Internet payment, authentication and loading system using virtual smart card

US 7,908,216 B1
Filed: 07/22/1999
Issued: 03/15/2011
Est. Priority Date: 07/22/1999
Status: Expired due to Term

First Claim

Patent Images

1. An on-line purchase and load (OPAL) server computer for performing a purchase transaction over a network using a virtual smart card, said OPAL server computer comprising:

a virtual smart card database having a plurality of records, each record including a virtual smart card identifier and a monetary balance corresponding to a single virtual smart card;

a hardware security module arranged to decrypt said monetary balance, to decrease said monetary balance, and to encrypt said decreased monetary balance;

a smart card emulator that receives smart card commands from a pseudo card reader module and processes said commands in conjunction with said virtual smart card database and said hardware security module, said smart card emulator arranged to retrieve one of said records from said virtual smart card database, and to deliver said monetary balance to said hardware security module and to store said encrypted decreased monetary balance received from said hardware security module in said retrieved record; and

said pseudo card reader module that receives said smart card commands related to said purchase transaction over said network and relays said commands to said smart card emulator, whereby said OPAL server computer performs said purchase transaction over said network using one of said records in said virtual smart card database.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system loads, authenticates and uses a virtual smart card for payment of goods and/or services purchased on-line over the Internet. An online purchase and load (OPAL) server includes a virtual smart card data base that has a record of information for each smart card that it represents for a user at the behest of an issuer. The server includes a smart card emulator that emulates a smart card by using the card data base and a hardware security module. The emulator interacts with a pseudo card reader module in the server that imitates a physical card reader. The server also includes a client code module that interacts with the pseudo card reader and a remote payment or load server. A pass-through client terminal presents a user interface and passes information between the OPAL server and a merchant server, and between the OPAL server and a bank server. The Internet provides the routing functionality between the client terminal and the various servers. A merchant advertises goods on a web site. A user uses the client terminal to purchase goods and/or services from the remote merchant server. The payment server processes, confirms and replies to the merchant server. The payment server is also used to authenticate the holder of a virtual card who wishes to redeem loyalty points from a merchant. To load value, the client terminal requests a load from a user account at the bank server. The load server processes, confirms and replies to the bank server.

471 Citations

24 Claims

1. An on-line purchase and load (OPAL) server computer for performing a purchase transaction over a network using a virtual smart card, said OPAL server computer comprising:
- a virtual smart card database having a plurality of records, each record including a virtual smart card identifier and a monetary balance corresponding to a single virtual smart card;
  
  a hardware security module arranged to decrypt said monetary balance, to decrease said monetary balance, and to encrypt said decreased monetary balance;
  
  a smart card emulator that receives smart card commands from a pseudo card reader module and processes said commands in conjunction with said virtual smart card database and said hardware security module, said smart card emulator arranged to retrieve one of said records from said virtual smart card database, and to deliver said monetary balance to said hardware security module and to store said encrypted decreased monetary balance received from said hardware security module in said retrieved record; and
  
  said pseudo card reader module that receives said smart card commands related to said purchase transaction over said network and relays said commands to said smart card emulator, whereby said OPAL server computer performs said purchase transaction over said network using one of said records in said virtual smart card database.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. An OPAL server computer as recited in claim 1 wherein said virtual smart card database further includes purchase algorithm identifiers, wherein said hardware security module includes a plurality of purchase algorithms that are identified for use by one of said purchase algorithm identifiers, and wherein said hardware security module is arranged to decrypt said monetary balance using one of said purchase algorithms identified by one of said purchase algorithm identifiers.
  - 3. An OPAL server computer as recited in claim 1 further comprising:
    - a user verification module that verifies a user accessing said OPAL server computer and generates a user identifier, said user identifier being suitable to identify one of said virtual smart card records in said virtual smart card database.
  - 4. An OPAL server computer as recited in claim 1 wherein said smart card emulator and said pseudo card reader module are implemented as a single software module.
  - 5. An OPAL server computer as recited in claim 1 wherein said network is an internet over which said OPAL server computer communicates with a merchant server and a payment server to transact said purchase transaction.
  - 6. An OPAL server computer as recited in claim 1 wherein said network is an internet over which said OPAL server computer communicates with a bank server and a load server to load value onto said virtual smart card.
  - 7. An OPAL server computer as recited in claim 1 wherein said network is an internet over which said OPAL server computer communicates with a web server and an authentication server to authenticate a user.
  - 8. An OPAL server computer as recited in claim 1 wherein said OPAL server computer communicates over said network with a payment gateway for funding account authorization and clearing.
  - 9. An OPAL server computer as recited in claim 1 wherein said smart card emulator is suitable for returning said record to said virtual smart card database.
  - 10. An OPAL server computer as recited in claim 1 wherein each record of the virtual smart card database also includes a funding account number wherein the funding account number identifies an account that contains a monetary amount that can be loaded onto a virtual smart card.
  - 11. An OPAL server computer as recited in claim 1 wherein the OPAL server is further configured to receive a purchase request message from a client terminal, wherein the purchase request message indicates a good or service to be purchased by a user, a user identifier, and a user password.
  - 12. An OPAL server computer as recited in claim 11 wherein the OPAL server is further configured to send a draw request message to a payment server, wherein the draw request message indicates an amount of money required to purchase the good or service and a merchant identifier.
  - 13. An OPAL server computer as recited in claim 12 wherein the OPAL server computer is further configured to receive a debit command from the payment server, wherein the debit command indicates an amount of money to debit from a respective virtual smart card.
  - 14. An OPAL server computer as recited in claim 13 wherein the smart card emulator is configured to debit itself in response to the debit command by the amount of money indicated in the debit command.
  - 15. An OPAL server computer as recited in claim 13 wherein the OPAL server computer is further configured to send a debit response message to the client terminal, wherein the debit response message informs the user either that the amount of money has been debited from the smart card emulator or that money has not been debited from the smart card emulator due to a lack of sufficient funds.
  - 16. An OPAL server computer as recited in claim 1 further comprising:
    - a memory arranged to store said virtual smart card database, said smart card emulator, and said pseudo card reader module.
  - 17. An OPAL server computer as recited in claim 1 wherein said hardware security module is a hardware device in said OPAL server computer.
  - 18. An OPAL server computer as recited in claim 1 wherein said hardware security module is a security box attachable to said OPAL server computer.

19. An on-line purchase and load (OPAL) server computer for performing a load transaction over a network using a virtual smart card, said OPAL server computer comprising:
- a virtual smart card database having a plurality of records, each record including a virtual smart card identifier and a monetary balance corresponding to a single virtual smart card;
  
  a hardware security module arranged to decrypt said monetary balance, to increase said monetary balance, and to encrypt said increased monetary balance;
  
  a smart card emulator that receives smart card commands and processes said commands in conjunction with said virtual smart card database and said hardware security module, the smart card emulator also configured to send a load request message to a load server, wherein the load request message indicates a virtual smart card identifier and a load amount for a respective virtual smart card, the load amount indicating an amount of money to load onto the respective virtual smart card, said smart card emulator arranged to retrieve one of said records from said virtual smart card database and to deliver said monetary balance to said hardware security module and to store said encrypted increased monetary balance received from said hardware security module in said retrieved record; and
  
  a pseudo card reader module that receives said smart card commands related to said load transaction over said network and relays said commands to said smart card emulator, whereby said OPAL server performs said load transaction over said network using one of said records in said virtual smart card database.
- View Dependent Claims (20, 21, 22, 23, 24)
- - 20. An OPAL server computer as recited in claim 19 wherein the OPAL server is configured to receive a load command from a load server wherein the amount of money indicated in the load request message is loaded onto the respective virtual smart card.
  - 21. An OPAL server computer as recited in claim 20 wherein the smart card emulator is configured to send a load response message to a client terminal, wherein the load response message informs a user that the amount of money has been loaded onto the respective virtual smart card.
  - 22. An OPAL server computer as recited in claim 19 further comprising:
    - a memory arranged to store said virtual smart card database, said smart card emulator, and said pseudo card reader module.
  - 23. An OPAL server computer as recited in claim 19 wherein said hardware security module is a hardware device in said OPAL server computer.
  - 24. An OPAL server computer as recited in claim 19 wherein said hardware security module is a security box attachable to said OPAL server computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Davis, Virgil M., Reid, Margaret, Hoffman, Steve R., Cutino, Suzanne C.
Primary Examiner(s)
MEINECKE DIAZ, SUSANNA M

Application Number

US09/359,083
Time in Patent Office

4,254 Days
Field of Search

705/40, 705/41, 705/42, 705/43, 235/375, 235/376, 380/24, 335/378, 335/379, 335/380, 335/381, 335/382, 335/382.5
US Class Current

705/41
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/10   specially adapted for elect...

G06Q 20/105   involving programming of a ...

G06Q 20/12   specially adapted for elect...

G06Q 20/351   Virtual cards

G06Q 30/0225   Avoiding frauds

G06Q 30/0233   Method of redeeming a frequ...

Internet payment, authentication and loading system using virtual smart card

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

471 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Internet payment, authentication and loading system using virtual smart card

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

471 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links