Online card present transaction
First Claim
Patent Images
1. An online card present transaction method comprising:
- detecting, from a host system, the presence of a smart card reader connected to a client computer;
presenting to a user a payment option for using a smart card for payment in response to the detection of the smart card reader;
receiving, from said client computer, a selection by said user of said payment option;
transmitting, to said client computer, a challenge string in response to said selection by said user, wherein said challenge string prompts said user to insert a smart card into said smart card reader, wherein said smart card stores a digital certificate;
receiving, at said host system, a copy of said digital certificate and a signed challenge string from said client computer, wherein said challenge string is signed to create the signed challenge string and said digital certificate is accessed in response to the user entering a Personal Identification Number (PIN);
authenticating, at said host system, said smart card using said signed challenge string and said copy of said digital certificate;
generating, at said host system, a secondary transaction account number, wherein said secondary transaction account number is valid for a single purchase transaction;
associating, at said host system, said secondary transaction account number with said transaction account of said user; and
,communicating, by said host system, said secondary transaction account number over said authenticated communication channel to a merchant, wherein said merchant submits a payment request based on said secondary transaction account number.
5 Assignments
0 Petitions
Accused Products
Abstract
An online card-present transaction system facilitates card-present type transactions with a merchant over a public network. A host system is configured to accept authentication data from a user via an authentication device. The host system, after authenticating a user is configured to retrieve the user'"'"'s account information from a user database system and translate a user account number into a temporary transaction number. The temporary transaction number is then transmitted directly from the host system to the merchant, thereby eliminating the need for the user to send to the merchant over the internet, the user'"'"'s transaction account number.
328 Citations
8 Claims
-
1. An online card present transaction method comprising:
-
detecting, from a host system, the presence of a smart card reader connected to a client computer; presenting to a user a payment option for using a smart card for payment in response to the detection of the smart card reader; receiving, from said client computer, a selection by said user of said payment option; transmitting, to said client computer, a challenge string in response to said selection by said user, wherein said challenge string prompts said user to insert a smart card into said smart card reader, wherein said smart card stores a digital certificate; receiving, at said host system, a copy of said digital certificate and a signed challenge string from said client computer, wherein said challenge string is signed to create the signed challenge string and said digital certificate is accessed in response to the user entering a Personal Identification Number (PIN); authenticating, at said host system, said smart card using said signed challenge string and said copy of said digital certificate; generating, at said host system, a secondary transaction account number, wherein said secondary transaction account number is valid for a single purchase transaction; associating, at said host system, said secondary transaction account number with said transaction account of said user; and
,communicating, by said host system, said secondary transaction account number over said authenticated communication channel to a merchant, wherein said merchant submits a payment request based on said secondary transaction account number. - View Dependent Claims (2, 3)
-
-
4. An online-card-present transaction method comprising:
-
communicating with a client computer over a distributed network; detecting the presence of a smart card reader connected to said client computer by a merchant computer over said distributed network; presenting a user of said client computer with a payment option for using a smart card for payment in response to the detection of the smart card reader; receiving a selection by said user of said payment option; redirecting said client computer to a website of a host system in response to said detection;
wherein said host system;transmits a challenge string to said client computer, wherein said challenge string prompts said user to insert said smart card into said smart card reader, wherein said smart card stores a digital certificate; receives a copy of said digital certificate and a signed challenge string from said client computer, wherein said challenge string is signed to create the signed challenge string and said digital certificate is accessed in response to the user entering a Personal Identification Number (PIN); authenticates said smart card using said signed challenge string and said copy of said digital certificate; generates a secondary transaction account number, wherein said secondary transaction account number is valid for a single purchase transaction; associates said secondary transaction account number with an account of said user; and
,communicates said secondary transaction account number to said client computer, wherein said user of said client computer submits a payment request based on said secondary transaction account number; and
,receiving account information including said secondary transaction account number from said host system over said authenticated communication channel, wherein said account information and said secondary transaction account number facilitates completion of a transaction between said user and a merchant. - View Dependent Claims (5, 6)
-
-
7. An online card-present transaction method, comprising:
-
transmitting to a merchant computer a request to facilitate a transaction with a merchant; receiving a payment option for using a smart card for payment in response to said merchant computer detecting a presence of a smart card reader connected to a client; transmitting a selection by said user of said payment option; receiving a challenge string in response to said selection; receiving a prompt from said challenge string to insert said smart card into a smart card reader, wherein said smart card stores a digital certificate; entering a Personal Identification Number (PIN) which triggers signing of said challenge string to create a signed challenge string and which accesses said digital certificate; transmitting a copy of said digital certificate and said signed challenge string to a host computer, wherein said host computer; authenticates said smart card using said signed challenge string and said copy of said digital certificate; retrieves a primary transaction account number associated with said digital certificate; generates a secondary transaction account number, wherein said secondary transaction account number is valid for a single purchase transaction; associates said secondary transaction account number with said primary transaction account number; and provides said secondary transaction account number to said merchant computer, wherein said merchant computer submits a payment request based on said secondary transaction account number. - View Dependent Claims (8)
-
Specification