Method and system for secure online transaction processing

  • US 5,903,721 A
  • Filed: 03/13/1997
  • Issued: 05/11/1999
  • Est. Priority Date: 03/13/1997
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method for executing a secure online transaction between a user computer and a vendor computer, the vendor computer and the user computer being interconnected to a computer network for data communications therebetween, the user computer having associated therewith a network address unique thereto at the time of the request;

  • the method comprising the steps of;

    a) the user computer executing a transaction request, comprising the steps ofi) generating a user authentication number as a first function ofa user registration number unique to the user computer,time stamp data correlated to the time of the transaction request, andan internally stored user matrix unique to the user computer;

    ii) assigning a network protocol port number as a second function ofthe user registration number,the time stamp data, andthe user matrix;

    iii) transmitting a transaction request message to the vendor computer via the computer network, the transaction request message comprisingthe user registration number,the time stamp data,first data indicative of the requested transaction, andthe network address associated with the user computer;

    b) in response to receiving the transaction request message, the vendor computer sending a transaction verification request to a trust server computer interconnected to the computer network, the transaction verification request comprising(i) the user registration number,(ii) the time stamp data,(iii) second data indicative of the requested transaction, and(iv) the network address associated with the user computer;

    c) in response to receiving the transaction verification request from the vendor computer, the trust server computer authenticating the user computer by(i) calculating the user matrix by from an internal memory by utilizing the received user registration number to address the memory,(ii) generating a trust server authentication number as a first function ofthe received user registration number,the received time stamp data, andthe calculated matrix;

    (iii) calculating an expected network protocol port number as a second function ofthe received user registration number,the received time stamp data, andthe calculated user matrix,(iv) communicating via the computer network with the user computer by utilizing the user computer network address received from the vendor computer and the calculated expected network protocol port number,(v) obtaining from the user computer the user authentication number,(vi) comparing the obtained user authentication number with the generated trust server authentication number; and

    vii) indicating that the user computer is authentic when the comparison step has passed, and indicating that the user computer is not authentic when the comparison step has failed.

View all claims
    ×
    ×

    Thank you for your feedback

    ×
    ×