Secure networked transaction system
First Claim
1. A method of approving an online transaction between a user computer and a merchant computer interconnected over a computer network, in conjunction with a payment card associated with the user computer, comprising the steps of:
- a) transmitting a transaction request from the user computer to the merchant computer,b) transmitting a verification request from the merchant computer to a verification computer, the verification request comprising a first data string associated with the payment card;
c) storing the verification request at the verification computer in association with a transaction identifier and a verification data string;
d) transmitting the transaction identifier and the verification data string from the verification computer to the merchant computer;
e) storing at the merchant computer (i) the verification data string as an expected verification data string, and (ii) the transaction identifier;
f) transmitting from the merchant computer to the user computer the transaction identifier;
g) the user computer transmitting to the verification computer (i) the transaction identifier, and (ii) a second data string associated with the payment card;
h) the verification computer using the transaction identifier received from the user computer to retrieve the verification request previously stored by the verification computer with that received transaction identifier;
i) the verification computer performing a verification step by using the first data string associated with the payment card retrieved from storage and the second data string associated with the payment card received from the user computer to verify if the transaction should be approved;
j) upon successful verification that the transaction should be approved, the verification computer transmitting a verification approval message to the user computer, the verification approval message comprising the transaction identifier and the verification data string associated therewith as a confirmation verification data string;
k) the user computer transmitting the verification approval message to the merchant computer;
l) the merchant computer using the transaction identifier in the verification approval message to retrieve an expected verification data string previously stored;
m) the merchant computer comparing the expected verification data string with the confirmation verification data string from the verification approval message; and
n) the merchant computer indicating that the transaction has been approved if the comparison is positive.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and system for approval by a verification computer of an online transaction between a user computer and a merchant computer over the Internet. The user computer transmits a transaction request to the merchant computer, which may include a product to be purchased and the payment amount. The merchant computer transmits to the verification computer a verification request including a first data string associated with the payment card (such as a debit card account number or a portion thereof) and the payment amount. The verification request is stored at the verification computer with a transaction identifier and a verification data string, which are also transmitted to the merchant computer. The merchant computer stores the verification data string as an expected verification data string and the transaction identifier, transmits the transaction identifier to the user computer, and the user computer transmits the transaction identifier to the verification computer. This may be accomplished by the merchant computer redirecting the web browser of the user computer to the verification computer. The user computer also transmits a second data string associated with the payment card (such as the PIN for the debit card) after being requested by the verification computer. The verification computer uses the transaction identifier received via the user computer to retrieve the verification request previously stored with that received transaction identifier, and then it performs a verification step by using the first data string associated with the payment card retrieved from storage and the second data string associated with the payment card received from the user computer to verify if the transaction should be approved, e.g. by determining if an account associated with the payment card is sufficient to cover the payment amount in the verification request. The verification computer will, upon successful verification that the transaction should be approved, transmit a verification approval message to the user computer, which includes the transaction identifier and the verification data string associated therewith as a confirmation verification data string, and the user computer transmits the verification approval message to the merchant computer. This may also be accomplished by the verification computer redirecting the web browser of the user computer to the merchant computer with the appropriate data. The merchant computer uses the transaction identifier in the verification approval message to retrieve an expected verification data string it had previously stored. The merchant computer then compares the expected verification data string with the confirmation verification data string from the verification approval message and indicates that the transaction has been approved if the comparison is positive.
139 Citations
113 Claims
-
1. A method of approving an online transaction between a user computer and a merchant computer interconnected over a computer network, in conjunction with a payment card associated with the user computer, comprising the steps of:
-
a) transmitting a transaction request from the user computer to the merchant computer, b) transmitting a verification request from the merchant computer to a verification computer, the verification request comprising a first data string associated with the payment card; c) storing the verification request at the verification computer in association with a transaction identifier and a verification data string; d) transmitting the transaction identifier and the verification data string from the verification computer to the merchant computer; e) storing at the merchant computer (i) the verification data string as an expected verification data string, and (ii) the transaction identifier; f) transmitting from the merchant computer to the user computer the transaction identifier; g) the user computer transmitting to the verification computer (i) the transaction identifier, and (ii) a second data string associated with the payment card; h) the verification computer using the transaction identifier received from the user computer to retrieve the verification request previously stored by the verification computer with that received transaction identifier; i) the verification computer performing a verification step by using the first data string associated with the payment card retrieved from storage and the second data string associated with the payment card received from the user computer to verify if the transaction should be approved; j) upon successful verification that the transaction should be approved, the verification computer transmitting a verification approval message to the user computer, the verification approval message comprising the transaction identifier and the verification data string associated therewith as a confirmation verification data string; k) the user computer transmitting the verification approval message to the merchant computer; l) the merchant computer using the transaction identifier in the verification approval message to retrieve an expected verification data string previously stored; m) the merchant computer comparing the expected verification data string with the confirmation verification data string from the verification approval message; and n) the merchant computer indicating that the transaction has been approved if the comparison is positive. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A system for approving an online transaction comprising:
-
a) a user computer; b) a merchant computer; and c) a verification computer; said user computer, said merchant computer, and said verification computer are interconnected to a computer network; wherein said online transaction is executed in conjunction with a payment card associated with said user computer; and
further wherein;a) said user computer is programmed to transmit a transaction request to the merchant computer; b) said merchant computer is programmed to transmit a verification request to the verification computer, the verification request comprising a first data string associated with the payment card; c) said verification computer is programmed to (i) store the verification request in association with a transaction identifier and a verification data string, and (ii) transmit the transaction identifier and the verification data string to the merchant computer; d) said merchant computer is further programmed to store (i) the verification data string as an expected verification data string, and (ii) the transaction identifier, and to transmit to the user computer the transaction identifier; e) said user computer user computer is further programmed to transmit to the verification computer (i) the transaction identifier, and (ii) a second data string associated with the payment card; f) said verification computer is further programmed to (i) use the transaction identifier received from the user computer to retrieve the verification request previously stored with that received transaction identifier, to (ii) perform a verification step by using the first data string associated with the payment card retrieved from storage and the second data string associated with the payment card received from the user computer to verify if the transaction should be approved, to (iii) transmit, upon successful verification that the transaction should be approved, a verification approval message to the user computer, the verification approval message comprising the transaction identifier and the verification data string associated therewith as a confirmation verification data string; g) said user computer is further programmed to transmit the verification approval message to the merchant computer; h) said merchant computer is further programmed to (i) use the transaction identifier in the verification approval message to retrieve an expected verification data string previously stored, to (ii) compare the expected verification data string with the confirmation verification data string from the verification approval message, and to (iii) indicate that the transaction has been approved if the comparison is positive. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
-
41. A method of a merchant computer obtaining approval from a verification computer of an online transaction requested by a user computer in conjunction with a payment card associated with the user computer, comprising the steps of:
-
a) on receipt of a transaction request, the merchant computer transmitting a verification request to the verification computer, the verification request comprising a first data string associated with the payment card; b) storing the verification request at the verification computer in association with a transaction identifier and a verification data string; c) transmitting the transaction identifier and the verification data string from the verification computer to the merchant computer; d) storing at the merchant computer (i) the verification data string as an expected verification data string, and (ii) the transaction identifier; e) transmitting the transaction identifier from the merchant computer to the verification computer via the user computer; f) the verification computer obtaining from the user computer a second data string associated with the payment card; g) the verification computer using the transaction identifier received from the merchant computer via the user computer to retrieve the verification request previously stored by the verification computer with that received transaction identifier; h) the verification computer performing a verification step by using the first data string associated with the payment card retrieved from storage and the second data string associated with the payment card received from the user computer to verify if the transaction should be approved; i) upon successful verification that the transaction should be approved, the verification computer transmitting a verification approval message to the merchant computer via the user computer, the verification approval message comprising the transaction identifier and the verification data string associated therewith as a confirmation verification data string; j) the merchant computer using the transaction identifier in the verification approval message to retrieve an expected verification data string previously stored; k) the merchant computer comparing the expected verification data string with the confirmation verification data string from the verification approval message; and l) the merchant computer indicating that the transaction has been approved if the comparison is positive. - View Dependent Claims (42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60)
-
-
61. A system for approving an online transaction comprising:
-
a) a merchant computer; and b) a verification computer; said merchant computer and said verification computer are interconnected to a computer network; wherein said online transaction is executed in conjunction with a payment card; and
further wherein;a) said merchant computer is programmed to receive a transaction request and in response thereto transmit a verification request to the verification computer, the verification request comprising a first data string associated with the payment card; b) said verification computer is programmed to (i) store the verification request in association with a transaction identifier and a verification data string, and (ii) transmit the transaction identifier and the verification data string to the merchant computer; c) said merchant computer is further programmed to store (i) the verification data string as an expected verification data string, and (ii) the transaction identifier, and to transmit the transaction identifier to the verification computer via a user computer interconnected to the computer network; d) said verification computer is further programmed to (i) use the transaction identifier received from the merchant computer via the user computer to retrieve the verification request previously stored with that received transaction identifier, (ii) obtain a second data string associated with the payment card from a user computer (iii) perform a verification step by using the first data string associated with the payment card retrieved from storage and the second data string associated with the payment card received from the user computer to verify if the transaction should be approved, to (iv) transmit, upon successful verification that the transaction should be approved, a verification approval message to the merchant computer via the user computer, the verification approval message comprising the transaction identifier and the verification data string associated therewith as a confirmation verification data string; e) said merchant computer is further programmed to (i) use the transaction identifier in the verification approval message to retrieve an expected verification data string previously stored, to (ii) compare the expected verification data string with the confirmation verification data string from the verification approval message, and to (iii) indicate that the transaction has been approved if the comparison is positive. - View Dependent Claims (62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80)
-
-
81. A method of a verification computer approving an online transaction between a user computer and a merchant computer interconnected over a computer network, in conjunction with a payment card associated with the user computer, comprising the steps of:
-
a) receiving a verification request from the merchant computer, the verification request comprising a first data string associated with the payment card; b) storing the verification request in association with a transaction identifier and a verification data string; c) transmitting the transaction identifier and the verification data string to the merchant computer; d) receiving from the user computer (i) the transaction identifier, said transaction identifier having been previously transmitted from the merchant computer to the user computer, and (ii) a second data string associated with the payment card; e) using the transaction identifier received from the user computer to retrieve the verification request previously stored with that received transaction identifier; f) performing a verification step by using the first data string associated with the payment card retrieved from storage and the second data string associated with the payment card received from the user computer to verify if the transaction should be approved; and g) upon successful verification that the transaction should be approved, transmitting a verification approval message to the user computer, the verification approval message comprising the transaction identifier and the verification data string associated therewith as a confirmation verification data string; whereby upon receipt of the verification approval message, and the user computer transmitting the verification approval message to the merchant computer, and the merchant computer using the transaction identifier in the verification approval message to retrieve an expected verification data string previously stored; and the merchant computer comparing the expected verification data string with the confirmation verification data string from the verification approval message;
then the merchant computer indicates that the transaction has been approved if the comparison is positive.- View Dependent Claims (82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95)
-
-
96. A verification computer for approving an online transaction between a user computer and a merchant computer, comprising:
-
means for communicating with each of the user computer and the merchant computer over a computer network; processing means programmed to; a) receive a verification request from a merchant computer, the verification request comprising a first data string associated with the payment card; b) store the verification request in association with a transaction identifier and a verification data string; c) transmit the transaction identifier and the verification data string to the merchant computer; d) receive from the user computer (i) the transaction identifier, said transaction identifier having been previously transmitted from the merchant computer to the user computer, and (ii) a second data string associated with the payment card; e) use the transaction identifier received from the user computer to retrieve the verification request previously stored with that received transaction identifier; f) perform a verification step by using the first data string associated with the payment card retrieved from storage and the second data string associated with the payment card received from the user computer to verify if the transaction should be approved; and g) upon successful verification that the transaction should be approved, transmit a verification approval message to the user computer, the verification approval message comprising the transaction identifier and the verification data string associated therewith as a confirmation verification data string; whereby upon receipt of the verification approval message, and the user computer transmitting the verification approval message to the merchant computer, and the merchant computer using the transaction identifier in the verification approval message to retrieve an expected verification data string previously stored; and the merchant computer comparing the expected verification data string with the confirmation verification data string from the verification approval message;
then the merchant computer indicates that the transaction has been approved if the comparison is positive. - View Dependent Claims (97, 98, 99, 100, 101)
-
-
102. A method of a merchant computer obtaining approval for an online transaction between a user computer and the merchant computer in conjunction with a payment card associated with the user computer, comprising the steps of:
-
a) receiving a transaction request from the user computer; b) transmitting a verification request to a verification computer, the verification request comprising a first data string associated with the payment card; c) receiving from the verification computer a transaction identifier and a verification data string; d) storing (i) the verification data string as an expected verification data string, and (ii) the transaction identifier; e) transmitting to the verification computer via the user computer the transaction identifier; f) receiving from the verification computer via the user computer a verification approval message, the verification approval message comprising the transaction identifier and a verification data string associated therewith as a confirmation verification data string; g) using the transaction identifier in the verification approval message to retrieve an expected verification data string previously stored; h) comparing the expected verification data string with the confirmation verification data string from the verification approval message; and i) indicating that the transaction has been approved if the comparison is positive. - View Dependent Claims (103, 104, 105, 106, 107, 108, 109, 110)
-
-
111. A merchant computer for executing an online transaction with a user computer on approval by a verification computer, comprising:
-
means for communicating with each of the user computer and the verification computer over a computer network; processing means programmed to; a) receive a transaction request from the user computer; b) transmit a verification request to the verification computer, the verification request comprising a first data string associated with the payment card; c) receive from the verification computer a transaction identifier and a verification data string; d) store (i) the verification data string as an expected verification data string, and (ii) the transaction identifier; e) transmit to the verification computer via the user computer the transaction identifier; f) receive from the verification computer via the user computer a verification approval message, the verification approval message comprising the transaction identifier and a verification data string associated therewith as a confirmation verification data string; g) use the transaction identifier in the verification approval message to retrieve an expected verification data string previously stored; h) comparing the expected verification data string with the confirmation verification data string from the verification approval message; and i) indicating that the transaction has been approved if the comparison is positive. - View Dependent Claims (112, 113)
-
Specification