Secure online transaction processing
First Claim
Patent Images
1. A method for securely processing an online transaction on a payment processor between a customer and a merchant, the method comprising:
- receiving from a merchant system on the payment processor an authentication request including a transaction identifier associated with the online transaction;
generating a one-time use payment processor encryption key in response to the received authentication request, the one-time use payment processor encryption key corresponding to and associatively linked with the transaction identifier on the payment processor;
relaying the one-time use payment processor encryption key to a customer system through the merchant system;
receiving from the customer system over a direct secured communications link therewith bypassing the merchant system personal account data associated with the customer, the personal account data being encrypted on the customer system with the one-time use payment processor encryption key;
receiving a transaction processing request on the payment processor from the merchant system separately from the personal account data received from the customer system, the transaction processing request including the transaction identifier; and
generating a transaction processing response to the merchant system based upon an execution of the transaction processing request with the received personal account data associated with the transaction identifier.
10 Assignments
0 Petitions
Accused Products
Abstract
Various methods for securely processing an online transaction between a customer and a merchant are disclosed. In one method, an authentication credentials request that includes a transaction identifier is received from a merchant system. In response, an encryption key is transmitted to the merchant system. From a customer system, the personal account data associated with the customer is received, which is encrypted with the encryption key. A transaction processing request from the merchant system prompts the generating of a transaction processing response based upon its execution.
62 Citations
18 Claims
-
1. A method for securely processing an online transaction on a payment processor between a customer and a merchant, the method comprising:
-
receiving from a merchant system on the payment processor an authentication request including a transaction identifier associated with the online transaction; generating a one-time use payment processor encryption key in response to the received authentication request, the one-time use payment processor encryption key corresponding to and associatively linked with the transaction identifier on the payment processor; relaying the one-time use payment processor encryption key to a customer system through the merchant system; receiving from the customer system over a direct secured communications link therewith bypassing the merchant system personal account data associated with the customer, the personal account data being encrypted on the customer system with the one-time use payment processor encryption key; receiving a transaction processing request on the payment processor from the merchant system separately from the personal account data received from the customer system, the transaction processing request including the transaction identifier; and generating a transaction processing response to the merchant system based upon an execution of the transaction processing request with the received personal account data associated with the transaction identifier. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for securely processing an online transaction between a customer and a merchant, the method comprising:
-
receiving from a customer system a transaction submission request for the online transaction including at least one purchase item identifier with a purchase price associated therewith; transmitting an authentication request to a payment processing system in response to the receipt of the transaction submission request, the authentication request including a transaction identifier associated with the specific received transaction submission request; receiving a one-time use payment processor encryption key from the payment processing system generated thereon in response to the received authentication request; transmitting a payment information form with the transaction identifier and the one-time use payment processor encryption key to the customer system, the payment information form being receptive to personal account data and transaction data; receiving the transaction data but not the personal account data entered into the payment information form on the customer system, the transaction data corresponding to the transaction identifier; transmitting to the payment processing system, in response to receiving the transaction data from the customer system, a transaction processing request including the transaction identifier; and generating a transaction processing response to the customer system based upon results for the transaction processing request to the payment processing system. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A method for securely processing an online transaction between a customer and a merchant, the method comprising:
-
transmitting to a merchant system a transaction submission request for the online transaction including at least one purchase item identifier with a purchase price associated therewith; receiving a payment information form including a one-time use payment processor encryption key generated by a payment processing system and relayed through the merchant system, and further corresponding to a transaction identifier for the online transaction; receiving personal account data and transaction data entered into the payment information form; encrypting the personal account data with the received encryption key; transmitting the encrypted personal account data to the payment processing system; transmitting the transaction data but not the encrypted personal account data to the merchant system. - View Dependent Claims (15, 16)
-
-
17. An article of manufacture comprising a program storage medium readable by a data processing apparatus, the medium tangibly embodying one or more programs of instructions executable by the data processing apparatus to perform a method for securely processing an online financial transaction between a customer and a merchant, the method comprising:
-
receiving from a customer system a transaction submission request for the online transaction including at least one purchase item identifier with a purchase price associated therewith; transmitting an authentication request to a payment processing system in response to the receipt of the transaction submission request, the authentication request including a transaction identifier associated with the specific received transaction submission request; receiving a one-time use payment processor encryption key from the payment processing system generated thereon in response to the received authentication request; transmitting a payment information form with the transaction identifier and the one-time use payment processor encryption key to the customer system, the payment information form being receptive to personal account data and transaction data; receiving the transaction data but not the personal account data entered into the payment information form on the customer system, the transaction data corresponding to the transaction identifier; transmitting to the payment processing system, in response to receiving the transaction data from the customer system, a transaction processing request including the transaction identifier; and generating a transaction processing response to the customer system based upon results for the transaction processing request to the payment processing system. - View Dependent Claims (18)
-
Specification