Method and system for secure guaranteed transactions over a computer network
First Claim
1. A method for providing secure guaranteed transactions over a computer network, said transactions conducted between a user and a recipient merchant, said method comprising the steps ofa) authenticating a user;
- b) receiving a recipient merchant request;
c) generating an authentication document, if said user is authentic;
d) adding a digital signature to said authentication document; and
e) transmitting said authentication document and a URL link comprising a recipient merchant site address to said user, whereby the user can access said recipient merchant site by activating said URL link.
3 Assignments
0 Petitions
Accused Products
Abstract
A trusted third-party authentication protocol that facilitates secure commercial transactions over computer networks between a merchant and a user. The method and system of the present invention generally involves three entities: 1) a guarantor, which acts as a trusted arbitrator, 2) a merchant, and 3) a consumer or user. In one embodiment, the guarantor authenticates users and provides authentication documents back to the user for use in transactions with merchants. The authentication document generated by the guarantor can be used as a means to validate a user'"'"'s identity and/or to provide authorization/validation of a specific transaction.
-
Citations
21 Claims
-
1. A method for providing secure guaranteed transactions over a computer network, said transactions conducted between a user and a recipient merchant, said method comprising the steps of
a) authenticating a user; -
b) receiving a recipient merchant request; c) generating an authentication document, if said user is authentic; d) adding a digital signature to said authentication document; and e) transmitting said authentication document and a URL link comprising a recipient merchant site address to said user, whereby the user can access said recipient merchant site by activating said URL link. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
2. A method for providing secure guaranteed transactions over a computer network, said transactions conducted between a user and a recipient merchant, said merchant having at least one public encryption key and a corresponding private key, said method comprising the steps of
(a) authenticating a user; -
(b) receiving a recipient merchant request; (c) generating an authentication document, if said user is authentic; (d) adding a digital signature to said authentication document, (e) encrypting said authentication document with the public key of said recipient merchant; and (f) transmitting said encrypted authentication document to said user, wherein said transmitting step (f) further comprises the steps of packaging said encrypted authentication document as an open cookie; and
transmitting said open cookie to said user.
-
-
3. An apparatus for providing secure guaranteed transactions over a computer network, said transactions conducted between a user and a recipient merchant, said user authenticated by a guarantor, said apparatus comprising:
-
a database, said database containing a list user accounts and passwords, or encrypted representations thereof, corresponding to said user accounts; and a server operably coupled to said database, said server comprising; means for authenticating a user and receiving a recipient merchant request; means for generating an authentication document; means for adding a digital signature to said authentication document, means for generating a URL link comprising a recipient merchant site address; and means for transmitting said encrypted authentication document and said URL link to said user. - View Dependent Claims (17, 18)
-
-
4. A method for providing secure guaranteed transactions over a computer network, said transactions conducted between a user and a recipient merchant, said merchant having at least one public encryption key, said user authenticated by a guarantor, said method comprising the steps of
a) receiving an authentication document from a user, said authentication document encrypted with a public encryption key of said recipient merchant and including a digital signature; -
b) decrypting said authentication document with the corresponding private key of said recipient merchant; c) authenticating said digital signature; and d) processing the user'"'"'s request, if said digital signature is authentic and said authentication document is valid, wherein said authentication document is packaged as an open cookie and wherein said receiving step (a) comprises uploading said open cookie. - View Dependent Claims (19, 20, 21)
-
-
5. A method for providing secure guaranteed transactions over a computer network, said transactions conducted between a user and a recipient merchant, said method comprising the steps of
a) authenticating a user; -
b) receiving a recipient merchant request, said recipient merchant request including a merchant transaction identifier; c) generating an authentication document including said merchant transaction identifier, if said user is authentic; d) adding a digital signature to said authentication document; and e) transmitting said authentication document to said user, wherein said recipient merchant request originates from a merchant as a redirect message transmitted to said user.
-
-
16. The method of claim wherein said public key and said private key are shared by at least two recipient merchants.
Specification