Method for secure electronic commercial transaction on-line processing

US 7,865,446 B2
Filed: 12/10/2002
Issued: 01/04/2011
Est. Priority Date: 12/11/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method for on-line processing of electronic commercial transactions between a purchaser'"'"'s network access device and a vendor'"'"'s computer connectable over a first, open data communication network, the method comprising:

providing a transaction-processing computer system, wherein providing the transaction-processing computer comprises providing a plurality of transaction-processing server computers disseminated in different geographic areas, and interconnecting the plurality of transaction-processing server computers to each other through at least one non-open communication network;

providing the vendor'"'"'s computer;

providing a dedicated high-speed connection connecting the transaction-processing computer system to the open data communication network such that no sensitive information ever travels on the open data communication network;

under the control of the purchaser'"'"'s network access device, establishing a first, uninterrupted connection to the vendor'"'"'s computer over the open data communication network, wherein the purchaser'"'"'s network access device is a mobile phone supporting browsing software;

under the control of the purchaser'"'"'s network access device, transmitting to the vendor'"'"'s computer, over the open data communication network, non-security-sensitive identifying information allowing the vendor'"'"'s computer to identify the purchaser as enabled to perform the transaction;

under the control of the vendor'"'"'s computer, transmitting to the purchaser'"'"'s network access device non-security-sensitive transaction information including a transaction amount;

under the control of the purchaser'"'"'s network access device, establishing a second connection to the transaction processing computer system over a second, non-open data communication network, wherein the transaction processing computer is managed by a third party company entrusted by a credit card company, the third party company being allowed to charge a credit card account of the purchaser, and transmitting to the transaction-processing computer system, over the non-open data communication network, the transaction information and security-sensitive information, including a purchaser'"'"'s personal identification information for allowing the transaction-processing computer system to ascertain the identity of the purchaser, wherein the second connection is maintained simultaneously with the first connection; and

under the control of the transaction processing computer system, identifying the purchaser by using the purchaser'"'"'s personal identification information, charging the transaction amount on a purchaser'"'"'s account, establishing a connection to the vendor'"'"'s computer over a third, non-open data communication network, and communicating to the vendor'"'"'s computer a transaction approval,wherein the third, non-open data communication network is selected from the group consisting of a non-open frame relay network, a non-open ATM network, and a private data communication network; and

prior to conducting commercial transactions, issuing an electronic credit certificate to the purchaser, the electronic credit certificate being stored on a portable storage support, and activating the electronic credit certificate, the electronic credit certificate having a plurality of fields, the plurality of fields including at least a first field containing encrypted information for identifying the purchaser, a second field containing a credit certificate identification (ID) code for identifying the credit certificate, and a third field for containing an expiration date of the credit certificate,the activating including;

inserting the portable storage support into a read/write unit of the purchaser'"'"'s network access device;

establishing a connection over the non-open communication network and using the connection over the non-open communication network,sending the credit certificate ID code to the transaction-processing computer system;

receiving a request from the transaction-processing computer system for a personal identification number (PIN), the PIN being subject to an expiration date;

displaying the request for a PIN on the purchaser'"'"'s network access device;

transmitting the purchaser-entered PIN to the transaction-processing computer system;

in a case that the purchaser-entered PIN is valid, activating the credit certificate; and

displaying a message on the purchaser'"'"'s network access device indicating notifying the purchaser of the activation; and

wherein the portable storage support is selected from the group consisting of a floppy disk, a memory card, a USB memory key, and a portable hard-disk drive, andwherein the portable storage support includes the non-security-sensitive identifying information, the purchaser'"'"'s network access device retrieving from the electronic credit certificate the non-security-sensitive information to be transmitted to the vendor'"'"'s computer.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for on-line processing of electronic commercial transactions using three distinct communication networks to enhance the security of sensitive information such as credit card numbers.

Citations

14 Claims

1. A method for on-line processing of electronic commercial transactions between a purchaser'"'"'s network access device and a vendor'"'"'s computer connectable over a first, open data communication network, the method comprising:
- providing a transaction-processing computer system, wherein providing the transaction-processing computer comprises providing a plurality of transaction-processing server computers disseminated in different geographic areas, and interconnecting the plurality of transaction-processing server computers to each other through at least one non-open communication network;
  
  providing the vendor'"'"'s computer;
  
  providing a dedicated high-speed connection connecting the transaction-processing computer system to the open data communication network such that no sensitive information ever travels on the open data communication network;
  
  under the control of the purchaser'"'"'s network access device, establishing a first, uninterrupted connection to the vendor'"'"'s computer over the open data communication network, wherein the purchaser'"'"'s network access device is a mobile phone supporting browsing software;
  
  under the control of the purchaser'"'"'s network access device, transmitting to the vendor'"'"'s computer, over the open data communication network, non-security-sensitive identifying information allowing the vendor'"'"'s computer to identify the purchaser as enabled to perform the transaction;
  
  under the control of the vendor'"'"'s computer, transmitting to the purchaser'"'"'s network access device non-security-sensitive transaction information including a transaction amount;
  
  under the control of the purchaser'"'"'s network access device, establishing a second connection to the transaction processing computer system over a second, non-open data communication network, wherein the transaction processing computer is managed by a third party company entrusted by a credit card company, the third party company being allowed to charge a credit card account of the purchaser, and transmitting to the transaction-processing computer system, over the non-open data communication network, the transaction information and security-sensitive information, including a purchaser'"'"'s personal identification information for allowing the transaction-processing computer system to ascertain the identity of the purchaser, wherein the second connection is maintained simultaneously with the first connection; and
  
  under the control of the transaction processing computer system, identifying the purchaser by using the purchaser'"'"'s personal identification information, charging the transaction amount on a purchaser'"'"'s account, establishing a connection to the vendor'"'"'s computer over a third, non-open data communication network, and communicating to the vendor'"'"'s computer a transaction approval,wherein the third, non-open data communication network is selected from the group consisting of a non-open frame relay network, a non-open ATM network, and a private data communication network; and
  
  prior to conducting commercial transactions, issuing an electronic credit certificate to the purchaser, the electronic credit certificate being stored on a portable storage support, and activating the electronic credit certificate, the electronic credit certificate having a plurality of fields, the plurality of fields including at least a first field containing encrypted information for identifying the purchaser, a second field containing a credit certificate identification (ID) code for identifying the credit certificate, and a third field for containing an expiration date of the credit certificate,the activating including;
  
  inserting the portable storage support into a read/write unit of the purchaser'"'"'s network access device;
  
  establishing a connection over the non-open communication network and using the connection over the non-open communication network,sending the credit certificate ID code to the transaction-processing computer system;
  
  receiving a request from the transaction-processing computer system for a personal identification number (PIN), the PIN being subject to an expiration date;
  
  displaying the request for a PIN on the purchaser'"'"'s network access device;
  
  transmitting the purchaser-entered PIN to the transaction-processing computer system;
  
  in a case that the purchaser-entered PIN is valid, activating the credit certificate; and
  
  displaying a message on the purchaser'"'"'s network access device indicating notifying the purchaser of the activation; and
  
  wherein the portable storage support is selected from the group consisting of a floppy disk, a memory card, a USB memory key, and a portable hard-disk drive, andwherein the portable storage support includes the non-security-sensitive identifying information, the purchaser'"'"'s network access device retrieving from the electronic credit certificate the non-security-sensitive information to be transmitted to the vendor'"'"'s computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method according to claim 1, in which the first, open data communication network is a packet data network.
  - 3. The method according to claim 1, in which the second, non-open data communication network is a telephone network.
  - 4. The method according to claim 1, in which the third, non-open data communication network includes the second, non-open data communication network.
  - 5. The method according to claim 1, wherein said security-sensitive information includes a purchaser'"'"'s credit card number.
  - 6. The method according to claim 1, wherein the step of charging the transaction amount on a purchaser'"'"'s account includes:
    - under the control of the transaction processing server, identifying a purchaser'"'"'s credit card number, and charging the transaction amount on the purchaser'"'"'s credit card.
  - 7. The method according to claim 1, wherein the step of establishing the first connection by the purchaser'"'"'s network access device to the vendor'"'"'s computer over the open data communication network includes:
    - under the control of the purchaser'"'"'s network access device, establishing a connection that does not keep the purchaser'"'"'s telephone line busy to an access service provider computer connected to the open data communication network and providing access services to the open data communication network.
  - 8. The method according to claim 1, wherein the transaction processing computer system is managed by a credit card company.
  - 9. The method according to claim 1, wherein the purchaser'"'"'s personal identification information is entered personally by the purchaser through the purchaser'"'"'s network access device.

10. A system for on-line processing of commercial transactions, comprising:
- a purchaser'"'"'s network access device uninterruptedly connectable to a first, open data communication network;
  
  a vendor'"'"'s computer connected to the open data communication network; and
  
  a transaction processing computer system distinct from the vendor'"'"'s computer, the transaction processing computer system comprising a plurality of transaction-processing server computers disseminated in different geographic areas, the plurality of transaction-processing server computers being interconnected to each other through at least one non-open communication network,the transaction processing computer system further being simultaneously connectable to the purchaser'"'"'s network access device and to the vendor'"'"'s computer over a dedicated high-speed connection such that no sensitive information ever travels on the open data communication network distinct from, and simultaneous with, the first, open data communication network,the transaction processing computer system further being managed by a third party company entrusted by a credit card company, where the third party company is allowed to charge a credit card account of the purchaser,wherein the purchaser'"'"'s network access device is a mobile phone supporting browsing software, the mobile phone further comprising;
  
  a storage medium for storing non-security-sensitive transaction information, including a transaction amount, received from the vendor'"'"'s computer over the open data communication network,a keyboard for allowing the purchaser to enter a personal identification information,a device for establishing a secure connection to the transaction processing computer system over the secure data communication network for communicating to the transaction processing computer system the transaction information and the personal identification information,wherein the secure connection to the transaction processing computer system is maintained simultaneously with the connection over the first, open data communication network; and
  
  the transaction processing computer system further ascertaining an identity of the purchaser based on the personal identification information received from the purchaser'"'"'s network access device, for charging the transaction amount on a purchaser'"'"'s account, and for communicating to the vendor'"'"'s computer a transaction approval over the secure data communication network,wherein the secure data communication network is selected from the group consisting of a non-open frame relay network, a non-open ATM network, and a private data communication network; and
  
  wherein the system for on-line processing of computer transactions further comprises an electronic credit certificate issued to the purchaser for activation and use by the purchaser'"'"'s network access device,wherein the electronic credit certificate is stored on a portable storage support readable by the purchaser'"'"'s network access device, and the portable storage support is selected from the group consisting of a floppy disk, a memory card, a USB memory key, and a portable hard-disk drive,the electronic credit certificate including a plurality of fields, the plurality of fields including at least a first field containing encrypted information for identifying the purchaser, a second field containing a credit certificate identification (ID) code for identifying the credit certificate, and a third field for containing an expiration date of the credit certificate, the electronic credit certificate file further requiring activation prior to use, the activation including;
  
  insertion of the storage support into a read/write unit of the purchaser'"'"'s network access device;
  
  establishment a connection over the non-open communication network and using the connection over the non-open communication network,sending the credit certificate ID code to the transaction-processing computer system;
  
  receipt of a request from the transaction-processing computer system for a personal identification number (PIN), the PIN being subject to an expiration date;
  
  display of the request for a PIN on the purchaser'"'"'s network access device;
  
  transmittal of the purchaser-entered PIN to the transaction-processing computer system;
  
  in a case that the purchaser-entered PIN is valid, activation of the credit certificate; and
  
  display of a message on the purchaser'"'"'s network access device indicating notifying the purchaser of the activation; and
  
  the electronic credit certificate includes non-security-sensitive credit certificate identifying information to be transmitted by the purchaser'"'"'s network access device to the vendor'"'"'s computer over the open data communication network, said credit certificate identifying information being used by the vendor'"'"'s computer to ascertain that the purchaser is enabled to perform the transaction.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The system according to claim 10, in which the open data communication network is a packet data network.
  - 12. A transaction processing computer system for the use in the system according to claim 10, comprising at least one transaction processing computer connectable through at least one secure data communication network to a network access device, operated by a purchaser, and a vendor'"'"'s computer, the transaction processing computer receiving from the purchaser'"'"'s network access device, over the secure data communication network, transaction information including a transaction amount and purchaser'"'"'s personal identification information identifying the purchaser based on the personal identification information, charging the transaction amount on a purchaser'"'"'s account and communicating to the vendor'"'"'s computer, over the secure data communication network, a transaction approval.
  - 13. An electronic credit certificate for the use in the system according to claim 10, the electronic credit certificate including non-security-sensitive credit certificate identifying information to be transmitted by a purchaser'"'"'s network access device to a vendor'"'"'s computer over an open data communication network, said credit certificate identifying information being used by the vendor'"'"'s computer to ascertain that the purchaser is enabled to perform an on-line transaction.
  - 14. A storage support storing the electronic credit certificate of claim 13.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
LinkedIn Corporation (Microsoft Corporation)
Original Assignee
International Business Machines Corporation
Inventors
Pedrazzoli Pazos, Fernando Daniel, Armingaud, Francois-Dominique
Primary Examiner(s)
Augustin; Evens J
Assistant Examiner(s)
LE, NANCY LOAN T

Application Number

US10/315,808
Publication Number

US 20030110137A1
Time in Patent Office

2,947 Days
Field of Search

705/64, 705/67, 705 72- 73, 705 75- 79, 705 16- 18, 705/21, 705/26, 705/39, 705/44, 713/182, 713184-185
US Class Current

705/64
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

G06Q 20/04   Payment circuits

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/382   insuring higher security of...

G06Q 20/425   using two different network...

G06Q 40/02   Banking, e.g. interest calc...

Method for secure electronic commercial transaction on-line processing

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Method for secure electronic commercial transaction on-line processing

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links