Secure in-line payments for rich internet applications

US 9,218,601 B2
Filed: 11/09/2011
Issued: 12/22/2015
Est. Priority Date: 11/10/2010
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

initiating, by a service provider server, an installation of a payment library on a client device, wherein initiating the installation comprises initiating an execution of a rich Internet application (RIA) that runs on a RIA runtime of the payment library;

receiving, by the service provider server, a connection request from the client device based on the execution of the RIA application;

requesting, by the service provider server, the payment library on the client device to perform a runtime validity check of the RIA application;

receiving, by the service provider server, a result of the runtime validity check from the payment library on the client device;

determining, by the service provider server, from the result of the runtime validity check whether the RIA application is verified as valid;

based on determining the RIA application is verified as valid;

sending, by the service provider server, an app authorization token to the payment library on the client device;

accepting, by the service provider server, user credentials and the app authorization token; and

initiating, by the service provider server, an authentication of the user credentials without requiring redirection of the RIA application to a secure service provider website.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems are provided for making secure financial transactions, such as purchase payments, using rich Internet applications (RIA) running an RIA runtime (also referred to as a platform or framework) on the user'"'"'s smart phone or other mobile device. Embodiments differ from the usual way of re-directing a user from a third-party application and authenticating the user by providing secure in-line payments from a rich Internet application running on an RIA runtime. A system includes: a mobile device executing a rich Internet application running on an RIA runtime; a payment library communicating with the RIA runtime and a service provider, for which the payment library communicates with the service provider to authenticate the rich Internet application; and in response to authentication by the service provider, facilitates secure financial transactions via the rich Internet application.

20 Citations

View as Search Results

18 Claims

1. A method comprising:
- initiating, by a service provider server, an installation of a payment library on a client device, wherein initiating the installation comprises initiating an execution of a rich Internet application (RIA) that runs on a RIA runtime of the payment library;
  
  receiving, by the service provider server, a connection request from the client device based on the execution of the RIA application;
  
  requesting, by the service provider server, the payment library on the client device to perform a runtime validity check of the RIA application;
  
  receiving, by the service provider server, a result of the runtime validity check from the payment library on the client device;
  
  determining, by the service provider server, from the result of the runtime validity check whether the RIA application is verified as valid;
  
  based on determining the RIA application is verified as valid;
  
  sending, by the service provider server, an app authorization token to the payment library on the client device;
  
  accepting, by the service provider server, user credentials and the app authorization token; and
  
  initiating, by the service provider server, an authentication of the user credentials without requiring redirection of the RIA application to a secure service provider website.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 15, 16)
- - 2. The method of claim 1, further comprising:
    - sending a watermarked image to the client device; and
      
      determining a user identity based on the watermarked image.
  - 3. The method of claim 1, wherein determining the RIA application is verified as valid further comprises determining at least one of oblivious hashing, code signatures, code obfuscation, prevention of code reflection, and code disassembly prevention.
  - 4. The method of claim 1, further comprising:
    - determining a customer based on at least one of machine identification of the client device;
      
      sending a watermarked image to the client device or server cookies placed on the client device; and
      
      sending an out of band message to the determined customer.
  - 5. The method of claim 1, further comprising:
    - identifying an out of band channel for communication with a user in an out-of-band on-boarding process for the user.
  - 6. The method of claim 1, further comprising:
    - determining a phone number-to-email identification (ID) mapping in an out-of-band on-boarding process for a user;
      
      asking the user to enter ID information corresponding to the mapping; and
      
      sending an out of band message to the user based on reversing the mapping.
  - 7. The method of claim 1, further comprising:
    - collecting a user authorization from a user for making a payment;
      
      providing a user authorization token specific to a particular activity to the user;
      
      receiving a request to execute a pay call with the specific authorization token; and
      
      returning a payment status to the RIA application with a display on the screen of the client device.
  - 15. The method of claim 1, further comprising:
    - sending an out of band confirmation to a user of the client device.
  - 16. The method of claim 7, wherein providing the user authorization token specific to the particular activity to the user further comprises:
    - providing the user authorization token through the payment library to the RIA application for receipt by the user.

8. A non-transitory computer-readable medium comprising code that, when executed by a processor, causes the processor to perform steps comprising:
- initiating an installation of a payment library on a client device, wherein initiating the installation comprises initiating an execution of a rich Internet application (RIA) that runs on a RIA runtime of the payment library;
  
  receiving a connection request from the client device based on the execution of the RIA application;
  
  requesting the payment library on the client device to perform a runtime validity check of the RIA application;
  
  receiving a result of the runtime validity check from the payment library on the client device;
  
  determining from the result of the runtime validity check whether the RIA application is verified as valid;
  
  based on determining the RIA application is verified as valid;
  
  sending an app authorization token to the payment library on the client device;
  
  accepting user credentials and the app authorization token; and
  
  initiating an authentication of the user credentials without requiring redirection of the RIA application to a secure service provider website.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 17, 18)
- - 9. The non-transitory computer-readable medium of claim 8, wherein the processor performs further steps comprising:
    - sending a watermarked image to the client device; and
      
      determining a user identity based on the watermarked image.
  - 10. The non-transitory computer-readable medium of claim 8, wherein determining the RIA application is verified as valid further comprises determining at least one of oblivious hashing, code signatures, code obfuscation, prevention of code reflection, and code disassembly prevention.
  - 11. The non-transitory computer-readable medium of claim 8, wherein the processor performs further steps comprising:
    - determining a customer based on at least one of machine identification of the client device;
      
      sending a watermarked image to the client device or server cookies placed on the client device; and
      
      sending an out of band message to a determined customer.
  - 12. The non-transitory computer-readable medium of claim 8, wherein the processor performs further step comprising:
    - identifying an out of band channel for communication with a user in an out-of-band on-boarding process for the user.
  - 13. The non-transitory computer-readable medium of claim 8, wherein the processor performs further steps comprising:
    - determining a phone number-to-email identification (ID) mapping in an out-of-band on-boarding process for a user;
      
      asking the user to enter ID information corresponding to the mapping; and
      
      sending an out of band message to the user based on reversing the mapping.
  - 14. The non-transitory computer-readable medium of claim 8, wherein the processor performs further steps comprising:
    - collecting a user authorization from a user for making a payment;
      
      providing a user authorization token specific to a particular activity to the user;
      
      receiving a request to execute a pay call with the specific authorization token; and
      
      returning a payment status to the RIA application with a display on the screen of the client device.
  - 17. The non-transitory computer-readable medium of claim 8, wherein the processor performs further step comprising:
    - sending an out of band confirmation to a user of the client device.
  - 18. The non-transitory computer-readable medium of claim 14, wherein the processor performs further step comprising:
    - providing a user authorization token specific to the particular activity to the user, wherein the user authorization token is provided specific to the particular activity through the payment library to the RIA application for receipt by the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Original Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Inventors
Jamkhedkar, Prashant, Mardikar, Upendra, Wenger, Mark, Asher, Mehul, Chau, Victor
Primary Examiner(s)
Ravetti, Dante

Application Number

US13/293,004
Publication Number

US 20120116925A1
Time in Patent Office

1,504 Days
Field of Search

705/27, 705/16, 705/21, 705/59, 705/71, 380/44, 380/262, 380/278, 380/279
US Class Current

1/1
CPC Class Codes

G06F 21/52   during program execution, e...

G06Q 20/206   comprising security or oper...

G06Q 20/3223   Realising banking transacti...

G06Q 20/356   Aspects of software for car...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 30/00   Commerce

G06Q 30/0641   Shopping interfaces

Secure in-line payments for rich internet applications

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

20 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Secure in-line payments for rich internet applications

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links