Process and method for secure online transactions with calculated risk and against fraud
First Claim
1. A method of engaging in electronic commerce, providing at least one host, at least one buyer, at least one seller, and at least one payment clearing processor, comprising:
- (a) specifying by the buyer a host, and sending by the buyer an order for goods and services online to the seller, without sending payment card number along with said order, nor any number that is a reference to the payment card number;
(b) confirming by the seller said order with said buyer, and assigning by the seller an orderID for the order;
(c) authorizing by the buyer payment of said order by sending a payment authorization request and secret keys to said host with said orderID in a payment form;
(d) requesting by the seller for payment approval of the order from buyer'"'"'s payment card issuer, through said host, by sending a message of a payment approval request to the host with said orderID;
(e) matching up by the host orderIDs received from the buyer and the seller, and content from the payment authorization request with the content from the payment approval request. wherein the payment authorization request and the payment approval request received by the host are matched over a time period determined by the host, detecting that the payment authorization request and payment approval request are not matched within the time period, and terminating the order by the host by expiring the payment approval request.
0 Assignments
0 Petitions
Accused Products
Abstract
An electronic commerce process that facilitates online transactions among multiple participants, that prevents consumer fraud due to pirated payment card numbers, with calculated risk, involving at least one trusted payment card host (3), where buyer'"'"'s payment card number is registered and corresponding secret keys are set up. The buyer (1b) initiates an online transaction by selecting a host from a list of hosts that served by the seller'"'"'s web server (2a). Then, the buyer participant (1a) sends an order online (4), SSL encrypted. The seller participant (2a) receives and decrypts the order, confirms the availability of ordered items, assigns an orderID to the order, and sends a response (5a), SSL encrypted, to the buyer participant (1a) with the assigned orderID. The buyer participant (1a) encrypts and notifies the selected host (3) of this order and orderID, and authorizes the payment (6a) using secret keys. At the same time, the seller participant also encrypts and sends payment approval request (7) for this orderID through the host. The host (3) decrypts and matches up the orderID, retrieves the secret keys, and hashes to obtain the corresponding payment card number. The host then encrypts and send for payment authorization (8a) from the payment card issuer with the payment card number, through payment clearing network. Upon receiving and decrypting the response (9) back from the payment card issuer, the host (3) encrypts and notifies (10a) the seller participant (2a) of the card issuer'"'"'s response (9) for the orderID. After fulfilling the order (11,12), the seller participant encrypts and sends for payment capturing (13a) for this order with orderID, through the host and payment network (14a,15,16).
-
Citations
47 Claims
-
1. A method of engaging in electronic commerce, providing at least one host, at least one buyer, at least one seller, and at least one payment clearing processor, comprising:
-
(a) specifying by the buyer a host, and sending by the buyer an order for goods and services online to the seller, without sending payment card number along with said order, nor any number that is a reference to the payment card number; (b) confirming by the seller said order with said buyer, and assigning by the seller an orderID for the order; (c) authorizing by the buyer payment of said order by sending a payment authorization request and secret keys to said host with said orderID in a payment form; (d) requesting by the seller for payment approval of the order from buyer'"'"'s payment card issuer, through said host, by sending a message of a payment approval request to the host with said orderID; (e) matching up by the host orderIDs received from the buyer and the seller, and content from the payment authorization request with the content from the payment approval request. wherein the payment authorization request and the payment approval request received by the host are matched over a time period determined by the host, detecting that the payment authorization request and payment approval request are not matched within the time period, and terminating the order by the host by expiring the payment approval request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for enabling a buyer-seller transaction using a host, the buyer-seller transaction comprising:
-
buyer orders, seller order IDs and buyer payment forms transmitted between a buyer and a seller;
wherein the transaction further comprises;at least one seller receiving an order for one or more items from at least one buyer, without receiving a payment card number along with said order, nor any number that is a reference to the payment card number, by at least one seller; the at least one seller sending an order ID for the one or more items to the at least one buyer by the at least one seller; the at least one seller receiving by the at least one seller from the at least one buyer a payment form having the order ID for the one or more items;
andwherein the host comprises a secure computer server that includes a repository of buyer payment card data and that communicates via the internet between a buyer web browser and at least one seller merchant server; the method comprising; receiving by a host via the internet from the at least one buyer web browser a payment authorization request comprising the order ID and secret keys for authorization of the payment of the one or more items to be paid by one or more payment cards chosen by the at least one buyer; receiving by the host via the internet from the at least one seller merchant server a payment approval request having the order ID; matching up by the host orderIDs order IDs received from the buyer and the seller, and content from the payment authorization request with the content from the payment approval request, wherein the payment authorization request and the payment approval request received by the host are matched over a time period determined by the host, detecting that the authorization request and payment approval request are not matched within the time period, and terminating the order by the host by expiring the payment approval request; and responsive to expiring the payment approval request, sending a payment-approval request-rejected response via the internet to the seller merchant server. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 46)
-
buyer orders, seller order IDs and buyer payment forms transmitted between a buyer and a seller;
-
45. A method for enabling a transaction, comprising using a host, wherein the transaction comprises:
-
at least one buyer setting up with a host one or more pairs of keys corresponding to one or more payment cards by at least one buyer; at least one seller receiving an order for one or more items from the at least one buyer, without receiving a payment card number along with said order, nor any number that is a reference to the payment card number by at least one seller; the at least one seller sending an order ID for the one or more items to the at least one buyer by the at least one seller; the at least one seller receiving by the at least one seller from the at least one buyer a payment form having the order ID for the one or more items;
andwherein the host comprises a secure computer server that includes a repository of buyer payment card data and that communicates via the internet between a buyer web browser and at least one seller merchant server; the method comprising; receiving by a host via the internet from the at least one buyer web browser a payment authorization request comprising the order ID and one of said key pairs for authorization of the payment of the one or more items to be paid by one or more payment cards chosen by the at least one buyer; receiving by the host via the internet from the at least one seller merchant server a payment approval request having the order ID; matching up by the host orderIDs order IDs received from the buyer and the seller, and content from the payment authorization request with the content from the payment approval request, wherein the payment authorization request and the payment approval request received by the host are matched over a time period determined by the host,; detecting that the authorization request and payment approval request are not matched within the time period, and; terminating, in response to such detection, the order by the host by expiring the payment approval request; and responsive to expiring the payment approval request, sending a payment-approval request-rejected response via the internet to the seller merchant server. - View Dependent Claims (47)
-
Specification