Centralized electronic commerce card transactions
First Claim
1. An electronic commerce card authentication system comprising:
- a central transaction server having a processor and a computer-readable non-transitory medium coupled to the processor, the computer readable medium comprising code that when executed by the processor causes the processor to perform a method comprising;
receiving a verifying enrollment request from a directory server, wherein the verifying enrollment request comprises electronic commerce card information;
sending a verifying enrollment response to the directory server, the verifying enrollment response indicating an access control server that will process an authentication request;
receiving the authentication request from a cardholder system;
forwarding the authentication request to the access control server;
evaluating a response from the access control server, wherein the response is either an unintelligible response or a non-response from the access control server in response to the forwarded authentication request;
analyzing the response from the access control server to determine if the response is unintelligible or the access control server should have provided the response when no message is received from the access control server;
based on the analysis, generating an attempted authentication response when the access control server does not reply or provides the unintelligible response, wherein;
the central transaction server generates the attempted authentication response independently of the access control server,the attempted authentication response includes an indication of the determination regarding the no reply or the unintelligible response,the attempted authentication response includes a uniform resource locator (URL) associated with the central transaction server instead of a URL associated with the access control server, andthe attempted authentication response includes a pseudonym associated with the electronic commerce card information; and
forwarding the attempted authentication response to the cardholder system.
0 Assignments
0 Petitions
Accused Products
Abstract
A central transaction server in electronic commerce card authorization system enables the electronic commerce card association to manage and monitor the authentication system. The central transaction server acts as an intermediary for all communications between the access control server used for authentication. If any portion of the authentication system fails, the central transaction server compensates by providing appropriate responses to other portions of the system. The centralized transaction server translates all incoming traffic into a format compatible with the intended recipient, enabling portions of the system to be upgraded without breaking compatibility with the non-upgraded portions. The centralized transaction server also enables the integration of formally separate portions of the authentication system into a single unit. The directory and the authentication history servers can be integrated into the central transaction server, and the central transaction server can initiate charges to the electronic commerce card automatically, bypassing the card acquirer.
258 Citations
22 Claims
-
1. An electronic commerce card authentication system comprising:
a central transaction server having a processor and a computer-readable non-transitory medium coupled to the processor, the computer readable medium comprising code that when executed by the processor causes the processor to perform a method comprising; receiving a verifying enrollment request from a directory server, wherein the verifying enrollment request comprises electronic commerce card information; sending a verifying enrollment response to the directory server, the verifying enrollment response indicating an access control server that will process an authentication request; receiving the authentication request from a cardholder system; forwarding the authentication request to the access control server; evaluating a response from the access control server, wherein the response is either an unintelligible response or a non-response from the access control server in response to the forwarded authentication request; analyzing the response from the access control server to determine if the response is unintelligible or the access control server should have provided the response when no message is received from the access control server; based on the analysis, generating an attempted authentication response when the access control server does not reply or provides the unintelligible response, wherein; the central transaction server generates the attempted authentication response independently of the access control server, the attempted authentication response includes an indication of the determination regarding the no reply or the unintelligible response, the attempted authentication response includes a uniform resource locator (URL) associated with the central transaction server instead of a URL associated with the access control server, and the attempted authentication response includes a pseudonym associated with the electronic commerce card information; and forwarding the attempted authentication response to the cardholder system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 21)
-
8. A method of authenticating electronic commerce card information provided by a cardholder, the method comprising:
-
receiving, by a central transaction server computer, a verifying enrollment request from a directory server, wherein the verifying enrollment request comprises electronic commerce card information; sending, by the central transaction server computer, a verifying enrollment response to the directory server, the verifying enrollment response indicating an access control server that will process an authentication request; receiving, by the central transaction server computer, the authentication request from a cardholder system; forwarding, by the central transaction server computer, the authentication request to the access control server; evaluating a response from the access control server, wherein the response is either an unintelligible response or a non-response from the access control server in response to the forwarded authentication request; analyzing the response from the access control server to determine if the response is unintelligible or the access control server should have provided the response when no message is received from the access control server; based on the determination, generating, by the central transaction server computer, an attempted authentication response when the access control server does not reply or provides the unintelligible response, wherein; the central transaction server computer generates the attempted authentication response independently of the access control server, the attempted authentication response includes an indication of the determination regarding the no reply or the unintelligible response, the attempted authentication response includes a uniform resource locator (URL) associated with the central transaction server computer instead of a URL associated with the access control server, and the attempted authentication response includes a pseudonym associated with the electronic commerce card information; and forwarding, by the central transaction server computer, the attempted authentication response to the cardholder system. - View Dependent Claims (9, 10, 11, 12, 13, 22)
-
-
14. A non-transitory storage medium including a set of instruction adapted to operate an information processing device to perform a set of steps, the set of steps comprising:
-
receiving a verifying enrollment request from a directory server, wherein the verifying enrollment request comprises electronic commerce card information; sending a verifying enrollment response to the directory server, the verifying enrollment response indicating an access control server that will process an authentication request; receiving the authentication request from a cardholder system; forwarding the authentication request to the access control server; evaluating a response from the access control server, wherein the response is either an unintelligible response or a non-response from the access control server in response to the forwarded authentication request; analyzing the response from the access control server to determine if the response is unintelligible or the access control server should have provided the response when no message is received from the access control server; based on the determination, generating an attempted authentication response when the access control server does not reply or provides the unintelligible response, wherein; a central transaction server generates the attempted authentication response independently of the access control server, the attempted authentication response includes an indication of the determination regarding the no reply or the unintelligible response, the attempted authentication response includes a uniform resource locator (URL) associated with the central transaction server instead of a URL associated with the access control server, and the attempted authentication response includes a pseudonym associated with the electronic commerce card information; and forwarding the attempted authentication response to the cardholder system. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification