Methods and systems for single sign-on authentication in a multi-vendor e-commerce environment and directory-authenticated bank drafts
First Claim
1. A computer-implemented draft authentication method for use in e-commerce, comprising the steps of:
- establishing a partner relationship with a plurality of draft payees, the established partner relationship authorizing the draft payee to present drafts for payment;
storing authentication information for each of a plurality of draft drawers the authentication information being linked at least to the respective drawer'"'"'s financial information;
authenticating a drawer against the stored authentication information;
retrieving at least the drawer'"'"'s financial information and establishing constraints based on the retrieved financial information;
honoring a draft presented by a payee with whom the drawee has a partner relationship only when the drawer of the presented draft is successfully authenticated by the drawee and the constraints are satisfied.
0 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented draft authentication method for use in e-commerce includes the steps of establishing partner relationships between a financial institution and a plurality of World Wide Web (Web) vendors and storing, for each of a plurality of Web customers, at least one piece of unique identifying information linked to the Web customer'"'"'s financial information. Web customers executing drafts or causing drafts to be executed by the Web vendors and presented to the financial institution are authenticated by immediately encrypting at least a portion of an identification data set provided by the Web customer over the network and by successfully matching the immediately encrypted identification data set with the stored piece(s) of encrypted identifying information. The Web customer'"'"'s financial information is then retrieved only by the financial institution and constraints are established based on the retrieved information. The financial institution then honors drafts presented by the Web vendors with whom the drawee has a partner relationship only when the Web customer is successfully authenticated and the constraints are satisfied. Only the identification information (such as biometric data and/or ID and password pairs) of each of the Web customers is securely replicated from the financial institution to each of the Web vendors. LDAP-compatible Directory software may be utilized as the means of storing, processing and replicating the Web customer'"'"'s identification information to each of the Web vendors. The financial institution warrants the security of the system and controls the replication and content of the Directories at each of the Web vendor sites.
-
Citations
29 Claims
-
1. A computer-implemented draft authentication method for use in e-commerce, comprising the steps of:
-
establishing a partner relationship with a plurality of draft payees, the established partner relationship authorizing the draft payee to present drafts for payment; storing authentication information for each of a plurality of draft drawers the authentication information being linked at least to the respective drawer'"'"'s financial information; authenticating a drawer against the stored authentication information; retrieving at least the drawer'"'"'s financial information and establishing constraints based on the retrieved financial information; honoring a draft presented by a payee with whom the drawee has a partner relationship only when the drawer of the presented draft is successfully authenticated by the drawee and the constraints are satisfied. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-implemented method for a financial institution to carry out secure e-commerce over the World Wide Web (Web), comprising the steps of:
-
storing authentication information for each of a plurality of Web customers; authenticating Web customers against the stored authentication information; providing authenticated Web customers with access to a plurality of Web vendors with whom the financial institution has a partner relationship via a secure Web site that is accessible only to authenticated Web customers; and honoring drafts presented by the Web vendors accessed through the secure Web site for purchases made by the authenticated Web customers, provided predetermined constraints are met. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A machine-readable medium having data stored thereon representing sequences of instructions which, when executed by one or more computers coupled to a network, causes the computers to perform the steps of:
-
establishing a partner relationship with a plurality of draft payees, the established partner relationship authorizing the draft payee to present drafts for payment; storing, for each of a plurality of draft drawers, authentication information that is linked at least to drawer'"'"'s financial information; authenticating a drawer using the stored authentication information; retrieving at least the drawer'"'"'s financial information and establishing constraints based on the retrieved financial information; honoring a draft presented by a payee with whom a drawee of the draft has a partner relationship only when the drawer of the presented draft is successfully authenticated by the drawee and the constraints are satisfied. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27)
-
-
28. A computer system for carrying out e-commerce, comprising:
-
at least one first computer managed by a financial institution, the at least one first computer storing identifying information of a plurality of Web customers that maintain a relationship with the financial institution; a second computer managed by a Web vendor, the second computer storing a master list controlled by the at least one first computer, the master list including the identifying information of the plurality of Web customers and an identification of the financial institution; a Web-enabled device managed by a Web customer;
the Web-enabled device being adapted to accept input from the Web customer and to communicate with the second computer to provide authentication information to the second computer;wherein the second computer is configured to compare the provided authentication information to entries in the master list, the Web customer being authenticated by the second computer only upon matching the provided authentication information to an entry in the master list, and wherein the at least one first computer managed by the financial institution is configured to only honor drafts executed by authenticated Web customers. - View Dependent Claims (29)
-
Specification