Process and method for secure online transactions with calculated risk and against fraud

US 6,847,953 B2
Filed: 02/04/2000
Issued: 01/25/2005
Est. Priority Date: 02/04/2000
Status: Expired

First Claim

Patent Images

1. A method of engaging in electronic commerce, providing at least one host, at least one buyer, at least one seller, and at least one payment clearing processor, comprising:

(a) specifying by the buyer a host, and sending by the buyer an order for goods and services online to the seller, without sending payment card number along with said order, nor any number that is a reference to the payment card number;

(b) confirming by the seller said order with said buyer, and assigning by the seller an orderID for the order;

(c) authorizing by the buyer payment of said order by sending a payment authorization request and secret keys to said host with said orderID in a payment form;

(d) requesting by the seller for payment approval of the order from buyer'"'"'s payment card issuer, through said host, by sending a message of a payment approval request to the host with said orderID;

(e) matching up by the host orderIDs received from the buyer and the seller, and content from the payment authorization request with the content from the payment approval request. wherein the payment authorization request and the payment approval request received by the host are matched over a time period determined by the host, detecting that the payment authorization request and payment approval request are not matched within the time period, and terminating the order by the host by expiring the payment approval request.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An electronic commerce process that facilitates online transactions among multiple participants, that prevents consumer fraud due to pirated payment card numbers, with calculated risk, involving at least one trusted payment card host (3), where buyer'"'"'s payment card number is registered and corresponding secret keys are set up. The buyer (1b) initiates an online transaction by selecting a host from a list of hosts that served by the seller'"'"'s web server (2a). Then, the buyer participant (1a) sends an order online (4), SSL encrypted. The seller participant (2a) receives and decrypts the order, confirms the availability of ordered items, assigns an orderID to the order, and sends a response (5a), SSL encrypted, to the buyer participant (1a) with the assigned orderID. The buyer participant (1a) encrypts and notifies the selected host (3) of this order and orderID, and authorizes the payment (6a) using secret keys. At the same time, the seller participant also encrypts and sends payment approval request (7) for this orderID through the host. The host (3) decrypts and matches up the orderID, retrieves the secret keys, and hashes to obtain the corresponding payment card number. The host then encrypts and send for payment authorization (8a) from the payment card issuer with the payment card number, through payment clearing network. Upon receiving and decrypting the response (9) back from the payment card issuer, the host (3) encrypts and notifies (10a) the seller participant (2a) of the card issuer'"'"'s response (9) for the orderID. After fulfilling the order (11,12), the seller participant encrypts and sends for payment capturing (13a) for this order with orderID, through the host and payment network (14a,15,16).

94 Citations

View as Search Results

45 Claims

1. A method of engaging in electronic commerce, providing at least one host, at least one buyer, at least one seller, and at least one payment clearing processor, comprising:
- (a) specifying by the buyer a host, and sending by the buyer an order for goods and services online to the seller, without sending payment card number along with said order, nor any number that is a reference to the payment card number;
  
  (b) confirming by the seller said order with said buyer, and assigning by the seller an orderID for the order;
  
  (c) authorizing by the buyer payment of said order by sending a payment authorization request and secret keys to said host with said orderID in a payment form;
  
  (d) requesting by the seller for payment approval of the order from buyer'"'"'s payment card issuer, through said host, by sending a message of a payment approval request to the host with said orderID;
  
  (e) matching up by the host orderIDs received from the buyer and the seller, and content from the payment authorization request with the content from the payment approval request. wherein the payment authorization request and the payment approval request received by the host are matched over a time period determined by the host, detecting that the payment authorization request and payment approval request are not matched within the time period, and terminating the order by the host by expiring the payment approval request.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. A method as recited in claim 1, wherein the buyer sending order for goods and services online to said seller further comprises sending, alongside said order, information of said host.
  - 3. A method as recited in claim 1, wherein confirming by the seller said order to said buyer further comprises:
    - generating by the seller an unique orderID that identifies said order, and assigning the orderID to the order; and
      
      sending by the seller an independent payment form with said orderID to the buyer for completion.
  - 4. A method as recited in claim 1, wherein authorizing by the buyer payment of said order further comprises:
    - completing by the buyer said payment form with said orderID, by filling in pertinent spaces with secret keys, and other optional data, the secret keys include at least one key for authentication, and another key for authorization;
      
      sending by the buyer said completed payment form with said orderID directly to said host; and
      
      notifying by the buyer to the seller that payment form of said orderID is completed and sent.
  - 5. A method as recited in claim 1, wherein requesting by the seller for payment approval of the order, from buyer'"'"'s payment card issuer, through the host, further comprises:
    - constructing by the seller a message of payment approval request with said orderID, and sending directly to the host.
  - 6. A method as recited in claim 1, wherein matching up orderID by the host further comprises:
    - searching by the host, for the payment form that has the exact same orderID as that of said payment approval request, or, searching for the payment approval request that has the exact same orderID as that of said payment form;
      
      recovering by the host the secret keys sent by said buyer in the payment form with exact same said orderID;
      
      hashing by the host with said secret keys to obtain the payment card number for paying the order of said orderID; and
      
      sending by the host a request for payment approval authorization, from said buyer'"'"'s payment card issuer, with said payment card number, through the private payment clearing network or the internet payment gateway.
  - 7. The method of claim 2, wherein the order is received via internet.
  - 8. The method of claim 2, wherein the order is received in an encrypted form.
  - 9. The method of claim 2, wherein the order ID is received via internet.
  - 10. The method of claim 2, wherein the order ID is sent in an encrypted form.
  - 11. The method of claim 2, wherein the communication between the at least one buyer and the host is via internet.
  - 12. The method of claim 11, wherein the communication is encrypted.
  - 13. The method of claim 2, wherein the communication between the at least one seller and the host is via internet.
  - 14. The method of claim 13, wherein the communication is encrypted.
  - 15. The method of claim 2, wherein the communication between the at least one seller and the at least one buyer is via internet.
  - 16. The method of claim 1, wherein the communication is encrypted.

17. A method for enabling a transaction, comprising:
- receiving an order for one or more items from at least one buyer, without receiving a payment card number along with said order, nor any number that is a reference to the payment card number, by at least one seller;
  
  sending an order ID for the one or more items to the at least one buyer by the at least one seller;
  
  receiving by the at least one seller from the at least one buyer a payment form having the order ID for the one or more items;
  
  receiving by a host from the at least one buyer a payment authorization request comprising the order ID and secret keys for authorization of the payment of the one or more items to be paid by one or more payment cards chosen by the at least one buyer;
  
  receiving by the host from the at least one seller a payment approval request having the order ID;
  
  matching up by the host orderIDs received from the buyer and the seller, and content from the payment authorization request with the content from the payment approval request, wherein the payment authorization request and the payment approval request received by the host are matched over a time period determined by the host, detecting that the authorization request and payment approval request are not matched within the time period, and terminating the order by the host by expiring the payment approval request.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44)
- - 18. The method of claim 17, wherein the order further comprises the indication of the host chosen by the at least one buyer.
  - 19. The method of claim 17, wherein the order further comprises one or more authentication codes for the one or more payment cards.
  - 20. The method of claim 17, further comprising sending by the at least one seller a response indicating the availability of the one or more items to the at least one buyer.
  - 21. The method of claim 17, further comprising sending by the at least one seller a response accepting the order to the at least one buyer.
  - 22. The method of claim 21, wherein the response further comprises availability and cost for the one or more items.
  - 23. The method of claim 17, further comprising sending by the at least one buyer an order-cancelled response to the at least one seller to terminate the transaction.
  - 24. The method of claim 17, wherein the payment form, received by the at least one seller, further comprises the indication of the host chosen by the at least one buyer.
  - 25. The method of claim 17, wherein the payment form, received by the at least one seller, further comprises one or more authentication codes for the one or more payment cards.
  - 26. The method of claim 17, wherein the payment form, received by the at least one seller, further comprises one or more authorization codes for the one or more payment cards.
  - 27. The method of claim 17, wherein the payment from, received by the at least one seller, further comprises a cancellation message for the at least one buyer to terminate the order.
  - 28. The method of claim 17, further comprising setting up with the host one or more pairs of keys corresponding to the one or more payment cards by the at least one buyer.
  - 29. The method of claim 28, wherein each pair of the one or more pairs of keys further comprises an authorization code.
  - 30. The method of claim 28, wherein each pair of the one or more pairs of keys further comprises an authentication code.
  - 31. The method of claim 28, wherein the one or more pairs of keys are changed by the at least one buyer.
  - 32. The method of claim 28, wherein the one or more pairs of keys are changed periodically.
  - 33. The method of claim 17, wherein the payment authorization request, received by the host, further comprises one or more authorization codes for the one or more payment cards.
  - 34. The method of claim 17, wherein the payment authorization request, received by the host, further comprises one or more authentication codes for the one or more payment cards.
  - 35. The method of claim 17, further comprising sending by the at least one buyer to the at least one seller a message indicating that the payment authorization request has been sent to the host.
  - 36. The method of claim 17, wherein the payment approval request, received by the host, further comprises one or more authentication codes for the one or more payment cards.
  - 37. The method of claim 17, wherein the payment approval request, received by the host, further comprises merchant ID for the at least one seller in order to receive payment from the one or more payment sources.
  - 38. The method of claim 17, wherein the payment approval request, received by the host, further comprises names and addresses of one or more financial institutes for the at least one seller in order to receive payment from the one or more payment sources.
  - 39. The method of claim 17, wherein the payment approval request, received by the host, further comprises the total cost for the one or more items.
  - 40. The method of claim 24, further comprises matching by the host payment authorization request comprises one or more authorization codes for one or more pairs of keys required for paying the one or more items by the one or more payment cards.
  - 41. The method of claim 24, wherein the content received from the payment approval request comprises one or more authentication codes for one or more pairs of keys required for paying the one or more items by the one or more payment cards.
  - 42. The method of claim 24, further comprising matching by the host an authorization code received from the payment authorization request with an authentication code received from the payment approval request, wherein the authorization code and the authentication code are designed for the payment of the one or more items by the one or more payment cards.
  - 43. The method of claim 24, wherein the payment authorization request and the payment approval request received by the host are received and matched in order to locate information of the one or more payment cards and retrieve the card numbers of the one or more payment cards.
  - 44. The method of claim 24, wherein the transaction is terminated and a message is sent to the at least one buyer to reject the payment approval request.

45. A method for enabling transaction, comprising:
- setting up with a host one or more pairs of keys corresponding to one or more payment cards by at least one buyer;
  
  receiving an order for one or more items from the at least one buyer, without receiving a payment card number along with said order, nor any number that is a reference to the payment card number by at least one seller;
  
  sending an order ID for the one or more items to the at least one buyer by the at least one seller;
  
  receiving by the at least one seller from the at least one buyer a payment form having the order ID for the one or more items;
  
  receiving by a host from the at least one buyer a payment authorization request comprising the order ID and one of said key pairs for authorization of the payment of the one or more items to be paid by one or more payment cards chosen by the at least one buyer;
  
  receiving by the host from the at least one seller a payment approval request having the order ID;
  
  matching up by the host orderIDs received from the buyer and the seller, and content from the payment authorization request with the content from the payment approval request, wherein the payment authorization request and the payment approval request received by the host are matched over a time period determined by the host, detecting that the authorization request and payment approval request are not matched within the time period, and terminating the order by the host by expiring the payment approval request.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Online Security Portfolio LLC
Original Assignee
James Shaw-Han Kuo
Inventors
KUO, James Shaw-Han
Primary Examiner(s)
Trammell, James P.
Assistant Examiner(s)
Hewitt, II, Calvin L

Application Number

US09/497,665
Publication Number

US 20030120615A1
Time in Patent Office

1,817 Days
Field of Search

705/1, 705/50, 705/51, 705/53, 705/64, 705/67, 705/70, 705/72, 705/75, 705/78
US Class Current

705/75
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/0855   involving a third party

G06Q 20/12   specially adapted for elect...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/401   Transaction verification

G06Q 30/06   Buying, selling or leasing ...

Process and method for secure online transactions with calculated risk and against fraud

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

94 Citations

45 Claims

Specification

Solutions

Use Cases

Quick Links

Process and method for secure online transactions with calculated risk and against fraud

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

94 Citations

45 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links