Method and system for controlling certificate based open payment transactions

US 9,928,491 B1
Filed: 02/14/2017
Issued: 03/27/2018
Est. Priority Date: 06/11/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

unlocking, by a computer, a programmable memory device with a user'"'"'s predetermined personal identification number;

wherein the programmable memory device is configured to formulate payment instructions, andthe programmable memory device comprising network address instructions for an issuer of the programmable memory device, a user'"'"'s financial account information, and an encryption program;

generating, by the computer, a private/public key pair using a software module of a service provider server;

generating, by the computer, an identification profile that is encrypted with a digital signature based on the private key;

transmitting, by the computer, the encrypted identification profile to the service provider server along with the attached public key for formation of a service provider-backed certificate;

loading, by the computer, the service provider-backed certificate onto the programmable memory device;

attaching, by the computer, the service provider-backed certificate from the programmable memory device to payment information using at least one of the user'"'"'s financial accounts;

encrypting, by the computer, the payment information and the attached service provider-backed certificate using the software module; and

receiving, by the computer, information from the service provider server authorizing payment using the programmable memory device from at least one of the user'"'"'s financial accounts.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for controlling certificate-based open payment transactions involving a merchant and a customer utilizing various types of networks and terminals. Prior to accessing a merchant POS terminal or, for example, a merchant website, a customer obtains a certificate from a service provider (SP), such as a bank, certifying his identification (ID) and his relevant financial information, in a form that is understandable by the SP. The SP is capable of performing multiple functions. For example, the SP is capable of acting as a certificate authority when it issues the customer'"'"'s certificates, an authenticator when it receives private-key encrypted certificates from the customers to be decrypted using the corresponding public-key, and an authorizing authority when it checks the value available in a customer'"'"' chosen payment account against the requested purchase or transfer amount.

24 Citations

20 Claims

1. A method comprising:
- unlocking, by a computer, a programmable memory device with a user'"'"'s predetermined personal identification number;
  
  wherein the programmable memory device is configured to formulate payment instructions, andthe programmable memory device comprising network address instructions for an issuer of the programmable memory device, a user'"'"'s financial account information, and an encryption program;
  
  generating, by the computer, a private/public key pair using a software module of a service provider server;
  
  generating, by the computer, an identification profile that is encrypted with a digital signature based on the private key;
  
  transmitting, by the computer, the encrypted identification profile to the service provider server along with the attached public key for formation of a service provider-backed certificate;
  
  loading, by the computer, the service provider-backed certificate onto the programmable memory device;
  
  attaching, by the computer, the service provider-backed certificate from the programmable memory device to payment information using at least one of the user'"'"'s financial accounts;
  
  encrypting, by the computer, the payment information and the attached service provider-backed certificate using the software module; and
  
  receiving, by the computer, information from the service provider server authorizing payment using the programmable memory device from at least one of the user'"'"'s financial accounts.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method according to claim 1, wherein the identification profile comprises name, address, social security number, and birthdate of the user.
  - 3. The method according to claim 1, wherein the programmable memory device is a smart card.
  - 4. The method according to claim 1, wherein the network is Internet.
  - 5. The method according to claim 1, wherein authorizing the payment includes requesting via a network authorization from a user'"'"'s financial institution that maintains the user'"'"'s financial account information.
  - 6. The method according to claim 1, wherein authorizing the payment amount is read from payment instructions.
  - 7. The method according to claim 6, wherein the payment instructions include an encrypted personal identification number recognizable by the user'"'"'s financial institution for accessing the user'"'"'s financial account information.
  - 8. The method according to claim 1, wherein the user'"'"'s financial account information includes user'"'"'s financial institution routing number.
  - 9. The method according to claim 1, wherein the user'"'"'s financial account information includes the user'"'"'s account identifier.
  - 10. The method according to claim 9, wherein the user'"'"'s account identifier includes at least one of an account type and an account number.

11. A system for facilitating a financial transaction comprising:
- a programmable memory device comprising at least one processor, the user'"'"'s financial account information, network addressing instructions for at least the issuer of the programmable memory device, and an encryption program, the programmable memory device configured to unlock with a user'"'"'s predetermined personal identification number;
  
  a private/public key pair generated using a software provided by a service provider;
  
  an identification profile that is encrypted with a digital signature based on the private key, wherein the encrypted identification profile is transmitted to the service provider along with the attached public key for formation of a service provider-backed certificate, and wherein the service provider-backed certificate is loaded onto the programmable memory device;
  
  a terminal configured for reading information from the programmable memory device to facilitate a payment from at least one of a user'"'"'s financial accounts; and
  
  a server configured for receiving information from the terminal read from the programmable memory device and authorizing payment from at least one of the user'"'"'s financial accounts.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The system according to claim 11, wherein the identification profile comprises name, address, social security number, and birthdate of the user.
  - 13. The system according to claim 11, wherein the programmable memory device is a smart card.
  - 14. The system according to claim 11, wherein the network is Internet.
  - 15. The system according to claim 11, wherein authorizing the payment includes requesting via a network authorization from a user'"'"'s financial institution that maintains the user'"'"'s financial account information.
  - 16. The system according to claim 11, wherein authorizing the payment amount is read from payment instructions.
  - 17. The system according to claim 16, wherein the payment instructions include an encrypted personal identification number recognizable by the user'"'"'s financial institution for accessing the user'"'"'s financial account information.
  - 18. The system according to claim 11, wherein the user'"'"'s financial account information includes user'"'"'s financial institution routing number.
  - 19. The system according to claim 11, wherein the user'"'"'s financial account information includes the user'"'"'s account identifier.
  - 20. The system according to claim 19, wherein the user'"'"'s account identifier includes at least one of an account type and an account number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citicorp Credit Services Incorporated (Citigroup Incorporated)
Original Assignee
Citicorp Credit Services Incorporated (Citigroup Incorporated)
Inventors
Kawan, Joseph C., Chu, Ronald King-Hang, Golvin, Charles, Tompkins, Peter
Primary Examiner(s)
Hamilton, Lalita M

Application Number

US15/432,676
Time in Patent Office

406 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/105   Arrangements for software l...

G06F 21/107   License processing; Key pro...

G06F 21/121   Restricting unauthorised ex...

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/10   specially adapted for elect...

G06Q 20/102   Bill distribution or payments

G06Q 20/12   specially adapted for elect...

G06Q 20/145   Payments according to the d...

G06Q 20/38215   Use of certificates or encr...

G06Q 20/3829   involving key management

G06Q 20/405   Establishing or using trans...

G06Q 2220/18   Licensing

G06Q 40/00   Finance; Insurance; Tax str...

Method and system for controlling certificate based open payment transactions

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

24 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for controlling certificate based open payment transactions

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links