Method and system for using electronic communications for an electronic contract
First Claim
1. A method for establishing an electronic contract between a first party and a second party, comprising the steps of:
- (i) initially, establishing an account of the first party, the account being maintained by the second party, wherein the step of establishing the account comprises;
(a) assigning an identifier to the account;
(b) receiving a public key of a public/private key pair directly from the first party, the private key of the public/private key pair being stored securely within a device of the first party, the device being adapted to generate digital signatures using the private key;
(c) associating the public key with the identifier in a database of the second party; and
(d) associating a security profile of the device with the account, the security profile indicative of the security level of the device;
(ii) thereafter,(a) the first party formulating an offer associated with the electronic contract;
(b) the device generating a verification status indicator based on a comparison of verification data provided to the device with verification data of the first party pre-stored within the device;
(c) the first party using the device to generate a digital signature of the offer and the verification status indicator;
(d) the first party communicating an electronic communication to the second party, the electronic communication including the identifier, the offer, the digital signature, and the verification status indicator;
(e) in response to receipt of the electronic communication and based on the identifier obtained therefrom, the second party authenticating the digital signature with the public key associated with the account and accessing the security profile of the device from the database; and
(f) if the digital signature authenticates, the second party determining a response to the offer as a function of the security level of the device and as a function of the verification status indicator obtained from the electronic communication.
8 Assignments
0 Petitions
Accused Products
Abstract
A method and system for digitally signing an electronic contract document. An electronic communication contains an identifier, a message, which includes the document, and a digital signature generated with a private key of an asymmetric key pair (247). The identifier may be used to retrieve a corresponding public key (287) and account information pertaining to the sender of the message. The public key may be used to authenticate the sender and the message. A device containing the private key may be used to protect the privacy thereof. The device may also generate a verification status indicator corresponding to verification data input into the device. The indicator may also be used as evidence that the sender of a contract document performed an overt act in causing the electronic communication to be digitally signed. A security profile linked to the public key in a secure database indicates security characteristics of the device.
195 Citations
20 Claims
-
1. A method for establishing an electronic contract between a first party and a second party, comprising the steps of:
-
(i) initially, establishing an account of the first party, the account being maintained by the second party, wherein the step of establishing the account comprises; (a) assigning an identifier to the account; (b) receiving a public key of a public/private key pair directly from the first party, the private key of the public/private key pair being stored securely within a device of the first party, the device being adapted to generate digital signatures using the private key; (c) associating the public key with the identifier in a database of the second party; and (d) associating a security profile of the device with the account, the security profile indicative of the security level of the device; (ii) thereafter, (a) the first party formulating an offer associated with the electronic contract; (b) the device generating a verification status indicator based on a comparison of verification data provided to the device with verification data of the first party pre-stored within the device; (c) the first party using the device to generate a digital signature of the offer and the verification status indicator; (d) the first party communicating an electronic communication to the second party, the electronic communication including the identifier, the offer, the digital signature, and the verification status indicator; (e) in response to receipt of the electronic communication and based on the identifier obtained therefrom, the second party authenticating the digital signature with the public key associated with the account and accessing the security profile of the device from the database; and (f) if the digital signature authenticates, the second party determining a response to the offer as a function of the security level of the device and as a function of the verification status indicator obtained from the electronic communication. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for establishing an electronic contact between a first party and a second party, comprising the steps of:
-
(i) initially, setting up an account of the first party with the second party, wherein the step of establishing the account comprises; (a) storing a public key of a public/private key pair of the first party in a database of the second party, the private key of the public/private key pair being stored securely only within a device of the first party, the device being adapted to generate digital signatures using the private key; (b) associating an identifier with the account of the first party; (c) associating the public key with the account such that the public key is retrievable based on the identifier; and (d) associating a security profile of the device with the account, the security profile indicative of the security level of the device; (ii) thereafter, (a) the first party formulating an offer associated with the electronic contract; (b) the device generating a verification status indicator based on a comparison of verification data provided to the device with verification data of the first party pre-stored within the device; (c) the first party using the device to generate a digital signature of the offer and the verification status indicator; (d) the first party communicating an electronic communication to the second party, the electronic communication including the offer, the identifier, the digital signature, and the verification status indicator; (e) in response to receipt of the electronic communication and based on the identifier obtained therefrom, the second party authenticating the digital signature with the public key associated with the identifier and accessing the security profile of the device from the database; and (f) if the digital signature authenticates, the second party determining a response to the offer as a function of the security level of the device and as a function of the verification status indicator obtained from the electronic communication. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A method for creating an electronic contract between a first party and a second party, comprising the steps of:
-
(i) initially, establishing an account of the first party with the second party, wherein the step of establishing the account comprises; (a) assigning an identifier to the account; (b) storing a public key of a public/private key pair of the first party in a database of the second party, the private key of the public/private key pair being stored securely within a device of the first party, the device being adapted to generate digital signatures using the private key; and (c) associating the public key with the identifier; (ii) thereafter, (a) the first party formulating an offer associated with the electronic contact; (b) the device generating a verification status indicator based on a comparison of verification data provided to the device with verification data of the first party pre-stored within the device; (c) the first party using the device to generate a digital signature of a message, wherein the message contains the offer and the verification status indicator; (d) the first party communicating an electronic communication to the second party, the electronic communication including the message and the digital signature; (e) in response to receipt of the electronic communication and based on the identifier obtained therefrom, the second party authenticating the digital signature with the public key associated with the identifier and accessing the security profile of the device from the database; and (f) if the digital signature authenticates, the second party determining a response to the offer based on pre-stored verification status indicator-related business rules maintained by the second party. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A method for creating an electronic contract between a first party and a second party, comprising the steps of:
-
(i) initially, establishing an account of the first party with the second party, wherein the step of establishing the account comprises; (a) assigning an identifier to the account of the first party; (b) storing a public key of a public/private key pair of the first party in a database of the second party, the private key of the public/private key pair being stored securely within a device of the first party, the device being adapted to generate digital signatures using the private key; (c) associating the public key with the identifier; and (d) associating a security profile of the device with the account, the security profile indicative of the security level of the device; (ii) thereafter, (a) the first party formulating an offer associated with the electronic contract; (b) the device generating a verification status indicator based on a comparison of verification data provided to the device wit verification data of the first party pre-stored within the device; (c) the first party using the device to generate a digital signature of the offer and the verification status indicator; (d) the first party communicating an electronic communication to the second party, the electronic communication including the offer, the identifier, and the digital signature; (e) in response to receipt of the electronic communication and based on the identifier obtained therefrom, the second party authenticating the digital signature with the public key associated wit the identifier and accessing the security profile of the device from the database; and (f) if the digital signature authenticates, the second party determining a response to the after based on pre-stored security-profile-related business rules maintained by the second party. - View Dependent Claims (18, 19, 20)
-
Specification