Centralized electronic commerce card transactions

US 9,710,811 B2
Filed: 09/30/2009
Issued: 07/18/2017
Est. Priority Date: 11/06/2003
Status: Active Grant

First Claim

Patent Images

1. An electronic commerce card authentication system comprising:

a central transaction server having a processor and a computer-readable non-transitory medium coupled to the processor, the computer readable medium comprising code that when executed by the processor causes the processor to perform a method comprising;

receiving a verifying enrollment request from a directory server, wherein the verifying enrollment request comprises electronic commerce card information;

sending a verifying enrollment response to the directory server, the verifying enrollment response indicating an access control server that will process an authentication request;

receiving the authentication request from a cardholder system;

forwarding the authentication request to the access control server;

evaluating a response from the access control server, wherein the response is either an unintelligible response or a non-response from the access control server in response to the forwarded authentication request;

analyzing the response from the access control server to determine if the response is unintelligible or the access control server should have provided the response when no message is received from the access control server;

based on the analysis, generating an attempted authentication response when the access control server does not reply or provides the unintelligible response, wherein;

the central transaction server generates the attempted authentication response independently of the access control server,the attempted authentication response includes an indication of the determination regarding the no reply or the unintelligible response,the attempted authentication response includes a uniform resource locator (URL) associated with the central transaction server instead of a URL associated with the access control server, andthe attempted authentication response includes a pseudonym associated with the electronic commerce card information; and

forwarding the attempted authentication response to the cardholder system.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A central transaction server in electronic commerce card authorization system enables the electronic commerce card association to manage and monitor the authentication system. The central transaction server acts as an intermediary for all communications between the access control server used for authentication. If any portion of the authentication system fails, the central transaction server compensates by providing appropriate responses to other portions of the system. The centralized transaction server translates all incoming traffic into a format compatible with the intended recipient, enabling portions of the system to be upgraded without breaking compatibility with the non-upgraded portions. The centralized transaction server also enables the integration of formally separate portions of the authentication system into a single unit. The directory and the authentication history servers can be integrated into the central transaction server, and the central transaction server can initiate charges to the electronic commerce card automatically, bypassing the card acquirer.

258 Citations

22 Claims

1. An electronic commerce card authentication system comprising:
- a central transaction server having a processor and a computer-readable non-transitory medium coupled to the processor, the computer readable medium comprising code that when executed by the processor causes the processor to perform a method comprising;
  
  receiving a verifying enrollment request from a directory server, wherein the verifying enrollment request comprises electronic commerce card information;
  
  sending a verifying enrollment response to the directory server, the verifying enrollment response indicating an access control server that will process an authentication request;
  
  receiving the authentication request from a cardholder system;
  
  forwarding the authentication request to the access control server;
  
  evaluating a response from the access control server, wherein the response is either an unintelligible response or a non-response from the access control server in response to the forwarded authentication request;
  
  analyzing the response from the access control server to determine if the response is unintelligible or the access control server should have provided the response when no message is received from the access control server;
  
  based on the analysis, generating an attempted authentication response when the access control server does not reply or provides the unintelligible response, wherein;
  
  the central transaction server generates the attempted authentication response independently of the access control server,the attempted authentication response includes an indication of the determination regarding the no reply or the unintelligible response,the attempted authentication response includes a uniform resource locator (URL) associated with the central transaction server instead of a URL associated with the access control server, andthe attempted authentication response includes a pseudonym associated with the electronic commerce card information; and
  
  forwarding the attempted authentication response to the cardholder system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 21)
- - 2. The electronic commerce card authentication system of claim 1, wherein the attempted authentication response is adapted to be analyzed by a networked system, and wherein the networked system that analyzes the attempted authentication response is a merchant system.
  - 3. The electronic commerce card authentication system of claim 1, wherein the central transaction server is configured to send the verifying enrollment response in response to a query to the access control server.
  - 4. The electronic commerce card authentication system of claim 1, wherein the pseudonym is included in the verifying enrollment response.
  - 5. The electronic commerce card authentication system of claim 4, wherein the pseudonym was previously created by a merchant system.
  - 6. The electronic commerce card authentication system of claim 1, wherein the central transaction server is adapted to initiate a charge request via a card association network in response to generating the attempted authentication response.
  - 7. The electronic commerce card authentication system of claim 3, wherein the central transaction server is configured to:
    - modify the verifying enrollment response received from the access control server and send the modified verifying enrollment response to the directory server.
  - 21. The method of claim 1 wherein a cardholder initiates an online purchase before verifying enrollment request is received at the central transaction server.

8. A method of authenticating electronic commerce card information provided by a cardholder, the method comprising:
- receiving, by a central transaction server computer, a verifying enrollment request from a directory server, wherein the verifying enrollment request comprises electronic commerce card information;
  
  sending, by the central transaction server computer, a verifying enrollment response to the directory server, the verifying enrollment response indicating an access control server that will process an authentication request;
  
  receiving, by the central transaction server computer, the authentication request from a cardholder system;
  
  forwarding, by the central transaction server computer, the authentication request to the access control server;
  
  evaluating a response from the access control server, wherein the response is either an unintelligible response or a non-response from the access control server in response to the forwarded authentication request;
  
  analyzing the response from the access control server to determine if the response is unintelligible or the access control server should have provided the response when no message is received from the access control server;
  
  based on the determination, generating, by the central transaction server computer, an attempted authentication response when the access control server does not reply or provides the unintelligible response, wherein;
  
  the central transaction server computer generates the attempted authentication response independently of the access control server,the attempted authentication response includes an indication of the determination regarding the no reply or the unintelligible response,the attempted authentication response includes a uniform resource locator (URL) associated with the central transaction server computer instead of a URL associated with the access control server, andthe attempted authentication response includes a pseudonym associated with the electronic commerce card information; and
  
  forwarding, by the central transaction server computer, the attempted authentication response to the cardholder system.
- View Dependent Claims (9, 10, 11, 12, 13, 22)
- - 9. The method of claim 8, wherein the attempted authentication response is adapted to be analyzed by a networked system, and wherein the networked system that analyzes the attempted authentication response is a merchant system.
  - 10. The method of claim 8, wherein the verifying enrollment response is sent in response to a query to the access control server.
  - 11. The method of claim 8, wherein, the pseudonym is included in the verifying enrollment response.
  - 12. The method of claim 8, wherein the pseudonym is created by a merchant system.
  - 13. The method of claim 8, further comprising initiating a charge request via a card association network in response to generating the attempted authentication response.
  - 22. The method of claim 8 wherein the attempted authentication response is adapted to be analyzed by a networked system, and wherein the networked system is a merchant computer that receives a card number and expiration date from the cardholder.

14. A non-transitory storage medium including a set of instruction adapted to operate an information processing device to perform a set of steps, the set of steps comprising:
- receiving a verifying enrollment request from a directory server, wherein the verifying enrollment request comprises electronic commerce card information;
  
  sending a verifying enrollment response to the directory server, the verifying enrollment response indicating an access control server that will process an authentication request;
  
  receiving the authentication request from a cardholder system;
  
  forwarding the authentication request to the access control server;
  
  evaluating a response from the access control server, wherein the response is either an unintelligible response or a non-response from the access control server in response to the forwarded authentication request;
  
  analyzing the response from the access control server to determine if the response is unintelligible or the access control server should have provided the response when no message is received from the access control server;
  
  based on the determination, generating an attempted authentication response when the access control server does not reply or provides the unintelligible response, wherein;
  
  a central transaction server generates the attempted authentication response independently of the access control server,the attempted authentication response includes an indication of the determination regarding the no reply or the unintelligible response,the attempted authentication response includes a uniform resource locator (URL) associated with the central transaction server instead of a URL associated with the access control server, andthe attempted authentication response includes a pseudonym associated with the electronic commerce card information; and
  
  forwarding the attempted authentication response to the cardholder system.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The non-transitory storage medium of claim 14, wherein the attempted authentication response is adapted to be analyzed by a networked system, and wherein the networked system that analyzes the attempted authentication response is a merchant system.
  - 16. The non-transitory storage medium of claim 14, wherein the verifying enrollment response is sent in response to a query to the access control server.
  - 17. The non-transitory storage medium of claim 14, wherein the verifying enrollment response is sent to the directory server without querying the access control server, and the set of steps further comprise querying the access control server in response to receiving the authentication request.
  - 18. The non-transitory storage medium of claim 14, wherein the pseudonym is included in the verifying enrollment response.
  - 19. The non-transitory storage medium of claim 14, wherein the pseudonym is previously created by a merchant system.
  - 20. The non-transitory storage medium of claim 14, wherein the set of steps further comprises initiating a charge request via a card association network in response to generating the attempted authentication response.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa USA, Inc. (Visa, Inc.)
Original Assignee
Visa USA, Inc. (Visa, Inc.)
Inventors
Davis, Steve
Primary Examiner(s)
Hayes, John
Assistant Examiner(s)
HALE, TIM B

Application Number

US12/571,213
Publication Number

US 20100023437A1
Time in Patent Office

2,848 Days
Field of Search

705 64- 79
US Class Current
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/0855   involving a third party

G06Q 20/108   Remote banking, e.g. home b...

G06Q 20/12   specially adapted for elect...

G06Q 20/14   specially adapted for billi...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/383   Anonymous user system

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 40/00   Finance; Insurance; Tax str...

Centralized electronic commerce card transactions

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

258 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Centralized electronic commerce card transactions

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

258 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links