Secure system for the issuance, acquisition, and redemption of certificates in a transaction network
First Claim
1. A computer certificate system, comprising:
- a certificate authority connected to a network, said certificate authority comprising a first set of program instructions stored in a tangible computer readable medium, that when executed by a computing device, causes said certificate authority to;
display an issuer interface for receiving input, wherein said input defines a virtual certificate comprising a redemption denomination; and
associate a first public key identifier with said virtual certificate;
a certificate issuance module comprising a second set of program instructions stored in a tangible computer readable medium, that when executed by a computing device, causes said certificate issuance module to;
receive a private key identifier established by an acquirer; and
create an issued certificate said issued certificate comprising unique identifier information, wherein said unique identifier information comprises said redemption denomination, said private key identifier, and said first public key identifier, wherein said unique identifier information is stored at said certificate authority in association with said issued certificate; and
a certificate authentication module comprising a third set of program instructions stored in a tangible computer readable medium, that when executed by a computing device, causes said certificate authentication module to;
authorize a redemption of said issued certificate at a redemption location, based upon receiving said redemption denomination, said first public key identifier, and said private key identifier, and a matching comparison to said unique identifier information stored at said certificate authority; and
cancel further redemption of said issued certificate at said certificate authority.
5 Assignments
0 Petitions
Accused Products
Abstract
A transaction network contains a networked certificate authority, by which one or more virtual certificates may be remotely defined and stored, such as by an issuer user through a issuer web portal interface. An acquirer user, through an acquirer web portal interface, may acquire one or more virtual certificates, which contain a secret public key portion, as well as a corresponding private key, which is established by the acquirer at the time of acquisition, and is stored at the certificate authority. At a redemption location associated with an acquired certificate, the acquirer (or an alternate recipient of an acquired certificate to whom the acquirer has communicated the established private key), submits the certificate information, along with the established private key, to redeem the certificate.
-
Citations
24 Claims
-
1. A computer certificate system, comprising:
-
a certificate authority connected to a network, said certificate authority comprising a first set of program instructions stored in a tangible computer readable medium, that when executed by a computing device, causes said certificate authority to; display an issuer interface for receiving input, wherein said input defines a virtual certificate comprising a redemption denomination; and associate a first public key identifier with said virtual certificate; a certificate issuance module comprising a second set of program instructions stored in a tangible computer readable medium, that when executed by a computing device, causes said certificate issuance module to; receive a private key identifier established by an acquirer; and create an issued certificate said issued certificate comprising unique identifier information, wherein said unique identifier information comprises said redemption denomination, said private key identifier, and said first public key identifier, wherein said unique identifier information is stored at said certificate authority in association with said issued certificate; and a certificate authentication module comprising a third set of program instructions stored in a tangible computer readable medium, that when executed by a computing device, causes said certificate authentication module to; authorize a redemption of said issued certificate at a redemption location, based upon receiving said redemption denomination, said first public key identifier, and said private key identifier, and a matching comparison to said unique identifier information stored at said certificate authority; and cancel further redemption of said issued certificate at said certificate authority. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A process, comprising:
-
defining a virtual certificate, said defined virtual certificate comprising a redemption denomination; associating a first public key identifier with said defined virtual certificate; receiving a private key identifier established by an acquirer; creating an issued certificate in response to acquisition of said defined virtual certificate by an acquirer, said issued certificate comprising unique identifier information, wherein said unique identifier information comprises said redemption denomination, said private key identifier, and said first public key identifier, wherein said unique identifier information is stored at certificate authority in association with said issued certificate; authorizing a redemption of said issued certificate at a redemption location to a holder of said issued certificate, based upon receiving said redemption denomination, said private key identifier, and said first public key identifier from said holder, and a matching comparison to said unique identifier information stored at said certificate authority; and disabling further redemption of said issued certificate at said certificate authority. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. An article of manufacture including a computer-readable medium having instructions stored thereon that, if executed by a computing device, cause the computing device to perform operations comprising:
-
receiving data for creating a virtual certificate, said virtual certificate comprising a redemption denomination, wherein said data for creating said virtual certificate is received via an issuer interface; associating a public key identifier with said virtual certificate; receiving a private key identifier established by an acquirer; receiving a certificate request and responsively creating an issued certificate of said virtual certificate, said issued certificate including said redemption denomination, said private key identifier, and said public key identifier; storing said redemption denomination, said private key identifier, and said public key identifier in association with said issued certificate; receiving a redemption request for said issued certificate from a holder of said issued certificate and responsively authorizing a redemption of said issued certificate to said holder, wherein said redemption is authorized based upon receipt of said redemption denomination, said private key, and said public key identifier, and a matching comparison of said redemption denomination, said private key identifier, and said public key identifier stored at said computer certificate system; and canceling further redemption of said issued certificate.
-
Specification