Method and system for effecting financial transactions over a public network without submission of sensitive information
First Claim
1. A method for effecting a financial transaction over a public network without the submission of sensitive information, comprising the steps of:
- a) providing an apparatus comprising (i) a common controller in data communication with at least one public network, the common controller having user and transaction databases and a processor for generating digital tokens, each digital token representing a particular monetary value and containing a particular digital signature and alterable digital token status data indicating ownership of the digital token, and (ii) a plurality of user data communication interfaces in data communication with the public network;
b) establishing user accounts in the user databases of the common controller;
c) transmitting to the common controller a user identification and PIN to obtain access to the common controller;
d) authenticating the user identification and PIN to determine whether access to the common controller is permitted;
e) generating an application level secure communication channel through which all data communication is to be effected;
f) transmitting data representing a template of an automated teller machine to the user data communication interface of a first user whose identification and PIN were authenticated;
g) initiating a financial transaction between the first user and a second user by using the automated teller machine of step (f) to transmit a request to the common controller to effect a transfer of a monetary sum to a destination account;
h) generating a temporary account identified by an account number for temporarily storing the transferred monetary sum;
i) generating multiple digital tokens having a value equal to the monetary sum in the temporary account and data defining a unique digital signature and a digital token status;
j) transmitting to the first user encrypted data representing the temporary account number;
k) decrypting the data transmitted to the first user so as to change the status of the digital token to indicate the amount of e-cash that is subject of a pending transaction;
l) transmitting data to the common controller that authorizes the common controller to transfer the monetary sum from the temporary account to the destination account;
m) transmitting data to the second user representing the e-cash and the account number which identifies the temporary account having therein the monetary sum represented by the digital token; and
n) transmitting data to the common controller to transfer the monetary sum corresponding to the value of the digital token from the temporary account to the destination account and to alter the status of the digital token to indicate ownership of the digital token and update the usage counter in each digital token.
0 Assignments
0 Petitions
Accused Products
Abstract
A method and system for effecting a financial transaction over a public network without the submission of sensitive information. The system comprises a common controller in data communication with at least one public network. The common controller includes a processor for generating digital tokens wherein each digital token represents a particular monetary value and contains a particular digital signature and alterable digital token status data indicating ownership of the digital token. The system includes a plurality of user data communication interfaces in data communication with the public network. The processor of the common controller includes data bases for storing user account information such as user identification and PIN, and account values and for authenticating the user identification and PIN to determine whether access to the common controller is permitted. The common controller generates an application level secure communication channel through which all data communication is to be effected and transmits data representing a template of an automated teller machine to the user data communication interface of a first user whose identification PIN was previously authenticated. Financial transactions between the first user and a second user are initiated by using the automated teller machine to transmit a request to the common controller to effect a transfer of a monetary sum to a destination account. The common controller generates a temporary account identified by an account number for temporarily storing the transferred monetary sum and also generates multiple digital tokens having a value equal to the monetary sum in the temporary account and data defining a unique digital signature and a digital token status. The temporary account number is encrypted.
505 Citations
16 Claims
-
1. A method for effecting a financial transaction over a public network without the submission of sensitive information, comprising the steps of:
-
a) providing an apparatus comprising (i) a common controller in data communication with at least one public network, the common controller having user and transaction databases and a processor for generating digital tokens, each digital token representing a particular monetary value and containing a particular digital signature and alterable digital token status data indicating ownership of the digital token, and (ii) a plurality of user data communication interfaces in data communication with the public network;
b) establishing user accounts in the user databases of the common controller;
c) transmitting to the common controller a user identification and PIN to obtain access to the common controller;
d) authenticating the user identification and PIN to determine whether access to the common controller is permitted;
e) generating an application level secure communication channel through which all data communication is to be effected;
f) transmitting data representing a template of an automated teller machine to the user data communication interface of a first user whose identification and PIN were authenticated;
g) initiating a financial transaction between the first user and a second user by using the automated teller machine of step (f) to transmit a request to the common controller to effect a transfer of a monetary sum to a destination account;
h) generating a temporary account identified by an account number for temporarily storing the transferred monetary sum;
i) generating multiple digital tokens having a value equal to the monetary sum in the temporary account and data defining a unique digital signature and a digital token status;
j) transmitting to the first user encrypted data representing the temporary account number;
k) decrypting the data transmitted to the first user so as to change the status of the digital token to indicate the amount of e-cash that is subject of a pending transaction;
l) transmitting data to the common controller that authorizes the common controller to transfer the monetary sum from the temporary account to the destination account;
m) transmitting data to the second user representing the e-cash and the account number which identifies the temporary account having therein the monetary sum represented by the digital token; and
n) transmitting data to the common controller to transfer the monetary sum corresponding to the value of the digital token from the temporary account to the destination account and to alter the status of the digital token to indicate ownership of the digital token and update the usage counter in each digital token. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
an Internet service provider system; and
a consumer data communication device in data communication with the Internet service provider system.
-
-
9. The method according to claim 1 wherein at least some of the plurality of user data communication interfaces comprise:
-
a wireless application protocol network; and
a wireless consumer data communication device in data communication with the wireless application protocol network.
-
-
10. The method according to claim 9 wherein the wireless consumer data communication device is a cellular phone.
-
11. The method according to claim 9 wherein the wireless consumer data communication device is a personal digital assistant.
-
12. The method according to claim 1 wherein the apparatus further comprises a wireless application protocol network in data communication with the plurality of user data communication interfaces and the public network.
-
13. The method according to claim 1 wherein (i) the second user is a merchant, (ii) the processor of the common controller defines a claim pool account, and (iii) the destination account is the claim pool account , the method further including the step of transferring the e-cash from the claim pool account to the merchant'"'"'s account in the processor of the common controller.
-
14. A method for effecting a financial transaction over a public network without the submission of sensitive information, comprising the steps of:
-
a) providing an apparatus comprising (i) a common controller in data communication with at least one public network, the common controller having user and transaction databases and a processor for generating digital tokens, each digital token representing a particular monetary value and containing a particular digital signature and alterable digital token status data indicating ownership of the digital token, and (ii) a plurality of user data communication interfaces in data communication with the public network;
b) establishing user accounts in the user databases of the common controller;
c) transmitting to the common controller a user identification and PIN to obtain access to the common controller;
d) authenticating the user identification and PIN to determine whether access to the common controller is permitted;
e) generating an application level secure communication channel through which all data communication is to be effected;
f) transmitting data representing a template of an automated teller machine to the user data communication interface of a first user whose identification and PIN were authenticated;
g) initiating a transaction between the first user and a second user to transfer a monetary sum to the second user by using the automated teller machine of step (f) to transmit a request to the common controller to effect transfer of the monetary sum from an account of the first user to an account of the second user;
h) generating a temporary account identified by an account number and transferring the monetary sum from the first user'"'"'s account into the temporary account;
i) generating multiple digital tokens having a value equal to the monetary sum in the temporary account and data defining a unique digital signature and a digital token status;
j) transmitting to the first user encrypted data representing the temporary account number which handles a current transaction session;
k) decrypting the data transmitted to the first user so as to change the status of the digital token to indicate the amount of e-cash that is subject of a pending transaction;
l) transmitting data to the common controller that authorizes the common controller to transfer the monetary sum from the temporary account to the account of the second user;
m) transmitting data to the second user representing the e-cash and the account number which identifies the temporary account having therein the monetary sum represented by the digital token;
n) transmitting data to the common controller to transfer the monetary sum corresponding to the value of the digital token from the temporary account to the second user'"'"'s account and to alter the status of the digital token to indicate ownership of the digital token and update the usage counter in each digital token; and
o) closing the temporary account. - View Dependent Claims (15, 16)
a wireless application protocol network; and
a wireless consumer data communication device in data communication with the wireless application protocol network.
-
-
16. The method according to claim 14 wherein step (c) further comprises the step of effecting server side certification.
Specification