted charge slip data to the payment server where the payment server includes an authentication engine for authenticating the consumer, the merchant and the transaction details and where the server application is operable to request authorization for the transaction from a card processor and, upon approval, return an approval and shipping information for the consumer to the merchant so that the transaction can be completed. - View Dependent Claims (52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71)
-
Specification