Methods and systems for single sign-on authentication in a multi-vendor e-commerce environment and directory-authenticated bank drafts
First Claim
1. A computer-implemented draft authentication method for use in e-commerce, comprising the steps of:
- storing, for each of a plurality of draft drawers, at least one piece of unique identifying information, said at least one piece of unique identifying information being linked at least to said respective drawer'"'"'s financial information;
authenticating a drawer of a draft by immediately encrypting at least a portion of an identification data provided by the drawer and successfully matching the immediately encrypted identification data with said at least one stored piece of identifying information;
retrieving at least the drawer'"'"'s financial information and establishing constraints based on the retrieved financial information;
honoring a draft presented by a payee with whom the drawee has a partner relationship only when the drawer of the presented draft is successfully authenticated by drawee and the constraints are satisfied.
3 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented draft authentication method for use in e-commerce includes the steps of establishing partner relationships between a financial institution and a plurality of World Wide Web (Web) vendors and storing, for each of a plurality of Web customers, at least one piece of unique identifying information linked to the Web customer'"'"'s financial information. Web customers executing drafts or causing drafts to be executed by the Web vendors and presented to the financial institution are authenticated by immediately encrypting at least a portion of an identification data set provided by the Web customer over the network and by successfully matching the immediately encrypted identification data set with the stored piece(s) of encrypted identifying information. The Web customer'"'"'s financial information is then retrieved only by the financial institution and constraints are established based-on the retrieved information. The financial institution then honors drafts presented by the Web vendors with whom the drawee has a partner relationship only when the Web customer is successfully authenticated and the constraints are satisfied. Only the identification information (such as biometric data and/or ID and password pairs) of each of the Web customers is securely replicated from the financial institution to each of the Web vendors. LDAP-compatible Directory software may be utilized as the means of storing, processing and replicating the Web customer'"'"'s identification information to each of the Web vendors. The financial institution warrants the security of the system and controls the replication and content of the Directories at each of the Web vendor sites.
143 Citations
40 Claims
-
1. A computer-implemented draft authentication method for use in e-commerce, comprising the steps of:
-
storing, for each of a plurality of draft drawers, at least one piece of unique identifying information, said at least one piece of unique identifying information being linked at least to said respective drawer'"'"'s financial information;
authenticating a drawer of a draft by immediately encrypting at least a portion of an identification data provided by the drawer and successfully matching the immediately encrypted identification data with said at least one stored piece of identifying information;
retrieving at least the drawer'"'"'s financial information and establishing constraints based on the retrieved financial information;
honoring a draft presented by a payee with whom the drawee has a partner relationship only when the drawer of the presented draft is successfully authenticated by drawee and the constraints are satisfied. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computer-implemented method for a financial institution to carry out secure e-commerce over the World Wide Web (Web), comprising the steps of:
-
assigning a unique ID and password to each of a plurality of Web customers;
encrypting and storing at least the password of each of the plurality of Web customers;
authenticating Web customers by requesting, encrypting and matching passwords provided by the Web customers with the stored and encrypted passwords corresponding to the Web customers'"'"' ID;
providing authenticated Web customers with access to a plurality of Web vendors with whom the financial institution has a partner relationship via a secure Web site; and
honoring drafts presented by the Web vendors accessed through the secure Web site for purchases made by the authenticated Web customers provided predetermined constraints are met. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A machine-readable medium having data stored thereon representing sequences of instructions which, when executed by one or more computers coupled to a network, causes said computers to perform the steps of:
-
storing, for each of a plurality of draft drawers, at least one piece of unique identifying information, said at least one piece of unique identifying information being linked at least to drawer'"'"'s financial information;
authenticating a drawer of a draft by immediately encrypting at least a portion of an identification data provided by the drawer and successfully matching the immediately encrypted identification data with said at least one stored identifying information;
retrieving at least the drawer'"'"'s financial information and establishing constraints based on the retrieved financial information;
honoring a draft presented by a payee with whom the drawee has a partner relationship only when the drawer of the presented draft is successfully authenticated by drawee and the constraints are satisfied. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
-
-
38. A computer system for carrying out e-commerce, comprising:
-
at least one first computer managed by a financial institution, said at least one first computer maintaining a first Directory software storing a plurality of IDs and corresponding encrypted passwords of a plurality of Web customers that maintain a relationship with said financial institution;
at least one second computer managed by a Web vendor, said at least one second computer maintaining a second Directory software storing a master list controlled and periodically updated by the first Directory software, said master list including said plurality of IDs, said corresponding encrypted passwords and an identification of said financial institution;
at least one Web-enabled device managed by a Web customer;
said at least one Web-enabled device being adapted to accept input from the Web customer and to communicate with said at least one second computer to send a Web customer input ID and a Web customer input encrypted password to said second Directory software;
wherein said second Directory software compares said Web customer input ID and password to entries in said master list, said at least one Web customer being authenticated by said second Directory software only upon matching both said Web customer input ID and encrypted password to an entry in the master list, said financial institution only honoring drafts executed by authenticated Web customers. - View Dependent Claims (39, 40)
-
Specification