×

Method for secure electronic commercial transaction on-line processing

  • US 7,865,446 B2
  • Filed: 12/10/2002
  • Issued: 01/04/2011
  • Est. Priority Date: 12/11/2001
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method for on-line processing of electronic commercial transactions between a purchaser'"'"'s network access device and a vendor'"'"'s computer connectable over a first, open data communication network, the method comprising:

  • providing a transaction-processing computer system, wherein providing the transaction-processing computer comprises providing a plurality of transaction-processing server computers disseminated in different geographic areas, and interconnecting the plurality of transaction-processing server computers to each other through at least one non-open communication network;

    providing the vendor'"'"'s computer;

    providing a dedicated high-speed connection connecting the transaction-processing computer system to the open data communication network such that no sensitive information ever travels on the open data communication network;

    under the control of the purchaser'"'"'s network access device, establishing a first, uninterrupted connection to the vendor'"'"'s computer over the open data communication network, wherein the purchaser'"'"'s network access device is a mobile phone supporting browsing software;

    under the control of the purchaser'"'"'s network access device, transmitting to the vendor'"'"'s computer, over the open data communication network, non-security-sensitive identifying information allowing the vendor'"'"'s computer to identify the purchaser as enabled to perform the transaction;

    under the control of the vendor'"'"'s computer, transmitting to the purchaser'"'"'s network access device non-security-sensitive transaction information including a transaction amount;

    under the control of the purchaser'"'"'s network access device, establishing a second connection to the transaction processing computer system over a second, non-open data communication network, wherein the transaction processing computer is managed by a third party company entrusted by a credit card company, the third party company being allowed to charge a credit card account of the purchaser, and transmitting to the transaction-processing computer system, over the non-open data communication network, the transaction information and security-sensitive information, including a purchaser'"'"'s personal identification information for allowing the transaction-processing computer system to ascertain the identity of the purchaser, wherein the second connection is maintained simultaneously with the first connection; and

    under the control of the transaction processing computer system, identifying the purchaser by using the purchaser'"'"'s personal identification information, charging the transaction amount on a purchaser'"'"'s account, establishing a connection to the vendor'"'"'s computer over a third, non-open data communication network, and communicating to the vendor'"'"'s computer a transaction approval,wherein the third, non-open data communication network is selected from the group consisting of a non-open frame relay network, a non-open ATM network, and a private data communication network; and

    prior to conducting commercial transactions, issuing an electronic credit certificate to the purchaser, the electronic credit certificate being stored on a portable storage support, and activating the electronic credit certificate, the electronic credit certificate having a plurality of fields, the plurality of fields including at least a first field containing encrypted information for identifying the purchaser, a second field containing a credit certificate identification (ID) code for identifying the credit certificate, and a third field for containing an expiration date of the credit certificate,the activating including;

    inserting the portable storage support into a read/write unit of the purchaser'"'"'s network access device;

    establishing a connection over the non-open communication network and using the connection over the non-open communication network,sending the credit certificate ID code to the transaction-processing computer system;

    receiving a request from the transaction-processing computer system for a personal identification number (PIN), the PIN being subject to an expiration date;

    displaying the request for a PIN on the purchaser'"'"'s network access device;

    transmitting the purchaser-entered PIN to the transaction-processing computer system;

    in a case that the purchaser-entered PIN is valid, activating the credit certificate; and

    displaying a message on the purchaser'"'"'s network access device indicating notifying the purchaser of the activation; and

    wherein the portable storage support is selected from the group consisting of a floppy disk, a memory card, a USB memory key, and a portable hard-disk drive, andwherein the portable storage support includes the non-security-sensitive identifying information, the purchaser'"'"'s network access device retrieving from the electronic credit certificate the non-security-sensitive information to be transmitted to the vendor'"'"'s computer.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×