Process and method for secure online transactions with calculated risk and against fraud
First Claim
1. A method of engaging in electronic commerce, providing at least one host, at least one buyer, at least one seller, and at least one payment clearing processor, comprising:
- (a) specifying by the buyer a host, and sending by the buyer an order for goods and services online to the seller, without sending payment card number along with said order, nor any number that is a reference to the payment card number;
(b) confirming by the seller said order with said buyer, and assigning by the seller an orderID for the order;
(c) authorizing by the buyer payment of said order by sending a payment authorization request and secret keys to said host with said orderID in a payment form;
(d) requesting by the seller for payment approval of the order from buyer'"'"'s payment card issuer, through said host, by sending a message of a payment approval request to the host with said orderID;
(e) matching up by the host orderIDs received from the buyer and the seller, and content from the payment authorization request with the content from the payment approval request. wherein the payment authorization request and the payment approval request received by the host are matched over a time period determined by the host, detecting that the payment authorization request and payment approval request are not matched within the time period, and terminating the order by the host by expiring the payment approval request.
1 Assignment
0 Petitions
Accused Products
Abstract
An electronic commerce process that facilitates online transactions among multiple participants, that prevents consumer fraud due to pirated payment card numbers, with calculated risk, involving at least one trusted payment card host (3), where buyer'"'"'s payment card number is registered and corresponding secret keys are set up. The buyer (1b) initiates an online transaction by selecting a host from a list of hosts that served by the seller'"'"'s web server (2a). Then, the buyer participant (1a) sends an order online (4), SSL encrypted. The seller participant (2a) receives and decrypts the order, confirms the availability of ordered items, assigns an orderID to the order, and sends a response (5a), SSL encrypted, to the buyer participant (1a) with the assigned orderID. The buyer participant (1a) encrypts and notifies the selected host (3) of this order and orderID, and authorizes the payment (6a) using secret keys. At the same time, the seller participant also encrypts and sends payment approval request (7) for this orderID through the host. The host (3) decrypts and matches up the orderID, retrieves the secret keys, and hashes to obtain the corresponding payment card number. The host then encrypts and send for payment authorization (8a) from the payment card issuer with the payment card number, through payment clearing network. Upon receiving and decrypting the response (9) back from the payment card issuer, the host (3) encrypts and notifies (10a) the seller participant (2a) of the card issuer'"'"'s response (9) for the orderID. After fulfilling the order (11,12), the seller participant encrypts and sends for payment capturing (13a) for this order with orderID, through the host and payment network (14a,15,16).
94 Citations
45 Claims
-
1. A method of engaging in electronic commerce, providing at least one host, at least one buyer, at least one seller, and at least one payment clearing processor, comprising:
-
(a) specifying by the buyer a host, and sending by the buyer an order for goods and services online to the seller, without sending payment card number along with said order, nor any number that is a reference to the payment card number;
(b) confirming by the seller said order with said buyer, and assigning by the seller an orderID for the order;
(c) authorizing by the buyer payment of said order by sending a payment authorization request and secret keys to said host with said orderID in a payment form;
(d) requesting by the seller for payment approval of the order from buyer'"'"'s payment card issuer, through said host, by sending a message of a payment approval request to the host with said orderID;
(e) matching up by the host orderIDs received from the buyer and the seller, and content from the payment authorization request with the content from the payment approval request. wherein the payment authorization request and the payment approval request received by the host are matched over a time period determined by the host, detecting that the payment authorization request and payment approval request are not matched within the time period, and terminating the order by the host by expiring the payment approval request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for enabling a transaction, comprising:
-
receiving an order for one or more items from at least one buyer, without receiving a payment card number along with said order, nor any number that is a reference to the payment card number, by at least one seller;
sending an order ID for the one or more items to the at least one buyer by the at least one seller;
receiving by the at least one seller from the at least one buyer a payment form having the order ID for the one or more items;
receiving by a host from the at least one buyer a payment authorization request comprising the order ID and secret keys for authorization of the payment of the one or more items to be paid by one or more payment cards chosen by the at least one buyer;
receiving by the host from the at least one seller a payment approval request having the order ID;
matching up by the host orderIDs received from the buyer and the seller, and content from the payment authorization request with the content from the payment approval request, wherein the payment authorization request and the payment approval request received by the host are matched over a time period determined by the host, detecting that the authorization request and payment approval request are not matched within the time period, and terminating the order by the host by expiring the payment approval request. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44)
-
-
45. A method for enabling transaction, comprising:
-
setting up with a host one or more pairs of keys corresponding to one or more payment cards by at least one buyer;
receiving an order for one or more items from the at least one buyer, without receiving a payment card number along with said order, nor any number that is a reference to the payment card number by at least one seller;
sending an order ID for the one or more items to the at least one buyer by the at least one seller;
receiving by the at least one seller from the at least one buyer a payment form having the order ID for the one or more items;
receiving by a host from the at least one buyer a payment authorization request comprising the order ID and one of said key pairs for authorization of the payment of the one or more items to be paid by one or more payment cards chosen by the at least one buyer;
receiving by the host from the at least one seller a payment approval request having the order ID;
matching up by the host orderIDs received from the buyer and the seller, and content from the payment authorization request with the content from the payment approval request, wherein the payment authorization request and the payment approval request received by the host are matched over a time period determined by the host, detecting that the authorization request and payment approval request are not matched within the time period, and terminating the order by the host by expiring the payment approval request.
-
Specification