Anonymous payment with a verification possibility by a defined party
First Claim
1. A computerized method for verifying an anonymous payment by a defined party in a communication system providing a public key infrastructure, the method comprising:
- receiving a validation message from a merchant party via an input port of a computer, the validation message comprising a proof signature produced by a customer party and an encrypted payment message, the proof signature being derived from a zero-knowledge proof
1) of knowledge of a customer secret key, a customer certificate, and at least one customer attribute,
2) that the encrypted payment message encrypts said customer attribute, and
3) that said customer certificate is valid and is related to said customer secret key, thereby allowing said customer secret key, said customer certificate, and said at least one customer attribute to remain anonymous to said merchant party;
verifying, by said computer, a validity of the proof signature based on an issuing public key, a verification public key, and the encrypted payment message;
decrypting, by said computer, at least part of the encrypted payment message based on a verification secret key corresponding to the verification public key, thereby obtaining a customer information related to the at least one customer attribute; and
in an event of the validity of the proof signature, the computer using the obtained customer information for initializing an authentication of the payment, and, in an event the proof siginature is not valid, the computer provides an indication that the proof siginature was not valid.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention relates to a method for verifying an anonymous payment by a defined party in a communication system providing a public key infrastructure. The method comprising the steps of (a) receiving a validation message from a merchant party, the validation message comprising a proof signature produced by a customer party and an encrypted payment message, the proof signature being derived from a customer secret key, a customer certificate, at least one customer attribute, and the encrypted payment message; (b) verifying the validity of the proof signature based on an issuing public key, a verification public key, and the encrypted payment message; (c) decrypting at least part of the encrypted payment message based on a verification secret key corresponding to the verification public key, thereby obtaining a customer information related to the at least one customer attribute. In the event of the validity of the proof signature (d) the obtained customer information is used for initializing the authorization of the payment.
30 Citations
14 Claims
-
1. A computerized method for verifying an anonymous payment by a defined party in a communication system providing a public key infrastructure, the method comprising:
-
receiving a validation message from a merchant party via an input port of a computer, the validation message comprising a proof signature produced by a customer party and an encrypted payment message, the proof signature being derived from a zero-knowledge proof
1) of knowledge of a customer secret key, a customer certificate, and at least one customer attribute,
2) that the encrypted payment message encrypts said customer attribute, and
3) that said customer certificate is valid and is related to said customer secret key, thereby allowing said customer secret key, said customer certificate, and said at least one customer attribute to remain anonymous to said merchant party;verifying, by said computer, a validity of the proof signature based on an issuing public key, a verification public key, and the encrypted payment message; decrypting, by said computer, at least part of the encrypted payment message based on a verification secret key corresponding to the verification public key, thereby obtaining a customer information related to the at least one customer attribute; and in an event of the validity of the proof signature, the computer using the obtained customer information for initializing an authentication of the payment, and, in an event the proof siginature is not valid, the computer provides an indication that the proof siginature was not valid. - View Dependent Claims (2, 3, 4, 5, 6, 13, 14)
-
-
7. A program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform a method for verifying an anonymous payment by a defined party in a communication system providing a public key infrastructure, the method comprising:
-
receiving a validation message from a merchant party, the validation message comprising a proof signature produced by a customer party and an encrypted payment message, the proof signature being derived from a zero-knowledge proof
1) of knowledge of a customer secret key, a customer certificate, and at least one customer attribute,
2) that the encrypted payment message encrypts said customer attribute, and
3) that said customer certificate is valid and is related to said customer secret key, thereby allowing said customer secret key, said customer certificate, and said at least one customer attribute to remain anonymous to said merchant party;verifying a validity of the proof signature based on an issuing public key, a verification public key, and the encrypted payment message; decrypting at least part of the encrypted payment message based on a verification secret key corresponding to the verification public key, thereby obtaining a customer information related to the at least one customer attribute; and in an event of the validity of the proof signature, using the obtained customer information for initializing the authentication of the payment, and, in an event the proof signature is not valid, providing an indication that the proof signature was not valid. - View Dependent Claims (8, 9, 10, 11, 12)
-
Specification