Apparatus and methods for the secure transfer of electronic data
First Claim
1. A method for processing a secure electronic transaction sent over a network from a sender computing device to a receiver computing device, the method comprising:
- receiving an encryption packet at the receiver computing device, the encryption packet signed with a digital signature of the sender computing device and including;
a first encryption layer of information selected by a user of the sender computing device, anda unique representation of the selected information, the unique representation signed with the digital signature of the sender computing device;
sending a verification request from the receiver computing device to a validation authority, the verification request including the digital signature of the sender computing device and requesting verification of an authenticity of the digital signature of the sender computing device;
receiving a response from the validation authority, the response verifying the authenticity of the digital signature of the sender computing device;
generating a receipt, wherein generating the receipt includes signing the unique representation of the selected information of the encryption packet with a digital signature of the receiver computing device;
sending the receipt containing the signed unique representation of the selected information to an electronic postmark server without sending the first encryption layer and the selected information, the receiver computing device sending the receipt after the receiver computing device received the response verifying the authenticity of the digital signature of the sender computing device; and
receiving from the electronic postmark server a postmarked receipt, the postmarked receipt having been generated from the receipt sent by the receiver computing device and not including the first encryption layer and the selected information.
1 Assignment
0 Petitions
Accused Products
Abstract
An embodiment of the invention provides a method for processing a secure electronic transaction over a network from a sender to a receiver, which includes the process of generating a first unique representation of information included in the transaction, encrypting the information with a first encryption layer, and forming an encryption packet which includes the first encryption layer. The encryption packet is then transmitted over a network and then received the by a receiver. The authenticity of the encryption packet is verified and a receipt is generated using the information included in the encryption packet. The receipt is then transmitted to an electronic postmark server which verifies authenticity of the receipt. A postmarked receipt is then created by the electronic postmark server and a copy is sent to the sender an/or the receiver.
88 Citations
17 Claims
-
1. A method for processing a secure electronic transaction sent over a network from a sender computing device to a receiver computing device, the method comprising:
-
receiving an encryption packet at the receiver computing device, the encryption packet signed with a digital signature of the sender computing device and including; a first encryption layer of information selected by a user of the sender computing device, and a unique representation of the selected information, the unique representation signed with the digital signature of the sender computing device; sending a verification request from the receiver computing device to a validation authority, the verification request including the digital signature of the sender computing device and requesting verification of an authenticity of the digital signature of the sender computing device; receiving a response from the validation authority, the response verifying the authenticity of the digital signature of the sender computing device; generating a receipt, wherein generating the receipt includes signing the unique representation of the selected information of the encryption packet with a digital signature of the receiver computing device; sending the receipt containing the signed unique representation of the selected information to an electronic postmark server without sending the first encryption layer and the selected information, the receiver computing device sending the receipt after the receiver computing device received the response verifying the authenticity of the digital signature of the sender computing device; and receiving from the electronic postmark server a postmarked receipt, the postmarked receipt having been generated from the receipt sent by the receiver computing device and not including the first encryption layer and the selected information. - View Dependent Claims (2, 3, 9, 10)
-
-
4. A system for processing a secure electronic transaction sent over a network from a sender computing device to a receiver computing device, the system comprising:
-
a sender computing device that receives transaction information selected by a user of the sender computing device and executes instructions stored in memory, wherein execution of the instructions by a processor of the sender computing device; generates a unique representation of the selected information, signs the unique representation of the selected information with a digital signature of the sender computing device, encrypts the selected information in a first encryption layer, and forms an encryption packet, wherein forming the encryption packet includes combining the first encryption layer and the unique representation of the selected information, encrypting the combined first encryption layer and unique representation of the selected information, and signing the encryption packet with the digital signature of the sender computing device; a receiver computing device that receives the encryption packet over the network from the sender computing device and executed instructions stored in memory, wherein execution of the instructions by a processor of the receiver computing device; sends a verification request to a validation authority, the validation request requesting verification of an authenticity of the digital signature of the sender computing device, acknowledges receipt of a response from the validation authority, the response verifying the authenticity of the digital signature of the sender computing device, and generates a receipt, the receipt including the unique representation of the selected information without the first encryption layer and the selected information itself, wherein generating the receipt includes signing the unique representation of the selected information of the encryption packet with a digital signature of the receiver computing device; and an electronic postmark server that receives the receipt from the receiver computing device and executes instructions stored in memory, wherein execution of the instructions by a processor of the electronic postmark server; verifies an authenticity of the receipt based on the digital signature of the receiver computing device, generates a postmarked receipt not containing the first encryption layer and the selected information, wherein generating the postmarked receipt includes; generating a unique representation of the authenticated receipt received from the receiver computing device, appending a temporal stamp to the unique representation of the authenticated receipt, and signing the unique representation of the authenticated receipt with a digital signature of the electronic postmark server, and sends a copy of the postmarked receipt to at least one of the sender computing device and the receiver computing device. - View Dependent Claims (5, 6, 7, 8, 11, 12)
-
-
13. A method for processing a secure electronic transaction sent over a network from a sender computing device to a receiver computing device, the method comprising:
-
receiving an electronic communication from the receiver computing device at an electronic postmark server, the electronic communication indicating that an encrypted electronic message containing encrypted information selected by a user of the sender computing device and a unique representation of the selected information had been received by the receiver computing device from the sender computing device, indicating that an identity of the sender had been verified, and containing a copy of the unique representation of the selected information signed by a digital signature of the receiver computing device without containing the encrypted information selected by the sender; verifying an authenticity of the electronic communication, wherein verifying the authenticity of the electronic communication includes receiving from a verification authority a verification of an authenticity of the digital signature of the receiver computing device; creating an electronic postmarked receipt from the authenticated electronic communication received from the receiver computing device, the postmarked receipt not containing the encrypted information selected by the sender, wherein creating the electronic postmarked receipt includes; generating a unique representation of the authenticated electronic communication, appending a temporal stamp to the unique representation of the authenticated electronic communication, and digitally signing the unique representation of the authenticated electronic communication and the temporal stamp; and sending the signed electronic postmarked receipt to the sender computing device. - View Dependent Claims (14, 15, 16, 17)
-
Specification