METHODS AND APPARATUS FOR CONDUCTING ELECTRONIC TRANSACTIONS

US 20120240227A1
Filed: 06/04/2012
Published: 09/20/2012
Est. Priority Date: 08/31/1999
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

scanning, by a computer-based system for altering executable commands and while in a transaction session, a third party request to find executable commands, wherein the executable commands are associated with a selected programming language; and

at least one of editing and removing, by the computer-based system, at least a portion of the executable commands, wherein the at least one of editing and removing comprises at least one of;

rendering the executable commands unexecutable by a network client by removing a character of the executable commands, andrendering the executable commands unexecutable by the network client by replacing particular characters within the executable commands.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for conducting electronic commerce are disclosed. In various embodiments, the electronic transaction is a purchase transaction. A user is provided with an intelligent token, such as a smartcard containing a digital certificate. The intelligent token suitably authenticates with a server on a network that conducts all or portions of the transaction on behalf of the user. In various embodiments a wallet server interacts with a security server to provide enhanced reliability and confidence in the transaction. In various embodiments, the wallet server includes a toolbar. In various embodiments, the digital wallet pre-fills forms. Forms may be pre-filled using an auto-remember component.

6 Citations

View as Search Results

19 Claims

1. A method comprising:
- scanning, by a computer-based system for altering executable commands and while in a transaction session, a third party request to find executable commands, wherein the executable commands are associated with a selected programming language; and
  
  at least one of editing and removing, by the computer-based system, at least a portion of the executable commands, wherein the at least one of editing and removing comprises at least one of;
  
  rendering the executable commands unexecutable by a network client by removing a character of the executable commands, andrendering the executable commands unexecutable by the network client by replacing particular characters within the executable commands.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, further comprising receiving, by the computer-based system, a transaction request from a user for a transaction at a merchant server.
  - 3. The method of claim 1, further comprising:
    - forwarding, by the computer-based system, a challenge to a user, wherein the challenge is passed to an intelligent token for processing the challenge, and wherein the intelligent token generates a response to the challenge;
      
      receiving, by the computer-based system, the response from the user based upon the challenge;
      
      processing, by the computer-based system, the response;
      
      verifying, by the computer-based system, the intelligent token;
      
      assembling, by the computer-based system, credentials for a transaction, wherein the credentials comprise a key; and
      
      providing, by the computer-based system, at least a portion of the assembled credentials to the user.
  - 4. The method of claim 1, further comprising:
    - receiving, by the computer-based system, a second request from a user, wherein the second request includes the portion of assembled credentials provided to the user;
      
      validating, by the computer-based system, the portion of the assembled credentials provided to the user with a key of the assembled credentials providing access to a transaction service; and
      
      initiating, by the computer-based system, a transaction session for use with the transaction service.
  - 5. The method of claim 1, further comprising rejecting a request in response to the third party request containing the executable commands having a hostile character.
  - 6. The method of claim 1, further comprising logging the executable commands to form a security log.
  - 7. The method of claim 6, further comprising reviewing the security log to determine whether the executable commands are hostile.
  - 8. The method of claim 1, wherein the executable commands cause an unwanted action in response to execution.
  - 9. The method of claim 1, wherein the executable commands are malicious.
  - 10. The method of claim 1, further comprising receiving a request for a connection at the computer and from the network client.
  - 11. The method of claim 10, further comprising verifying that a response from the computer to the network client is void of the executable commands.
  - 12. The method of claim 11, further comprising providing the response from the computer to the network client.
  - 13. The method claim 1, wherein the rendering the executable commands unexecutable by the network client by replacing particular characters within the executable commands comprises converting a script format character to another character, wherein the script format character identifies a block of code.
  - 14. The method claim 1, wherein the rendering the executable commands unexecutable by the network client by removing a character of the executable commands comprises removing a script format character, wherein the script format character identifies a block of code.
  - 15. The method of claim 1, wherein the selected programming language comprises at least one of javascript, SQL code, XML code and markup language.
  - 16. The method of claim 1, further comprising rejecting a transaction request in response to a third party request being received from a merchant server, wherein the third party request comprises hostile code.
  - 17. The method of claim 1, further comprising rejecting a transaction request in response to a third party request being received from an advertisement on a merchant server, wherein the third party request comprises hostile code.

18. An article of manufacture including a non-transitory, tangible computer readable storage medium having instructions stored thereon that, in response to execution by a computer based system for altering executable commands, cause the computer-based system to perform operations comprising:
- scanning, by the computer-based system and while in a transaction session, a third party request to find executable commands, wherein the executable commands are associated with a selected programming language; and
  
  at least one of editing and removing, by the computer-based system, at least a portion of the executable commands, wherein the at least one of editing and removing comprises at least one of;
  
  rendering the executable commands unexecutable by a network client by removing a character of the executable commands, andrendering the executable commands unexecutable by the network client by replacing particular characters within the executable commands.

19. A system comprising:
- a tangible, non-transitory memory communicating with a server for altering executable commands,the tangible, non-transitory memory having instructions stored thereon that, in response to execution by the server, cause the server to perform operations comprising;
  
  scanning, by the server and while in a transaction session, a third party request to find executable commands, wherein the executable commands are associated with a selected programming language; and
  
  at least one of editing and removing, by the server, at least a portion of the executable commands, wherein the at least one of editing and removing comprises at least one of;
  
  rendering the executable commands unexecutable by a network client by removing a character of the executable commands, andrendering the executable commands unexecutable by the network client by replacing particular characters within the executable commands.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Liberty Peak Ventures, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Inventors
Bishop, Fred Alan, Glazer, Elliott Harold, Gorgol, Zygmunt Steven, Hohle, William G., Johnson, Michael G., Johnstone, David E., Lake, Walter Donald, Royer, Coby, Simkin, Marvin, Swift, Nick, White, Dirk B., Bennett, Russell

Granted Patent

US 9,519,894 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06Q 20/105   involving programming of a ...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/363   with the personal data of a...

G06Q 20/367   involving electronic purses...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/401   Transaction verification

G06Q 20/4097   using mutual authentication...

G06Q 30/0613   Third-party assisted

G07F 7/0866   by active credit-cards adap...

G07F 7/1008   Active credit-cards provide...

METHODS AND APPARATUS FOR CONDUCTING ELECTRONIC TRANSACTIONS

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

6 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

METHODS AND APPARATUS FOR CONDUCTING ELECTRONIC TRANSACTIONS

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

6 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links