Secure in-line payments for rich internet applications
First Claim
1. A method comprising:
- initiating, by a service provider server, an installation of a payment library on a client device, wherein initiating the installation comprises initiating an execution of a rich Internet application (RIA) that runs on a RIA runtime of the payment library;
receiving, by the service provider server, a connection request from the client device based on the execution of the RIA application;
requesting, by the service provider server, the payment library on the client device to perform a runtime validity check of the RIA application;
receiving, by the service provider server, a result of the runtime validity check from the payment library on the client device;
determining, by the service provider server, from the result of the runtime validity check whether the RIA application is verified as valid;
based on determining the RIA application is verified as valid;
sending, by the service provider server, an app authorization token to the payment library on the client device;
accepting, by the service provider server, user credentials and the app authorization token; and
initiating, by the service provider server, an authentication of the user credentials without requiring redirection of the RIA application to a secure service provider website.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems are provided for making secure financial transactions, such as purchase payments, using rich Internet applications (RIA) running an RIA runtime (also referred to as a platform or framework) on the user'"'"'s smart phone or other mobile device. Embodiments differ from the usual way of re-directing a user from a third-party application and authenticating the user by providing secure in-line payments from a rich Internet application running on an RIA runtime. A system includes: a mobile device executing a rich Internet application running on an RIA runtime; a payment library communicating with the RIA runtime and a service provider, for which the payment library communicates with the service provider to authenticate the rich Internet application; and in response to authentication by the service provider, facilitates secure financial transactions via the rich Internet application.
20 Citations
18 Claims
-
1. A method comprising:
-
initiating, by a service provider server, an installation of a payment library on a client device, wherein initiating the installation comprises initiating an execution of a rich Internet application (RIA) that runs on a RIA runtime of the payment library; receiving, by the service provider server, a connection request from the client device based on the execution of the RIA application; requesting, by the service provider server, the payment library on the client device to perform a runtime validity check of the RIA application; receiving, by the service provider server, a result of the runtime validity check from the payment library on the client device; determining, by the service provider server, from the result of the runtime validity check whether the RIA application is verified as valid; based on determining the RIA application is verified as valid; sending, by the service provider server, an app authorization token to the payment library on the client device; accepting, by the service provider server, user credentials and the app authorization token; and initiating, by the service provider server, an authentication of the user credentials without requiring redirection of the RIA application to a secure service provider website. - View Dependent Claims (2, 3, 4, 5, 6, 7, 15, 16)
-
-
8. A non-transitory computer-readable medium comprising code that, when executed by a processor, causes the processor to perform steps comprising:
-
initiating an installation of a payment library on a client device, wherein initiating the installation comprises initiating an execution of a rich Internet application (RIA) that runs on a RIA runtime of the payment library; receiving a connection request from the client device based on the execution of the RIA application; requesting the payment library on the client device to perform a runtime validity check of the RIA application; receiving a result of the runtime validity check from the payment library on the client device; determining from the result of the runtime validity check whether the RIA application is verified as valid; based on determining the RIA application is verified as valid; sending an app authorization token to the payment library on the client device; accepting user credentials and the app authorization token; and initiating an authentication of the user credentials without requiring redirection of the RIA application to a secure service provider website. - View Dependent Claims (9, 10, 11, 12, 13, 14, 17, 18)
-
Specification