Method for secure electronic commercial transaction on-line processing
First Claim
Patent Images
1. A method for on-line processing of electronic commercial transactions between a purchaser'"'"'s network access device and a vendor'"'"'s computer connectable over a first, open data communication network, the method comprising:
- providing a transaction-processing computer system, wherein providing the transaction-processing computer comprises providing a plurality of transaction-processing server computers disseminated in different geographic areas, and interconnecting the plurality of transaction-processing server computers to each other through at least one non-open communication network;
providing the vendor'"'"'s computer;
providing a dedicated high-speed connection connecting the transaction-processing computer system to the open data communication network such that no sensitive information ever travels on the open data communication network;
under the control of the purchaser'"'"'s network access device, establishing a first, uninterrupted connection to the vendor'"'"'s computer over the open data communication network, wherein the purchaser'"'"'s network access device is a mobile phone supporting browsing software;
under the control of the purchaser'"'"'s network access device, transmitting to the vendor'"'"'s computer, over the open data communication network, non-security-sensitive identifying information allowing the vendor'"'"'s computer to identify the purchaser as enabled to perform the transaction;
under the control of the vendor'"'"'s computer, transmitting to the purchaser'"'"'s network access device non-security-sensitive transaction information including a transaction amount;
under the control of the purchaser'"'"'s network access device, establishing a second connection to the transaction processing computer system over a second, non-open data communication network, wherein the transaction processing computer is managed by a third party company entrusted by a credit card company, the third party company being allowed to charge a credit card account of the purchaser, and transmitting to the transaction-processing computer system, over the non-open data communication network, the transaction information and security-sensitive information, including a purchaser'"'"'s personal identification information for allowing the transaction-processing computer system to ascertain the identity of the purchaser, wherein the second connection is maintained simultaneously with the first connection; and
under the control of the transaction processing computer system, identifying the purchaser by using the purchaser'"'"'s personal identification information, charging the transaction amount on a purchaser'"'"'s account, establishing a connection to the vendor'"'"'s computer over a third, non-open data communication network, and communicating to the vendor'"'"'s computer a transaction approval,wherein the third, non-open data communication network is selected from the group consisting of a non-open frame relay network, a non-open ATM network, and a private data communication network; and
prior to conducting commercial transactions, issuing an electronic credit certificate to the purchaser, the electronic credit certificate being stored on a portable storage support, and activating the electronic credit certificate, the electronic credit certificate having a plurality of fields, the plurality of fields including at least a first field containing encrypted information for identifying the purchaser, a second field containing a credit certificate identification (ID) code for identifying the credit certificate, and a third field for containing an expiration date of the credit certificate,the activating including;
inserting the portable storage support into a read/write unit of the purchaser'"'"'s network access device;
establishing a connection over the non-open communication network and using the connection over the non-open communication network,sending the credit certificate ID code to the transaction-processing computer system;
receiving a request from the transaction-processing computer system for a personal identification number (PIN), the PIN being subject to an expiration date;
displaying the request for a PIN on the purchaser'"'"'s network access device;
transmitting the purchaser-entered PIN to the transaction-processing computer system;
in a case that the purchaser-entered PIN is valid, activating the credit certificate; and
displaying a message on the purchaser'"'"'s network access device indicating notifying the purchaser of the activation; and
wherein the portable storage support is selected from the group consisting of a floppy disk, a memory card, a USB memory key, and a portable hard-disk drive, andwherein the portable storage support includes the non-security-sensitive identifying information, the purchaser'"'"'s network access device retrieving from the electronic credit certificate the non-security-sensitive information to be transmitted to the vendor'"'"'s computer.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for on-line processing of electronic commercial transactions using three distinct communication networks to enhance the security of sensitive information such as credit card numbers.
-
Citations
14 Claims
-
1. A method for on-line processing of electronic commercial transactions between a purchaser'"'"'s network access device and a vendor'"'"'s computer connectable over a first, open data communication network, the method comprising:
-
providing a transaction-processing computer system, wherein providing the transaction-processing computer comprises providing a plurality of transaction-processing server computers disseminated in different geographic areas, and interconnecting the plurality of transaction-processing server computers to each other through at least one non-open communication network; providing the vendor'"'"'s computer; providing a dedicated high-speed connection connecting the transaction-processing computer system to the open data communication network such that no sensitive information ever travels on the open data communication network; under the control of the purchaser'"'"'s network access device, establishing a first, uninterrupted connection to the vendor'"'"'s computer over the open data communication network, wherein the purchaser'"'"'s network access device is a mobile phone supporting browsing software; under the control of the purchaser'"'"'s network access device, transmitting to the vendor'"'"'s computer, over the open data communication network, non-security-sensitive identifying information allowing the vendor'"'"'s computer to identify the purchaser as enabled to perform the transaction; under the control of the vendor'"'"'s computer, transmitting to the purchaser'"'"'s network access device non-security-sensitive transaction information including a transaction amount; under the control of the purchaser'"'"'s network access device, establishing a second connection to the transaction processing computer system over a second, non-open data communication network, wherein the transaction processing computer is managed by a third party company entrusted by a credit card company, the third party company being allowed to charge a credit card account of the purchaser, and transmitting to the transaction-processing computer system, over the non-open data communication network, the transaction information and security-sensitive information, including a purchaser'"'"'s personal identification information for allowing the transaction-processing computer system to ascertain the identity of the purchaser, wherein the second connection is maintained simultaneously with the first connection; and under the control of the transaction processing computer system, identifying the purchaser by using the purchaser'"'"'s personal identification information, charging the transaction amount on a purchaser'"'"'s account, establishing a connection to the vendor'"'"'s computer over a third, non-open data communication network, and communicating to the vendor'"'"'s computer a transaction approval, wherein the third, non-open data communication network is selected from the group consisting of a non-open frame relay network, a non-open ATM network, and a private data communication network; and prior to conducting commercial transactions, issuing an electronic credit certificate to the purchaser, the electronic credit certificate being stored on a portable storage support, and activating the electronic credit certificate, the electronic credit certificate having a plurality of fields, the plurality of fields including at least a first field containing encrypted information for identifying the purchaser, a second field containing a credit certificate identification (ID) code for identifying the credit certificate, and a third field for containing an expiration date of the credit certificate, the activating including; inserting the portable storage support into a read/write unit of the purchaser'"'"'s network access device; establishing a connection over the non-open communication network and using the connection over the non-open communication network, sending the credit certificate ID code to the transaction-processing computer system; receiving a request from the transaction-processing computer system for a personal identification number (PIN), the PIN being subject to an expiration date; displaying the request for a PIN on the purchaser'"'"'s network access device; transmitting the purchaser-entered PIN to the transaction-processing computer system; in a case that the purchaser-entered PIN is valid, activating the credit certificate; and displaying a message on the purchaser'"'"'s network access device indicating notifying the purchaser of the activation; and wherein the portable storage support is selected from the group consisting of a floppy disk, a memory card, a USB memory key, and a portable hard-disk drive, and wherein the portable storage support includes the non-security-sensitive identifying information, the purchaser'"'"'s network access device retrieving from the electronic credit certificate the non-security-sensitive information to be transmitted to the vendor'"'"'s computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for on-line processing of commercial transactions, comprising:
-
a purchaser'"'"'s network access device uninterruptedly connectable to a first, open data communication network; a vendor'"'"'s computer connected to the open data communication network; and a transaction processing computer system distinct from the vendor'"'"'s computer, the transaction processing computer system comprising a plurality of transaction-processing server computers disseminated in different geographic areas, the plurality of transaction-processing server computers being interconnected to each other through at least one non-open communication network, the transaction processing computer system further being simultaneously connectable to the purchaser'"'"'s network access device and to the vendor'"'"'s computer over a dedicated high-speed connection such that no sensitive information ever travels on the open data communication network distinct from, and simultaneous with, the first, open data communication network, the transaction processing computer system further being managed by a third party company entrusted by a credit card company, where the third party company is allowed to charge a credit card account of the purchaser, wherein the purchaser'"'"'s network access device is a mobile phone supporting browsing software, the mobile phone further comprising; a storage medium for storing non-security-sensitive transaction information, including a transaction amount, received from the vendor'"'"'s computer over the open data communication network, a keyboard for allowing the purchaser to enter a personal identification information, a device for establishing a secure connection to the transaction processing computer system over the secure data communication network for communicating to the transaction processing computer system the transaction information and the personal identification information, wherein the secure connection to the transaction processing computer system is maintained simultaneously with the connection over the first, open data communication network; and the transaction processing computer system further ascertaining an identity of the purchaser based on the personal identification information received from the purchaser'"'"'s network access device, for charging the transaction amount on a purchaser'"'"'s account, and for communicating to the vendor'"'"'s computer a transaction approval over the secure data communication network, wherein the secure data communication network is selected from the group consisting of a non-open frame relay network, a non-open ATM network, and a private data communication network; and wherein the system for on-line processing of computer transactions further comprises an electronic credit certificate issued to the purchaser for activation and use by the purchaser'"'"'s network access device, wherein the electronic credit certificate is stored on a portable storage support readable by the purchaser'"'"'s network access device, and the portable storage support is selected from the group consisting of a floppy disk, a memory card, a USB memory key, and a portable hard-disk drive, the electronic credit certificate including a plurality of fields, the plurality of fields including at least a first field containing encrypted information for identifying the purchaser, a second field containing a credit certificate identification (ID) code for identifying the credit certificate, and a third field for containing an expiration date of the credit certificate, the electronic credit certificate file further requiring activation prior to use, the activation including; insertion of the storage support into a read/write unit of the purchaser'"'"'s network access device; establishment a connection over the non-open communication network and using the connection over the non-open communication network, sending the credit certificate ID code to the transaction-processing computer system; receipt of a request from the transaction-processing computer system for a personal identification number (PIN), the PIN being subject to an expiration date; display of the request for a PIN on the purchaser'"'"'s network access device; transmittal of the purchaser-entered PIN to the transaction-processing computer system; in a case that the purchaser-entered PIN is valid, activation of the credit certificate; and display of a message on the purchaser'"'"'s network access device indicating notifying the purchaser of the activation; and the electronic credit certificate includes non-security-sensitive credit certificate identifying information to be transmitted by the purchaser'"'"'s network access device to the vendor'"'"'s computer over the open data communication network, said credit certificate identifying information being used by the vendor'"'"'s computer to ascertain that the purchaser is enabled to perform the transaction. - View Dependent Claims (11, 12, 13, 14)
-
Specification