Methods and apparatus for conducting electronic transactions

US 8,938,402 B2
Filed: 06/15/2012
Issued: 01/20/2015
Est. Priority Date: 08/31/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

sending, by a user device and to a first server, a logon request, the logon request being forwarded to a second server;

receiving, by the user device from the first server, a first challenge generated by the second server in response to the forwarded logon request;

sending, by the user device to the first server, a challenge response, the challenge response generated in response to receiving the first challenge and a second challenge generated for an intelligent token, wherein the challenge response is based on both the first and second challenges, and wherein the challenge response is sent by the first server to the second server, the intelligent token being verified by the second server;

receiving, by the user device from the first server, at least a portion of credentials assembled by the second server in response to the verification of the intelligent token by the second server and being sent by the second server to the first server, the verification being based on the challenge response, the portion of the credentials comprising a key and the credentials associated with the user device;

sending, by the user device to the first server, an authentication request for validation and authorization of a transaction, the authentication request being forwarded from the first server to the second server; and

receiving, by the user device from the first server, an approval message having been sent by the second server to the first server, the approval message indicative of the validation and authorization of the transaction, the validation and authorization performed by the second server in response to receiving the authentication request from the first server, wherein in response to the approval message, the user device is allowed to proceed with the transaction.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for conducting electronic commerce are disclosed. In various embodiments, the electronic transaction is a purchase transaction. A user is provided with an intelligent token, such as a smartcard containing a digital certificate. The intelligent token suitably authenticates with a server on a network that conducts all or portions of the transaction on behalf of the user. In various embodiments a wallet server interacts with a security server to provide enhanced reliability and confidence in the transaction. In various embodiments, the wallet server includes a toolbar. In various embodiments, the digital wallet pre-fills forms. Forms may be pre-filled using an auto-remember component.

355 Citations

20 Claims

1. A method comprising:
- sending, by a user device and to a first server, a logon request, the logon request being forwarded to a second server;
  
  receiving, by the user device from the first server, a first challenge generated by the second server in response to the forwarded logon request;
  
  sending, by the user device to the first server, a challenge response, the challenge response generated in response to receiving the first challenge and a second challenge generated for an intelligent token, wherein the challenge response is based on both the first and second challenges, and wherein the challenge response is sent by the first server to the second server, the intelligent token being verified by the second server;
  
  receiving, by the user device from the first server, at least a portion of credentials assembled by the second server in response to the verification of the intelligent token by the second server and being sent by the second server to the first server, the verification being based on the challenge response, the portion of the credentials comprising a key and the credentials associated with the user device;
  
  sending, by the user device to the first server, an authentication request for validation and authorization of a transaction, the authentication request being forwarded from the first server to the second server; and
  
  receiving, by the user device from the first server, an approval message having been sent by the second server to the first server, the approval message indicative of the validation and authorization of the transaction, the validation and authorization performed by the second server in response to receiving the authentication request from the first server, wherein in response to the approval message, the user device is allowed to proceed with the transaction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1, wherein the authentication request comprises the portion of the assembled credentials.
  - 3. The method of claim 1, further comprising:
    - receiving, by the user device, an authentication challenge message, the authentication challenge message generated by the second server; and
      
      sending, by the user device, an authentication challenge response, the challenge response comprising a signed signature block and a security certificate.
  - 4. The method of claim 3, wherein the authentication challenge response message is verified against the assembled credentials.
  - 5. The method of claim 3, wherein the user device is configured with a wallet client and the signature block is based on the authentication challenge message.
  - 6. The method of claim 5, wherein the signature block is signed by the wallet client and a security certificate is provided.
  - 7. The method of claim 6, wherein the signature block is provided to a signature module.
  - 8. The method of claim 7, wherein a smart card comprises the signature module.
  - 9. The method of claim 8, wherein the signature module is stored in a memory of the user device.
  - 10. The method of claim 9, wherein the signature block is signed and a copy of a security certificate is provided.
  - 11. The method of claim 5, wherein the signature block is a Public-Key Cryptography Standards (PKCS) block.
  - 12. The method of claim 1, wherein the first server is a wallet server.
  - 13. The method of claim 1, wherein the authentication request is sent via a wallet server.
  - 14. The method of claim 1, wherein the transaction is associated with at least one of a session on client software of the user device and a session on a wallet server.
  - 15. The method of claim 1, further comprising:
    - scanning, by client software associated with the user device, a third party request to identify executable commands, wherein the executable commands are associated with a programming language; and
      
      at least one of editing and removing, by the user device, at least a portion of the executable commands.
  - 16. The method of claim 15, wherein the at least one of editing and removing comprises at least one of:
    - rendering the executable commands unexecutable by the user device by removing a character of the executable commands, andrendering the executable commands unexecutable by the user device by replacing particular characters within the executable commands.
  - 17. The method of claim 1, wherein:
    - a third party request is scanned to identify executable commands, and the executable commands are associated with a programming language; and
      
      at least one of;
      
      the executable commands are rendered unexecutable by the user device by removing a character of the executable commands, andthe executable commands are rendered unexecutable by the user device by replacing particular characters within the executable commands.
  - 18. The method of claim 1, wherein the user device is authenticated with the first server, and wherein:
    - a third party request is scanned to identify executable commands, wherein the executable commands are associated with a programming language; and
      
      at least one of;
      
      the executable commands are rendered unexecutable by the user device by removing a character of the executable commands, andthe executable commands are rendered unexecutable by the user device by replacing particular characters within the executable commands.

19. An article of manufacture including a non-transitory computer readable medium having instructions stored thereon that, in response to execution by a user device, cause the user device to perform operations comprising:
- sending, by the user device and to a wallet server, a logon request, the wallet server forwarding the logon request to a security server;
  
  receiving, by the user device from the wallet server, a first challenge generated by the security server in response to the logon request;
  
  sending, by the user device to the wallet server, a challenge response, the challenge response generated in response to receiving the first challenge and a second challenge generated for an intelligent token, wherein the challenge response is based on both the first and second challenges, and wherein the challenge response is sent by the wallet server to the security server, the intelligent token being verified by the security server;
  
  receiving, by the user device from the wallet server, at least a portion of credentials assembled by the security server in response to the verification of the intelligent token by the security server and being sent by the security server to the wallet server, the verification being based on the challenge response, the portion of the credentials comprising a key and the credentials associated with the user device;
  
  sending, by the user device to the wallet server, an authentication request for validation and authorization of a transaction, the authentication request being forwarded from the wallet server to the security server; and
  
  receiving, by the user device from the wallet server, an approval message having been sent by the security server to the wallet server, the approval message indicative of the validation and authorization of the transaction, the validation and authorization performed by the security server in response to receiving the authentication request from the wallet server, wherein in response to the approval message, the user device is allowed to proceed with the transaction.

20. A user device comprising:
- a non-transitory memory communicatively coupled to a processor,the memory having instructions stored thereon that, in response to execution by the processor, cause at least;
  
  sending, to a wallet server, a logon request;
  
  receiving a first challenge generated by a security server in response to receiving the logon request from the wallet server;
  
  sending a challenge response to the wallet server, the challenge response generated in response to receiving the first challenge and a second challenge generated for an intelligent token, wherein the challenge response is based on both the first and second challenges, and wherein the challenge response is sent by the wallet server to the security server, the intelligent token being verified by the security server;
  
  receiving at least a portion of credentials assembled by the security server in response to the verification of the intelligent token by the security server and being sent by the security server to the wallet server, the verification being based on the challenge response, the portion of the credentials comprising a key and the credentials associated with the user device;
  
  sending an authentication request to the wallet server for validation and authorization of a transaction, the authentication request being forwarded from the wallet server to the security server; and
  
  receiving from the wallet server an approval message having been sent by the security server to the wallet server, the approval message indicative of the validation and authorization of the transaction, the validation and authorization performed by the security server in response to receiving the authentication request from the wallet server to the security server, wherein in response to the approval message, the user device is allowed to proceed with the transaction.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Liberty Peak Ventures, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
Lead Core Fund LLC (Intellectual Ventures LLC)
Inventors
Johnson, Michael G., Lake, Walter Donald, Hohle, William G., Johnstone, David E., Gorgol, Zygmunt Steven, Bennett, Russell, Glazer, Elliott Harold, White, Dirk B., Bishop, Fred Alan, Swift, Nick, Simkin, Marvin, Royer, Coby
Primary Examiner(s)
AGWUMEZIE, CHINEDU CHARLES

Application Number

US13/524,922
Publication Number

US 20120253978A1
Time in Patent Office

949 Days
Field of Search

705/67
US Class Current

705/67
CPC Class Codes

G06Q 20/105   involving programming of a ...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/363   with the personal data of a...

G06Q 20/367   involving electronic purses...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/401   Transaction verification

G06Q 20/4097   using mutual authentication...

G06Q 30/0613   Third-party assisted

G07F 7/0866   by active credit-cards adap...

G07F 7/1008   Active credit-cards provide...

Methods and apparatus for conducting electronic transactions

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

355 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Methods and apparatus for conducting electronic transactions

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

355 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others