WO2001092982A2 - Systeme et procede de transactions securisees via un reseau de communication - Google Patents
Systeme et procede de transactions securisees via un reseau de communication Download PDFInfo
- Publication number
- WO2001092982A2 WO2001092982A2 PCT/IL2001/000489 IL0100489W WO0192982A2 WO 2001092982 A2 WO2001092982 A2 WO 2001092982A2 IL 0100489 W IL0100489 W IL 0100489W WO 0192982 A2 WO0192982 A2 WO 0192982A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- customer
- computing device
- order
- supplier
- validating
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3823—Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Definitions
- the present invention relates to network data communications. More particularly, it relates to ensuring the security of transactions conducted over a communications network.
- Transactions carried out via a communications network must be protected from access by unauthorized parties. The protection must extend to the computers of both parties conducting the transaction as well as the communications network itself.
- a common example of such a transaction is where a customer purchases a good or service from a supplier's Web site, in other words an e-commerce transaction.
- hackers can conduct an illegal transaction on the supplier Web site by remotely manipulating a legitimate customer's computer without that customer being aware of his doing so or by impersonating the customer after surreptitiously learning the customer's identification code or credit card number.
- a hacker can penetrate the supplier's Web site, sending bogus information to the customer or intercepting the customer's payment.
- the hacker can interfere with the information transferred between the two parties to the transaction, particularly regarding what the customer thinks he is buying, what the supplier thinks the customer is buying, whether the customer approves payment, and whether payment is received by the supplier.
- US patent 5,883,810 awarded in 1999 to Franklin et al, and entitled "Electronic online commerce card with transaction proxy number for online transactions," describes an online commerce system where an issuing institution generates a temporary transaction number for a customer and associates it with the customer's permanent account number in a data record. The customer submits the transaction number to the merchant as a proxy for the customer account number. The merchant handles the transaction number in the same manner as any regular credit card number. When the merchant asks the issuing institution for verification, the issuing institution references the customer account number, using the transaction number as an index, processes the authorization request using the real customer account number in place of the proxy number, and sends an authorization reply back to the merchant under the transaction number.
- the module includes input means for the customer to enter his order and a DTMF tone generator for communicating the customer order and ID number to a computer via that computer's microphone. While the tone generation is compatible with some aspects of telephony, it is limited for use with computers since it is unidirectional - from the customer to the computer. Furthermore, the customer is required to reenter transaction details himself as part of the confirmation process. This is tedious for the customer and creates the possibility of errors creeping in.
- this system does not include any dedicated secure device for the supplier side of the transaction, nor does it provide for third party validation of the transaction, nor is their a mechanism for verifying that the information presented to the customer is valid.
- the present invention is unique in that it is designed to provide full, affordable, easy-to-use security for electronic transactions. It completely prevents hackers from using the customer and supplier computers to access the critical parts of the transaction. This is accomplished by moving these parts, including encryption/decryption, out of the computers and into dedicated external computing devices.
- the external devices are connected to the computers via a secure communications protocol that limits the computer's access to the device to only predefined functions. No transaction is completed until the customer has approved it via the user input means of his external computing device. Therefore, it is physically impossible for a remote hacker to carry out an unauthorized transaction.
- Another advantage of the present invention is that any or all parts of the invention can be fully automated, operating without human intervention.
- the preferred embodiment of the present invention applies to e-commerce transactions via the Internet.
- the same principles can be applied in alternative embodiments for other forms of data transactions on other types of communications networks.
- a method for facilitating online commerce between a customer's computing device and a supplier's computing device, in cooperation with a validating computing device comp ⁇ sing the following steps: a providing the customer with a dedicated computing means for security-critical parts of the transaction, the computing means having capabilities for encryption/decryption known only to the computing means and the validating computing device and having user input/output means, the customer's dedicated computing means communicating with the customer computing device; and b providing the supplier with a dedicated computing means for security- critical parts of the transaction, the computing means having capabilities for encryption/decryption known only to the computing means and the validating computing device, the supplier's computing means communicating with the supplier's computing device and, through a separate communications channel, with the supplier's order-filling computing means; and c requesting customer confirmation; and d executing payment upon confirmation; and e supplying goods or services,
- the requesting customer confirmation step comprises the following steps:
- a initially validating the customer order on the supplier's order-filling computing means comprises the following steps:
- a decrypting the customer confirmation b notifying the customer's payment provider to execute payment; c receiving confirmation of payment from said payment provider; d encrypting payment confirmation and sending to supplier's dedicated computing means;
- the supplying goods or services step comprises the following steps:
- the customer's dedicated computing means is a stand-alone device. Furthermore, in accordance with another preferred embodiment of the present invention, further comprising that the customer's dedicated computing means is integrated into a remote control unit, the customer's computing device is a Web-enabled television set, and the two are connected via a bidirectional communications means.
- the customer's dedicated computing means is an electronic commerce card
- the supplier's dedicated computing means is a stand-alone device.
- the customer input means on the customer's dedicated computing means is touch-based, as in a keyboard, keypad, or touchscreen and appropriate software.
- the customer input means on the customer's dedicated computing means is voice-based, as in a microphone and voice recognition software.
- the means for output to the customer on the customer's dedicated computing means is display-based, as in an alpha-numeric or graphical display and appropriate software. Furthermore, in accordance with another preferred embodiment of the present invention, further comprising that the means for output to the customer on the customer's dedicated computing means is to a port, as in a parallel port to a printer.
- the validating computing device provides the customer's dedicated computing means with an anonymous identification code.
- a providing the customer with a dedicated computing means for security-critical parts of the transaction, the computing means having capabilities for encryption/decryption known only to the computing means and the validating computing device and having user input/output means, the customer's dedicated computing means communicating with the customer computing device; b the dedicated computing means receiving an encrypted confirmation request from the validating computing device; c decrypting the order and outputting it to the customer; d the customer inputting his or her confirmation; e encrypting the confirmation and sending to the validating computing device;
- a providing the supplier with a dedicated computing means for security- critical parts of the transaction, the computing means having capabilities for encryption/decryption known only to the computing means and the validating computing device, the supplier's computing means communicating with the supplier's computing device and, through a separate communications channel, with the supplier's order-filling computing means; b initially validating the customer order on the supplier's order-filling computing means; c encrypting the order with supplier's private code and sending payment request to the validating computing device; d decrypting payment confirmation received from validating computing device; e notifying supplier's order-filling computing means to execute order; f filling order by providing goods or services to customer.
- a method for facilitating online transactions between a customer's computing device and a supplier's computing device, in cooperation with a validating computing device comprising the following steps: a providing the customer with a dedicated computing means for security-critical parts of the transaction, the computing means having capabilities for encryption/decryption known only to the computing means and the validating computing device and having user input/output means, the customer's dedicated computing means communicating with the customer computing device; b providing the supplier with a dedicated computing means for security- critical parts of the transaction, the computing means having capabilities for encryption/decryption known only to the computing means and the validating computing device, the supplier's computing means communicating with the supplier's computing device and, through a separate communications channel, with the supplier's order-filling computing means; c requesting customer confirmation, comprising the following steps: i initially validating the customer order on the supplier's order-filling computing means; ii encrypting the order with supplier's private
- a system for facilitating online transactions between a customer's computer device and a supplier's computing device, in cooperation with a validating computing device comprising the following:
- a a dedicated customer computing device for security-critical parts of the transaction the computing device having capabilities for encryption/decryption known only to the computing device and the validating computing device and having user input/output device, the customer's dedicated computing device communicating with the customer computing device and programmed to receive an order confirmation request, decrypt the request, output the request to the user (customer), receive the customer's response (input) to the confirmation request, encrypt the customer response; and send the response to the validating computing device;
- b a dedicated supplier computing device for security-critical parts of the transaction the computing device having capabilities for encryption/decryption known only to the computing device and the validating computing device, the supplier's computing device communicating with the supplier's computing device and, through a separate communications channel, with the supplier's order-filling computing device and programmed to receive a customer order from the supplier's transaction site, encrypt an order and payment confirmation request, send the request to the validating computing device; receive order and payment confirmed message from the validating computing device, and notify the order-filling
- the validating computing device being configured to receive an order and payment confirmation request from the dedicated supplier computing device, decrypt the request, encrypt an order confirmation request for the customer, send the request to the customer, receive the customer's response, decrypt the response, notify the customer's payment provider to execute payment, receive confirmation of payment from said payment provider; encrypt an order and payment confirmed message, and send said message to the dedicated supplier computing device.
- a system for facilitating online commerce between a customer's computing device and a supplier's computing device, in cooperation with a validating computing device comprising the following:
- a providing the customer with a dedicated computing device for security-critical parts of the transaction the computing device having capabilities for encryption/decryption known only to the computing device and the validating computing device and having user input/output device, the customer's dedicated computing device communicating with the customer computing device;
- the confirmation comprises the following:
- a initially validating the customer order on the supplier's order-filling computing device b encrypting the order with supplier's private code and sending a payment request to the validating computing device; c decrypting the order, encrypting with user's private code and sending to customer's dedicated computing device; d decrypting the order and outputting it to the customer; e the customer inputting his or her confirmation; f encrypting the confirmation and sending to the validating computing device;
- executing payment upon confirmation comprises the following:
- a decrypting the customer confirmation b notifying the customer's payment provider to execute payment; c receiving confirmation of payment from said payment provider; d encrypting payment confirmation and sending to supplier's dedicated computing device;
- supplying goods or services comprises the following:
- a decrypting the payment confirmation b notifying supplier's order-filling computing device to execute order; c filling order by providing goods or services to customer.
- the supplier's order-filling computing device performs the further check of comparing order as confirmed with original order.
- the validating computing device maintains a database about the transaction. Furthermore, in accordance with another preferred embodiment of the present invention, further comprising that all encrypted messages for a given order have a unique identifier known and checked by the supplier's order- filling computing device.
- the customer's dedicated computing device is a stand-alone device.
- the customer's dedicated computing device is integrated into a remote control unit, the customer's computing device is a Web-enabled television set, and the two are connected via a bidirectional communications device.
- the customer's dedicated computing device is an electronic commerce card
- the supplier's dedicated computing device is a stand-alone device.
- the customer's dedicated computing device is provided with user access protection device.
- the customer input device on the customer's dedicated computing device is touch-based, as in a keyboard, keypad, or touchscreen and appropriate software.
- the customer input device on the customer's dedicated computing device is voice-based, as in a microphone and voice recognition software.
- the device for output to the customer on the customer's dedicated computing device is display-based, as in an alpha-numeric or graphical display and appropriate software.
- the device for output to the customer on the customer's dedicated computing device is to a port, as in a parallel port to a printer.
- the device for output to the customer is to a printer integrated into the customer device.
- a system for handling an order confirmation request from a validating computing device comprising the following :
- a system for working with a validating computing device and an order-filling computing device to confirm, bill, and fill a customer order comprising the following : a providing the supplier with a dedicated computing device for security- critical parts of the transaction, the computing device having capabilities for encryption/decryption known only to the computing device and the validating computing device, the supplier's computing device communicating with the supplier's computing device and, through a separate communications channel, with the supplier's order-filling computing device; b initially validating the customer order on the supplier's order-filling computing device; c encrypting the order with supplier's private code and sending payment request to the validating computing device; d decrypting payment confirmation received from validating computing device; e notifying supplier's order-filling computing device to execute order; f filling order by providing goods or services to customer.
- a system for facilitating online transactions between a customer's computing device and a supplier's computing device, in cooperation with a validating computing device comprising the following :
- a providing the customer with a dedicated computing device for security-critical parts of the transaction, the computing device having capabilities for encryption/decryption known only to the computing device and the validating computing device and having user input/output device, the customer's dedicated computing device communicating with the customer computing device; b providing the supplier with a dedicated computing device for security- critical parts of the transaction, the computing device having capabilities for encryption/decryption known only to the computing device and the validating computing device, the supplier's computing device communicating with the supplier's computing device and, through a separate communications channel, with the supplier's order-filling computing device; c requesting customer confirmation, comprising the following: i initially validating the customer order on the supplier's order-filling computing device; ii encrypting the order with supplier's private code and sending a payment request to the validating computing device; iii decrypting the order, encrypting with user's private code and sending to customer's dedicated computing device; iv decrypting the order and outputting it to the customer;
- FIG. 1 is a general block diagram of a system for secure electronic transactions in accordance with a preferred embodiment of the present invention.
- FIG. 2A is a block diagram of a dedicated customer computing device for secure electronic transactions integrated into a bidirectional remote control unit of a Web-enabled television set in accordance with an alternative embodiment of the present invention.
- FIG. 2B is a block diagram of a dedicated customer computing device for secure electronic transactions with a second communications port connected to an external printer in accordance with an alternative embodiment of the present invention.
- FIG. 3A is the first part of a flowchart showing the operation of a system for secure electronic transactions in accordance with a preferred embodiment of the present invention.
- FIG. 3B is the second part of a flowchart showing the operation of a system for secure electronic transactions in accordance with a preferred embodiment of the present invention.
- FIG. 3C is the third part of a flowchart showing the operation of a system for secure electronic transactions in accordance with a preferred embodiment of the present invention.
- FIG. 3D is the fourth part of a flowchart showing the operation of a system for secure electronic transactions in accordance with a preferred embodiment of the present invention.
- FIG. 3E is the fifth part of a flowchart showing the operation of a system for secure electronic transactions in accordance with a preferred embodiment of the present invention.
- the preferred embodiment of the present invention comprises a number of hardware and software components.
- a component is introduced in this detailed description, its full name and acronym are given. Thereafter the acronym is used in the description and in the drawings.
- the components, acronyms and reference numbers are also listed below.
- FIG. 1 is a block diagram of a system and method for secure data transactions over a communications network in accordance with a preferred embodiment of the present invention.
- the system is based on three primary entities: a Customer 10, who initiates the transaction, a Supplier 23, who provides a good, service, or other benefit to the Customer, and a Validator 39 who acts as an intermediary between the two for purposes of validating and processing confidential information, such as the identity of the Customer and payment execution.
- a fourth entity is a bank or other payment authority, which is executes payment from Customer 10 to Supplier 23, upon request by Validator 39.
- Both the Customer 10 and the Supplier 23 have a dedicated computing device for conducting sensitive steps in the transaction.
- Each of these dedicated computing devices has a private key and a public ID number. The private key is known only to the dedicated computing device and to the Validator 39.
- the Validator 39 is the entity that maintains a record of the keys of the two types of dedicated computing devices.
- a device's key could typically be embedded by the Validator before distributing the device to a Customer 10 or Supplier 23.
- the Customer 10 or Supplier 23 Upon purchase or installation of the device, the Customer 10 or Supplier 23 would register himself with the Validator 39.
- other methods and systems known to those familiar with the art can be used to embed the private keys and register the Customer 10 and Supplier 23 with the Validator 39.
- the present invention involves encrypted messages sent over a secure channel.
- decryption is accomplished using public and private keys.
- Other methods and systems could equally be used to achieve this functionality, such as doing without public keys and instead having the decrypting device simply try every private key until it finds the correct one.
- the Customer 10 uses a Customer Standard Computer with an Internet Browser (CSCIB) 18.
- the CSCIB 18 is a computing device with Internet access (Web browsing capability) and having a local communications port (such as a serial port) 11.
- the CSCIB 18 is a personal computer but it can be any computing device with these capabilities, for example, a Web-enabled cellular phone.
- the customer's transaction takes place at a Supplier's Web site accessed via the Internet.
- a Supplier's Web site accessed via the Internet.
- other means for electronic commerce can be used, such as an intranet or a proprietary e-commerce application.
- the Customer Interface Unit (CIU) 14 is connected to the CSCIB's 18 local communications port 11.
- the CIU 14 is the dedicated computing device for the Customer side of the transaction.
- the CIU 14 includes a means for user input, (which in the preferred embodiment is a keypad), and a means for output to the user, (which in the preferred embodiment is a display).
- the CIU 14 output can alternatively, or additionally, be to a printer 15.
- the printer 15 is connected to a second communications port on the CIU 14.
- the printer 15 could be integrated into the CIU 14.
- the CSCIB 18 software that communicates with the CIU 14 is a dedicated software module, the Customer Computer Interface Software (CCIS) 12.
- the CIU 14 includes an encryption/decryption algorithm embedded with the unique private key for that particular CIU.
- the CIU 14 transmits and receives encrypted messages via the CSCIB 18 and the Internet.
- the CIU 14 can optionally include electronic means for identifying the Customer before allowing him access.
- electronic means for identifying the Customer are well known, such as personal identification code, fingerprint, voice, or retinal pattern.
- the CIU 14 is a standalone device.
- the CIU 14 can be integrated into the CSCIB 18 or into another device, such as a cellular telephone or smart card. If the CIU 14 is integrated into another device, it must be implemented such that its hardware and software are independent of the rest of the device, with only a restricted communication channel connecting the two.
- the primary function of the CIU 14 is to enable secure user I/O, including encryption/decryption.
- the other operations required: messaging and browsing via the Internet, are done via the CSCIB 18.
- FIG. 2B is an alternative embodiment of the present invention where the CIU 14 is integrated into a remote control unit for a Web-enabled television set, where the television set is used for the CSCIB 18 parts of the transaction.
- the communications link between the remote control unit and the television set is bidirectional.
- the CSCIB 18 is used by the Customer to perform the noncritical e-commerce tasks, such as item selection.
- encrypted Internet messages related to the transaction are handled only by the CIU 14.
- the CSCIB 18 is merely a bidirectional channel, connecting to the CIU 14 the local communications port 11 at one end and to the Internet at the other end.
- Encrypted transaction confirmation requests are decrypted by the CIU 14 and displayed on its display.
- the Customer views the information and enters his responses via the CIU's 14 keypad.
- the CIU 14 encrypts the information and transmits it via the local communications port 11 of the CSCIB 18 to the Validation Center 40, as described later in this specification.
- the Supplier Internet Web Site (SIWS) 26 is an e-commerce Web site running on a Web server on the Internet.
- the SIWS 26 has a first bidirectional communications connection 21 to an external computing device called the Supplier Interface Unit (SIU) 24.
- SIU Supplier Interface Unit
- the software that manages the communication on the SIWS 26 side is referred to herein as the Supplier Web Site Interface Software SWSIS 28 module.
- the SIU 24 runs an encryption/decryption algorithm embedded with a unique private key for that particular SIU 24.
- the SIU 24 is able to receive and transmit encrypted messages via the SIWS 26 over the Internet.
- the SIU 24, in addition to having a first bidirectional communications connection 21 to the SIWS 26, has a second bidirectional communications connection 23 to one or more computing devices called the Order Computer(s) (OC) 15.
- the OC 15 is used to verify that the Customer has not been fooled by someone tampering with the Supplier's Web site (i.e., that the product, the price, etc. in the Customer order are identical to what is being offered on the SIWS 26).
- Another task of the OC 15 is to fill the order (through the Supplier's standard order fulfillment system, once Customer confirmation has been received from the VC 40 (described later) via the SIU 24.
- a third task of the OC 15 is to ensure that each order passing through the system has a unique identifier and then to look for that identifier in the final payment confirmation received from the VC 40. The purpose here is to keep each order processed unique and thereby prevent an unauthorized resend of a previously sent confirmation message somewhere in the system. In the preferred embodiment of the present invention, this identifier is a unique order number added by the OC 15 to the transaction details.
- the tasks of the OC 15 can be done by the same OC 15 or by different OCs 15.
- the SIU 24 receives transaction details from the SIWS 26, requests initial verification and unique order number from the OC 15, and after encrypting the transaction details and order number, transmits them to the Validation Center (VC) 40 via the SIWS 26 and the Internet. It will be noted that the SIU acts as a buffer between the SIWS 26, which is open to the Internet and the OC 15, which contains sensitive information.
- the VC 40 is a computing device connected to the Internet that holds all Customer and Supplier private keys indexed to their public ID numbers.
- the VC 40 receives encrypted order messages from the SIU 24, decodes them using the Supplier's public ID number, validates them (i.e., checks that the Customer exists, that the Supplier exists, that the order meets basic criteria such as being within the Supplier's and Customer's credit range, etc.), encrypts an order confirmation request (including order number) using the Customer's private key, and sends the encrypted request to the CIU 14 via the Internet and the CSCWB 18 for Customer confirmation.
- the CIU 14 decrypts the request and displays it.
- the Customer responds by entering his confirmation/rejection to the CIU, which the CIU 14 then encrypts (including the unique order number) using the Customer's private key and sends back to the VC 40.
- the VC 40 contacts the bank or other payment authority 41 and requests the payment. This part of the transaction follows standard payment execution procedures, such as those used for credit card payments.
- the VC 40 Upon notification of payment, the VC 40 then encrypts a validation confirmed message (including the unique order number) using the Supplier's private key and sends it to the SIU 24.
- the SIU decrypts the validation message and sends the validation message to the OC 15.
- the OC 15 performs a final check, verifying that the unique order number is correct, then executes the transaction, e.g., ships the goods.
- the CIU 14 and the SIU 24 are physical devices, this is not a requirement. What is a requirement is that they have the functionality defined in this disclosure.
- this functionality consists, as mentioned, of dedicated encryption/decryption and user input/output for security-critical transaction steps, together with a limited communications channel to the CSCIB 18.
- the purpose being to eliminate outside access to operations performed with the CIU 14.
- the functionality consists, as mentioned, of dedicated encryption/decryption together with a limited communications channel to the SIWS 26 and the OC 20.
- the implementation does not have to be physically separated from the other parts of the respective Customer 10 or Supplier 23 computing devices.
- the CIU 14 could be integrated into the CSCIB 18 or into a third device, such as a cellular phone.
- FIG. 3A to FIG. 3E is a flow chart describing the operation of a system for secure data transactions over a communications network in accordance with a preferred embodiment of the present invention.
- the flowchart extends across the figures. The continuation of the chart from figure to figure is indicated by ending a flowchart with a letter, for example B in FIG. 3A and then starting the next flowchart with that letter (i.e., B at the top of FIG. 3B).
- a Customer uses a Customer Standard Computer with an Internet Browser (CSCIB) 18 to shop at a Supplier Internet Web Site (SIWS) 26.
- CSCIB Customer Standard Computer with an Internet Browser
- SIWS Supplier Internet Web Site
- the Customer selects the item and issues a purchase order (e.g., checks out his shopping cart).
- the Customer 10 must be identified to the Supplier 23 by his Customer Public Code Number (CPCN) 16, which can be entered by the Customer himself, taken from the CSCIB 18 as a cookie or similar automatic means, or taken from the CIU 14.
- CPCN Customer Public Code Number
- RTCN Random Transaction Code Number
- the idea of the RTCN 22 is to enable the Customer the option of requesting an anonymous public code from the Validation Center. For example, a Customer might want to preserve his anonymity for one or more transactions.
- the RTCN 22 is used in place of the CPCN 16 for the transaction. How the CIU gets the RTCN 22 can be done any number of ways. It can be done as a request from the CIU to the VC at the time of the transaction, a new RTCN 22 can be automatically maintained in a buffer in the CIU 14 by the VC, etc.
- the CPCN 16 or RTCN 22 is sent by the CSCIB 18 to the SIWS 26 as part of the order.
- the Customer 10 may choose to send further information with the order, such as his preferred payment method, the delivery address, his e- mail address, etc. This information can be included in the order either by the customer himself, by having the CSCIB 18 supply it with a cookie or similar automatic means, or from the CIU 14.
- step 66 the order reaches the SIWS 26 where the SWSIS 28 recognizes that the order is coming from a ClU-equipped 14 Customer.
- step 68 the SWSIS 28 sends the transaction data to the OC 20 via the SIU 24.
- step 70 the OC 20 checks that the transaction accords with what is being offered on the Web site (in other words, the probability is that this is not a bogus order).
- step 72 If the OC determines that the transaction data is invalid, the order is aborted (step 72).
- the OC 20 adds a unique order number to the transaction data and sends them with approval to the SIU 24.
- the unique order number is used in every subsequent message concerning that order.
- the SIU 24 encrypts the transaction data using the Supplier's private key and sends the encrypted data and the Supplier's public ID number to the VC 40. It can be sent via the SIWS 26, directly via the Internet, or by any other communication method or system.
- step 76 the VC 40 uses the Supplier's public ID number to look up the Supplier's private key and decrypt the transaction data. Then the VC 40 does a preliminary validation (step 78). Typically this would involve checking that the Supplier exists and that the order would appear to be for goods or services provided by that supplier.
- step 80 if the preliminary validation fails, the VC 40 aborts the order.
- the VC looks up the private key for Customer (using as an index the CPCN 16 or RTCN 22 that was included in the transaction data), uses the private key to encrypt the transaction data, and sends the encrypted data to the CIU 14 via the CSCIB 18 and the Internet.
- the Customer e-mail address can entered with the order by the customer, added by the Supplier from its database, or taken by the VC 40 from the private key lookup table.
- the CIU 14 receives the transaction data, decrypts it, and displays the information to the Customer. Typically, this includes a list of products ordered, their prices, the payment method, and the total amount to be paid. From this point on, the price commitment of the Supplier is considered final.
- step 86 the Customer checks the transaction information and uses the CIU 14 keypad to confirm or reject the transaction. From this point on, the Customer's approval/disapproval of the transaction is considered final.
- step 88 the CIU 14 encrypts the Customer response using the Customer's private key and sends the response and the CPCN 16 to the VC 40.
- step 90 the VC 40 takes the CPCN 16 and looks up the Customer's private key, which it then uses to decrypt the response and to see what it is (step 92).
- the VC 40 uses standard secure electronic banking methods to check the Customer's credit for the payment method that the Customer has selected.
- the VC 40 If the VC 40 is unable to confirm the Customer's ability to pay (100), the transaction is aborted, otherwise (step 102), the VC 40 proceeds to debit the Customer's account and credit the Supplier account with the amount of the transaction.
- the VC 40 encrypts a message confirming payment using the Supplier's private key and sends the encrypted message to the SIU 24.
- the SIU 24 decrypts the message and in step 106 checks to see whether it is positive (Customer paid). If he didn't pay (step 108), the transaction is aborted, otherwise (step 110), the SIU 24, sends the data to the OC 20, which checks the approved transaction against the original order (standard data integrity check) and supplies the Customer with the goods and/or services.
- the present invention provides a novel design of a system that provides full protection against the theft of information via a communications network.
- This design of the system for secure transactions via a communications network makes it particularly suitable for e-commerce transactions via the Internet. This is important for preventing unlawful access to Customer and/or supplier data and as a consequence promotes the growth of secure e- commerce.
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Strategic Management (AREA)
- Finance (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU62634/01A AU6263401A (en) | 2000-05-30 | 2001-05-29 | System and method for secure transactions via a communications network |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US20792700P | 2000-05-30 | 2000-05-30 | |
US60/207,927 | 2000-05-30 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2001092982A2 true WO2001092982A2 (fr) | 2001-12-06 |
WO2001092982A3 WO2001092982A3 (fr) | 2002-04-11 |
Family
ID=22772533
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IL2001/000489 WO2001092982A2 (fr) | 2000-05-30 | 2001-05-29 | Systeme et procede de transactions securisees via un reseau de communication |
Country Status (2)
Country | Link |
---|---|
AU (1) | AU6263401A (fr) |
WO (1) | WO2001092982A2 (fr) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001095074A2 (fr) * | 2000-06-08 | 2001-12-13 | Curriculum Corporation | Procede et systeme permettant l'affichage et la confirmation securises d'une demande d'execution de taches sur un ordinateur hote |
US6895502B1 (en) | 2000-06-08 | 2005-05-17 | Curriculum Corporation | Method and system for securely displaying and confirming request to perform operation on host computer |
WO2011025425A1 (fr) * | 2009-08-28 | 2011-03-03 | Bitgrade Systems Ab | Dispositif de sécurité |
US8090309B2 (en) | 2004-10-27 | 2012-01-03 | Chestnut Hill Sound, Inc. | Entertainment system with unified content selection |
US8195114B2 (en) | 2004-10-27 | 2012-06-05 | Chestnut Hill Sound, Inc. | Entertainment system with bandless content selection |
CN111865893A (zh) * | 2020-05-27 | 2020-10-30 | 福建亿能达信息技术股份有限公司 | 一种基于公私钥加密的预算支出申报系统、设备及介质 |
US11126397B2 (en) | 2004-10-27 | 2021-09-21 | Chestnut Hill Sound, Inc. | Music audio control and distribution system in a location |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5590197A (en) * | 1995-04-04 | 1996-12-31 | V-One Corporation | Electronic payment system and method |
US5677955A (en) * | 1995-04-07 | 1997-10-14 | Financial Services Technology Consortium | Electronic funds transfer instruments |
US6038551A (en) * | 1996-03-11 | 2000-03-14 | Microsoft Corporation | System and method for configuring and managing resources on a multi-purpose integrated circuit card using a personal computer |
US6105008A (en) * | 1997-10-16 | 2000-08-15 | Visa International Service Association | Internet loading system using smart card |
US6233565B1 (en) * | 1998-02-13 | 2001-05-15 | Saranac Software, Inc. | Methods and apparatus for internet based financial transactions with evidence of payment |
US20010039535A1 (en) * | 2000-02-09 | 2001-11-08 | Tsiounis Yiannis S. | Methods and systems for making secure electronic payments |
-
2001
- 2001-05-29 WO PCT/IL2001/000489 patent/WO2001092982A2/fr active Application Filing
- 2001-05-29 AU AU62634/01A patent/AU6263401A/en not_active Abandoned
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5590197A (en) * | 1995-04-04 | 1996-12-31 | V-One Corporation | Electronic payment system and method |
US5677955A (en) * | 1995-04-07 | 1997-10-14 | Financial Services Technology Consortium | Electronic funds transfer instruments |
US6038551A (en) * | 1996-03-11 | 2000-03-14 | Microsoft Corporation | System and method for configuring and managing resources on a multi-purpose integrated circuit card using a personal computer |
US6105008A (en) * | 1997-10-16 | 2000-08-15 | Visa International Service Association | Internet loading system using smart card |
US6233565B1 (en) * | 1998-02-13 | 2001-05-15 | Saranac Software, Inc. | Methods and apparatus for internet based financial transactions with evidence of payment |
US20010039535A1 (en) * | 2000-02-09 | 2001-11-08 | Tsiounis Yiannis S. | Methods and systems for making secure electronic payments |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001095074A2 (fr) * | 2000-06-08 | 2001-12-13 | Curriculum Corporation | Procede et systeme permettant l'affichage et la confirmation securises d'une demande d'execution de taches sur un ordinateur hote |
WO2001095074A3 (fr) * | 2000-06-08 | 2003-03-20 | Curriculum Corp | Procede et systeme permettant l'affichage et la confirmation securises d'une demande d'execution de taches sur un ordinateur hote |
US6895502B1 (en) | 2000-06-08 | 2005-05-17 | Curriculum Corporation | Method and system for securely displaying and confirming request to perform operation on host computer |
US9225773B2 (en) | 2004-10-27 | 2015-12-29 | Chestnut Hill Sound, Inc. | Entertainment system with sourceless selection of networked and non-networked media content |
US8090309B2 (en) | 2004-10-27 | 2012-01-03 | Chestnut Hill Sound, Inc. | Entertainment system with unified content selection |
US8195114B2 (en) | 2004-10-27 | 2012-06-05 | Chestnut Hill Sound, Inc. | Entertainment system with bandless content selection |
US8355690B2 (en) | 2004-10-27 | 2013-01-15 | Chestnut Hill Sound, Inc. | Electrical and mechanical connector adaptor system for media devices |
US8725063B2 (en) | 2004-10-27 | 2014-05-13 | Chestnut Hill Sound, Inc. | Multi-mode media device using metadata to access media content |
US8843092B2 (en) | 2004-10-27 | 2014-09-23 | Chestnut Hill Sound, Inc. | Method and apparatus for accessing media content via metadata |
US10114608B2 (en) | 2004-10-27 | 2018-10-30 | Chestnut Hill Sound, Inc. | Multi-mode media device operable in first and second modes, selectively |
US10310801B2 (en) | 2004-10-27 | 2019-06-04 | Chestnut Hill Sound, Inc. | Media entertainment system with fail-safe alarm modes |
US11126397B2 (en) | 2004-10-27 | 2021-09-21 | Chestnut Hill Sound, Inc. | Music audio control and distribution system in a location |
WO2011025425A1 (fr) * | 2009-08-28 | 2011-03-03 | Bitgrade Systems Ab | Dispositif de sécurité |
CN111865893A (zh) * | 2020-05-27 | 2020-10-30 | 福建亿能达信息技术股份有限公司 | 一种基于公私钥加密的预算支出申报系统、设备及介质 |
Also Published As
Publication number | Publication date |
---|---|
AU6263401A (en) | 2001-12-11 |
WO2001092982A3 (fr) | 2002-04-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1710980B1 (fr) | Services d'authentification avec un appareil mobile | |
EP2143028B1 (fr) | Gestion securisee d'un pin | |
RU2645593C2 (ru) | Верификация портативных потребительских устройств | |
US8930273B2 (en) | System and method for generating a dynamic card value | |
US8315948B2 (en) | Method and device for generating a single-use financial account number | |
AU2004252925B2 (en) | Transaction verification system | |
JP5050066B2 (ja) | 携帯型電子的課金/認証デバイスとその方法 | |
US7526652B2 (en) | Secure PIN management | |
US20100153273A1 (en) | Systems for performing transactions at a point-of-sale terminal using mutating identifiers | |
US20020123972A1 (en) | Apparatus for and method of secure ATM debit card and credit card payment transactions via the internet | |
US20060123465A1 (en) | Method and system of authentication on an open network | |
US20070219926A1 (en) | Secure method and system of identity authentication | |
US20060122931A1 (en) | Method and device for generating a single-use financial account number | |
KR20100054757A (ko) | 대역밖 인증을 이용한 지불 거래 처리 | |
WO2006039364A2 (fr) | Systeme et procede pour verification de cheque electronique sur un reseau | |
US20170103395A1 (en) | Authentication systems and methods using human readable media | |
US20020143708A1 (en) | System and method for conducting secure on-line transactions using a credit card | |
WO2001092982A2 (fr) | Systeme et procede de transactions securisees via un reseau de communication | |
WO2002071177A2 (fr) | Procede et systeme de transactions electroniques sensiblement securisees | |
US20180183805A1 (en) | System and method of authorization of simple, sequential and parallel requests with means of authorization through previously defined parameters | |
US8818905B2 (en) | System and method for encrypting interactive voice response application information | |
US20030221110A1 (en) | Method of disposable command encoding (DCE) for security and anonymity protection in information system operations | |
JPH11219412A (ja) | Icカード発行システム | |
CA2204547A1 (fr) | Methode permettant de proteger de bout en bout les transactions de services de paiement et de transfert electronique de fonds sur tout reseau non protege et non fiable |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
AK | Designated states |
Kind code of ref document: A3 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A3 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase in: |
Ref country code: JP |