System and method for conducting secure payment transactions
First Claim
1. A method for performing a payment transaction, comprising:
- receiving a set of Web page data by user software, the set of Web page data being for displaying a Web page;
determining, by the user software, whether the Web page includes at least one hidden field;
if the Web page includes the at least one hidden field, selecting a first payment procedure to be used for performing the particular payment transaction, the first payment procedure including filling the at least one hidden field with hidden data, by the user software, for sending the hidden data to a merchant; and
if the Web page does not include the at least one hidden field, selecting a second payment procedure to be used for performing the particular payment transaction, the second payment procedure including filling at least one visible field with purchase data, for sending the purchase data to the merchant, the at least one visible field being included in the Web page.
1 Assignment
0 Petitions
Accused Products
Abstract
In a secure electronic payment system, authentication data is sent from a payment account issuer to user software operated by a purchaser. The user software sends the authentication data to a merchant using hidden fields on the Web page of the merchant. The merchant generates an authorization request message based upon the authentication data. The authorization request message is sent to a payment organization either directly from the merchant or via the merchant'"'"'s acquirer. The payment organization forwards the authorization request message to a payment account issuer which verifies the authorization request message, thereby generating an authorization response message which is sent to the payment organization. The payment organization forwards the authorization response message to the merchant, either directly or via the acquirer.
155 Citations
81 Claims
-
1. A method for performing a payment transaction, comprising:
-
receiving a set of Web page data by user software, the set of Web page data being for displaying a Web page;
determining, by the user software, whether the Web page includes at least one hidden field;
if the Web page includes the at least one hidden field, selecting a first payment procedure to be used for performing the particular payment transaction, the first payment procedure including filling the at least one hidden field with hidden data, by the user software, for sending the hidden data to a merchant; and
if the Web page does not include the at least one hidden field, selecting a second payment procedure to be used for performing the particular payment transaction, the second payment procedure including filling at least one visible field with purchase data, for sending the purchase data to the merchant, the at least one visible field being included in the Web page. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
2. A method according to claim 1, wherein the first payment procedure further includes receiving, by the user software, authentication data from a payment account issuer, the hidden data comprising the authentication data, and the authentication data being for authenticating an identity of an account holder of a payment account issued by the payment account issuer.
-
3. A method according to claim 2, wherein the first payment procedure further includes sending, from the user software to the payment account issuer, a request for authentication of the identity of the account holder, the authentication data being sent from the payment account issuer to the user software in response to the request for the authentication of the identity of the account holder.
-
4. A method according to claim 3, wherein the first payment procedure further includes the steps of:
-
sending an authorization request message from the merchant to a payment organization, the authorization request message being derived from the authentication data;
sending, from the payment organization to the payment account issuer, at least one of the authorization request message and a message derived from the authorization request message;
using, by the payment account issuer, a verification procedure to process the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message;
sending the authorization response message from the payment account issuer to the payment organization; and
sending, from the payment organization to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
-
5. A method according to claim 3, wherein the first payment procedure further includes the steps of:
-
sending a first authorization request message from the merchant to an acquirer, the first authorization request message being derived from the authentication data;
sending, from the acquirer to a payment organization, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message;
sending, from the payment organization to the payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages;
using, by the payment account issuer, a verification procedure to process the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message;
sending the first authorization response message from the payment account issuer to the payment organization;
sending, from the payment organization to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message; and
sending, from the acquirer to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
6. A method according to claim 2, wherein the first payment procedure further includes the steps of:
-
sending an authorization request message from the merchant to a payment organization, the authorization request message being derived from the authorization data;
sending, from the payment organization to the payment account issuer, at least one of the authorization request message and a message derived from the authorization request message;
using, by the payment account issuer, a verification procedure to process the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message;
sending the authorization response message from the payment account issuer to the payment organization; and
sending, from the payment organization to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
-
7. A method according to claim 2, wherein the first payment procedure further includes the steps of:
-
sending a first authorization request message from the merchant to an acquirer, the first authorization request message being derived from the authentication data;
sending, from the acquirer to a payment organization, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message;
sending, from the payment organization to the payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages;
using, by the payment account issuer, a verification procedure to process the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message;
sending the first authorization response message from the payment account issuer to the payment organization;
sending, from the payment organization to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message; and
sending, from the acquirer to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
8. A method according to claim 1, wherein the first payment procedure further includes the steps of:
-
sending an authorization request message from the merchant to a payment organization, the authorization request message being derived from the hidden data;
sending, from the payment organization to a payment account issuer, at least one of the authorization request message and a message derived from the authorization request message;
using, by the payment account issuer, a verification procedure to process the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message;
sending the authorization response message from the payment account issuer to the payment organization; and
sending, from the payment organization to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
-
9. A method according to claim 8, wherein the hidden data include at least data associated with the particular payment transaction, and the verification procedure comprises the steps of:
-
determining by the payment account issuer whether the data associated with the particular payment transaction have been previously used for authorizing any payment transaction; and
if the data associated with the particular payment transaction have been previously used for authorizing any payment transaction, including a denial of authorization in the authorization response message.
-
-
10. A method according to claim 1, wherein the first payment procedure further includes the steps of:
-
sending a first authorization request message from the merchant to an acquirer, the first authorization request message being derived from the hidden data;
sending, from the acquirer to a payment organization, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message;
sending, from the payment organization to a payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages;
using, by the payment account issuer, a verification procedure to process the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message;
sending the first authorization response message from the payment account issuer to the payment organization;
sending, from the payment organization to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message; and
sending, from the acquirer to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
11. A method according to claim 10, wherein the hidden data include at least data associated with the particular payment transaction, and the verification procedure comprises the steps of:
-
determining by the payment account issuer whether the data associated with the particular payment transaction have been previously used for authorizing any payment transaction; and
if the data associated with the particular payment transaction have been previously used for authorizing any payment transaction, including a denial of authorization in the first authorization response message.
-
-
12. A method according to claim 1, wherein the first payment procedure further includes the steps of:
-
sending an authorization request message from the merchant to a payment organization, the authorization request message being derived from the hidden data;
using, by the payment organization, a verification procedure to process the authorization request message, for generating an authorization response message; and
sending the authorization response message from the payment organization to the merchant.
-
-
13. A method according to claim 1, wherein the first payment procedure further includes the steps of:
-
sending a first authorization request message from the merchant to an acquirer, the first authorization request message being derived from the hidden data;
sending, from the acquirer to a payment organization, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message;
using, by the payment organization, a verification procedure to process the at least one of the first and second authorization request messages, for generating a first authorization response message;
sending the first authorization response message from the payment organization to the acquirer; and
sending, from the acquirer to the merchant, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message.
-
-
2. A method according to claim 1, wherein the first payment procedure further includes receiving, by the user software, authentication data from a payment account issuer, the hidden data comprising the authentication data, and the authentication data being for authenticating an identity of an account holder of a payment account issued by the payment account issuer.
-
-
14. A method for performing a payment transaction, comprising:
-
receiving a set of Web page data by user software, the set of Web page data being for displaying a Web page, and the Web page including at least one hidden field;
receiving, by the user software, authentication data from a payment account issuer, the authentication data being for authenticating an identity of an account holder of a payment account issued by the payment account issuer; and
filling the at least one hidden field with the authentication data, by the user software, for sending the authentication data to a merchant. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
15. A method according to claim 14, further comprising sending, from the user software to the payment account issuer, a request for authentication of the identity of the account holder, the authentication data being sent from the payment account issuer to the user software in response to the request for the authentication of the identity of the account holder.
-
16. A method according to claim 15, further comprising:
-
sending an authorization request message from the merchant to a payment organization, the authorization request message being derived from the authentication data;
sending, from the payment organization to the payment account issuer, at least one of the authorization request message and a message derived from the authorization request message;
using, by the payment account issuer, a verification procedure to process the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message;
sending the authorization response message from the payment account issuer to the payment organization; and
sending, from the payment organization to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
-
17. A method according to claim 15, further comprising:
-
sending a first authorization request message from the merchant to an acquirer, the first authorization request message being derived from the authentication data;
sending, from the acquirer to a payment organization, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message;
sending, from the payment organization to the payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages;
using, by the payment account issuer, a verification procedure to process the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message;
sending the first authorization response message from the payment account issuer to the payment organization;
sending, from the payment organization to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message; and
sending, from the acquirer to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
18. A method according to claim 14, further comprising:
-
sending an authorization request message from the merchant to a payment organization, the authorization request message being derived from the authentication data;
sending, from the payment organization to the payment account issuer, at least one of the authorization request message and a message derived from the authorization request message;
using, by the payment account issuer, a verification procedure to process the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message;
sending the authorization response message from the payment account issuer to the payment organization; and
sending, from the payment organization to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
-
19. A method according to claim 14, further comprising:
-
sending a first authorization request message from the merchant to an acquirer, the first authorization request message being derived from the authentication data;
sending, from the acquirer to a payment organization, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message;
sending, from the payment organization to the payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages;
using, by the payment account issuer, a verification procedure to process the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message;
sending the first authorization response message from the payment account issuer to the payment organization;
sending, from the payment organization to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message; and
sending, from the acquirer to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
20. A method according to claim 14, further comprising:
-
sending an authorization request message from the merchant to a payment organization, the authorization request message being derived from the authentication data;
using, by the payment organization, a verification procedure to process the authorization request message, for generating an authorization response message; and
sending the authorization response message from the payment organization to the merchant.
-
-
21. A method according to claim 14, further comprising:
-
sending a first authorization request message from the merchant to an acquirer, the first authorization request message being derived from the authentication data;
sending, from the acquirer to a payment organization, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message;
using, by the payment organization, a verification procedure to process the at least one of the first and second authorization request messages, for generating a first authorization response message;
sending the first authorization response message from the payment organization to the acquirer; and
sending, from the acquirer to the merchant, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message.
-
-
15. A method according to claim 14, further comprising sending, from the user software to the payment account issuer, a request for authentication of the identity of the account holder, the authentication data being sent from the payment account issuer to the user software in response to the request for the authentication of the identity of the account holder.
-
-
22. A method for performing a payment transaction, comprising:
-
receiving a first set of Web page data by user software, the first set of Web page data being for displaying a first Web page;
determining, by the user software, whether the first Web page includes a first hidden field, the first hidden field being for indicating to the user software that the first Web page is capable of being used for performing a single-click payment procedure; and
if the first Web page includes the first hidden field, filling the first hidden field, by the user software, with data for informing a merchant that the user software is being used for performing at least one payment transaction. - View Dependent Claims (23, 24, 25, 26, 27)
-
23. A method according to claim 22, further comprising selecting, by an account holder, the single-click payment procedure to be performed using the first Web page.
-
24. A method according to claim 23, further comprising the steps of:
-
receiving a second set of Web page data by the user software, the second set of Web page data representing a second Web page, the second Web page including a second hidden field;
filling the second hidden field with authentication data, by the user software, for sending the authentication data to the merchant, the authentication data being for authenticating an identity of the account holder; and
initiating transmission of the authentication data to the merchant.
-
-
25. A method according to claim 24, further comprising receiving the authentication data, by the user software, from a payment account issuer which has issued a payment account to the account holder.
-
26. A method according to claim 25, further comprising:
-
sending an authorization request message from the merchant to a payment organization, the authorization request message being derived from the authentication data;
sending, from the payment organization to the payment account issuer, at least one of the authorization request message and a message derived from the authorization request message;
using, by the payment account issuer, a verification procedure to process the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message;
sending the authorization response message from the payment account issuer to the payment organization; and
sending, from the payment organization to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
-
27. A method according to claim 25, further comprising:
-
sending a first authorization request message from the merchant to an acquirer, the first authorization request message being derived from the authentication data;
sending, from the acquirer to a payment organization, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message;
sending, from the payment organization to the payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages;
using, by the payment account issuer, a verification procedure to process the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message;
sending the first authorization response message from the payment account issuer to the payment organization;
sending, from the payment organization to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message; and
sending, from the acquirer to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
23. A method according to claim 22, further comprising selecting, by an account holder, the single-click payment procedure to be performed using the first Web page.
-
-
28. An apparatus for performing a payment transaction, comprising:
-
a first user processor for receiving a set of Web page data, the set of Web page data being for displaying a Web page;
a second user processor for determining whether the Web page includes at least one hidden field;
a processor for selecting a first payment system to be used for performing a particular payment transaction if the Web page includes the at least one hidden field, the first payment system comprising a third user processor for filling the at least one hidden field with hidden data, for sending the hidden data to a merchant; and
a processor for selecting a second payment system to be used for performing the particular payment transaction if the Web page does not include the at least one hidden field, the second payment system comprising a processor for filling at least one visible field with purchase data, for sending the purchase data to the merchant, the at least one visible field being included in the Web page. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
29. An apparatus according to claim 28, wherein the first payment system further comprises:
-
a payment account issuer for issuing a payment account to an account holder; and
a fourth user processor for receiving authentication data from the payment account issuer, the hidden data comprising the authentication data, and the authentication data being for authenticating an identity of the account holder.
-
-
30. An apparatus according to claim 29, wherein the first payment system further comprises a fifth user processor for sending, to the payment account issuer, a request for authentication of the identity of the account holder, the authentication data being sent from the payment account issuer to the fourth user processor in response to the request for the authentication of the identity of the account holder.
-
31. An apparatus according to claim 30, wherein the first payment system further comprises a payment organization for receiving an authorization request message from the merchant, the authorization request message being derived from the authentication data, the payment organization being further for sending, to the payment account issuer, at least one of the authorization request message and a message derived from the authorization request message, the payment account issuer comprising a verification processor for verifying the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message, the payment account issuer being further for sending the authorization response message to the payment organization, and the payment organization being further for sending, to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
32. An apparatus according to claim 30, wherein the first payment system further comprises:
-
an acquirer for receiving a first authorization request message from the merchant, the first authorization request message being derived from the authentication data; and
a payment organization for receiving, from the acquirer, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message, the payment organization being further for sending, to the payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages, the payment account issuer comprising a verification processor for verifying the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message, the payment account issuer being further for sending the first authorization response message to the payment organization, the payment organization being further for sending, to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message, and the acquirer being further for sending, to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
33. An apparatus according to claim 29, wherein the first payment system further comprises a payment organization for receiving an authorization request message from the merchant, the authorization request message being derived from the authorization data, the payment organization being further for sending, to the payment account issuer, at least one of the authorization request message and a message derived from the authorization request message, the payment account issuer comprising a verification processor for verifying the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message, the payment account issuer being further for sending the authorization response message to the payment organization, and the payment organization being further for sending, to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
34. An apparatus according to claim 29, wherein the first payment system further comprises:
-
an acquirer for receiving a first authorization request message from the merchant, the first authorization request message being derived from the authentication data; and
a payment organization for receiving, from the acquirer, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message, the payment organization being further for sending, to the payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages, the payment account issuer comprising a verification processor for verifying the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message, the payment account issuer being further for sending the first authorization response message to the payment organization, the payment organization being for sending, to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message, and the acquirer being further for sending, to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
35. An apparatus according to claim 28, wherein the first payment system further comprises:
-
a payment account issuer; and
a payment organization for receiving an authorization request message from the merchant, the authorization request message being derived from the hidden data, the payment organization being further for sending, to the payment account issuer, at least one of the authorization request message and a message derived from the authorization request message, the payment account issuer comprising a verification processor for verifying the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message, the payment account issuer being for sending the authorization response message to the payment organization, and the payment organization being further for sending, to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
-
36. An apparatus according to claim 35, wherein the hidden data include at least data associated with the particular payment transaction, and the verification processor comprises:
-
a processor for determining whether the data associated with the particular payment transaction have been previously used for authorizing any payment transaction; and
a processor for including a denial of authorization in the authorization response message if the data associated with the particular payment transaction have been previously used for authorizing any payment transaction.
-
-
37. An apparatus according to claim 28, wherein the first payment system further comprises:
-
a payment account issuer;
an acquirer for receiving a first authorization request message from the merchant, the first authorization request message being derived from the hidden data; and
a payment organization for receiving, from the acquirer, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message, the payment organization being further for sending, to the payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages, the payment account issuer comprising a verification processor for verifying the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message, the payment account issuer being for sending the first authorization response message to the payment organization, the payment organization being further for sending, to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message, and the acquirer being further for sending, to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
38. An apparatus according to claim 37, wherein the hidden data include at least data associated with the particular payment transaction, and the verification processor comprises:
-
a processor for determining whether the data associated with the particular payment transaction have been previously used for authorizing any payment transaction; and
a processor for including a denial of authorization in the first authorization response message if the data associated with the particular payment transaction have been previously used for authorizing any payment transaction.
-
-
39. An apparatus according to claim 28, wherein the first payment system further comprises a payment organization for receiving an authorization request message from the merchant, the authorization request message being derived from the hidden data, the payment organization comprising a verification processor for verifying the authorization request message, for generating an authorization response message, and the payment organization being further for sending the authorization response message to the merchant.
-
40. An apparatus according to claim 28, wherein the first payment system further comprises:
-
an acquirer for receiving a first authorization request message from the merchant, the first authorization request message being derived from the hidden data; and
a payment organization for receiving, from the acquirer, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message, the payment organization comprising a verification processor for verifying the at least one of the first and second authorization request messages, for generating a first authorization response message, the payment organization being further for sending the first authorization response message to the acquirer; and
the acquirer being further for sending, to the merchant, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message.
-
-
29. An apparatus according to claim 28, wherein the first payment system further comprises:
-
-
41. An apparatus for performing a payment transaction, comprising:
-
a first user processor for receiving a set of Web page data, the set of Web page data being for displaying a Web page, and the Web page including at least one hidden field;
a payment account issuer for issuing a payment account to an account holder;
a second user processor for receiving authentication data from the payment account issuer, the authentication data being for authenticating an identity of the account holder; and
a third user processor for filling the at least one hidden field with the authentication data, for sending the authentication data to a merchant. - View Dependent Claims (42, 43, 44, 45, 46, 47, 48)
-
42. An apparatus according to claim 41, further comprising a fourth user processor for sending, to the payment account issuer, a request for authentication of the identity of the account holder, the authentication data being sent from the payment account issuer to the second user processor in response to the request for the authentication of the identity of the account holder.
-
43. An apparatus according to claim 42, further comprising a payment organization for receiving an authorization request message from the merchant, the authorization request message being derived from the authentication data, the payment organization being further for sending, to the payment account issuer, at least one of the authorization request message and a message derived from the authorization request message, the payment account issuer comprising a verification processor for verifying the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message, the payment account issuer being further for sending the authorization response message to the payment organization;
- and the payment organization being for sending, to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
44. An apparatus according to claim 42, further comprising:
-
an acquirer for receiving a first authorization request message from the merchant, the first authorization request message being derived from the authentication data; and
a payment organization for receiving, from the acquirer, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message, the payment organization being further for sending, to the payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages, the payment account issuer comprising a verification processor for verifying the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message, the payment account issuer being further for sending first authorization response message to the payment organization, the payment organization being further for sending, to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message, and the acquirer being further for sending, to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
45. An apparatus according to claim 41, further comprising a payment organization for receiving an authorization request message from the merchant, the authorization request message being derived from the authentication data, the payment organization being further for sending, to the payment account issuer, at least one of the authorization request message and a message derived from the authorization request message, the payment account issuer comprising a verification processor for verifying the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message, the payment account issuer being further for sending the authorization response message to the payment organization;
- and the payment organization being for sending, to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
46. An apparatus according to claim 41, further comprising:
-
an acquirer for receiving a first authorization request message from the merchant, the first authorization request message being derived from the authentication data; and
a payment organization for receiving, from the acquirer, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message, the payment organization being further for sending, to the payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages, the payment account issuer comprising a verification processor for verifying the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message, the payment account issuer being further for sending the first authorization response message to the payment organization, the payment organization being further for sending, to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message, and the acquirer being further for sending, to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
47. An apparatus according to claim 41, further comprising a payment organization for receiving an authorization request message from the merchant, the authorization request message being derived from the authentication data, the payment organization comprising a verification processor for verifying the authorization request message, for generating an authorization response message, and the payment organization being further for sending the authorization response message to the merchant.
-
48. An apparatus according to claim 41, further comprising:
-
an acquirer for receiving a first authorization request message from the merchant, the first authorization request message being derived from the authentication data; and
a payment organization for receiving, from the acquirer, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message, the payment organization comprising a verification processor for verifying the at least one of the first and second authorization request messages, for generating a first authorization response message, the payment organization being further for sending the first authorization response message to the acquirer, and the acquirer being further for sending, to the merchant, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message.
-
-
42. An apparatus according to claim 41, further comprising a fourth user processor for sending, to the payment account issuer, a request for authentication of the identity of the account holder, the authentication data being sent from the payment account issuer to the second user processor in response to the request for the authentication of the identity of the account holder.
-
-
49. An arrangement for performing a payment transaction, comprising:
-
a first user processor for receiving a first set of Web page data, the first set of Web page data being for displaying a first Web page;
a second user processor for determining whether the first Web page includes a first hidden field, the first hidden field being for indicating to the user software that the first Web page is capable of being used, by a single-click payment system, to perform at least one payment transaction;
a third user processor for, if the first Web page includes the first hidden field, filling the first hidden field with data for informing a merchant that the user processor is being used for performing the at least one payment transaction. - View Dependent Claims (50, 51, 52, 53, 54)
-
50. An arrangement according to claim 49, further comprising an account holder for selecting the single-click payment procedure to be performed using the first Web page.
-
51. An arrangement according to claim 50, further comprising:
-
a fourth user processor for receiving a second set of Web page data, the second set of Web page data representing a second Web page, the second Web page including a second hidden field;
a fifth user processor for filling the second hidden field with authentication data, for sending the authentication data to the merchant, the authentication data being for authenticating an identity of the account holder; and
a sixth user processor for initiating transmission of the authentication data to the merchant.
-
-
52. An arrangement according to claim 51, further comprising:
-
a payment account issuer for issuing a payment account to the account holder; and
a seventh user processor for receiving the authentication data from the payment account issuer.
-
-
53. An arrangement according to claim 52, further comprising a payment organization for receiving an authorization request message from the merchant, the authorization request message being derived from the authentication data, the payment organization being further for sending, to the payment account issuer, at least one of the authorization request message and a message derived from the authorization request message, the payment account issuer comprising a verification processor for verifying the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message, the payment account issuer being further for sending the authorization response message to the payment organization, and the payment organization being further for sending, to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
54. An arrangement according to claim 52, further comprising:
-
an acquirer for receiving a first authorization request message from the merchant, the first authorization request message being derived from the authentication data; and
a payment organization for receiving, from the acquirer, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message, the payment organization being further for sending, to the payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages, the payment account issuer comprising a verification processor for verifying the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message, the payment account issuer being further for sending the first authorization response message to the payment organization, the payment organization being further for sending, to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message, and the acquirer being further for sending, to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
50. An arrangement according to claim 49, further comprising an account holder for selecting the single-click payment procedure to be performed using the first Web page.
-
-
55. A computer-readable medium having a set of instructions operable to direct a processor to perform the steps of:
-
receiving a set of Web page data by a user processor, the set of Web page data being for displaying a Web page;
determining, by the user processor, whether the Web page includes at least one hidden field;
if the Web page includes the at least one hidden field, selecting a first payment procedure to be used for performing a particular payment transaction, the first payment procedure including filling the at least one hidden field with hidden data, by the user processor, for sending the hidden data to a merchant; and
if the Web page does not include the at least one hidden field, selecting a second payment procedure to be used for performing the particular payment transaction, the second payment procedure including filling at least one visible field with purchase data, for sending the purchase data to the merchant, the at least one visible field being included in the Web page. - View Dependent Claims (56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67)
-
56. A computer-readable medium according to claim 55, wherein the first payment procedure further includes receiving, by the user processor, authentication data from a payment account issuer, the hidden data comprising the authentication data, and the authentication data being for authenticating an identity of an account holder of a payment account issued by the payment account issuer.
-
57. A computer-readable medium according to claim 56, wherein the first payment procedure further includes sending, from the user processor to the payment account issuer, a request for authentication of the identity of the account holder, the authentication data being sent from the payment account issuer to the user processor in response to the request for the authentication of the identity of the account holder.
-
58. A computer-readable medium according to claim 57, wherein the first payment procedure further includes the steps of:
-
sending an authorization request message from the merchant to a payment organization, the authorization request message being derived from the authentication data;
sending, from the payment organization to the payment account issuer, at least one of the authorization request message and a message derived from the authorization request message;
using, by the payment account issuer, a verification procedure to process the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message;
sending the authorization response message from the payment account issuer to the payment organization; and
sending, from the payment organization to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
-
59. A computer-readable medium according to claim 57, wherein the first payment procedure further includes the steps of:
-
sending a first authorization request message from the merchant to an acquirer, the first authorization request message being derived from the authentication data;
sending, from the acquirer to a payment organization, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message;
sending, from the payment organization to the payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages;
using, by the payment account issuer, a verification procedure to process the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message;
sending the first authorization response message from the payment account issuer to the payment organization;
sending, from the payment organization to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message; and
sending, from the acquirer to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
60. A computer-readable medium according to claim 56, wherein the first payment procedure further includes the steps of:
-
sending an authorization request message from the merchant to a payment organization, the authorization request message being derived from the authorization data;
sending, from the payment organization to the payment account issuer, at least one of the authorization request message and a message derived from the authorization request message;
using, by the payment account issuer, a verification procedure to process the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message;
sending the authorization response message from the payment account issuer to the payment organization; and
sending, from the payment organization to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
-
61. A computer-readable medium according to claim 56, wherein the first payment procedure further includes the steps of:
-
sending a first authorization request message from the merchant to an acquirer, the first authorization request message being derived from the authentication data;
sending, from the acquirer to a payment organization, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message;
sending, from the payment organization to the payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages;
using, by the payment account issuer, a verification procedure to process the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message;
sending the first authorization response message from the payment account issuer to the payment organization;
sending, from the payment organization to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message; and
sending, from the acquirer to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
62. A computer-readable medium according to claim 55, wherein the first payment procedure further includes the steps of:
-
sending an authorization request message from the merchant to a payment organization, the authorization request message being derived from the hidden data;
sending, from the payment organization to a payment account issuer, at least one of the authorization request message and a message derived from the authorization request message;
using, by the payment account issuer, a verification procedure to process the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message;
sending the authorization response message from the payment account issuer to the payment organization; and
sending, from the payment organization to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
-
63. A computer-readable medium according to claim 62, wherein the hidden data include at least data associated with the particular payment transaction, and the verification procedure comprises the steps of:
-
determining by the payment account issuer whether the data associated with the particular payment transaction have been previously used for authorizing any payment transaction; and
if the data associated with the particular payment transaction have been previously used for authorizing any payment transaction, including a denial of authorization in the authorization response message.
-
-
64. A computer-readable medium according to claim 55, wherein the first payment procedure further includes the steps of:
-
sending a first authorization request message from the merchant to an acquirer, the first authorization request message being derived from the hidden data;
sending, from the acquirer to a payment organization, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message;
sending, from the payment organization to a payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages;
using, by the payment account issuer, a verification procedure to process the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message;
sending the first authorization response message from the payment account issuer to the payment organization;
sending, from the payment organization to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message; and
sending, from the acquirer to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
65. A computer-readable medium according to claim 64, wherein the hidden data include at least data associated with the particular payment transaction, and the verification procedure comprises the steps of:
-
determining by the payment account issuer whether the data associated with the particular payment transaction have been previously used for authorizing any payment transaction; and
if the data associated with the particular payment transaction have been previously used for authorizing any payment transaction, including a denial of authorization in the first authorization response message.
-
-
66. A computer-readable medium according to claim 55, wherein the first payment procedure further includes the steps of:
-
sending an authorization request message from the merchant to a payment organization, the authorization request message being derived from the hidden data;
using, by the payment organization, a verification procedure to process the authorization request message, for generating an authorization response message; and
sending the authorization response message from the payment organization to the merchant.
-
-
67. A computer-readable medium according to claim 55, wherein the first payment procedure further includes the steps of:
-
sending a first authorization request message from the merchant to an acquirer, the first authorization request message being derived from the hidden data;
sending, from the acquirer to a payment organization, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message;
using, by the payment organization, a verification procedure to process the at least one of the first and second authorization request messages, for generating a first authorization response message;
sending the first authorization response message from the payment organization to the acquirer; and
sending, from the acquirer to the merchant, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message.
-
-
56. A computer-readable medium according to claim 55, wherein the first payment procedure further includes receiving, by the user processor, authentication data from a payment account issuer, the hidden data comprising the authentication data, and the authentication data being for authenticating an identity of an account holder of a payment account issued by the payment account issuer.
-
-
68. A computer-readable medium having a set of instructions operable to direct at least one processor to perform the steps of:
-
receiving a set of Web page data by a user processor, the set of Web page data being for displaying a Web page, and the Web page including at least one hidden field;
receiving, by the user processor, authentication data from a payment account issuer, the authentication data being for authenticating an identity of an account holder of a payment account issued by the payment account issuer; and
filling the at least one hidden field with the authentication data, by the user processor, for sending the authentication data to a merchant. - View Dependent Claims (69, 70, 71, 72, 73, 74, 75)
-
69. A computer-readable medium according to claim 68, wherein the set of instructions is further operable to direct the at least one processor to perform the step of sending, from the user processor to the payment account issuer, a request for authentication of the identity of the account holder, the authentication data being sent from the payment account issuer to the user processor in response to the request for the authentication of the identity of the account holder.
-
70. A computer-readable medium according to claim 69, wherein the set of instructions is further operable to direct the at least one processor to perform the steps of:
-
sending an authorization request message from the merchant to a payment organization, the authorization request message being derived from the authentication data;
sending, from the payment organization to the payment account issuer, at least one of the authorization request message and a message derived from the authorization request message;
using, by the payment account issuer, a verification procedure to process the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message;
sending the authorization response message from the payment account issuer to the payment organization; and
sending, from the payment organization to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
-
71. A computer-readable medium according to claim 69, wherein the set of instructions is further operable to direct the at least one processor to perform the steps of:
-
sending a first authorization request message from the merchant to an acquirer, the first authorization request message being derived from the authentication data;
sending, from the acquirer to a payment organization, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message;
sending, from the payment organization to the payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages;
using, by the payment account issuer, a verification procedure to process the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message;
sending the first authorization response message from the payment account issuer to the payment organization;
sending, from the payment organization to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message; and
sending, from the acquirer to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
72. A computer-readable medium according to claim 68, wherein the set of instructions is further operable to direct the at least one processor to perform the steps of:
-
sending an authorization request message from the merchant to a payment organization, the authorization request message being derived from the authentication data;
sending, from the payment organization to the payment account issuer, at least one of the authorization request message and a message derived from the authorization request message;
using, by the payment account issuer, a verification procedure to process the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message;
sending the authorization response message from the payment account issuer to the payment organization; and
sending, from the payment organization to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
-
73. A computer-readable medium according to claim 68, wherein the set of instructions is further operable to direct the at least one processor to perform the steps of:
-
sending a first authorization request message from the merchant to an acquirer, the first authorization request message being derived from the authentication data;
sending, from the acquirer to a payment organization, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message;
sending, from the payment organization to the payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages;
using, by the payment account issuer, a verification procedure to process the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message;
sending the first authorization response message from the payment account issuer to the payment organization;
sending, from the payment organization to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message; and
sending, from the acquirer to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
74. A computer-readable medium according to claim 68, wherein the set of instructions is further operable to direct the at least one processor to perform the steps of:
-
sending an authorization request message from the merchant to a payment organization, the authorization request message being derived from the authentication data;
using, by the payment organization, a verification procedure to process the authorization request message, for generating an authorization response message; and
sending the authorization response message from the payment organization to the merchant.
-
-
75. A computer-readable medium according to claim 68, wherein the set of instructions is further operable to direct the at least one processor to perform the steps of:
-
sending a first authorization request message from the merchant to an acquirer, the first authorization request message being derived from the authentication data;
sending, from the acquirer to a payment organization, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message;
using, by the payment organization, a verification procedure to process the at least one of the first and second authorization request messages, for generating a first authorization response message;
sending the first authorization response message from the payment organization to the acquirer; and
sending, from the acquirer to the merchant, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message.
-
-
69. A computer-readable medium according to claim 68, wherein the set of instructions is further operable to direct the at least one processor to perform the step of sending, from the user processor to the payment account issuer, a request for authentication of the identity of the account holder, the authentication data being sent from the payment account issuer to the user processor in response to the request for the authentication of the identity of the account holder.
-
-
76. A computer-readable medium having a set of instructions operable to direct a processor to perform the steps of:
-
receiving a first set of Web page data by a user processor, the first set of Web page data being for displaying a first Web page;
determining, by the user processor, whether the first Web page includes a first hidden field, the first hidden field being for indicating to the user software that the first Web page is capable of being used for performing a single-click payment procedure; and
if the first Web page includes the first hidden field, filling the first hidden field, by the user processor, with data for informing a merchant that the user software is being used for performing at least one payment transaction. - View Dependent Claims (77, 78, 79, 80, 81)
-
77. A method according to claim 76, wherein the set of instructions is further operable to direct the at least one processor to perform the step of receiving, from an account holder, a signal for selecting the single-click payment procedure to be performed using the first Web page.
-
78. A method according to claim 77, wherein the set of instructions is further operable to direct the at least one processor to perform the steps of:
-
receiving a second set of Web page data by the user processor, the second set of Web page data representing a second Web page, the second Web page including a second hidden field;
filling the second hidden field with authentication data, by the user processor, for sending the authentication data to the merchant, the authentication data being for authenticating an identity of the account holder; and
initiating transmission of the authentication data to the merchant.
-
-
79. A method according to claim 78, wherein the set of instructions is further operable to direct the at least one processor to perform the step of receiving the authentication data, by the user processor, from a payment account issuer which has issued a payment account to the account holder.
-
80. A computer-readable medium according to claim 79, wherein the set of instructions is further operable to direct the at least one processor to perform the steps of:
-
sending an authorization request message from the merchant to a payment organization, the authorization request message being derived from the authentication data;
sending, from the payment organization to the payment account issuer, at least one of the authorization request message and a message derived from the authorization request message;
using, by the payment account issuer, a verification procedure to process the at least one of the authorization request message and the message derived from the authorization request message, for generating an authorization response message;
sending the authorization response message from the payment account issuer to the payment organization; and
sending, from the payment organization to the merchant, at least one of the authorization response message and a message derived from the authorization response message.
-
-
81. A computer-readable medium according to claim 79, wherein the set of instructions is further operable to direct the at least one processor to perform the steps of:
-
sending a first authorization request message from the merchant to an acquirer, the first authorization request message being derived from the authentication data;
sending, from the acquirer to a payment organization, at least one of the first authorization request message and a second authorization request message derived from the first authorization request message;
sending, from the payment organization to the payment account issuer, at least one of the at least one of the first and second authorization request messages and a third authorization request message derived from the at least one of the first and second authorization request messages;
using, by the payment account issuer, a verification procedure to process the at least one of the at least one of the first and second authorization request messages and the third authorization request message, for generating a first authorization response message;
sending the first authorization response message from the payment account issuer to the payment organization;
sending, from the payment organization to the acquirer, at least one of the first authorization response message and a second authorization response message derived from the first authorization response message; and
sending, from the acquirer to the merchant, at least one of the at least one of the first and second authorization response messages and a third authorization response message derived from the at least one of the first and second authorization response messages.
-
-
77. A method according to claim 76, wherein the set of instructions is further operable to direct the at least one processor to perform the step of receiving, from an account holder, a signal for selecting the single-click payment procedure to be performed using the first Web page.
-
Specification
- Resources
-
Current AssigneeMastercard International Incorporated (MasterCard Incorporated)
-
Original AssigneeMastercard International Incorporated (MasterCard Incorporated)
-
InventorsRutherford, Bruce, Orfei, Stephen, Kranzley, Arthur, Hogan, Edward, Campbell, Carl
-
Primary Examiner(s)Trammell, James P.
-
Assistant Examiner(s)Greene, Daniel L.
-
Application NumberUS10/096,271Publication NumberTime in Patent Office1,212 DaysField of Search705/40, 705/34, 705/64, 705/67, 705/74, 705/75, 705/76, 705/42, 705/44, 705/65, 715/512, 715/513, 715/539, 380/24US Class Current705/64CPC Class CodesG06Q 20/02 involving a neutral party, ...G06Q 20/10 specially adapted for elect...G06Q 20/12 specially adapted for elect...G06Q 20/14 specially adapted for billi...G06Q 20/367 involving electronic purses...G06Q 20/3674 involving authenticationG06Q 20/382 insuring higher security of...G06Q 20/383 Anonymous user systemG06Q 20/388 using mutual authentication...G06Q 30/06 Buying, selling or leasing ...