System and method for secure and address verifiable electronic commerce transactions
First Claim
1. In an electronic commerce transaction involving at least one commerce document defining the transaction and at least one commerce instrument defining a payment for the transactions comprising a computing device for:
- a) encrypting the commerce document and the commerce instrument at an originating participant;
b) sending the encrypted commerce document and the encrypted commerce instrument from the originating participant to a recipient participant over an electronic commerce network;
c) enabling the recipient participant to decrypt one of the commerce document or the commerce instrument;
d) preventing the recipient participant from decrypting the other of the commerce document or the commerce instrument;
e) accessing said electronic commerce network by a first participant at a first called network access number by means of a first computing device;
f) accessing said electronic commerce network by said first participant from a first calling network access number by means of said first computing device;
g) accessing said electronic commerce network by a second participant at a second called network access number by means of a second computing device;
h) accessing said electronic commerce network by said second participant from a second calling network access number by means of said second computing device;
i) providing network access authentication means by a third participant for said first participant and said second participant by means of a third computing device comprising the steps of;
i.) connecting to said first called network access number from said first calling network access number by said first participant;
ii.) validating said first participant'"'"'s name, said first called network access number and said first calling network access number by said third participant;
iii.) encrypting said first network access authentication information in a first authentication document by said third participant;
iv.) sending said first authentication document to said first participant by said third participant over said electronic commerce network;
v.) connecting to said second called network access number from said second calling network access number by said second participant;
vi.) validating said second called network access number and said second calling network access number by said third participant;
vii.) encrypting said second network access authentication information in a second authentication document by said third participant; and
viii.) sending said second authentication document to said second participant by said third participant over said electronic commerce network.
0 Assignments
0 Petitions
Accused Products
Abstract
An electronic commerce system, that electronically emulates the Mail Order/Telephone Ordering process on the Internet, including customer and merchant network address verification. Customer and merchant address verification are done electronically. Other commerce parties than the customer and merchant in the electronic commerce system, could be as easily verified using the commerce system. (PKI) The system uses a Public Key Infrastructure system to ensure secure and irrefutable electronic commerce transactions on the Internet. PKI ensures that the electronic commerce party is whom he claims to be when used in conjunction with network address verification, ensures confidentiality of the data transmitted between the commerce parties and ensures that the data has not been altered during transmission. The electronic commerce system operates in two phases: a registration phase and a transaction phase. During the registration phase each participant registers with the relevant parties in the commerce system and then registers with a central trusted authority on the Internet. The registration phase includes parties registering with their relevant banks and Internet Service Providers. The banks and ISPs transmit a digitally signed certificate with pertinent information to the registrant. The participant'"'"'s Internet Service Provider'"'"'s certificate contains encrypted information identifying how the participant logs onto the Internet and where the participant resides on the Internet when conducting a commerce transaction. During the transaction phase of the commerce system, these registered digital certificates are used to verify the credentials of the various participants and the appropriate public keys are used to encrypt information on a “for-your-eyes-only” basis, such that only the party that needs to view the information will be able to decrypt it using their private key.
-
Citations
18 Claims
-
1. In an electronic commerce transaction involving at least one commerce document defining the transaction and at least one commerce instrument defining a payment for the transactions comprising a computing device for:
-
a) encrypting the commerce document and the commerce instrument at an originating participant;
b) sending the encrypted commerce document and the encrypted commerce instrument from the originating participant to a recipient participant over an electronic commerce network;
c) enabling the recipient participant to decrypt one of the commerce document or the commerce instrument;
d) preventing the recipient participant from decrypting the other of the commerce document or the commerce instrument;
e) accessing said electronic commerce network by a first participant at a first called network access number by means of a first computing device;
f) accessing said electronic commerce network by said first participant from a first calling network access number by means of said first computing device;
g) accessing said electronic commerce network by a second participant at a second called network access number by means of a second computing device;
h) accessing said electronic commerce network by said second participant from a second calling network access number by means of said second computing device;
i) providing network access authentication means by a third participant for said first participant and said second participant by means of a third computing device comprising the steps of;
i.) connecting to said first called network access number from said first calling network access number by said first participant;
ii.) validating said first participant'"'"'s name, said first called network access number and said first calling network access number by said third participant;
iii.) encrypting said first network access authentication information in a first authentication document by said third participant;
iv.) sending said first authentication document to said first participant by said third participant over said electronic commerce network;
v.) connecting to said second called network access number from said second calling network access number by said second participant;
vi.) validating said second called network access number and said second calling network access number by said third participant;
vii.) encrypting said second network access authentication information in a second authentication document by said third participant; and
viii.) sending said second authentication document to said second participant by said third participant over said electronic commerce network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
a) pre-populating a first electronic storage means with a first network access authentication information for said first participant, said third participant controlling said first electronic storage means; and
b) pre-populating said first electronic storage means with a second network access authentication information for said second participant, said third participant controlling said first electronic storage means.
-
-
3. A method as recited in claim 2 wherein said first network access authentication information comprising:
-
a name, said first called network access number, said first calling network access number, an shipping address, and other data;
and wherein said second network access authentication information comprising; a name, said second called network access number, said second calling network access number, a billing address, and other data.
-
-
4. A method as recited in claim 3, further comprising the steps of:
-
a) initiating an electronic commerce transaction by said first participant with said second participant;
b) sending said first authentication document by said first participant to said second participant in said electronic commerce transaction over said electronic commerce network;
c) validating said first authentication document by said second participant by sending said first authentication document to said third participant and sending a first response to said second participant by said third participant over said electronic commerce network;
d) sending said second authentication document by said second participant to said first participant in said electronic commerce transaction over said electronic commerce network; and
e) validating said second authentication document by said first participant by sending said second authentication document to said third participant and sending a second response to said first participant by said third participant over said electronic commerce network.
-
-
5. A method as recited in claim 4 further comprising the steps by said third participant of:
-
a) extracting and decrypting said first called network access number from said first authentication document;
b) validating said first called network access number from said first authentication document with said first called network access number stored in said first electronic storage means;
c) extracting and decrypting said first calling network access number from said first authentication document;
d) validating said first calling network access number from said first authentication document with said first calling network access number stored in said first electronic storage means;
e) sending said first response to said second participant over said electronic commerce network.
-
-
6. A method as recited in claim 5 further comprising the steps by said third participant of:
-
a) extracting and decrypting said second called network access number from said second authentication document;
b) validating said second called network access number from said second authentication document with said second called network access number stored in said first electronic storage means;
c) extracting and decrypting said second calling network access number from said second authentication document;
d) validating said second calling network access number from said second authentication document with said second calling network access number stored in said first electronic storage means;
e) sending said second response to said first participant over said electronic commerce network.
-
-
7. A method as recited in claim 6, wherein said first electronic storage means comprises a RADIUS database.
-
8. A method as recited in claim 1, wherein the accessing step comprises the step of connecting to a communications system selected from the group comprising a cable TV network, a satellite network, a public switched telephone network, a mobile phone network, a RF network and the Internet.
-
9. A method as recited in claim 1, wherein said computing device selected from the group comprising a computer, a personal computer, a web enabled TV, a web enabled wire-line phone, a personal digital assistant and a web enabled mobile phone.
-
10. In an electronic commerce transaction involving at least one commerce document defining the transaction and at least one commerce instrument defining a payment for the transaction comprising:
- a computing device for;
a) encrypting the commerce document and the commerce instrument at an originating participant;
b) sending the encrypted commerce document and the encrypted commerce instrument from the originating participant to a recipient participant over an electronic commerce network;
c) enabling the recipient participant to decrypt one of the commerce document or the commerce instrument;
d) preventing the recipient participant from decrypting the other of the commerce document or the commerce instrument;
e) accessing said electronic commerce network by a first participant at a first alternate called network access number by means of a first computing device;
f) accessing said electronic commerce network by said first participant from a first alternate calling network access number by means of said first computing device;
g) accessing said electronic commerce network by a second participant at a second alternate called network access number by means of a second computing device;
h) accessing said electronic commerce network by said second participant from a second alternate calling network access number by means of said second computing device;
i) providing network access authentication means by a third participant for said first participant and said second participant by means of a third computing device comprising the steps of;
i.) connecting to said first alternate called network access number from said first alternate calling network access number by said first participant;
ii.) validating said first participant'"'"'s name, said first alternate called network access number and said first alternate calling network access number by said third participant;
iii.) encrypting said first said network access authentication information in a first authentication document by said third participant;
iv.) sending said first authentication document to said first participant by said third participant over said electronic commerce network;
v.) connecting to said second called network access number from said second alternate calling network access number by said second participant;
vi.) validating said second alternate called network access number and said second alternate calling network access number by said third participant;
vii.) encrypting said second network access authentication information in a second authentication document by said third participant; and
viii.) sending said second authentication document to said second participant by said third participant over said electronic commerce network. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
a) pre-populating a first electronic storage means with a first alternate network access authentication information for said first participant, said third participant controlling said first electronic storage means; and
b) pre-populating said first electronic storage means with a second alternate network access authentication information for said second participant, said third participant controlling said first electronic storage means.
- a computing device for;
-
12. A method as recited in claim 11 wherein said first alternate network access authentication information comprising:
-
a name, said first alternate called network access number, said first alternate calling network access number, an alternate shipping address, and other data;
and said second network access authentication information comprising; a name, said second alternate called network access number, said second alternate calling network access number, a billing address, and other data.
-
-
13. A method as recited in claim 12, further comprising the steps of:
-
a) initiating an electronic commerce transaction by said first participant with said second participant;
b) sending said first authentication document by said first participant to said second participant in said electronic commerce transaction over said electronic commerce network;
c) validating said first authentication document by said second participant by sending said first authentication document to said third participant and sending a first response to said second participant by said third participant over said electronic commerce network;
d) sending said second authentication document by said second participant to said first participant in said electronic commerce transaction over said electronic commerce network; and
e) validating said second authentication document by said first participant by sending said second authentication document to said third participant and sending a second response to said first participant by said third participant over said electronic commerce network.
-
-
14. A method as recited in claim 13 further comprising the steps by said third participant of:
-
a) extracting and decrypting said first alternate called network access number from said first authentication document;
b) validating said first alternate called network access number from said first authentication document with said first alternate called network access number stored in said first electronic storage means;
c) extracting and decrypting said first alternate calling network access number from said first authentication document;
d) validating said first alternate calling network access number from said first authentication document with said first alternate calling network access number stored in said first electronic storage means; and
e) sending said first response to said second participant over said electronic commerce transaction network over said electronic commerce network.
-
-
15. A method as recited in claim 13 further comprising the steps by said third participant of;
-
a) extracting and decrypting said second alternate called network access number from said second authentication document;
b) validating said second alternate called network access number from said second authentication document with said second alternate called network access number stored in said first electronic storage means;
c) extracting and decrypting said second alternate calling network access number from said second authentication document;
d) validating said second alternate calling network access number from said second authentication document with said second alternate calling network access number stored in said first electronic storage means;
e) sending said second response to said first participant over said electronic commerce transaction network over said electronic commerce network.
-
-
16. A method as recited in claim 15 wherein said first electronic storage means comprises a RADIUS database.
-
17. A method as recited in claim 10, wherein the accessing step comprises the step of connecting to a communications system selected from the group comprising a cable TV network, a satellite network, a public switched telephone network, a mobile phone network, a RF network and the Internet.
-
18. A method as recited in claim 10, wherein said computing device selected from the group comprising a computer, a personal computer, a web enabled TV, a web enabled wire-line phone, a personal digital assistant and a web enabled mobile phone.
Specification