CN102368325A - Network commercial transactions - Google Patents

Network commercial transactions Download PDF

Info

Publication number
CN102368325A
CN102368325A CN 201110364986 CN201110364986A CN102368325A CN 102368325 A CN102368325 A CN 102368325A CN 201110364986 CN201110364986 CN 201110364986 CN 201110364986 A CN201110364986 A CN 201110364986A CN 102368325 A CN102368325 A CN 102368325A
Authority
CN
China
Prior art keywords
payment
merchant
consumer
provider
token
Prior art date
Application number
CN 201110364986
Other languages
Chinese (zh)
Inventor
B·E·约翰逊
C·韦伯斯特-兰姆
Original Assignee
微软公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to US67275405P priority Critical
Priority to US60/672,754 priority
Priority to US11/376,535 priority patent/US7849020B2/en
Priority to US11/376,535 priority
Priority to US11/379,133 priority patent/US20060235795A1/en
Priority to US11/379,143 priority patent/US8996423B2/en
Priority to US11/379,133 priority
Priority to US11/379,143 priority
Application filed by 微软公司 filed Critical 微软公司
Priority to CN200680011140.22006.04.19 priority
Publication of CN102368325A publication Critical patent/CN102368325A/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3223Realising banking transactions through M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/407Cancellation of a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce, e.g. shopping or e-commerce
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
    • H04W12/06Authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2135Metering
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2137Time limited access, e.g. to a computer or data

Abstract

Current embodiments provide for authorization and payment of an online commercial transaction between a purchaser and a merchant including verification of an identity of the purchaser and verification of an ability of the purchaser to pay for the transaction, where the identity provider and the payment provider are often different network entities. Other embodiments also provide for protocols, computing systems, and other mechanisms that allow for identity and payment authentication using a mobile module, which establishes single or multilevel security over an untrusted network (e.g., the Internet).; Still other embodiments also provide for a three-way secure communication between a merchant, consumer, and payment provider such that sensitive account information is opaque to the merchant, yet the merchant is sufficiently confident of the consumer's ability to pay for requested purchases. In yet another embodiment, electronic billing information is used for authorization, auditing, payment federation, and other purposes.

Description

网络商业交易 Internet business transactions

[0001] 本申请是PCT国际申请号为PCT/US2006/014801、国际申请日为2006年4月19 日、中国国家申请号为200680011140. 2、题为“网络商业交易”的申请的分案申请。 [0001] This application is a PCT International Application No. PCT / US2006 / 014801, international filing date of April 19, 2006, China National application No. 200680011140.2, a divisional application entitled "Network commercial transaction" of the application .

技术领域 FIELD

[0002] 本发明涉及用于进行在线交易的网络化交易系统和方法。 [0002] The present invention relates to a network transaction system and method for online transactions. 背景技术 Background technique

[0003] 网络化计算机系统的激增已经打开了有关公司和个人如何经营业务的新的可能性。 [0003] proliferation of networked computer systems, has opened up new possibilities for how the business of the companies and individuals. 例如,连接到网络(例如互联网)的终端用户,经由诸如计算机、PDA、便携式电话等等网络化设备可以在网络上进行商业交易以便购买服务和/或商品,进行金融交易,或经营业务或在网络上进行个人交易。 For example, connect to a network (eg the Internet) of end-users, such as may be via computer, PDA, mobile phone, etc. networked devices on the network in order to purchase a business transaction services and / or goods, financial transactions, or business or in personal transactions on the network. 与在线交易有关的固有问题是安全性,特别是当交易中包含货币转帐、资金和/或金融、个人或其他机密信息时。 The inherent problems associated with online transactions is security, especially when the money transfer included in the deal, when funds and / or financial, personal or other confidential information.

[0004] 许多常规的在线交易根据两种不同但相关的模型之一进行。 [0004] Many conventional online transaction but one related according to two different models. 两种模型将浏览器用作用于处理交易中所涉及的各方之间的信息传送的界面。 Both models will be used as a browser interface for transfer of information between the parties involved in the transaction process. 在第一模型中,商家经由浏览器在线地出售商品或服务。 In the first model, the online merchants to sell goods or services via a browser. 术语“商家”在此泛指提供供购买的商品和/或服务的任何实体。 The term "business" here refers to any entity that provides goods and / or services for purchase. 术语商家不用来描述任何特定的商业状态或描述特许卖方,除非具体说明。 The term is not used to describe any specific merchant business franchise seller status or description, unless otherwise specified. 相反,该术语一般地描述提供供购买或销售的商品和/或服务的任何卖方或实体。 In contrast, the term describes generally provide any entity or seller of goods and / or services for purchase or sale. 术语服务提供者在本文中可以与术语商家互换地使用,除非另外说明,具有相同的含义。 The term service provider may be used interchangeably with the term merchant used herein, unless otherwise indicated, it has the same meaning.

[0005] 在常规的在线交易中,商家可以具有描述、显示或以其它方式提供供销售的商品和/或服务的网站。 [0005] In the conventional online transactions, businesses can have a description, display or offer for sale of goods and / or services websites in other ways. 终端用户通常通过经由浏览器界面选择产品,指示购买一个或多个商品或服务的愿望。 End user will normally select a product by interface via the browser, indicating the desire to purchase one or more goods or services. 然后,浏览器显示允许终端用户选择一个或多个支付类型并输入完成该交易所需的信息的交易页。 Then, the browser allows an end user to select one or more payment type and enter the information needed to complete the transaction page of the transaction. 例如,由浏览器显示的交易页可以允许终端用户选择支付类型, 诸如信用卡(例如VISA、MasterCard、American Express等等)并输入交易信息,诸如信用卡号、卡的过期日等等。 For example, the transaction page displayed by the browser can allow the end user to select the type of payment, credit card (such as VISA, MasterCard, American Express, etc.) such as input and transaction information, such as credit card numbers, card expiration date and so on. 交易页也可向终端用户查询个人信息,诸如姓名、帐单地址、送货地址等等。 Trading pages can also be access to personal information to the end user, such as name, billing address, shipping address, and so on. 然后,终端用户提交该信息而商家处理所提交的信息。 Then, the end-user to submit information on the information submitted by the business process.

[0006] 在该第一模型中,商家通常“拥有”网站。 [0006] In the first model, the merchant typically "owns" the web site. 即,商家维护网站,负责内容,并接收和处理由终端用户提供的交易信息。 That is, website maintenance business, is responsible for the content, and to receive and process transaction information provided by the end-user. 商家可在进行第一次交易之前与终端用户开立帐户,然后在每次终端用户进行与商家的交易时,经由用户设立的登录和口令访问该帐户。 When businesses can before making the first transaction with the end-user to open an account, then each end-user and business transactions via a user login and password set up to access the account. 即,终端用户通常选择用于后续会话或交易的登录名和口令。 That is, the end user will normally select a login name and password for subsequent sessions or transactions. 在终端用户已经提交由交易页所查询的信息后,商家处理该信息以确保该信息足以完成该交易。 After the transaction by the end-user has submitted information to the query page, the merchant processes this information to ensure that the information is sufficient to complete the transaction. 例如,商家可确保信用卡号有效以及具有足以支付商品和/或服务的价格的充足资金。 For example, businesses can ensure that the credit card number is valid and has sufficient funds sufficient to pay the price of goods and / or services.

[0007] 第二模型通常包括处理交易的支付部分的第三方交易提供者。 [0007] The second model typically includes third-party transaction processing provider to pay part of the transaction. 第三方与终端用户和商家形成关系。 Third parties and end users and businesses to form relationships. 特别地,用户可以与第三方开立能经上述的登录和口令访问的帐户。 In particular, the user may be able to account by the above-mentioned login and password to access the third Fang Kaili. 为开立该帐户,终端用户可以向第三方提供个人和支付信息(即终端用户可以提供识别用户的个人信息和诸如一个或多个信用卡号、过期日等支付信息)。 To open the account, the end user can provide personal and payment information to third parties (ie, the end user may provide identification, such as a user's personal information and one or more credit card numbers, expiration dates and other payment information). 终端用户也可通过向第三方交易提供者提供金钱,开立电子资金帐户,其余额能用来购买在线商品和/或服务。 End-user may also be provided to third parties by the trader money, electronic funds to open an account, the balance can be used to purchase online goods and / or services. 第三方存档由终端用户提供的帐户信息和/或维护终端用户的余额。 Third-party archiving provided by the end-user account information and / or maintain the balance of the end user.

[0008] 第三方也与商家建立关系,其中第三方处理交易的支付处理。 [0008] a third party also established relationships with merchants, third-party payment processing in which the processing of the transaction. 特别地,当具有帐户的终端用户请求转帐资金来进行购买时,第三方同意支付给商家。 In particular, when the end user with an account of a request to transfer funds to make a purchase, the third party agrees to pay to the merchant. 商家可以通过信号告知正在出售商品和服务的网站上使用第三方的选项的可用性,来提供该选项。 Businesses can use a third-party sale on the availability of goods and services through the site options signaled to offer this option. 例如,当用户访问商家的网站并决定购买时,向用户提供使用第三方交易提供者支付该购买的一个选项。 For example, when a user visits the merchant's site and decided to buy, provided the use of a third party transaction provider payment of the purchase option to the user.

[0009] 当终端用户选择使用第三方交易提供者支付购买的选项时,终端用户的浏览器被重定向到属于第三方交易提供者的网站。 [0009] When the end user choose to use a third-party provider of transaction payment options to buy, the end user's browser is redirected to a site belonging to a third party transaction provider. 然后,终端用户经由登录/ 口令组合登录到他/ 她的帐户并选择用在交易中的支付类型(例如信用卡),或请求将资金从用户的资金帐户转帐到商家的帐户。 Then, the end-user login login / password combination via his / her account and select the type of payment used in the transaction (such as a credit card), or to request a transfer of funds from the user's financial account to the merchant's account. 一旦商家确定支付已经通过交易提供者适当地转帐,商家就能继续运送所购买的产品或向终端用户提供所购买的服务。 Once the merchant determines the payment transactions have been properly transfer providers, businesses will be able to continue delivery of goods purchased or services purchased by the end user. 在第二模型中,第三方负责维护终端用户的个人和金融信息以及处理交易。 In the second model, the third party is responsible for maintaining end user's personal and financial information and transaction processing.

附图说明 BRIEF DESCRIPTION

[0010] 在附图中,各个图中所示的每一相同或几乎相同的部件由相同的数字表示。 [0010] In the drawings, the same or substantially the same in each member shown in various figures are represented by the same numerals. 为清楚起见,在每个图中并未标记每一部件。 For purposes of clarity, not every component labeled in every drawing. 在附图中: In the drawings:

[0011] 图1示出根据本发明的一个实施例的用于执行在线交易的网络化计算机系统的框图; [0011] FIG 1 illustrates a block diagram of one embodiment of the present invention for performing the network computer system is online transaction;

[0012] 图2示出根据本发明的一个实施例的用于在在线交易中启动和执行身份验证的系统和方法的示图; [0012] Figure 2 shows a diagram for a system and method for initiating in-line transaction and performs authentication according to one embodiment of the present invention;

[0013] 图3示出根据本发明的一个实施例的用于执行支付协商、验证和/或证明的系统和方法的示图。 [0013] FIG. 3 illustrates performing payment negotiation, verification and / or a diagram of a system and method of proof according to one embodiment of the present invention.

[0014] 图4示出根据本发明的一个实施例的用于进行在线交易的网络化计算机系统,其中交易至少部分地通过安装在连接到网络的计算机上的交易软件处理; [0014] FIG. 4 shows one embodiment of a networked computer system for performing online transactions embodiment of the present invention, wherein the transaction at least partially processed by transaction software installed on computers connected to the network;

[0015] 图5示出根据本发明的另一实施例的用于进行在线交易的网络化计算机系统,其中交易至少部分地通过安装在连接到网络的计算机上的交易软件处理; [0015] FIG. 5 shows a network computer system for online transactions, according to another embodiment of the present invention, wherein the transaction at least partially processed by transaction software installed on computers connected to the network;

[0016] 图6示出根据本发明的一个实施例的用于进行对安装在终端用户计算机上的应用程序的许可的网络化计算机系统,其中许可证经在线交易获得; [0016] FIG. 6 shows an embodiment for the network computer system licensed applications installed on end-user computer, wherein the license is obtained via an online transaction in accordance with one embodiment of the present invention;

[0017] 图7A示出根据示例性实施例的用于向网络认证移动模块用于建立与其的安全通信的系统; [0017] FIG 7A shows a system for establishing a network for authenticating a mobile module according to an exemplary embodiment of the secure communication therewith;

[0018] 图7B示出根据示例性实施例的用于在建立安全通信信道时使用移动模块向网络认证用户的系统; [0018] FIG 7B illustrates a system for authenticating a user to a network of an exemplary embodiment using a mobile module when establishing a secure communication channel in accordance with;

[0019] 图7C示出根据示例性实施例的被配置成使用移动模块来单级或多级验证各个不同服务的系统; [0019] FIG. 7C illustrates an exemplary embodiment of the mobile module is configured to use one or more stages to various authentication systems and services;

[0020] 图8示出根据示例性实施例的支付信息和支付联合的三方安全交换; [0020] FIG. 8 illustrates a secure exchange of payment information and payment according to an exemplary embodiment of the tripartite joint;

[0021] 图9示出根据示例性实施例的商业交易子系统和帐单显示的各种用法; [0021] FIG 9 illustrates various uses of a commercial transaction subsystem and bill according to an exemplary embodiment of a display;

[0022] 图10示出根据示例性实施例的使用用于确定何种支付提供者应当用于商业交易的支付选项和规则;以及 [0022] FIG. 10 illustrates an embodiment according to an exemplary embodiment for determining payment provider should be used for which payment options and rules for commercial transactions; and

[0023] 图11示出根据示例性实施例的配置有在用于商业交易时符合所建立的无线电网络通信协议的防火墙的用户标识模块(SIM)设备。 [0023] FIG. 11 shows when used with a commercial transaction complies with the radio network communication protocol established in accordance with an exemplary embodiment of the configuration of the firewall subscriber identity module (SIM) device. 发明内容 SUMMARY

[0024] 常规的在线交易,例如在网络上购买商品和/或服务易受安全漏洞的攻击,从而导致丢失个人、金融和/或其他机密信息。 [0024] conventional online transactions, such as purchase of goods and / or services vulnerable to attack security vulnerabilities on the network, resulting in the loss of personal, financial and / or other confidential information. 此外,在不受信任的网络(例如互联网)中,商家和购买者均处于进入与不良活动者的交易的风险以致不支持议价的一方。 In addition, in an untrusted network (such as the Internet), the merchant and purchase transactions caught at risk of entering the bad actors that do not support the party bargaining. 传统的在线交易模型也可要求商家存档购买方的机密信息,并可以要求它们处理交易的支付方面。 Traditional online transaction business model may also request archived confidential information of the purchaser and may require them to process payments transactions. 另外, 常规的在线交易模型对购买方来说难以使用并产生普遍不直观的交易体验。 In addition, conventional online transaction model to the purchaser is generally not difficult to use and produce intuitive trading experience. 例如,经由使用混乱且难以管理的登录/ 口令范例的浏览器,进行常规的在线交易。 For example, through the use of confusing and difficult to manage login / password paradigm browser, a conventional online transactions.

[0025] 申请人已经认识和意识到:将常规模型中由商家和浏览器处理的交易责任的至少一部分委托给低层系统(并远离浏览器和终端用户)可便于更简单和更安全的在线商业交易构架。 [0025] Applicants have recognized and appreciated that: at least part of the regular model trading liability by the merchant and the browser process entrusted to low-level system (and away from the browser and end users) can facilitate simpler and more secure online business trading architecture. 例如,可由终端用户和商家的一个或两个处的操作系统处理一个或多个交易任务, 其中信息可得到更安全的保护。 For example, an end user and the operating system may be one or two at a merchant transaction process one or more tasks, in which the information can be obtained more secure protection. 通过将一个或多个任务嵌入操作系统中,可减轻用户传送交易信息的一些负担,从而使体验更直观并增强安全性。 By one or more tasks embedded operating system, users can reduce some of the burden transfer transaction information, making the experience more intuitive and enhance security. 此外,可减轻商家维护购买者信息、处理支付信息和/或处理交易。 In addition, businesses can reduce maintenance purchaser information, payment information handling and / or processing transactions.

[0026] 申请人已经进一步意识到:可通过开发比登录/ 口令模型更安全和方便的技术, 减轻与确认购买者的身份相关联的问题。 [0026] Applicant has further realized: The problem associated with identity through the development of more secure and convenient than the login / password model of technology to reduce and confirmed buyers. 在一个实施例中,通过存储能有计划地发布的、有关终端用户的身份信息的用户标识模块(SIM),提供有关购买者的身份信息,从而产生更少混乱和更直接的购买体验。 In one embodiment, the stored energy is released in a planned manner, subscriber identity module identity information about the end-user (SIM), to provide information on the identity of the purchaser, resulting in less confusion and more direct buying experience. 此外,本文中的实施例在否则不受信任或不安全的网络(例如互联网)上使用SIM设备,提供为单级或多级认证而配置的协议、方法、计算系统和其他机制。 Further, embodiments herein use an otherwise untrusted or unsecure network (e.g., Internet) SIM device, providing protocol configured as a single stage or multistage authentication methods, computing systems, and other mechanisms.

[0027] 申请人已经进一步意识到:使用通常无利害关系的第三方提供在线商业交易的各个交易元件减轻购买者和商家所陷入的风险。 [0027] Applicant has further realized: the use of third-party generally disinterested provide individual transaction elements of online commercial transactions to reduce the risk of buyers and businesses have bitten. 在本发明的一个方面中提供了商业交易系统,其中第一网络实体提供对购买者身份的验证,并且不同的网络实体提供对用户支付购买的能力的验证,以使得彼此是陌生人的商家和购买者可相对安全地进行交易。 In one aspect of the present invention to provide the commercial transaction system, wherein the first network entity provides verification of the identity of the purchaser, and different network entities to verify the ability of the user to pay to buy, so that businesses and strangers to each other buyers can trade in relative safety.

[0028] 其它实施例允许商家、消费者和支付之间的三方安全商业交易以敏感记帐帐户信息对商家或第三方不透明的方式提供。 [0028] Other embodiments allow three-way secure commercial transactions between businesses, consumers and payment information to the merchant sensitive billing account provided to third parties or non-transparent way. 在该实施例中,经由商家与支付提供者之间的消费者传递支付令牌。 In this embodiment, the payment token is transmitted via the consumer between the merchant and payment provider. 以商家和其他人不控制或获得消费者的任何敏感帐户信息的方式,加密或签名这些支付令牌。 To businesses and others do not control or obtain any sensitive account information consumers a way to encrypt or sign the payment token. 尽管如此,商家仍然能确信地验证表示消费者支付所提供的服务和/或商品的能力的支付令牌。 Nevertheless, business is still able to confidently verify the ability to express services and / or goods provided by the consumer to pay a token payment.

[0029] 在另一实施例中,电子记帐信息用于支付授权、审核和其他目的。 [0029] In another embodiment, electronic billing information is used for payment authorization, auditing, and other purposes. 在该实施例中, 各种网络实体(例如消费者、商家、支付提供者等等)被供以机器可读电子帐单,该机器可读帐单用来自动地请求和确认支付、创建交易历史、提供对服务/商品的支付的更准确描述、以及用于在线商业交易中的其他目的。 In this embodiment, various network entities (e.g. consumer, merchant, payment provider, etc.) is supplied with a machine readable electronic bill, the machine-readable for automatically billing request and confirm payment, create a transaction history, provide payment for services / goods more accurate description, as well as for other purposes online commercial transactions. 该记帐信息也可用于从消费者向该商家的各个业务合伙人的单笔支付的支付联合。 The billing information may also be used to pay union from the consumer to the single payment of each business partner merchant. 例如,该商家可具有与在商业交易中提供服务和/或商品的各个业务合伙人的契约关系。 For example, the business may have a contractual relationship with the provision of services and / or goods each business partner in commercial transactions. 电子记帐信息能包括将在各个合伙人之间分发的那些支付部分,以使得支付联合能自动地出现而不需要用户交互作用或单独审核和支付机制。 Electronic billing information can include those that pay part will be distributed between the various partners, so that the joint can be paid automatically appear without the need for user interaction or separate audit and payment mechanisms.

[0030] 本文中所提供的是使用由包括消费者、商家、支付提供者等等的任意数量网络实体所制定的规则或约束来自动判断商业交易的机制。 [0030] provided herein is the use of rules by the provider and so on, including consumers, merchants, payment of any number of network entities established or mechanism to automatically determine the constraints of commercial transactions. 例如,由商家接受的支付选项可与消费者可用的支付选项作比较。 For example, a merchant may accept payment options and payment options available to consumers for comparison. 基于这些比较,可仅向消费者提供相匹配的那些选项。 Based on these comparisons, we can provide those options that match the consumers only. 另外,基于这一比较和/或基于另外的规则或约束,可自动地选择支付选项。 In addition, based on this comparison and / or constraints based on additional rules can be automatically selected or payment option. 例如,消费者可基于与商家建立的信任限制支付的类型。 For example, based on the type of consumer and business confidence limit established payments. 当然,也可有确定能在商业交易中出现的各种动作的许多其他类型的规则和/或约束。 Of course, there are also many other types of rules to determine the various actions that can occur in commercial transactions and / or constraints.

具体实施方式 Detailed ways

[0031] 用于网络化商业交易的常规模型集中在作为用于请求和提交终端用户购买者与商家或业务提供者之间的个人和金融信息的界面的浏览器上,不管是直接通过商家还是经由第三方交易提供者。 [0031] conventional model for networked commercial transactions focused on the interface as a personal and financial information between the end-user requests and submit purchaser and a merchant or service provider browser, either directly or through the merchant provider via a third party transaction. 在第一实例中,商家承担创建和维护通常具有某最低安全级的能查询、获得、操纵和处理个人与金融信息的基础结构的压力。 In the first instance, businesses generally have to bear to create and maintain a minimum level of security can query, access, manipulate and handle stress personal and financial information infrastructure. 此外,商家可负责维护针对其消费者的每一个的帐户和帐户信息(通常包括机密的个人和金融信息)。 In addition, businesses may be responsible for the maintenance of accounts and account information for each of their customers (usually include confidential personal and financial information).

[0032] 购买者必须放弃个人信息(例如姓名、地址、电话号码等等)和金融信息(例如借记卡和信用卡号以及过期日、银行帐号等等)来完成交易。 [0032] The purchaser must give up personal information (such as name, address, phone number, etc.) and financial information (such as debit and credit card number and expiration date, bank account number, etc.) to complete the transaction. 在某级别,购买者必须相信商家是诚实的经纪人以及仅将信息用作获授权的,将以良好诚信经营。 In one level, buyers must believe that business is the only honest broker and information as authorized, will be a good business integrity. 同样地,商家必须相信购买者是他/她代表的,并且所提供的支付信息确实与进行购买的终端用户相关联。 Similarly, businesses have to believe in the purchaser that he / she represents, and payment information provided is not related to the end-user to make a purchase is associated. 可能不存在商家确认购买者的身份和/或支付信息的有效性的可靠方法。 There may be no business identity of the purchaser and / or reliable method to confirm the validity of the payment information. 在分布式网络化环境中,购买者可能必须信赖商家的信誉,这会限制购买者有意进行交易的来源。 In a distributed network environment, buyers may have to trust the credibility of the business, which will limit the purchaser intends to trade sources. 商家可能必须甚至通过购买者是良好诚信、真诚购买者的较低确信经营。 Merchant may have even less convinced by the purchaser is good business integrity and sincere buyers. 在不受信任的网络中,该模型可能在一方或双方呈现过度风险。 In an untrusted network, the model may appear excessive risk in one or both parties.

[0033] 即使当已经在购买者和商家之间形成确定和值得的信任时,存储由商家维护的消费者信息的数据库也可能易于受到黑客攻击、信息偷窃、甚至否则会是诚实和可信的企业内的不良活动者。 [0033] Even when the form has been determined and worthy of trust between buyers and merchants, consumer information database maintained by the merchant store may also be vulnerable to hacker attacks, information theft, even otherwise honest and credible bad actors within the enterprise. 第三方交易提供者也易于受到电子窃取、安全漏洞等等影响。 Third party transaction provider is also susceptible to electronic theft, security breaches, and so on. 更复杂的“间谍”程序使黑客能记录击键并获得已受损害的计算机的屏幕截图,从而使得基于浏览器的交易特别易于被电子窃取。 More complex "spy" programs allow hackers to record keystrokes and screen shots to get the computer has been compromised, making browser-based electronic transaction is particularly easy to steal. 因此,根据传统的方法和模型进行在线商业交易的购买者可能易于遭受其机密个人和金融信息的传播和未授权使用。 Therefore, buyers online commercial transactions in accordance with conventional methods and models may be vulnerable to the spread of their confidential personal and financial information and unauthorized use.

[0034] 常规的商业交易模型通常要求购买者与他想要与之进行商业交易的每一商家设立帐户。 [0034] Conventional commercial transaction models typically require the purchaser with each merchant with whom he wants to set up a business transaction accounts. 通常,帐户经由登录名和口令得到保护和访问,从而要求购买者管理多个登录和口令并维护哪一登录/ 口令组合对应于哪一帐户。 Typically, an account obtained through the login name and password protection and access, requiring the purchaser to manage multiple logins and passwords and maintain which login / password combination corresponds to which accounts. 一些消费者可能诉诸于将其登录/ 口令组合本地地存储在他们的计算机上,或将相同的登录/ 口令组合用于所有帐户。 Some consumers may resort to its login / password combination is stored locally on their computers, or the same login / password combination for all accounts. 管理多个帐户的两种尝试均易于被窃取、黑客攻击和/或其他安全漏洞。 Two Attempts to manage multiple accounts are easily stolen, hacker attacks and / or other security vulnerabilities.

[0035] 例如,如果通过电子窃取将会获得单个登录/ 口令组合,则消费者处于他/她的所有帐户受到破坏的风险。 [0035] For example, if a single login will be electronically steal / password combination, the consumer is at risk his / her account for all the damage. 除了与常规的登录/ 口令范例有关的固有安全风险外,购买者可能发现帐户登录过程是难用的交易体验。 In addition to the inherent security risks associated with the conventional login / password For an example, buyers may find it difficult to use the account login process is trading experience. 特别地,当购买者需要时必须登录到帐户使得交易不方便,因为在能完成交易前购买者必须以一种或另一种方式产生该信息。 In particular, when buyers need to log in to the account so that the transaction must not convenient, because the purchase can be completed before the trader must produce this information in one or another way. 此外,通过第三方交易提供者,购买者从商家的网站重定向到第三方交易提供者的网站。 In addition, through a third party provider of transaction, the buyer is redirected from the merchant's site to your third party transaction provider. 该步骤不直观, 并且至少对购买者来说是麻烦和混乱的。 This step is not intuitive, and at least for buyers is cumbersome and confusing.

[0036] 申请人已经认识和意识到:将在常规模型中由购买者和浏览器处理的至少一些交易责任委托给低层系统(并远离浏览器和终端用户)可便于更简单和更安全的在线商业交易框架。 [0036] Applicants have recognized and appreciated that: at least some of the responsibility entrusted to handle the transaction by the purchaser and browser in conventional models to lower level systems (and away from the browser and end users) can facilitate simpler and more secure online commercial transactions framework. 在一个实施例中,由处于终端用户和商家的一个或两个处的操作系统处理一个或多个交易任务,其中信息得到更安全的保护。 In one embodiment, one or both of the end users in businesses and operating system processing tasks one or more transactions, wherein the information obtained more secure protection. 通过将一个或多个任务嵌入操作系统,可减轻用户传送交易信息的一些负担,从而使得体验更为直观并增强安全性。 By one or more tasks embedded operating system, users can reduce some of the burden of transmitting transaction information, making the experience more intuitive and enhance security. 此外,可使商家免于维护购买者信息、处理支付信息和/或处理交易。 In addition, businesses can maintain from purchaser information, payment information handling and / or processing transactions.

[0037] 申请人已经进一步意识到:通过开发比登录/ 口令模型更安全和方便的技术,可减轻与验证用户的身份有关的问题。 [0037] Applicant has further realized: through the development of safer and more convenient than the login / password model of technical issues, reduce identity and verification of the user. 在一个实施例中,由存储有计划发布的、有关终端用户的身份信息的用户标识模块(SIM)卡提供有关购买者的身份信息。 In one embodiment, there are plans to release by the storage of subscriber identity module identity information about the end-user (SIM) card to provide information about the identity of the purchaser. 在另一实施例中,通过嵌入或以其它方式耦合到购买者进行在线商业交易的网络设备的智能卡提供标识信息。 In another embodiment, the smart card network device online commercial transaction by providing identification information embedded in or otherwise coupled to the purchaser. 使用各种基于芯片或卡的识别装置允许购买者将他或她的身份与诸如便携式电话或网络化计算机的特定设备相链接。 It allows buyers to use various identification devices based on a chip card or his or her identity with a particular device such as a portable phone or a network of computers linked.

[0038] 术语“有计划地”和/或“自动地”是指基本上无需手动或操作者参与执行的动作。 [0038] The term "planned" and / or "automatically" refers to an operation substantially without manual or operator involved in the implementation. 特别地,有计划或自动是指通过一个或多个计算机程序启动和/或执行的动作。 In particular, there are plans or automatically by means of one or more computer programs to start and / or actions to be performed. 例如,通过请求用户(例如购买者)提供登录和/或口令信息来提供标识信息将不被视为有计划,因为是由用户执行动作内容的。 For example, provide login and / or password information requested by the user (eg purchaser) to provide identifying information will not be considered as planned, because it is a user performs an action content. 然而,程序发出标识信息(例如SIM号、网络地址硬件ID等等)而不请求用户输入信息的动作将被视为有计划。 However, the program issues identification information (such as SIM number, network address, hardware ID, etc.) without user input information requested action will be considered as planned. 注意,这些自动操作可通过软件或硬件组件实现。 Note that these operations may be automatically implemented by software or hardware components.

[0039] 申请人已经进一步意识到:将在线商业交易的各个交易要素分布在不同的网络设备上便于不受信任网络上更安全的商业交易。 [0039] Applicant has further realized: the various elements of the transaction online commercial transactions distributed over different network devices to facilitate the untrusted network more secure business transactions. 在一个实施例中,身份提供者和支付提供者, 来自终端用户、商家的单独和不同的网络实体彼此在商业交易期间提供验证支持。 In one embodiment, the identity provider and payment providers, network entity separate and distinct from the end-user, the merchant provides validation support during business transactions with each other. 术语“网络实体”在本文中是指网络存在,并且可以是终端用户/购买者、身份提供者、支付提供者、 商家等等的一个或组合。 The term "network entity" as used herein refers to a network presence and may be the end-user / purchaser, identity provider, payment provider, merchant, etc., or a combination thereof. 网络实体可经由一个或多个网络节点存在于网络上。 The network entity may be present on a network via one or more network nodes. 例如,多个网络化设备可在单个网络实体的保护下操作,诸如利用多个服务器进行在线业务的身份提供者,或经由蜂窝式电话和个人计算机连接到网络的终端用户。 For example, multiple networked devices may operate under the protection of a single network entity, such as a plurality of servers using the online service identity provider, or a network connection to the end user via a cellular telephone and a personal computer. 网络实体可以是诸如银行或零售商的企业,或诸如终端用户的个人。 Network entity such as a bank or retailer can be a business, such as end-user or personal.

[0040] 在一个实施例中,在线交易的各个要素分布在单独和独立的网络实体上。 [0040] In one embodiment, the various elements of an online transaction are distributed over separate and independent network entities. 例如,身份提供者可以商家能用来验证购买者身份的身份令牌的形式提供身份确认。 For example, the identity of the merchant provider can be used to verify the identity of the purchaser in the form of identity tokens to provide identification. 身份令牌可以包括终端用户的一个或多个身份凭证。 Identity token may include one or more identity credentials of the end-user. 可基于由终端用户/购买者提供的身份信息,诸如来自SIM卡的用户号、网络地址(例如网络接口卡(NIC)标识、全球名称(WffN)等等)、登录信息等等,发出身份令牌。 Identity based on information provided by the end-user / purchaser, such as user number, network address from the SIM card (for example, a network interface card (NIC) ID, worldwide name (WffN), etc.), login information, etc., so that the identity issue brand. 类似地,支付提供者可以支付令牌的形式提供对终端用户支付的能力的验证。 Similarly, the payment provider a payment token may be provided in the form of verification of the ability of end users to pay. 另外,支付提供者可代表购买者处理支付交易,以偿还从商家购买商品和/或服务。 In addition, the payment provider may handle payment transactions on behalf of the purchaser, to pay to buy goods from a merchant and / or service. 上述框架尤其允许作为陌生人的购买者和商家在不受信任网络环境中以相对的信任进行在线商业交易,如在下文提供的各个示例性实施例中进一步详细所述。 In particular, the frame allows a stranger buyers and merchants online commercial transaction in an untrusted opposite trust network environment, as described in further detail in the various exemplary embodiments provided below.

[0041] 另外,一个实施例提供在线或零售环境中在购买服务和/或商品的商业交易期间商家、消费者和支付提供者之间的三方安全通信。 [0041] In addition, the embodiment provides a three-way secure communication online or retail environment between the purchase of services and / or during the commercial transaction businesses, consumers and providers of payment of the goods. 如在下文中将更详细论述地,支付令牌从支付提供者经由消费者传递给商家。 As discussed in more detail, the payment token to the merchant hereinafter from the payment provider via the consumer. 这些支付令牌通过允许商家直接向支付提供者验证令牌的真实性,来提供消费者支付服务和/或商品的能力的证明。 These tokens paid by the authenticity of the authentication token providers allow businesses to directly pay to provide consumers with proof of payment services and capabilities / or goods. 尽管这些支付令牌唯一地识别服务和/或商品的支付授权,但有关用于消费者的记帐帐户的敏感信息既不包括在令牌中,也会以其它方式被加密以致对商家不可见。 Although these payment token uniquely identifies the services and payment authorizations / or commodities, but sensitive information about a consumer's billing account neither included in the token it will be encrypted in other ways that are not visible to business . 因此,消费者敏感信息对商家不透明,从而允许消费者即使在他们之间存在不可信关系时,也能从商家放心地购买物品。 Therefore, consumer sensitive business information transparent, allowing consumers even if there can not be trusted relationship between them, but also from businesses safely buy items. 另外,因为商家能向支付提供者直接验证支付令牌,因此商家能放心地为有能力支付这些服务和/或商品的消费者递送物品,而不用维护有关消费者的金融信息(例如信用卡号、帐户信息等等)。 In addition, because businesses can offer to pay by direct payment token validation, so businesses can rest assured that consumers pay for these services and / or delivery of merchandise goods is capable, without maintenance on consumer financial information (such as credit card numbers, account information, etc.). 另外,因为支付提供者能验证来自消费者的支付令牌的真实性,因此支付提供者能向商家放心地转帐资金,从而完成三方安全商业交易。 In addition, because the payment provider can verify the authenticity of the token payment from the consumer, so pay providers can safely transfer funds to the merchant to complete the three-way secure commercial transactions.

[0042] 如前所述,用于本文中提供的框架的其他实施例将部分交易转移到计算设备的更安全子系统(例如操作系统)。 [0042] As described above, the frame provided herein for other embodiments to transfer part of the transaction to more secure subsystems of a computing device (e.g., operating system). 这有利地允许许多性能,包括:用于允许合法应用程序提供带内在线商业交易体验的抽象模型;另外类型的欺诈保护;用于审核、支付联合和其他支付或验证目的的帐单俘获和呈现;用于另外的安全性和商家专用功能性的服务提供者代码执行;多级认证;以及其他特征。 This advantageously allows a number of properties, including: allowing legitimate application provides for an abstract model of in-band online commercial transaction experience; another type of fraud protection; for auditing, payment of union and other payment or billing verification purposes capture and presentation ; for additional security and functionality of a dedicated merchant services provider code execution; multi-level certification; and other features. 例如,一些抽象模型允许合法和其他应用程序向用户提供在线购买和支付能力,就象这些交易直接在应用程序内发生一样,尽管部分商业交易是在带外执行的。 For example, some legitimate and abstract model allows other applications to provide online purchase and affordability to users, just like those transactions take place directly within the application, although some commercial transactions are performed in the band. 示例包括:目录购买(例如Amazon、kars等等)、直接购买来自多媒体应用内的多媒体内容、以试验模式下载软件/游戏、以及通过带内支付模型自动地解锁它们、允许支持基于预订的服务,诸如通过电子邮件的短消息服务等等。 Examples include: Directory purchase (such as Amazon, kars etc.), direct purchase of multimedia content from within multimedia applications, test mode to download software / games, and pay through in-band model automatically unlock them, allow support for subscription-based services, such as short message service via e-mail and so on.

[0043] 另外,在另一实施例中,框架俘获和呈现上述三方安全(和其它)商业交易中的电子帐户,作为在下文中将更详细描述的用于另外的验证、审核、支付联合以及其他目的的机制。 [0043] Further, in another embodiment, the frame capture and present the above three-way secure (and other) commercial transactions in e-mail account, as described in more detail hereinafter for further authentication, auditing, payment, and other joint mechanisms for these purposes. 此外,通过将商业交易转移到子系统的更安全部分,其他实施例允许商家在机器上运行专用代码(例如另外的用户验证、支付规则/机制、用户体验等等),同时信任这些代码将不会黑客攻击或损坏。 Furthermore, by transferring the business to a safer part of the transaction subsystem, other embodiments allow businesses to run on the machine-specific code (for example, additional user authentication, payment rules / mechanisms, user experience, etc.), while the code will not trust It will be hacked or damaged. 当然,如在下文更详细所述地,申请人通过使用在此提供的抽象模型已经进一步认识到其它有利特征。 Of course, as described in greater detail below, the Applicant has further recognized that additional advantageous features through the use of the abstraction model provided herein.

[0044] 在又一实施例中,申请人还提供一种使用移动模块来安全传送并认证身份和对各种不同服务的支付能力的的整体系统和协议。 [0044] In yet another embodiment, Applicant also provides overall system and protocol using a mobile module for secure transmission and authentication of identity and the ability to pay for various services of. 例如,能使用用户标识模块(SIM)(或其他类似的移动模块)来在多级验证环境中向服务或服务器认证用户和/或设备。 For example, the user can use the identity module (the SIM) (or other similar mobile module) to authenticate a user to a service or server and / or in a multistage device verification environment. 在该实施例中,在与用于移动模块的网络移动基础结构无关的网络上认证移动模块(以及甚至可能终端用户)。 In this embodiment, the authentication of the mobile module (and possibly even the end user) in the network independent of the mobile infrastructure for the mobile module of the network. 因此,该系统通过向移动基础结构认证有效记帐帐户,确认拥有移动模块。 Thus, the system through effective billing account with the mobile infrastructure for authentication confirmation module has moved. 这使用现有的安全协议(例如WS-认证、WS-安全、和其他类似的协议)建立了与连接到移动模块和服务(例如Web服务(WS))的计算设备的安全通信。 This uses existing security protocols (e.g., WS- Authentication, WS- Security, and other similar protocols) to establish a secure communication module connected to the mobile service (e.g. Web service (the WS)) of the computing device. 这种安全通信也能用来通过其他协议和移动模块与移动基础结构之间的数据交换认证用户-如下文更详细描述地。 This can also be used to secure the data communication between the mobile module and other protocols and exchange authentication user mobile infrastructure - as described in more detail below. 另外, 其他实施例提供从移动基础结构抽象计算设备(用在独立网络上的通信中)的协议和状态机。 Further, other embodiments provide an abstract computing infrastructure from the mobile device (used in a communication on a separate network) protocols and state machines. 因此,移动模块本身变为移动终端而计算设备变为外围设备,从而符合当前的无线标准,诸如3GPP (第三代合作伙伴项目)。 Accordingly, the mobile module itself becomes a mobile terminal and the computing device becomes a peripheral device, to conform to current wireless standards such as 3GPP (Third Generation Partnership Project).

[0045] 图1示出由多个网络节点组成的商业交易系统100的框图,这些网络节点包括:终端用户(购买者)计算机110、商家计算机140、身份提供者计算机120和支付提供者计算机130。 [0045] Figure 1 shows a block diagram of a plurality of network nodes commercial transactions system 100, the network nodes comprising: end-user (purchaser) computer 110, merchant computer 140, identity provider 120 and payment provider computer computer 130 . 上述节点的每一个可包括经由网络105互连的一个或多个计算设备。 Each of said nodes may include computing network 105 via one or more interconnected devices. 应当意识到: 终端用户计算机、商家140、身份提供者120和支付提供者130可与诸如个人、公司或企业的网络实体相关联。 Should be aware of: the end-user computer, the merchant 140, 120 and identity provider payment provider 130 may be associated with a network entity such as an individual, company or business. 例如,终端用户计算机110通常与采用该计算机来访问网络上的资源的个人相关联,以及商家计算机140可与提供商品和/或提供服务的公司或企业关联。 For example, end-user computer typically 110 to access resources on the network with the use of the personal computer is associated, as well as merchant computer 140 can be and / or companies or companies associated with the provision of goods and services provided. 形成商业交易系统100中的每一上述部件的一个或多个计算设备可作为相关网络实体在该网络上通信的入口点、计算平台和/或载体操作。 Forming a commercial transaction system in each of the above components or more computing devices 100 may be used as the relevant network entities on the network entry point for communication, computing platform and / or vehicle operation.

[0046] 注意,尽管可在在线购买环境中描述在此提供的实施例,但这些实施例也能用在直销交易中。 [0046] Note that although the embodiments provided herein may be described in the online purchasing environment, but these embodiments can also be used in direct sales transactions. 例如,商业交易的以上和以下描述能应用于消费者在零售店购买产品,其中使用支付、识别、授权和其他实施例。 For example, commercial transactions described above and below can be applied to consumers to buy products in retail stores, where the payment, identification, authorization, and other embodiments. 因此,将在线体验用于描述本文中的实施例仅用于示例目的,而不旨在限制或以其它方式变窄实施例的范围,除非另有明确声明。 Therefore, the online experience embodiments described herein are used for illustrative purposes only and are not intended to limit or otherwise narrowing the scope of the embodiments, unless explicitly stated otherwise.

[0047] 注意,网络105可以是互连并允许连接到该网络的节点通信的任何类型配置中的任何类型网络。 [0047] Note that the network 105 may be any type of network that interconnects and allows nodes connected to any type of configuration of a communication network in the. 节点或设备可经由铜(例如类型幻电缆、光学连接、无线或其任意组合连接到网络。可以使用诸如以太网的任何低级协议和/或诸如TCP/IP的任何信息协议传送信息。网络105可以具有与之相连的任意数量的设备,并且可以是信任(例如内联网)或不受信任网络(例如LAN/WAN、互联网等等)或两者的组合。连接到该网络的计算机可以是任意类型的设备,包括但不限于移动电话、台式计算机、平板个人计算机、服务器、工作站等等的一个或任意组合。 Node or device via copper (e.g. magic type cable, optical connection, a wireless connection to a network or any combination thereof may be used in any low-level protocol such as Ethernet and / or such as a TCP / IP protocol to transmit information of any information network 105 may having any number of devices connected thereto, and can be trusted (e.g., intranet) or an untrusted network (e.g., LAN / WAN, Internet, etc.) or a combination of both. computer connected to the network may be any type equipment, including but not limited to a mobile phone, a desktop computer, a tablet personal computer, a server, a workstation or the like or any combination thereof.

[0048] 图2示出根据本发明的一个实施例的用于在在线交易中启动和执行身份验证的系统和方法的示图,而图3示出根据本发明的一个实施例的用于在在线交易中执行支付协商、验证和/或证明的系统和方法的示图。 [0048] Figure 2 shows a boot according to the present invention for an online transaction and a diagram of an embodiment of a system and method for performing authentication, while FIG. 3 shows one embodiment of the present invention is used in the embodiment payment negotiation, verification and / or diagram of a system and method proven to perform online transactions. 可以单独或组合地使用这些方法来执行终端用户/购买者与商家之间的在线交易。 These methods may be used alone or in combination to perform an online transaction between the end-user / purchaser and the merchant. 在下述描述中,除非具体指出,网络实体及其相关联网络化设备之间不做区分。 In the following description, unless specifically pointed out, no distinction between the network entity and its associated networked devices. 例如,“身份提供者”通常用来将身份提供者描述为实体(例如银行、政府机构、代理等等),并描述为该实体用来执行各种网络功能的计算设备,诸如提供终端用户的身份验证、或以其它方式代表实体操作。 For example, "identity provider" is generally used to describe the identity provider as an entity (such as a bank, government agency, agent, etc.), and describes the entity for a computing device to perform various network functions, such as providing the end user authentication, or otherwise on behalf of entities operating.

[0049] 终端用户计算机110可以与商家140下订单M2。 [0049] The end-user computer 110 may communicate with merchant 140 orders M2. 订单242可以是终端用户想从商家140购买一个或多个商品和/或服务的任何表示。 Orders may be 242 or more end users want to buy a representation of any goods and / or services from the merchant 140. 另外,订单242可以由终端用户经由显示驻留在商家网站上的页面的Web浏览器选择商品或服务而产生,或可以由从本地运行的应用程序选择选项而产生,如在下文更详细所述地。 Further, the order by the end user via the display 242 may reside on the merchant's website pages to select the Web browser to produce goods or services, or may be generated by selecting an option from an application running locally, as described in more detail below in the ground. 作为第一实例的例子,商家140可提供一网站来显示或出售它提供的商品和/或服务,或可以提供商品的在线目录。 As an example of the first example, the merchant 140 may provide a Web site to display or sell goods and / or services it provides, or may provide online directory of goods. 订单M2 可以是终端用户想从商家140购买一个或多个商品和/或服务的任何类型的表示。 Orders M2 may be the end-user would like to purchase one or more of any type of goods and / or services from businesses represent 140.

[0050] 作为第二实例的例子并作为从商家的网站选择一个或多个商品和服务的替代方案,订单242可源自终端用户计算机110本地的应用程序或其他程序。 [0050] Examples of the second example as selecting one or more goods and services from a merchant's website alternative, order 242 may originate from the local end-user computer 110 or other application programs. 例如,终端用户可经由字处理应用程序创建、产生或编辑文档,使用演示应用程序设计幻灯片、和/或使用图像处理应用程序处理用于海报或宣传册的图像或图形。 For example, end users can create through the word processing application, create or edit a document, use the slide presentation application design, and / or using an image processing application image processing or graphics for posters or brochures. 应用程序可包括打印菜单下的选项, 这些想像允许由第三方打印文档,例如,利用局部不可用的打印特征,或以其它方式采用专业打印服务。 Applications may include the printing options menu, which allows a third party to imagine print documents, e.g., using the print feature unavailable topical, or otherwise a professional printing services. 当选择该选项时,应用程序可经由网络将订单242发送给商家140。 When this option is selected, the application may send the order to the merchant 140 via the network 242. 应意识到,订单242可以是购买任何商品和/或服务的任何表示,因为本发明的各方面并不限于这 You should be aware that any orders 242 can be purchased goods and / or services of any representation, because various aspects of the present invention is not limited to this

[0051 ] 响应于订单M2,商家140可请求终端用户110提供终端用户的身份和/或终端用户的确是他/她声称的验证的表示(步骤20¾。例如,商家140可能不知道有关订单242 的来源的任何信息,以及可能需要有关终端用户的身份的信息和/或确保终端用户未欺瞒他/她的身份。另外,商家140可以发送要求支付服务的通知或表示,并要求提供支付令牌。 为获得支付令牌,有必要首先经由身份令牌建立身份,如在下文更详细所述地。在任一情况下,终端用户110可以通过支持身份提供者120的服务(步骤215)响应商家140的请求。 [0052] 为获得身份令牌,终端用户140向身份提供者120提供身份信息。身份信息可以包括使身份提供者120能区分利用终端用户计算机110的终端用户和身份提供者可能向其提供服务的各种其他终端用户的任何信息。例如,身份信息可以包括与终端用户计 [0051] In response to the order M2, merchant 140 may request that end-user 110 to provide the end user identity and / or the end user does he / she claims to represent validation (step 20¾. For example, merchant 140 may not know about the order of 242 any information sources, and may require information on the identity of the end-user and / or to ensure that end users not to fool his / her identity. in addition, the merchant 140 can send a request notification of payment services or representation, and asked for a token payment. to obtain a payment token, it is necessary to first establish the identity via an identity token, as described in more detail below in the ground. in either case, the end user 110 may be provided by the service provider 120 supports identity (step 215) in response to the merchant 140 request. [0052] to obtain an identity token, end-user 140 provides identity provider 120 to provide identity information comprises identity information may be able to distinguish the identity provider 120 to provide the end-user utilizing end-user computer 110 and the identity thereto could provide any other information of various end-user services. For example, the identity information may include end-user meter 机110 的硬件相关联的唯一标识符。在一个实施例中,身份信息通过发出该用户唯一的标识符的SIM卡提供。身份信息可以包括提供终端用户计算机110的网络接口卡(NIC)的唯一硬件号、终端用户计算机110的全球名称(WffN)或其他网络地址,或可以识别终端用户计算机110的任何其他手段,包括(在一些实施例中)所建立的登录名/ 口令组合。 Unique hardware identifier associated with the unique machine 110. In one embodiment, the identity information provided by issuing a unique identifier of the SIM card user embodiment. Providing end-user identification information may comprise a computer network interface card (the NIC) 110 is hardware number, the name of the global end-user computer (WffN) 110 or other network address, or any other end-user computer may be identified means 110, including (in some embodiments) an established login name / password combination.

[0053] 身份提供者120使用身份信息来定位与终端用户相关联的身份凭证。 [0053] Identity provider 120 uses the identity information to locate identity credentials associated with the end user. 例如,身份提供者120可以包括存储有关多个终端用户的身份信息和凭证的数据库。 For example, identity provider 120 may include identification information about a plurality of end-user credentials stored in the database. 身份信息可用来索引到数据库中以获得正确的身份凭证。 Identity information can be used to index into the database to obtain the correct credentials. 身份提供者120可以是任何类型的实体。 The identity provider 120 may be any type of entity. 例如, 身份提供者120可以是使用由终端用户的SIM卡提供的用户号码来定位适当标识信息的移动电话公司。 For example, identity provider 120 may be provided by using the subscriber number of the end user SIM card to locate the appropriate mobile phone company identification information. 在一个实施例中,用户号码被用来在预订采用SIM技术的移动电话或其他设备时,定位和获得由终端用户提供的信息。 In one embodiment, the subscriber number is used when the mobile phone or other device using SIM reservation technology, location and access information provided by the end user. 身份提供者120可以是银行、政府机关(诸如机动车登记处(RMV)),或维护与终端用户相关联的标识信息或凭证的任何其他机构。 The identity provider 120 may be a bank, government agencies (such as motor vehicle registration office (RMV)), or any other body identification information or credentials maintenance and associated end user.

[0054] 响应于由终端用户提供的身份信息,身份提供者120向提供有关终端用户的身份认证和/或凭证的终端计算机Iio提供身份令牌(步骤22¾。身份信息可以是另一网络设备能用来认证、验证和/或确定终端用户身份的任何类型的电子消息。例如,身份令牌可包括终端用户的身份凭证。身份凭证可以包括但不限于姓名、地址、生日、地址、电话号码、电子邮件地址等等的任何一个或组合。 [0054] In response to the information provided by the identity of the end users, identity provider 120 provides an identity token (step 22¾ terminal computer to provide the end user identity and / or credentials Iio. The identity information can be another network device can to authenticate, verify and / or determine the identity of the end user of any type of electronic message. for example, the identity token may include identity credentials of the end-user. credentials may include, but are not limited to, name, address, date of birth, address, telephone number, e-mail address, etc. or any combination.

[0055] 身份令牌可包括来自身份提供者120的电子签名,从而证明该身份凭证是正确的。 [0055] The identity token may include an electronic signature from the identity provider 120, thus proving that the identity credentials are correct. 用这种方式,商家和/或支付提供者可以信赖无利益关系的第三方(即身份提供者), 而不是任意终端用户的代表。 In this way, the merchant and / or payment provider can rely on a third party disinterested (ie identity provider), rather than any end-user representatives. 在网络上传送前可加密身份令牌,并在由期望网络设备(例如商家、支付提供者等等,如在下文更详细所述地)接收时解密,以便防止网络上的偷听。 Before transmission over the network identity token may be encrypted, and the desired network device (e.g., merchant, payment provider, etc., as described in more detail in the below) upon receipt of the decryption, in order to prevent eavesdropping on the network. 在其他实施例中,支付令牌仅是终端用户身份的凭证,而不附随身份信息。 In other embodiments, the payment token is merely the end user identity credentials without accompanying identity information.

[0056] 身份提供者120可将身份令牌传送到终端用户计算机110,以便转发给商家140 (步骤23¾,和/或身份提供者120可以将身份令牌直接传送到商家140。然后,商家140然后可处理身份令牌以识别终端用户和/或验证终端用户是他/她声称的人。身份令牌可以用来认证可能影响交易的、有关终端用户的某些信息。例如,商家140可以提供要求终端用户处于某一年龄的服务。与身份令牌一起传送的身份凭证可用来确保终端用户处于适当年龄并满足该要求。商家140可对作为常客,或接收优惠券、促销等等的特定终端用户提供折扣。商家140可以索引终端用户数据库来基于所提供的身份凭证,确定终端用户是否有资格或应当专门处理。 [0056] The identity provider 120 may transmit the identity token to end-user computer 110 to forward to merchant 140 (step 23¾, and / or identity provider 120 may transmit the identity token directly to the merchant 140. Then, the merchant 140 identity token can then be processed to identify the end-user and / or end user to verify that he / she claims to be. can be used to authenticate the identity token that may affect the transaction, certain information about the end-user. for example, businesses can provide 140 with end-user service at a certain age. identity credentials transmitted with the identity token may be used to ensure that the end user is in an appropriate age and meets this requirement. merchant 140 may be as frequent a particular terminal, or receive coupons, promotions, etc. to provide users with discount merchant 140 can be indexed database based on end-user credentials provided to determine whether the end-user should be qualified or specialized treatment.

[0057] 可任选地,商家140可以通过将请求发送到身份提供者120,请求确认身份令牌(步骤对幻。用于确认身份令牌的请求可以包括将身份信息从商家140转发到身份提供者120。在接收确认身份令牌的请求后,身份提供者120可以确认该身份令牌,由此确定身份令牌是否真实。然后,身份提供者120可以将身份令牌的真实性的表示转发给商家140(步骤255)。可选择地,商家140自身可简单地确认身份令牌(步骤沈5)(例如通过假定身份令牌有效或以其它方式处理该令牌)。可任选地,将响应从商家140返回给终端用户计算机110,其中,响应可包括身份令牌是否有效的消息、任何可行折扣或促销的消息和/或任何其他类型的消息,因为本发明不限于这一方面(步骤265)。 [0057] Optionally, the merchant 140 may send a request to the identity provider 120, the identity token confirmation request (steps phantom. Request for confirming the identity token may include forwarding the identity information from the merchant 140 to identity provider 120. after receiving the confirmation request identity token, the identity provider 120 may confirm the identity token, thereby determining the identity token is authentic. then, the identity provider 120 may be represented by the authenticity of the identity token forwarded to merchant 140 (step 255). Alternatively, the merchant 140 may simply confirm their identity token (step 5 Shen) (e.g., by assuming the identity token is valid or otherwise processing the token). optionally , the response is returned from the merchant 140 to the end-user computer 110, wherein the response may include the identity token is valid message, any discounts or promotions possible messages and / or any other type of message, as the present invention is not limited in this respect (step 265).

[0058] 在商家140已经处理了身份令牌和/或已经从身份提供者120接收身份令牌的确认后,商家140可请求终端用户提供支付能力的验证或确认,和/或提供终端用户希望如何支付商品或服务的表示。 After [0058] the merchant 140 has processed the identity token confirmation and / or have been received from the identity provider 120 the identity token, the merchant 140 may request that the end-user provide verification or confirmation of the ability to pay and / or provide a desired end user how to represent pay for goods or services. 商家140可以经支付令牌请求作出请求(图3中的步骤305)。 Merchant 140 may make the request via a payment token request (step 3305 in FIG.). 响应于支付令牌请求,终端用户计算机110可获得支付提供者130的服务。 In response to the payment token request, the end-user computer 110 may obtain 130 the payment service provider. 支付提供者130 可以与维护有关各种终端用户的金融和支付信息的第三方,诸如金融机构、或处理金融事务和支付过程的第三方经纪人相关联。 Payment provider 130 may maintain financial and payment information on the various end-user of a third party, such as a financial institution, broker or third party financial transaction processing and payment processes associated with.

[0059] 终端用户计算机110可以通过将身份令牌传送到支付提供者130,从支付提供者请求支付令牌(步骤31¾。或者,终端用户可以用与结合身份提供者120描述的类似方式(即通过提供标识符,诸如SIM用户号、NIC地址和/或使用登录/ 口令组合),通过登录到支付提供者130上来请求支付令牌。应当意识到:终端用户可以用其他方式请求支付令牌, 因为本发明不限于这一方面。另外,终端用户可以发送有关购买的信息,诸如购买的价格和性质,以使得支付提供者能验证终端用户能支付。然而提供购买信息并非是必需的,因为它可能是不必要的或者可在交易的后续步骤中处理。 [0059] The end-user computer 110 may transmit the identity token to the payment provider 130, a payment token request (step 31¾ from the payment provider. Alternatively, the end user may be provided in conjunction with the identity provider 120 in a similar manner as described in (i.e. by providing an identifier, such as a SIM subscriber number, the NIC address and / or using a login / password combination), by logging onto the payment provider 130 requesting payment token be appreciated: the end user may request a payment token in other ways, since the present invention is not limited in this respect. in addition, the end user may send information about the purchase, such as the purchase price and properties, so that the payment provider can verify that the end user can pay however provide purchase information is not necessary, because it It may be unnecessary or may be processed in a subsequent step in the transaction.

[0060] 支付提供者130处理身份令牌(或其他所提供的标识符)以定位有关终端用户的信息。 [0060] Payment provider 130 processes the identity token (or other provided identifier) ​​to locate information about the end-user. 例如,支付提供者130可基于与身份令牌一起传送的身份凭证访问支付信息数据库。 For example, the payment provider 130 may access the payment information database credentials and identity-based authentication token transmitted together. 支付提供者130可确定什么支付能力和选项为所识别的终端用户所有。 Payment provider 130 may determine what payment capabilities and options for the identified end-user all. 然后,支付提供者130可验证终端用户具有支付的能力,并作为响应生成支付令牌并将其传送到终端用户计算机110(步骤32¾。支付令牌可以表示终端用户的支付能力、和/或支付提供者130愿意代表终端用户处理交易的证明。然后,终端用户计算机110可以将支付令牌转发到商家140(步骤335)。 Then, the payment provider 130 may verify the end-user has the ability to pay, and in response generates and transmits the payment token to the end-user computer 110 (step 32¾. Payment token may indicate the end user's ability to pay, and / or payment provider 130 on behalf of the end user is willing to handle the transaction proof. then, the end-user computer 110 may forward the payment token to the merchant 140 (step 335).

[0061] 商家140处理支付令牌,以使得商家140确信终端用户能支付商品或服务(步骤365)。 [0061] The merchant 140 processes the payment token to the merchant 140 that the end user can be sure to pay for goods or services (step 365). 例如,商家140可以要求支付提供者130确认支付令牌(步骤345、355)或可自身简单地确认它(步骤36¾ (例如通过假定支付令牌有效或者以其它方式处理该令牌)。然后, 商家140开始将商品和/或服务提供给终端用户的过程。因为支付提供者130可以是无利益关系的第三方,商家140可以将支付令牌基本上视为支付,并且不必等待直到完全处理该交易为止。 For example, the merchant 140 may request payment provider 130 confirms the payment token (steps 345, 355), or it may be itself easily confirm (step 36¾ (e.g. by assuming the payment token is valid or otherwise processing the token). Then, businesses began 140 goods and / or services to end-user process because the payment provider 130 may be a disinterested third party, the merchant will pay a token 140 may be basically considered as payment, and not have to wait until the full treatment Until the transaction.

[0062] 当在传统的交易模型中商家直接与终端用户交易时,商家可能必须确保由终端用户提供的支付信息正确并且足够。 [0062] When a business deal directly with the end user in the traditional transaction model, businesses may have to pay to ensure that the information provided by the end-user is correct and sufficient. 例如,商家可能必须通过信用卡系统运行所提供的信用卡号,以查询该号码是否有效、该卡是否有效、是否有足够的资金、和/或该卡是否正确地与由终端用户提供的身份相关联。 For example, businesses may have to, to check whether the number is a valid credit card through the credit card number provided by the system is running, the card is valid and whether there are sufficient funds, and / or the card is properly aligned with the end-user identity provided by the associated . 如果一些信息不合格,则可能不得不取消、终止或放弃交易。 If some of the information is unacceptable, it may have to cancel, terminate or abandon the transaction. 此外,在终端用户感到交易完成、并且不再访问该网络和/或不再访问商家的网站等等之后,交易终止可能发生。 In addition, end users feel at completion of the transaction, and is no longer accessible after the network and / or no longer visit the merchant's website, and so on, the transaction termination may occur.

[0063] 然后商家必须通知终端用户该交易存在问题,并且终端用户将不得不再次线径该交易来校正问题(例如通过正确地输入支付信息,指定具有足够资金的不同卡等等)。 [0063] and then business must notify the end user problems the transaction, and end users will have to deal again with the diameter to correct the problem (such as payment information is entered correctly, specify a different card with sufficient funds, etc.). 在一些实例中,可能不通知终端用户,并且该商业交易永不会完成。 In some instances, it may not notify the end user and the business transaction never completed.

[0064] 在本文中所述的不同实施例中,因为除非终端用户支付信息正确、足够资金可用和/或提供者证明将代表终端用户支付将不发出支付令牌,所以商家能立即继续交易。 [0064] In various embodiments described herein, unless the end user as payment information is correct, sufficient funds are available and / or provider on behalf of the end-user will pay the proof will not issue payment token, the merchant transaction can continue immediately. 交易中的任何缺陷可以实时地识别和解决,以使得所有各方能相对地确信关于交易完成是满足预期的。 Any defects transactions in real time to identify and resolve, so that all parties can be relatively confident about the completion of the transaction is expected to meet.

[0065] 另外,因为支付提供者可处理金融交易(例如处理信用卡、转帐等等),商家可以免于建立和维护例如处理信用卡号、或以其它方式处理支付过程和资金转帐所需的基础结构。 [0065] In addition, because the payment provider can handle financial transactions (such as credit card processing, transfers, etc.), businesses may be exempt from the establishment and maintenance such as processing credit card numbers, or otherwise handle the payment process and the infrastructure needed funds transfer . 在一些情况下,支付令牌操作为支付提供者能通过电汇或通过向商家电子资金转帐传送所指定资金的保证。 In some cases, pay for the operation of the token payment provider by wire transfer or by electronic funds transfer specified by the merchant to ensure the transfer of funds. 支付令牌也可以是将通过非电子手段进行支付的保证,诸如承诺向商家发出支票或其他可流通票据。 Payment token will also be guaranteed to be paid by non-electronic means, such as a commitment to issue a check to the merchant or other negotiable instruments.

[0066] 从商家的观点看商业交易基本上无风险,因为终端用户的身份和支付验证是由第三方处理的,因此较不易于受欺诈、哄欺并且甚至在提供个人和金融信息时的无知错误。 [0066] ignorance when merchants from the perspective of business transactions essentially risk-free because of the end-user identity verification and payment is handled by a third party, and therefore less prone to fraudulent, deceptive and coax even provide personal and financial information error. 因此,商家可能更愿意在不受信任网络上与未知终端用户进行在线商业交易。 Therefore, businesses may be more willing to online commercial transaction with an unknown end-users on the untrusted network. 从终端用户的观点看,个人和金融信息属于已经维护该信息和/或终端用户已经与其建立关系的实体。 From an end user point of view, the personal and financial information pertaining to the maintenance entity has the information and / or end-user relationship has already been established. 机密的个人和金融终端用户信息不必提供给商家,从而减少机密信息被误用或盗用的弱点。 Confidential personal and financial information need not be provided to business end users, thus reducing the confidential information is misused or stolen weakness. 因此,终端用户可能更愿意与未知商家进行商业交易,而不必担心商家是否可信。 Therefore, end-users may prefer to conduct business transactions with unknown businesses, without having to worry about the credibility of the business.

[0067] 在一些常规的商业交易模型中,身份信息和支付信息由用户输入,并由第三方或商家处理。 [0067] In some conventional commercial transaction model, identity and payment information entered by the user, or by a third party merchant processing. 如上所述,这些模型对用户来说是难用、不足和耗时的。 As mentioned above, these models the user is difficult to use, inadequate and time-consuming. 另外,常规的模型呈现有关终端用户的保密信息的安全性、以及商家易受欺诈和/或终端用户易发生支付故障的各种问题。 In addition, the conventional model presents security of confidential information about the end-user, as well as failure to pay businesses vulnerable to the problems of fraud and / or end-user prone. 申请人已经意识到:在各种商业交易中利用的计算机的每一个所安装的商业交易软件可以减少或消除有关安全和欺诈的问题。 Applicants have realized: the use of computers in various business transactions every business transaction software installed can reduce or eliminate problems related to security and fraud. 另外,可通过商业交易软件执行常规模型中由终端用户和商家处理的许多动作,从而使交易更简单并且对终端用户更直观。 Further, many actions may be performed in conventional models handled by the end user and the merchant through the commercial transactions software, making the transaction simpler and more intuitive to the end-user.

[0068] 图8示出将如上所述的一些特征用于可以在商业交易期间建立的三方安全通信和各种信任界限的一个例子。 [0068] FIG. 8 shows an example of some of the features described above for the three-way secure communication may be established during a commercial transaction, and various trust boundaries. 如下文更详细描述地,该模型允许单一或预订支付以及支付联合,以使得服务或商家能聚集更小公司的支付,从而允许消费者支付单一帐单。 As described in more detail below, the model allows a single payment or reservation and payment joint, so that the service can gather smaller businesses or companies to pay, allowing consumers to pay a single bill. 如途所示,分布式系统800被配置成便于消费者810、商家830和支付提供者805之间的商业交易。 As shown, a distributed system 800 is configured to facilitate transit consumer 810, payment provider 830, and business to business transactions 805. 支付信任界限815将商家830与消费者810/支付提供者805分开,以使得在支付提供者805和消费者810或消费者计算设备(即使用如本文中所述的可用机制的任何一个向支付提供者适当地识别或自身验证消费者)之间存在信任关系。 The merchant payment trust boundaries 815 and consumers 830 810 / payment provider 805 separately, so that the calculation of the payment provider 805 and the consumer 810 or any of a consumer device (i.e., using the available mechanisms as described herein to a payment provider properly identify or verify their consumer) trust relationship exists between. 因此,消费者810能利用该信任关系来对各种类型的支付和各种服务授权对商家830的支付。 Therefore, consumers can take advantage of the trust relationship 810 to authorize payment for the merchant 830 various types of payments and various services.

[0069] 例如,假定商家830要求预付消费者810想购买的产品(例如要求预付的消费品, 如汽车、计算机等等)。 [0069] For example, assume that the business requires 830 810 Prepaid consumers want to buy products (such as requiring prepaid consumer goods, such as cars, computers, etc.). 然而在请求支付授权前,如本文中所述,消费者810计算设备的用户可以要求适当地验证。 However, before requesting payment authorization, as described herein, the consumer 810 computing device may require the user to appropriately verified. 只要用户认证,消费者810计算设备能通过如本文中所述的任何不同机制适当地请求支付提供者805支付。 As long as user authentication, any of various mechanisms consumer computing device 810 as described herein can suitably payment provider 805 requesting payment. 例如,消费者810可向支付提供者提供由消费者810的计算系统签名或加密的其他请求信息。 For example, consumer 810 may provide additional information requested by the consumer computing system 810 signatures or encrypted to the payment provider. 这认证了对帐户拥有者(即消费者)适当支付能力的确认的请求(即,用户具有预付帐户、信用额或其他记帐帐户,诸如如下所述的移动用户)。 This certification request confirmation (that is, the user has a prepaid account, credit or other billing account, such as moving the user's) ability to pay appropriate to the account owner (ie the consumer). 如果成功,则发出支付令牌,然后预留用于保证支付的资金。 If successful, issue a payment token, then set aside funds to pay for the guarantee. 通常由支付提供者(例如本文中所述的移动网络服务器)签名和/或以其它方式加密该支付令牌,并传递到消费者810客户机。 Is typically signed by the payment provider (e.g., described herein in the mobile network server), and / or otherwise encrypt the payment token and passed to the consumer 810 client. 消费者810将该支付令牌传送回商家830,商家830向支付提供者验证该令牌,并且如果成功则完成该订单。 The payment token consumer 810 830 transferred back to the merchant, the merchant 830 to verify the token payment provider, and if successful completion of the order.

[0070] 一旦准备递送物品(例如已经确立消费物品),商家830就能使用该预留支付令牌来请求支付提供者830支付。 [0070] Once prepared the delivery article (e.g. consumer goods has been established), the merchant 830 can use the reserve payment token to request payment provider 830 payment. 注意,用于支付请求的金额可以不同于所预留的金额。 Note that for the amount of the payment request may be different than the amount reserved. 尽管如此,支付提供者805验证并向商家830和/或消费者810返回支付响应。 Nevertheless, verification and payment provider 805 830 businesses and / or consumers pay 810 returns a response. 如果被核准,则商家830能向消费者810运送(或者提供)该订单,并提供其支付。 If approved, the merchant 830 can be (or provide) the order shipped to consumers 810, and provides its payment. 另一方面,如果拒绝支付或要求进一步的用户交互,则商家830、支付提供者805和/或消费者810能选择采取什么动作。 On the other hand, if you refuse to pay or require further user interaction, the merchant 830, payment provider 805 and / or 810 consumers can choose what action to take. 例如,如果由商家830请求的金额不与预留的资金匹配,则支付提供者805和/或商家830可以请求消费者810授权新的金额。 For example, if the amount requested by the merchant 830 does not match with the reserve funds, the payment provider 805 and / or the merchant 830 may request authorization consumers 810 new amount. 另外,支付提供者805可要求授权转帐资金的用户输入,不管预留和请求的支付金额有任何变化。 In addition, the payment provider 805 may request authorization to transfer funds user input, regardless of the amount paid reservation and request any changes. 当然,在此也可构想用于完成商业交易的其他动作和过程。 Of course, this idea can also be used for other actions and processes of business transactions.

[0071] 注意,尽管上述三方安全支付机制用于购买预订物品,但整笔支付也可以应用于其他服务和/或商品。 [0071] Note that while the above-mentioned three-way secure payment mechanisms for the purchase of goods booking, but the lump sum payment may be applied to other services and / or merchandise. 例如,整笔支付机制可以应用于准备立即下载的软件程序。 For example, a lump sum payment mechanisms can be applied to software programs ready for immediate download. 可选择地或连同地,整笔支付可解锁下载的各级程序(例如学生版本、专家版本或其他单独的功能性)。 Alternatively, or in conjunction with, the lump sum payment at all levels to unlock downloadable program (such as student version, version expert or other separate functional). 事实上,将意识到上述整笔支付能用于各种不同类型的购买,一部分以略有改进的支付形式。 In fact, to realize the above-mentioned lump sum payment can be used for a variety of different types of purchase, a portion of a slightly improved form of payment.

[0072] 例如,假定消费者810想与商家830建立预订以继续服务(例如报纸或杂志预订、 电影预订、游戏应用程序、或其他到期即付商品和/或服务)。 [0072] For example, assume that consumers want to set up 810 businesses with 830 to continue the reservation service (such as a newspaper or magazine book, book movie, game applications, pay as you go, or other goods and / or services). 因此,商家830将向消费者810询问支付令牌,由此消费者810客户机可以与请求授权以继续的用户交互,如本文中所述。 Accordingly, the merchant 830 will query the consumer 810 payment token, whereby the consumer 810 client may interact with the user requesting authorization to continue, as described herein. 与上文相类似,消费者810签名或以其它方式加密支付请求(例如使用电子记帐信息, 如下文所述)并将该请求发送到支付提供者805(例如移动运营商、信用卡公司、预付或其他类型的第三方服务等等)。 Similar to above, the consumer 810 signed or otherwise encrypted payment request (e.g., using electronic billing information as described below) and sends the request to the payment provider 805 (e.g., a mobile operator, credit card company, pre-paid or other types of third-party services, etc.). 这认证该请求并验证帐户持有者(即消费者或顾客)具有足够的初始资金。 This authenticates the request and verify the account holder (ie the consumer or customer) has sufficient initial capital. 如果成功,则发出、签名和/或加密支付令牌,并返回给消费者810客户机, 该客户机将支付令牌传递回预订商家830。 If successful, the issue, signed and / or encrypted token payment, and return to the consumer 810 client, the client will pay a token is passed back book business 830. 商家830然后验证令牌的确认并完成预订设置。 Merchant 830 then verifies the token and confirm the reservation setting is completed.

[0073] 注意,通常支付令牌存储在商家830,并且在由支付提供者805请求预订支付时定期使用。 [0073] Note that typically the payment token is stored at the merchant 830 and periodically used when booking paid by the payment provider 805 requests. 因此,当处理预订支付时,商家830检索支付令牌并将其发送到支付提供者805, 用于支付结算。 Thus, when the reservation processing payment, the merchant 830 retrieves the payment token and sends it to the payment provider 805 for payment settlement. 支付提供者805验证并向商家830和/或消费者810返回支付响应。 Verification and payment provider 805 830 businesses and / or consumers pay 810 returns a response. 如果返回准许响应,则预订商家830将在下一支付提供者805帐户支付运行期问接收支付。 If the return granted response, the subscription will be paid 830 businesses run in the next payment provider 805 account and asked to receive payments. 然而,如果支付请求被拒绝,则支付提供者8705和/或商家830可以适当地响应。 However, if the payment request is rejected, the payment provider 8705 and / or merchant 830 may respond appropriately. 例如,商家830(或支付提供者805)可以与用户或消费者810联系(例如经由电子邮件),告知他们未付清支付。 For example, the merchant 830 (or payment provider 805) 810 can contact the user or consumer (eg, via email) to inform them of unpaid payments. 消费者810然后能执行如上所述的整笔支付,或通过同一或不同支付提供者805 设置另一预订支付。 Consumers can then execute 810 lump sum payment as described above, or by the same or a different payment provider 805 is set to pay another book. 当然,商家830、支付提供者805和/或消费者810可以具有用于处理这些和其他支付授权的其他规则或要求,如在下文更详细所述地。 Of course, the merchant 830, payment provider 805 and / or consumer 810 may have other rules for processing these and other payment authorization or requirement, as described in greater detail below ground.

[0074] 如前所示,其他实施例允许单个消费者810支付与具有契约安排的多个业务伙伴或子公司的联合。 [0074] As indicated previously, other embodiments allow a single consumer 810 payment and contractual arrangements with the combined plurality of business partners or subsidiaries. 通常业务关系是复杂的,并且要求分配对在特定企业模型内所提供的各种服务和/或商品的支付。 Ordinary course of business relations are complex and require a variety of services in a particular business model that is provided and paid for / or commodity allocation. 例如,当从旅行社830购买旅游时,可为消费者810提供一揽子交易,包括航班安排、酒店住宿、护照服务等等。 For example, when purchasing travel from 830 travel agencies can provide 810 package deal for consumers, including flight arrangements, hotel accommodation, passport services. 因此,通常包出许多这些服务和/或商品的商家830必须保存这些商业交易的详细帐目,以便对其业务伙伴进行适当的支付。 Therefore, many of these services are usually package and / or commodity merchants must keep detailed accounts of 830 of these business transactions, in order to properly pay its business partners. 为减轻这些记帐和其他任务的复杂性,本文中的实施例基于每一交易向特定类型关系内的业务伙伴提供自动支付联合。 To reduce the complexity of these and other accounting tasks, the embodiments described herein are based on each transaction provides automatic pay union to its business partners within a particular type of relationship.

[0075] 例如,汽车租赁服务(例如业务伙伴“A”820)可要求商家830支付,作为假日捆绑销售的一部分。 [0075] For example, a car rental service (such as a business partner "A" 820) may be required to pay the merchant 830, as part of the holiday bundling. 保险公司(例如业务伙伴“B”825)可以基于每一交易费向商家830收费。 Insurance company (such as a business partner "B" 825) can be charged on a per-transaction fee to the merchant 830. 基于业务伙伴信任界限835,在对商家830进行单一支付时,可以将支付自动地与每一业务伙伴(例如“A”820和“B,,825)结盟。换句话说,消费者810或支付提供者805对商家830 进行单一支付,然而能适当地支付具有根据业务模型835的信任界限的业务关系的所有子公司。注意,这种支付将通常依赖于电子记帐报告书,如在下文更详细所述地。更具体地, 用于俘获、呈现和其他目的的电子帐单的各个部分能对应于支付的什么部分应当联合到每一业务伙伴。另外,可以签名和/或加密这些部分的每一个以使得有关支付的特定信息对消费者810、支付提供者805、或在如由不同信任边界815、825定义的不同业务伙伴820、825 之间是不透明的。 Business partners based on trust boundaries 835, while 830 were single-to-business payments, you can pay automatically with each business partner (for example, "A" 820 and "B ,, 825) alliance. In other words, consumers pay 810 or provider 805 830 single merchant payment, but can be appropriately paid in accordance with subsidiaries all trust relationships 835 limits the business models. Note that such payment will typically depend on the electronic accounting reports, as hereinafter more Details of the ground. more specifically, for capturing, showing what part of the various parts and electronic bill can correspond to other purposes shall be paid to each joint business partners. in addition, the signature and / or encryption of these parts every so that specific information relating to the payment of the consumer 810, payment provider 805, or between different business partners, such as 820, 825 is defined by a different trust boundaries 815, 825 is opaque.

[0076] 注意,尽管相对于旅行社体验描述了上述支付联合模型,但也存在能使用该实施例的其它业务关系。 [0076] Note that, although described with respect to the travel of said payment experience joint model, but there are also other relationships can be used in this embodiment. 例如,构建具有通过不同供应商购买的多个部件的物品的公司、购买用于这些产品的材料并基于每一物品进行支付的产品提供者、基于每一销售支付版税的多媒体产品的支付、或捆绑或能以其它方式基于每一物品计算并对业务伙伴进行支付的任何其他类型的业务模型也可使用在此所述的实施例。 For example, the company has constructed more parts articles by different vendors purchased, the purchase of materials for these products and make payments based on each item of product providers, payment to pay royalties based on sales of each multimedia products, or and binding can be calculated or any other type of business partners pay business models based on each item may also be used in other ways according to this embodiment. 同样地,将旅行社用于描述本文中的各个实施例仅用于示例目的,且并不旨在限制或变窄在此所述的实施例。 Likewise, the travel agency used to describe the various embodiments herein for illustrative purposes only, and is not intended to limit or narrow the embodiments described herein.

[0077] 图4示出根据本发明的一个实施例的用于处理商业交易的网络化计算机系统。 [0077] FIG. 4 shows an embodiment of a network computer system processing commercial transactions according to the present invention. 网络化计算机系统400可以与图1所示的计算机系统100类似。 400 may be similar to the computer system 1100 shown in FIG networked computer systems. 然而,在图4中,系统400中的每一计算机包括本地安装的商业交易软件485。 However, each computer in Figure 4, the system 400 includes a local installation of the commercial transaction software 485. 特别地,终端用户或消费者计算机410、 身份提供者420、支付提供者430和商家440分别包括商业交易软件48fe_485d。 In particular, the end-user or consumer computer 410, identity provider 420, payment provider 430 and 440, respectively, including commercial business transaction software 48fe_485d. 本地地安装在系统中的每一计算机上的商业交易软件可以是相同的,或鉴于计算机在交易中所起的作用(即计算机是操作为终端用户节点、商家节点、身份提供者节点、支付提供者节点等等还是上述的一些组合)可以对特定计算机定制。 Each business transaction software on your computer locally installed in the system may be the same, or in a transaction in view of computer role (that is, the end user computer operating node, merchant node, node identity provider, payment provider node, etc. or some combination of the above) can be customized to a particular computer. 在任一情况下,将每一安装配置成与其他网络化计算机上的安装件通信以便执行在线交易。 In either case, each mounting member configured to be mounted on the communication with other networked computers to perform online transactions. 例如,可以将每一安装件配置成与网络化计算机上的安装件通信,以便执行图2和/或图3所示的方法。 For example, each mounting member may be configured to mount on the communication network with the computer to perform the method illustrated in FIG. 2 and / or FIG.

[0078] 在一个实施例中,在身份提供者420上本地安装商业交易软件48¾能创建利用终端用户计算机410识别终端用户的身份令牌。 [0078] In one embodiment, identity provider 420 commercial transactions software locally installed on 48¾ end-user computer 410 can be created using the identity token to identify end users. 此外,身份提供者420上的商业交易软件48¾ 能将该身份令牌转发给终端用户计算机410、支付提供者430、商家440和/或任何其它计算机,因为本发明不限于这一方面。 In addition, the identity provider on the commercial transaction software 420 48¾ can forward the identity token to end-user computer 410, payment provider 430, the merchant 440 and / or any other computer and, because the present invention is not limited in this respect. 在终端用户计算机410上本地安装商业交易软件48¾ 能响应在终端用户和商家间进行在线交易的表示,发出身份信息(以便于识别终端用户)。 On the end-user computer 410 local installation of the commercial transaction software 48¾ can be expressed in response to online transactions between merchants and end users, issuing identity information (in order to identify the end user). 本地安装在支付提供者430上所安装的商业交易软件485c能接收身份令牌和生成验证终端用户支付(例如支付令牌)在线交易的能力的支付令牌。 Installed locally 485c can receive an identity provider to pay the 430 installation of commercial transactions and generate software token payment of end-user verification token payment (eg payment token) the ability of online transactions. 本地安装在商家440上所安装的商业交易软件485d能接收终端用户的能力的验证以便在继续进行在线交易前支付。 Local installation verifying your business on commercial transactions 440 installed software 485d can receive the end-user the ability to pay for online transactions before proceeding.

[0079] 在一个实施例中,系统400中的每一计算机使用相同或类似的操作系统495的本地安装操作。 [0079] In one embodiment, each computer system 400 using the same or similar operating the local operating system 495 installed. 例如,系统400中的每一计算机可以使用Microsoft Windows®操作系统操作。 For example, each computer system 400 may operate using the Microsoft Windows® operating system. 商业交易软件485可以是操作系统的子系统。 Business transaction software 485 may be an operating system subsystems. 用这种方式,用在商业交易中的各个计算机以一致和已知的方式通信。 In this way, the various computers used in business transactions in a consistent and known manner communications. 由于商业交易软件在网络上直接通信并处理确认、验证和安全性,因此终端用户和商家不必知道有关彼此的任何信息,并且更重要的是不必建立任何信任关系。 Since the commercial transaction processing software to communicate directly and confirm on the network, authentication and security, so the end user and the merchant does not know anything about each other, and more importantly, without having to establish any relationship of trust. 另外,因为交易的某些部分是由操作系统处理的,所以大部分交易可以基本对用户不可见地执行,而不需要终端用户的混淆并且常常困难的参与。 In addition, because some part of the transaction is handled by the operating system, so most basic transactions can be executed invisibly to the user, without the need for end-user confusion and often difficult to participate.

[0080] 通过在每一计算机上具有商业交易软件,各种加密技术可在将信息从一个计算机传送到另一个期间使用。 [0080], various encryption techniques may be used during the information transfer from another computer via a commercial transaction software on each computer. 此外,可以包括在有限时间周期内有效的其它安全特征,诸如身份令牌和/或支付令牌。 In addition, effectively comprise a limited time period other security features, such as identity tokens and / or payment token. 例如,身份令牌可以包括指定时间的时间分量,在该时间之后接收和处理令牌的任何组件应当视为无效,以及将该令牌视为身份和/或支付的验证。 For example, an identity token may include a time component for the specified time, after which time any component receiving and processing the token should be considered invalid, and the token is considered to verify the identity and / or payment. 商业交易软件组件可以有计划地处理与令牌有关的任何时限。 Business transaction software components can handle any time-related token planned. 这可以防止通过从在稍后时间不适当使用“钓鱼”获得令牌。 This prevents obtained by token from inappropriate use at a later time "fishing."

[0081] 应意识到:商业交易软件不必是操作系统的一部分,但可以是参与能在网络上彼此通信的商业交易的计算机的任何本地程序或程序组。 [0081] should be aware of: the commercial transaction software need not be part of the operating system, but may be able to participate in any local program or group of computers on the network to communicate with each other commercial transactions. 例如,商业交易软件可以是由第三方开发的应用程序,它能安装在计算机上以在安装于计算机上的操作系统上操作或与之无关地操作。 For example, commercial transactions software can be developed by a third-party application, install it to operate on the operating system installed on your computer or irrelevant in the computer operation. 可以将应用程序配置成与操作系统的任何一个或组合操作,以便于对广泛性能和配置的计算机或设备可用,并且不限于任何特定的操作系统、处理器、指令集等等。 Applications can be configured to any one or combination with the operating system to be used in a wide range of performance and configuration of the computer or device and is not limited to any particular operating system, processor, instruction set, etc..

[0082] 图5示出由选择一个或多个所需商品和/或服务的终端用户发起的商业交易,其中购买的交易部分至少部分地由分布为参与一个或多个交易的各个计算机的操作系统的一部分的交易软件子系统处理。 [0082] FIG. 5 shows a terminal user to select one or more desired goods and / or services of a commercial transaction initiated, the purchase transaction in which portion at least partially by a distribution of one or more transactions involved in each operation of the computer the software part of the system transaction processing subsystem. 通过终端用户计算机510连接到网络505的终端用户可以运行应用程序555。 End-user computer 510 via a network 505 to an end user applications 555 may run. 应用程序555可以是显示提供商品或服务的企业网站的浏览器。 Application 555 may be displayed to provide goods or services corporate website browser. 应用程序555可以是提供参与在线交易的选项的应用程序,诸如允许用户操纵图像的图像处理编辑程序。 Application 555 may be provided the option to participate in online transaction applications, such as allowing the user to manipulate the image processing of the image editing program.

[0083] 终端用户可以经由应用程序555选择一个或多个商品或服务来购买。 [0083] The end user 555 may select one or more goods or services to purchase via application. 例如,终端用户可能希望使经编辑的图像专业地打印在照片质量纸上。 For example, the end user may wish to have the edited image professionally printed on photo quality paper. 应用程序555可在打印菜单下包括此选项。 Applications 555 may include this option in the print menu. 打印选项在被选择时可生成列出所有可用打印选项,包括可在网络上使用的服务的窗口或对话框。 Print option to generate a list of all the available print options when selected, including the window or dialog box can be used on network services. 例如,打印选项可以列出服务提供者M0a、540b、M0c,作为用于提供打印服务的选项。 For example, the print option to list the service provider M0a, 540b, M0c, as an option for providing printing services. 当用户选择服务提供者之一时,可启动如上所述的在线商业交易。 When the user selects one of the service provider, you can start an online business transactions described above. 特别地,业务提供者可以请求终端用户提供身份令牌。 In particular, the service provider may request that the end-user provide an identity token. 作为响应,应用程序555(或嵌入商业交易软件585中的应用程序)可以生成列出可用身份提供者的对话框或界面。 As the (application or embedded in commercial transactions software 585) response, the application 555 may generate lists of available identity provider or dialog interface. 例如,如在下文更详细所述地,对话框可以列出身份提供者520a、520b、520c,作为用户能选择以处理身份验证的可能身份提供者。 For example, as described in greater detail below, the dialog box may list identity providers 520a, 520b, 520c, as the user can choose to process authentication may be the identity provider.

[0084] 图9示出分布系统中并根据示例性实施例的受信任商业子系统和其他特征的使用。 [0084] FIG. 9 shows a distributed system using the trusted commercial and subsystems of the exemplary embodiments and other features. 如所示,分布式系统900内的本地计算设备920被配置成根据本文中所述的实施例提供在线或本地零售交易。 Local computing device as shown in the distributed system 900 920 is configured to provide an online or local retail transaction in accordance with the embodiments described herein. 注意,尽管受信任商业交易子系统965仅示为本地计算设备920的一部分,但类似子系统也可以驻留在其他网络实体上。 Note that although the trusted commercial transaction subsystem 965 shows only a part of the local computing device 920, but similar subsystems may also reside on other network entities. 另外注意,尽管本文中将各个组件或模块描述为驻留在任何特定网络实体上,但这些组件或模块可分布在整个计算系统上,并驻留在任意数量的网络实体上(即,各个部分可以存在于一个或多个网络实体上)。 Also note that although various components or modules will be described herein as residing on any particular network entity, such components or modules may be distributed throughout the computing system and reside on any number of network entities (i.e., the various parts It may be present on one or more network entities). 因此, 网络设备或实体对特定模块的特定美学布局和使用在此仅用于示例目的,并且不旨在限制或变窄在此的实施例的范围。 Accordingly, the network device or entity specific aesthetic layout and use of a particular module is here only for illustrative purposes and are not intended to limit or narrow the scope of embodiments.

[0085] 不管计算系统900的分布和美学布局如何,如前所述,存在分离各个组件之间的信任关系的信任边界906。 [0085] Regardless of how the system calculates the distribution and aesthetic layout 900, as described above, there is a trust boundary 906 separating the trust relationship between the various components. 尽管可以不同地划分该关系,但在本例子中,信任关系存在于支付提供者900于信任商业交易子系统965之间。 Although the relationship can be partitioned differently, but in this case, the trust relationship exists between the payment provider 900 to 965 trusted commercial transaction subsystem. 这有利地容许当前商业系统不能提供的许多特征。 This advantageously allows many features of the current commercial systems can not provide. 例如,信任边界906从与商家的商业交易中抽象应用程序925。 For example, the trust boundary 906 from the merchant's business transactions abstract application 925. 因此,早先版本和其它的应用程序925可向终端用户940提供带内体验,尽管大部分功能出现在带外。 Therefore, the earlier version, and other applications 925 may provide in-band experience to the end user 940, although most of the functions appear in the band. 例如, 在允许在照片质量纸上打印专业图像的上述例子中,下拉菜单内的选择、身份确认、支付选项和用于帮助用户进行这种服务购买的其他组件显现为应用程序925的一部分。 For example, in the above example allows print professional quality images on photo paper, pull down the menu selection within, identification, payment options, and other components to help users perform such services appear as part of the purchase application 925. 另外,应用程序925在接收购买服务和/或商品的输入时可对信任商业交易子系统965进行购买呼叫930,然后使用该购买呼叫来生成对话框,接收用户940输入935,或者以其它方式自动地与商家905和/或支付提供者990通信,如本文中所述。 In addition, the application 925 may trust commercial transaction subsystem upon receipt of purchase and enter a service / product or call 930 965 purchase, the purchase of call and then use to generate the dialog box, receives user input 940 935, or automatically otherwise / or payment provider 990 and communicate with the merchant 905, as described herein.

[0086] 换句话说,在商业交易中用户940并非必需信任应用程序925或商家905。 [0086] In other words, in commercial transactions the user 940 is not necessary trusted application or business 925 905. 相反, 信任限于当前框架的子系统965,这降低秘密和安全地执行商业交易所需的信任度或等级。 Instead, the trust is limited to the current sub-frame 965, which reduces secretly and safely perform the required business transaction or confidence level. 即,经由子系统965的直接用户输入935,或从安全960帐户信息存储945访问用户940的帐户明细950,该帐户明细包括用户不愿或不方便公开分享的敏感信息955 (例如信用卡信息、个人信息、用户名/ 口令等等)。 Namely, direct user input via subsystem 965 of 935, or 960 from the security account information to access the user account details stored 945 950 940, which includes user account details are unwilling or inconvenient to openly share sensitive information 955 (such as credit card information, personal information, username / password, etc.). 同样地,从受子系统965控制的金融和其他记帐帐户明细955中抽象应用程序925、商家905和其他组件,如在本文中所述。 Similarly, the subsystem 965 controlled by financial and other billing account details 955 abstracts applications 925, merchant 905, and other components, as described herein. 这与如上所述的当前商业交易非常不同,其中应用程序925或商家905维护和控制帐户信息。 This current business transaction described above is very different, where the application or business 925 905 maintenance and control of account information. 因此,本文中所述的该实施例和其他实施例在商业交易期间有利地提供另外的安全级。 Accordingly, examples and other embodiments of the embodiment provides an additional level of security described herein advantageously during a commercial transaction. 这是直接得多的信任关系,以便于最小化有权存取或接触非常敏感的金融数据的组件或机构的数量。 This is a much more direct relationship of trust, in order to have the right number of components or agency access or contact with very sensitive financial data to be minimized.

[0087] 如图9所示,与上述三方安全商业交易类似,信任边界906还表示支付提供者与受信任商业交易子系统965之间的安全通信。 [0087] As shown in Figure 9, the above-mentioned three-way secure commercial transactions similar to the trust boundary 906 also represents a secure communication between providers and pay 965 trusted commercial transaction subsystem. 因此,子系统965以在此所述的各种方式向支付提供者900验证,从而允许与其的安全通信。 Thus, the subsystem 965 in various manners described herein to verify the payment provider 900, allowing secure communication therewith. 与上述类似,本地计算设备(可以是本地零售交易中的如下所述的手持便携式设备,在线交易中的个人计算机,或如本文中所述的其他类似设备)想要由商家905提供的各种服务和/或商品。 Similar to the above, the local computing device (handheld portable device may be local retail transaction as described below, the online trading of a personal computer, as described herein, or other similar devices) want variety offered by the merchant 905 services and / or merchandise. 在该例子中,记帐信息910被提供给本地计算设备920,用于认证、审核和如在此所述的示例性实施例中所使用的其他目的。 In this example, billing information 910 is provided to the local computing device 920, for purposes other exemplary embodiments authentication, auditing and as herein used. 这种记帐信息可以包括但不限于:商品和/或服务的价格、商业交易的详细描述、商家905特定信息、联合支付信息、交易类型(例如整笔支付、预订等等)或其他类型的记帐信息。 This billing information may include, but are not limited to: product and / or service prices, a detailed description of business transactions, the merchant 905 specific information, joint payment information, transaction type (such as lump sum payments, reservations, etc.) or other types of billing information. 帐单信息910也可包括其它信息,诸如商家约束和支付选项,如在下文更详细所述地。 Bill information 910 may also include other information such as merchant constraints and payment options as described in more detail below in the ground.

[0088] 在一个实施例中,帐单信息910是配置成机器可读的电子帐单,它为当前商业交易系统提供许多有利能力。 [0088] In one embodiment, the billing information 910 that is configured to machine readable electronic bill, which provides many advantageous capabilities of the current commercial transaction system. 例如,一个实施例提供记帐信息910能是支付令牌请求980的一部分(或以其它方式在另一通信中传送给支付提供者990),如前所述。 For example, one embodiment provides the billing information 910 can be part of the payment token request 980 (or otherwise delivered to another payment provider 990 in communication), as previously described. 同样地,该帐单信息可由支付提供者990用于支付令牌确认940。 Similarly, the payment provider may bill information 990 for the payment token validation 940. 更具体地,在支付令牌确认904中,由消费者或本地计算设备920提供的帐单信息910能与由商家905提供的支付令牌985信息相比。 More specifically, in confirming the payment token 904, billing information, computing device 920 provided by the consumer or the local 910 can be compared with a payment token 985 information provided by the merchant 905. 因此,如果用于支付令牌确认904的帐单信息910与来自令牌请求980的帐单信息910 匹配,则支付提供者990能进一步确保支付令牌985的真实性和商家的可靠性。 Therefore, if the token to verify billing information for payment of 910 904 and 910 from the token request matches the billing information 980, the payment provider 990 can further ensure the reliability and authenticity of the token payment of 985 businesses.

[0089] 注意,来自商家的帐单信息910如何中继到支付提供者990 (以及本文中的其他组件)可以改变。 [0089] Note how billing information is relayed to the 910 from the merchant payment provider 990 (and other components in this article) can change. 例如,从商家905发送到支付提供者990的帐单信息910可以是发送给受信任商业交易子系统965或客户920的帐单信息910的副本。 For example, 905 is sent from the merchant to the payment provider billing information 910 990 may be sent to the copy of the trusted commercial transaction subsystem or customer billing information 965 920 910. 可选择地,或者连同地,帐单信息910可以是经由消费者或本地计算设备920路由的来自支付提供者990的签名和/或加密版本。 Alternatively, or in conjunction with, the billing information 910 may be via the consumer or local computing device 920 routes from the payment provider signed and / or encrypted version of the 990. 在任一情况下,支付提供者能进行前述比较,用于认证支付令牌985。 In either case, the payment provider can perform the comparison, for authenticating the payment token 985.

[0090] 进一步注意:如由支付提供者990使用的这种帐单信息910也能用来提供与帐单有关的费用的更详细描述,该帐单后来将提供给用户以便在用户帐户上收费。 [0090] Further Note: If this bill information 910 by the payment provider 990 can also be used to provide cost associated with the bill more detailed description of the bill was later provided to the user so that the user fee on the account . 因为这也可以是机器可读帐单910,所以本地计算设备920可将该帐单信息910与由商家905先前接收的帐单进行比较,用于进一步授权对商家905的支付。 Because this may be a machine readable bill 910, the local computing device 920 can be performed with the billing information 910 previously received by the merchant billing comparator 905 for further authorization of payment to the merchant 905. 换句话说,如果来自支付提供者990 的帐单内的帐单信息910不与从商家905接收的任何帐单相匹配,则该收费将视为欺诈。 In other words, do not match if the payment provider billing information from within the bill 910 990 with any bills received from the merchant 905, the fee will be considered fraud.

[0091] 在另一实施例中,商家905能将该帐单信息910用于审核用户和其他验证目的、支付联合等等。 [0091] embodiment, the merchant 905 can review the bill information 910 for user authentication and other purposes, payment, etc. In another joint. 例如,商家能签名或以其它方式加密帐单信息910的一部分。 For example, businesses can sign or otherwise encrypted part of the bill information 910. 这允许本文中所述的实施例中的多个有利特征。 This allows for multiple advantageous features in embodiments described herein. 例如,帐单信息910可以是由支付提供者经由本地计算设备920接收的支付令牌985的一部分。 For example, the bill information 910 may be part of computing the payment token 985 received device 920 via a local by the payment provider. 商家905能校验帐单信息910的真实性,用于认证支付令牌985来自客户机920或受信任商业交易子系统965。 905 merchants can check the authenticity of the bill information 910 for the authentication token payment of 985 or 965 trusted commercial transaction subsystem from the client 920. 类似地,在支付令牌确认904期间,商家905能使用从支付提供者990接收的帐单信息910来确认或认证支付提供者990和/或本地计算设备920。 Similarly, during the payment token validation 904, the merchant 905 can use billing information 910 to confirm the payment provider 990 receives the authentication or payment provider 990 and / or local computing device 920. 换句话说,因为帐单信息910经由子系统965或消费者920路由到支付提供者,所以与发送到客户机920的相匹配的、从支付提供者接收的记帐信息能认证客户机920和来自支付提供者990的支付令牌985。 In other words, because the billing information subsystem 965 or 910 920 routed via the consumer to pay the provider, and sent to the client so that matches the 920, received from the payment provider billing information and can authenticate the client 920 from the payment provider to pay a token of 985,990.

[0092] 注意:在另一实施例中,如上简短所述地,帐单信息910也可由商家用于支付联合。 [0092] Note: In another embodiment, the briefly described above, the bill information 910 may also be used to pay the merchant joint. 在该实施例中,帐单信息910的不同部分可以是机器可读的,用于确定来自支付提供者990的资金的哪些部分(在成功支付验证后)应当分配给如前所述的业务伙伴。 In this embodiment, different portions of the bill information 910 may be machine readable for determining what portion of the payment provider 990 from funds (after successful payment authentication) should be assigned to a business partner as previously described . 注意在该实施例中,通常帐单信息910的一部分将被加密或以其它方式对用户940(或消费者客户机920)、支付提供者990或不是与商家905的业务关系的一部分的其他组件不透明。 Note that in this embodiment, a portion of usually 910 billing information will be encrypted or otherwise provided by a business relationship with the merchant than 990 or 905 to the user 940 (or consumer client 920), paid by the other components that are part of opaque. 这也唯一地识别记帐联合中的业务伙伴,以及能由此用于认证目的。 This uniquely identifies the accounting of joint business partners, and thus can be used for authentication purposes. 更具体地,专用于业务伙伴的帐单信息910的各个部分能使用该业务伙伴专用的密钥加密,从而该记帐信息仅可被商家905和特定业务伙伴看见。 More specifically, the business partner specific to various portions of the bill information 910 can use the business partner private key encryption, billing information so that the merchant 905 can only be seen and the particular business partner. 然而,在其他实施例中,用于支付分配或联合的帐单部分仅由商家905签名,由此对系统900中的其他组件不透明。 However, in other embodiments, or combined to cover the bill dispensing portion only signed by the merchant 905, whereby the opaque to other components of system 900.

[0093] 当然,如将认识到,帐单信息910的其他用途也能用于各种目的。 [0093] Of course, as will be appreciated, other uses of the billing information 910 can also be used for various purposes. 例如,记帐信息910能用于审核目的、产品分发核对,或任何其它众所周知的业务和其他目的。 For example, billing information 910 can be used for auditing purposes, product distribution check, or any other well-known business and other purposes. 因此,用于授权、识别、支付联合或任何其它目的的帐单信息910的上述用法仅用于示例性目的,并且并不旨在限制或者变窄实施例的范围,除非另外明确要求。 Thus, for authorization, identification, payment, or any of these combined usage billing information 910 of the other purposes for exemplary purposes only, and are not intended to be limiting or narrowing the scope of the embodiments, unless explicitly requested.

[0094] 注意,信任边界906和子系统965也具有本文中所述的其他实施例中的其他有利特征。 [0094] Note that the trust boundary 906 and the subsystem 965 also have other advantageous features of the other embodiments described herein in the. 例如,如图9所示,子系统965中的支付提供者代码970允许安全地运行专用于一个或多个支付提供者990的代码。 For example, subsystem 965 codes the payment provider 970 as shown in FIG. 9 to permit safe operation of the code specific to the provider 990 to one or more payment. 这种代码能用于专用于支付提供者的进一步授权,例如生物测定、射频标识(RFID)、用户名/ 口令或任意多个另外的验证技术。 Such codes can be used for further authorization specific to the payment provider, e.g. biometric, radio frequency identification (RFID), user name / password or any number of additional verification techniques. 换言之,由于支付提供者990具有与子系统965的受信任关系,因此支付提供者能运行受信任代码,用于其专用业务目的。 In other words, due to the payment provider 990 has a trusted relationship with the subsystem 965, so that the payment provider to run trusted code for its dedicated business purposes.

[0095] 使用这一代码970也允许可受与子系统970具有信任关系的支付提供者990或任何其他组件控制的更综合的带内用户体验。 [0095] 970 also allows the use of this Code may be subject to the payment provider subsystem 970 and 990 have a trust relationship or any more comprehensive in-band control other components of the user experience. 例如,尽管未示出,但受信任关系可以存在于一些商家905和子系统965之间,用于允许受信任代码由子系统965运行。 For example, although not shown, a trusted relationship may exist between a number of businesses 905 and subsystem 965 for allowing trusted code to run by the subsystem 965. 同样地,参与商业交易的商家905、支付提供者990或任何其他组件可提供综合用户体验,就象显现为在应用程序925(早先版本等等)内运行一样。 Likewise, businesses involved in commercial transactions 905, payment provider 990 or any other components to provide a comprehensive user experience, as appears to be running within the application 925 (the previous version, etc.) the same. 然而,许多事件出现在带外。 However, many events in the band. 例如,在由专业服务对图像进行照片质量打印的上述例子中,可通过各个受信任网络实体(例如支付提供者990、商家905等等)专门提供的代码970控制呈现给用户的对话框、支付选项或任何其他数量的特征或应用程序功能(例如响应于用户输入)。 For example, in the above example, the image quality of photos printed by professional services, trusted by each network entity (such as payment provider 990, 905 businesses, etc.) dedicated to the control codes 970 presented to the user dialog box, pay any other number of options or features, or application functionality (e.g., in response to user input). 因此,如下文更详细所述地,当由商家905和/或支付提供者990评价支付选项和其他约束时,也能使用该代码。 Thus, as described in more detail, when the payment options and other constraints from the merchant 905 and / or payment provider 990 reviews, this code can also be used.

[0096] 如上所述,在一个实施例中,所选服务提供者或商家将任何要求和身份验证请求传送给身份提供者。 [0096] As described above, in one embodiment, the selected service provider or merchant any claim and authentication request is transmitted to the identity provider. 例如,服务提供者可以出售要求最小年龄或限定于某一地理位置的商品或服务。 For example, the service provider may be required to sell a minimum age or limited to a certain geographic location of goods or services. 因此,可以将身份提供者的清单限定到能提供满足服务提供者的要求的身份凭证的那些身份提供者。 Therefore, the list of identity providers may be limited to those who can provide the identity meet the requirements of the service provider's credentials provider. 例如,身份提供者的清单可以限定到能提供年龄验证或当前地址信息(诸如RMV)的那些身份提供者。 For example, the list of identity providers can be defined to provide age verification or current address information (such as RMV) of those identity provider.

[0097] 同样地,可以生成列出支付提供者的选项的对话框。 [0097] Similarly, you can generate a list of options dialog payment provider. 例如,对话框可以列出支付提供者530a、530b和530c,它们可分别包括信用卡公司、提供电子借记服务的银行、或提供金融服务的私人第三方。 For example, the dialog box can list payment provider 530a, 530b and 530c, which may include credit card companies, banks provide electronic debit services, or private third parties to provide financial services. 关于身份请求,所选服务提供者可包括与购买相关联的任何支付请求。 About the identity of the request, the selected service provider may include any payment request associated with the purchase. 例如,服务提供者可以仅接受某种类型的信用卡。 For example, service providers can accept only certain types of credit cards. 然后,在支付提供者选择对话框中列出或使能的可用支付提供者中反映这些支付要求。 Then, the payment provider selection list box or make available payment providers can be reflected in the payment request. 在选择支付提供者后,支付证明可以继续进行并且可以完成交易。 After selecting a payment provider, proof of payment can proceed and complete the transaction.

[0098] 注意,其他实施例也提供商家约束(例如可用支付选项、年龄限制等等)与消费者规则的比较,用于确定可采取的各个动作。 [0098] Note that other embodiments also provide business constraints (for example, payment options are available, the age limit, etc.) compared with consumer rules for determining individual action can be taken. 图10示出这一实施例,其中分布式系统1000被配置成有计划地基于诸如商家约束1010和/或消费者规则1035的这种信息确定动作。 Figure 10 shows this embodiment, wherein a distributed system 1000 is configured with a program based on such as merchant constraints 1010 and / or consumer rules 1035 to determine an action such information. 例如,商家1020可在商家约束1010内定义购买其服务和/或商品可接受的支付提供者1005 或支付类型。 For example, the merchant constraints 1020 may be defined later within its service 1010 and / or the payment provider of goods or payment type 1005 acceptable merchant. 然后,判定模块可以向用户提供这种约束,例如在请求用户输入1040的用户界面中用于选择一个或多个可用支付选项。 Then, the constraint determination module may be provided to the user, for example, the user interface requesting user input 1040 for selecting one or more of the available payment options. 基于用户输入1040,可联系适当的支付提供者1005来适当地资助服务和/或商品。 Based on user input 1040, can contact the appropriate payment provider 1005 is properly funded services and / or merchandise.

[0099] 在另一实施例中,除了或代替商家约束1010,也能使用消费者规则1035。 [0099] In another embodiment, the merchant constraints 1010 in addition to or in place of, the consumer rules 1035 can also be used. 例如,消费者规则1035可表示对某些类型的商家1020仅可进行某些类型的支付。 For example, consumer rules 1035 may indicate certain types of businesses 1020 only certain types of payment can be made. 更具体地,消费者规则1035可表示:如果未注册或以其它方式信任商家1020,则能返还的支付可用于从商家1020的购买。 More specifically, the consumer rules 1035 can be expressed: If you are not registered or otherwise trust businesses 1020, is able to return payments available for purchase from the merchant 1020.

[0100] 当然,如上所述,当确定在商业交易中采取的动作时,能由判定模块1030使用其他商家规则1010和消费者约束1035。 [0100] Of course, as noted above, when determining the action to be taken in commercial transactions, business rules can be used by the other determination module 1030 1035 1010 and consumer restraint. 事实上,为了兼容性和其他目的,可以比较商家约束1010和消费者规则1035。 In fact, for compatibility and other purposes, you can compare merchant constraints 1010 and 1035 consumer rules. 例如,当向用户提供支付提供者1005的选择时,可将来自商家1020的可用支付选项与消费者可获得或允许的支付提供者1005进行比较。 Available payment options available to consumers or permit the payment provider for example, when providing payment provider chooses to 1005 users, from the merchant 1020 1005 for comparison. 当然,基于诸如缺省设置、提供者额定值或喜好,或任何其它数量的选项设定值,也可自动进行支付选择。 Of course, based on such default settings, provider ratings or preferences, or any other number of option settings value, payment options can also be automatic. 事实上,基于各个商家1010和/或消费者1035规则的实现,可进行任何数量的动作。 In fact, all businesses to achieve 1010 and / or 1035 consumer rule-based, can be any number of actions. 例如,如果规则(商家1010或消费者1035)失败或者以其它方式被违背,则可能需要来自商家1020或用户1040(自动地基于另外的规则或设定值)的附加输入来解决冲突或其他差异。 For example, if the rules (merchant 1010 or consumer 1035) fail or are otherwise contrary, it may be necessary from the merchant 1020 or user 1040 (either automatically based on additional rules or a set value) of the additional input to resolve conflicts or other differences . 因此,实现所定义的约束和/或规则时所采取的任何特定动作在此仅用于示例目的, 并且不旨在限制或者变窄在此提供的实施例的范围。 Thus, any particular constraint action to achieve the defined and / or when the rule is taken here for illustrative purposes only, and are not intended to be limiting or narrowing the scope of the embodiments provided herein.

[0101] 另外注意,如上所述,商家约束1010可被包括在记帐信息内或单独地提供给消费者。 [0101] Further note that, as mentioned above, the merchant constraints 1010 may be included within the billing information or provided separately to the consumer. 同时还注意到,比较各个规则和由此采取的动作均可以在这些范围下进行,即,无需用户知识和/或其他系统组件。 It also noted that comparing the various rules and actions taken thus can be carried out at these ranges, ie, without user knowledge and / or other system components. 另外,注意本系统不限于仅由消费者或商家定义的约束或规则。 Also, note that the present system is not limited to the constraints or rules defined by the consumer or merchant only. 例如,支付提供者也可以定义能结合或代替消费者和/或商家规则考虑的各种限制。 For example, the payment provider can also define constraints that bind to or instead of the consumer and / or business rules to consider. 因此,将商家和消费者约束用于确定各种动作(诸如支付提供者选项)在本文中仅用于示例目的,并且不旨在限制或者变窄在此所述的实施例,除非另有明确要求。 Accordingly, businesses and consumers constraints for determining various actions (such as payment provider options) is used herein for illustrative purposes only, and are not intended to be limiting or narrowing of the embodiments described herein, unless otherwise expressly Claim.

[0102] 在常规的在线交易中,终端用户和/或服务提供者均难以肯定地了解交易何时结束以及是否已成功地递送商品或服务。 [0102] In the conventional online transactions, end users and / or service providers caught difficult to be sure to know when the end of the transaction and whether it has been successful in delivering goods or services. 例如,终端用户可以选择用于在网络上下载的软件包,或终端用户可以购买歌曲、电影或其他电子媒体。 For example, end users can choose to download the software package used on the network, or end users can buy songs, movies or other electronic media. 有时网络连接可能在下载完成前断开。 Sometimes the network connection may be disconnected before the download is complete. 在这些情况下,可能吸引终端用户再次选择商品,但也可能犹豫,因为终端用户不知道他或她是否将为此购买付双倍费用。 In these cases, it may attract end users select items again, but may also be hesitant, because the end user does not know whether he or she will buy pay double the fee for this purpose. 同样地,服务提供者也可能不知道下载是否成功地完成,以及当用户尝试通过再次选择该商品补救该破坏时是否可能收取双倍费用。 Similarly, the service provider may not know whether the download was successfully completed, and when the user attempts to remedy by selecting the item again whether the damage may charge double fee.

[0103] 申请人已经意识到在商业交易软件中提供记录或审核能力可以消除有关电子下载的一些不确定性。 [0103] The applicant has realized that the ability to provide records or audit in a commercial transaction software can eliminate some of the uncertainty related to electronic download. 例如,最终执行支付选项可取决于来自下载完成的审核特征的信号。 For example, the final implementation of payment options may depend on signals from the review of the characteristics of the download is complete. 那样,如果下载中断,则终端用户能确定所选支付选项未通过。 As if the download is interrupted, the end user can determine the payment option is not selected by. 例如,来自图5的商业交易软件585(或在此所述的其他子系统或网络实体组件)可以包括记录由机器进行的商业交易的所有各个步骤的记录功能部件。 For example, commercial transactions software 585 (or other subsystems or network entity components herein) from Figure 5 may include all the features of each recording step of recording commercial transactions performed by the machine. 记录信息可用作购买的证据或用来记忆交易。 Recorded information can be used as evidence or used to purchase the memory transaction. 另外,商业交易软件585可包括对电子下载的监视能力,该软件仅在将进行最终支付后发送成功下载的确认。 In addition, commercial transactions software 585 may include monitoring capabilities for electronic download, the software will send an acknowledgment only successfully downloaded after the final payment. 通过视在成功完成商品或服务的传送的信号而定进行支付,可以解决和基本上消除双倍记帐的问题。 By the apparent signal the successful completion of the transfer of goods or services may be pay, and can be solved essentially eliminate the problem of double billing.

[0104] 可以由公司开发软件来处理各种任务,包括常见的字处理和文档处理、电子表格、 图像编辑、甚至更专业的任务,诸如视频编辑、计算机图形软件、网络内容开发应用程序、证券管理软件等等。 [0104] can be handled by the software company to develop a variety of tasks, including the common word processing and document processing, spreadsheet, image editing, and even more specialized tasks such as video editing, computer graphics software, Web content development application, securities management software, and so on. 然而,拥有处理终端用户可以希望执行的每一任务的软件可能贵得惊人。 However, with each task processing end user may wish to perform the software may be prohibitively expensive. 软件包能花费大概几百、几千、到几十甚至上万美元之间,以获得单一许可。 Packages can spend probably hundreds, thousands, to tens or even thousands of dollars to get a single license. 此外,终端用户可能需要偶尔或零星地需要特定应用的服务,从而购买该应用的价格可能是不合理的。 In addition, the end user may require occasional or sporadic service needs of a particular application, so the application of the purchase price may be unreasonable.

[0105] 申请人已经意识到允许终端用户在帐单到期即付环境中利用软件的优点。 [0105] Applicants have realized the advantage of allowing the use of end user billing software environment falls due. 特别地,可以仅对使用该应用程序所花费的时间量向终端用户收费,而不是支付该软件的零售价(其中,基本上不使用许多功能部件和/或应用程序)。 In particular, only the amount of time it takes for the application to the end-user charges, rather than paying the retail price of the software (which substantially does not use many of the features and / or applications). 图6示出具有允许终端用户支付使用该应用程序所花费的时间量的商业交易框架的网络化计算机系统。 6 illustrates a networked computer system allows an end user to pay with the amount of time spent using the application framework of a commercial transaction. 网络化计算机系统600包括将终端用户节点610与多个身份提供者620、多个支付提供者630和多个服务提供者640互连的网络605。 Networked computer system 600 includes a plurality of end-user node 610 to identity provider 620, payment provider 630 and a plurality of service providers 640 a plurality of interconnected networks 605.

[0106] 终端用户节点610可以是在操作系统695上运行的计算机。 [0106] end-user node 610 may be a computer running on an operating system 695. 可以在终端用户计算机上安装多个软件应用程序655。 A plurality of software applications may be installed on end-user computer 655. 软件应用程序可在购买时与计算机捆绑,可以在网络上免费下载,或者由应用程序的销售者分行(通常免费或极少费用,或用于向供应商注册)。 Software applications can be bundled with the computer at the time of purchase, you can download for free on the Web, or (usually free or very little cost, or to register with the vendor) by the application of sellers branches. 应用程序655可以是任何类型的应用程序,并且任意数量的应用程序可以安装在计算机上。 Application 655 may be any type of application, and any number of applications can be installed on the computer. 服务提供者640可以与安装在终端用户计算机610上的一个或多个应用程序相关联。 Service provider 640 may be installed on end-user computer 610 to one or more associated applications. 例如, 服务提供者640a可以是由应用程序65¾的开发者和销售者所拥有的一个或多个计算机。 For example, the service provider 640a may be one or more computers by the application 65¾ developers and sellers have. 类似地,服务提供者640b和640c可以分别与应用程序65¾和655c相关联。 Similarly, the service provider 640b and 640c respectively and applications can 65¾ and 655c are associated.

[0107] 在到期即付的模型中,由服务提供者提供的服务是使用安装在计算机上的相关联应用程序的许可。 [0107] In the model it falls due, the service provided by the service provider is using the associated application installed on the computer's license. 例如,当免费分发软件(例如应用程序655)时,它首先被禁用,从而在首先未获得来自应用程序的销售方的许可的情况下,用户不能运行该应用。 For example, when the distribution of free software (such as application 655), it is first disabled, so that in the first case the seller did not get permission from the application, the user can not run the application. 可通过启动与一个或多个服务提供者640的商业交易获得该许可。 The license can be obtained with one or more service providers 640 through commercial transactions start. 例如,应用程序65¾可以是终端用户想使用几小时来设计卡或小册子的桌面出版应用程序。 For example, an application may be end-users want to use 65¾ hours to design a card or booklet desktop publishing applications. 当终端用户打开应用程序65¾时,终端用户被告知该终端用户需要购买许可来使用该应用程序。 When the end user opens the application 65¾, the end user is notified of the end-user need to purchase a license to use the application. 例如,可以显现对话框,列出各种使用许可能力的特征和价格。 For example, a dialog box appears, listing a variety of features and the ability to use the license price.

[0108] 许可可用于特定时间量,例如一小时或一天。 [0108] The license is for a specific amount of time, for example one hour or one day. 一旦关闭应用程序,许可就可能过期,或者许可能仍然有效,直到期限届满为止。 Once the application is closed, the license may expire, or can license remains valid until the expiration of the period so far. 许可可基于允许终端用户完成一个或多个作业或采用一个或多个所需功能部件的操作或任务。 Based on the end-user license allows complete one or more jobs or employ one or more desired operations or tasks feature. 将使用的附加功能部件可以增加许可的价格。 Additional features will be used to increase the price of licenses. 应意识到,可以协商具有任何所需期限的许可,因为本发明的各方面不限于这一方 It should be appreciated, you may have any desired license negotiation period, as the aspects of the present invention is not limited to this side

[0109] 一旦终端用户已选择了许可选项,就可以指示终端用户选择身份提供者和/或支付提供者,或者可以缺省地选择一个或另一个来启动在线交易。 [0109] Once the end user has selected license option, you can instruct the end user to select an identity provider and / or payment provider, or you can choose one or the other by default to initiate online transactions. 可以通过基本上如在以上或以下实施例的任何一个中所述的商业交易软件685处理交易。 685 can process transactions through any one of the commercial transaction software substantially as described in the above or below embodiments. 当服务提供者从支付提供者620的一个接收支付令牌时,服务提供者可以根据在发起交易时达成的期限传送许可。 When the service provider receives a token payment from the payment provider 620, the service provider may be licensed under the transfer deadline agreed at the time of initiating the transaction. [0110] 可由总许可服务690处理所接收的许可,以使得对该应用程序的适当可访问性可被调用。 [0110] The total licensing service 690 may process the received permission, so that the appropriate accessibility to the application may be invoked. 总许可服务然后可向应用程序655发出使能密钥,以使用户能根据许可运行该软件并利用其功能。 The total license may be issued to enable the service then the key to the application 655, so that the user can run the software under a license and take advantage of its capabilities. 使能密钥可包括应用程序可能需要的任何信息,以便在许可中所示的期限内提供所需服务。 Enabling key applications may include any information that may be required in order to provide the required services within the time shown in the license. 使能密钥可包括由服务提供者提供的口令,以使应用程序知道该许可有效和/或可简单地由能获得有效许可的总许可服务690依赖该代表。 Enabling key may include a password provided by the service provider, so that the application knows that the license effective and / or can be obtained simply by the total licensing service 690 on behalf of the dependency valid license. 一旦应用程序运行, 就可以通知计量引擎694跟踪时间并向应用程序表示许可何时过期。 Once the application is running, you can notify engine 694 meter time tracking application and indicate when the license expired. 或者,可编程该应用程序以定期地查询计量引擎,然后在许可已过期时禁用自身。 Alternatively, the programmable application to periodically check the metering engine and then disables itself when the license has expired. 此外,通过查询计量引擎,如果许可包括一期限,则应用程序可以向用户提供有关所购买的许可中剩余的时间量的定期警告或更新。 In addition, by querying the metering engine, if the license includes a deadline, the application can provide the amount of time remaining in the regular warnings about the license purchased or updates to users.

[0111] 当终端用户结束时,他可选择专业地打印整个产品、并选择启动另一在线交易,诸如结合图5所述交易的打印选项。 [0111] When the end user, he can choose the product professionally printed and select start another online transactions, such as in conjunction with FIG. 5 the printing option transaction. 到期即付许可可向用户提供多得多的灵活性,以及使他们有权访问由于购买具有生存期许可的软件包的价格而在先前未访问过的软件。 -Go license to provide users with much more flexibility and enable them to have access to the software due to the purchase price with a lifetime license packages while not visited previously. 另外,软件供应商能利用来自不愿意支付全部零售价格、但愿意支付有限使用和/或有限功能的用户的利润。 In addition, software vendors can take advantage of users pay the full retail price from reluctant, but willing to pay for limited use and / or limited functionality profit.

[0112] 软件盗版影响整个软件行业的利润。 [0112] Software piracy affect the profits of the entire software industry. 每年非许可软件的用户令企业损失相对大量金额。 Users of unlicensed software each year to make relatively large amount of business losses. 一旦已购买软件产品,销售者就对在何处安装软件和多少计算机安装该软件几乎没有控制。 Once you have purchased a software product, the seller almost no control over the software installed in the computer where to install the software and how much. 在互联网上非法提供软件下载提供更普遍的方法来分发和获取终端用户未付费的软件。 Illegally providing software download on the Internet provide more general way to distribute and access to end-user software unpaid. 申请人已经意识到:提供具有到期即付方案的相对安全和简单的商业交易框架,例如在图6中所示实施例中所述的框架可以减轻或消除盗版问题。 Applicants have appreciated: providing a relatively secure and simple commercial transactions framework with a pay as you go scheme, described in the example frame embodiment may reduce or eliminate the piracy problems shown in Figure 6. 由于销售者免费分行软件, 因此终端用户能盗用该软件,只要他们认为合适。 Because sellers free software branch, so the end user of the software can be stolen, as long as they see fit. 由于仅通过支付期限许可或任务许可使能该软件,因此基本上限制终端用户误用该软件的能力。 Because only the ability to license or permit tasks to enable the software through the payment deadline, thus substantially limiting end-user misuse of the software.

[0113] 如前所述,本文中的实施例允许使用与移动基础结构或操作系统的特定记帐帐户相连的移动模块(例如用户标识模块(SIM))认证身份和/或支付。 [0113] As previously described, embodiments herein allow for use with a mobile infrastructure or operating system of mobile module (e.g. a subscriber identity module (the SIM)) identity authentication and / or payment is connected to a particular billing account. 与经由受信任无线电网络产生的移动通信的典型标准不同(例如全球移动通信系统(GSM)、第三代合作伙伴项目和其他类似协议),根据本文中实施例的验证在独立的不受信任数据网络(例如互联网) 上进行。 And a mobile communication via a typical standard trusted by the radio network produced by different (e.g., Global System for Mobile (GSM), Third Generation Partnership Project, and other similar protocols), in accordance with embodiments herein, the untrusted authentication data in a separate embodiment network (such as the Internet) carried on. 因此,本文中的实施例解决由在网络服务和其他独立的网络协议环境中使用该移动模块(SIMs)引起的许多另外的安全问题。 Thus, embodiments herein address many of the problems caused by the use of additional security module in the mobile network services and other independent network protocol environments caused (SIMs). 这些安全问题包括:确定用于认证服务器的受信任网络端点、向移动模块或SIM设备认证客户机、认证SIM设备的用户、认证SIM和认证服务器、在移动模块与网络认证服务器之间建立安全网络连接、以及认证网络认证服务器的用户。 These security issues include: determining a trusted network endpoint authentication server to establish a secure network between the mobile module and the network authentication server to the mobile module or SIM client device authentication, user authentication, SIM devices SIM authentication server and authentication connections, user authentication and network authentication server.

[0114] 此外,为了符合GSM、3GPP和其他标准在终端设备上设置另外的要求,该终端设备将与移动模块或SIM设备交互。 [0114] Further, in order to comply with GSM, 3GPP, and other standards requires otherwise disposed on the terminal device, the terminal device to interact with the mobile module or SIM device. 更具体地,GSM、3GPP和其他类似标准要求SIM限制移动终端对某些类型的信息,包括加密密钥的访问。 More specifically, GSM, 3GPP, and other similar standards require mobile terminals to limit SIM access to certain types of information, including encryption keys. 为满足这些要求,本文中的实施例提供将某些消息和安全性的处理和解码委托给SIM设备本身的抽象安全配置。 To meet these requirements, embodiments herein provide to delegate certain messages and security to the SIM device and a decoding process abstraction security configuration itself. 例如,如图11所示,防火墙1090定义用于当在独立网络1060上通信时从主机设备1070抽象SIM 1085的状态机和协议消息。 For example, as shown, a firewall 1090 defines when a communication on a separate network from the host apparatus 1060 1070 abstract SIM 1085 state machine and protocol message 11 shown in FIG. 更具体地,防火墙1090使用限制或限定从主机1075内的读取驱动器发送到SIM 1085本身的命令的数量和/或顺序的正式状态机。 More specifically, the firewall 1090 to limit or restrict the use of the transmission from a read driver within the host 1075 to the SIM 1085 itself, the number of commands and / or formal state machine sequence. 因此,SIM设备1080(例如蜂窝式电话、SIM接口等等-注意“移动模块”表示用于“SIM”的总术语,但在此可互换地使用,除非另有特别声明)变为移动终端,而主机设备1075变为符合移动网络1050的通信协议1055的外围设备。 Accordingly, the SIM device 1080 (e.g., a cellular telephone, the SIM interface, etc. - note that "mobile module" represents a "SIM" general terms, but are used interchangeably herein, unless specifically stated otherwise) into a mobile terminal and the host device 1075 becomes compliant with a mobile network communication protocol peripheral devices 1050 1055. 下文更详细地描述用来解决上文概述的一些另外的安全要求和问题的一些状态机和协议。 Some state machines and protocol described in more detail below to solve some of the additional security requirements and the problems outlined above.

[0115] 本文中的实施例根据给定安全令牌可代表的各个安全级,定义用于在不受信任独立网络(即与对应于移动模块的基础结构或营运商系统的无线电网络无关的网络)上认证的安全配置。 Example [0115] As used herein in accordance with various security level of a given security token may represent, in a network defined untrusted independent network (i.e., independent of the radio network corresponding to the mobile infrastructure or operator system of the module ) certification on the security configuration. 这些包括但不限于设备安全级、网络安全级、用户安全级和服务安全级。 These include, but are not limited to, device security level, network security level, user security level, and service security level. 在每一层上,具有用于获得安全令牌的不同要求和过程。 On each layer, having different requirements and procedures for obtaining a security token. 因此,如在下文更详细所述地,每一安全级表示安全模型中的不同认证等级并分别具有某些要求和/或保证。 Thus, as in greater detail below, each security level represents a different authentication level security model and each has certain requirements and / or guarantees. 另外,应注意到每一安全级可以或可以不独立于其它等级。 In addition, it should be noted that each security level may or may not be independent of other grades. 另外,在能实现网络或用户安全级前,可能不必建立设备安全级;然而,为适当保证,这种分层过程可能是合乎期望的。 In addition, before it can realize the network or user-level security, the device may not be necessary to establish security level; however, appropriate to ensure that this layering process may be desirable.

[0116] 设备安全级表示物理拥有移动模块,例如诸如便携式电话的SIM设备。 [0116] device security level indicates physical have a mobile module, e.g. a SIM device such as a portable telephone. 通常在由用户适当认证后,由移动模块或SIM设备本地地发行设备令牌(即具有设备安全级的SIM 安全令牌)。 Usually after appropriate authentication by the user equipment a token issued by the mobile module or SIM device locally (i.e. security level of the device having SIM security token). 通常由移动基础结构或移动运营商正常设置用于认证移动模块的用户的这种要求。 This requirement is typically provided for the user authentication of the mobile module by the mobile infrastructure or mobile operator normally. 另外,通常由SIM设备实施设备认证,然而,其他实施例可提供其他组件在认证过程中的使用。 Further, device authentication is generally implemented by the SIM device, however, other embodiments may provide other components used in the authentication process. 例如,SIM或其他设备可以在移动模块或其他设备将发出设备令牌前要求口令。 For example, SIM or other device may require a password before the mobile module or other device will issue a device token. 当然,在此也可预期用于在设备级上认证的其他形式的凭证。 Of course, in this document it is also contemplated for other forms of authentication on the device level.

[0117] 在一个实施例中,SIM设备要求客户机或主机计算机在设备安全令牌发出前对移动模块认证或识别本身。 [0117] In one embodiment, SIM device requires the client or host computer to the mobile module itself before the authentication or identification device security token issued. 另外,通常使用由移动基础结构设置的策略,由移动模块或SIM设备控制设备令牌的使用期。 Further, policy is generally used by the mobile infrastructure provided by the mobile module or SIM device using the token of the control device. 在一个实施例中,由移动运营商设置的使用期或其他要求可通过独立和/或无线电网络动态地配置。 In one embodiment, a period set by the mobile operator or other requirements may be dynamically configured through the independent and / or radio network. 如果设备令牌不具有使用期或其他限制,那么通常该SIM不要求用户向移动模块重新认证一次以上。 If the device token does not have lifetime or other restrictions, typically the SIM does it require the user to re-authenticate to the mobile module more than once.

[0118] 网络安全级表示在不受信任独立网络上,移动模块或SIM与移动基础结构或网络之间的加密连接。 [0118] Network security level indicates the untrusted independent network, encrypted connection between the mobile module or SIM and the mobile infrastructure or network. 假定可由客户机或主机访问解锁SIM设备,就能建立网络安全级,而不用用户存在或用户交互。 Assumed by the client or host access unlocked SIM device, you can establish a network security level, without the presence of the user or user interaction. 通常,网络安全级是单一因素认证,向移动基础结构或运营商断言拥有SIM设备的证据。 Typically, the network security level of a single-factor authentication, evidence has to assert SIM device or mobile infrastructure operators. 通常,在将网络安全令牌发给客户机或主计算设备前,移动基础结构将经认证服务器和通过询问应答型机制发出网络安全令牌。 Typically, the network security token before the client or sent to the host computing device, the mobile infrastructure via the authentication server and the challenge response sent by the network security token type mechanism. 因此,该网络安全级令牌能用在后续认证阶段并提供传输层安全,以加密和/或签名客户机与认证服务器和/或移动基础结构之间的进一步交互。 Accordingly, the network security level token can be used in subsequent authentication phases and provides transport layer security, the interaction between the further encryption and / or signature client and an authentication server and / or mobile infrastructure.

[0119] 图7A示出配置成发出网络级安全令牌的独立网络700,用于在客户机与认证服务器之间建立传输层安全通信。 [0119] FIG 7A shows a configuration to issue a network level security token independent network 700, for establishing a secure communications transport layer between the client and the authentication server. 通常,客户机或主计算设备710(可以是个人计算机、移动电话或其他便携式或非移动计算设备)通过经由认证/信任服务器715将网络安全令牌请求725发送到移动基础结构720,来启动认证请求(然而,注意,该请求也可以由另一设备, 诸如SIM705本身启动)。 Typically, the client or host computing device 710 (may be a personal computer, a mobile telephone or other portable or non-mobile computing device) 720 to start the authentication via the authentication / trusted server 715 requests the network security token 725 to the mobile infrastructure request (Note, however, that the request may be by another device, such as a promoter SIM705 itself). 通常,当由认证服务器715接收时将不签名该请求725,然后,在发送到用于确认该请求来自认证服务器715的移动基础结构720之前签名和/或加密该请求。 Typically, when received by the authentication server 715 will not sign the request 725, then the request is sent from the authentication server to the mobile infrastructure 715 for confirming the signature and / or encrypt the request prior to 720. 然后,受信任服务器715能向移动基础结构720或移动运营商查询询问730,然后将该询问730发送到移动模块705。 Then, the trusted server 715 can query asked 730 mobile infrastructure to mobile operators or 720, and then ask the 730 sent to the mobile module 705. 移动模块705使用在它与移动基础结构720之间共享的秘密740,用于生成询问应答735,然后将询问应答735转发到客户机710-注意通常该秘密将是SIM705专用的并由移动运营商720设置。 Mobile module 705 is used between it and the mobile infrastructure 720 shared secret 740, 735 for generating the challenge response, and then forwards the challenge response to client 710- 735 Note Typically, this secret will be SIM705 dedicated by the mobile operators 720 settings.

[0120] 客户机710将使用询问应答735来生成请求安全令牌响应,它也可以包括SIM身份和询问730,用于认证目的。 [0120] The client 710 will use the challenge response 735 to generate a request security token response, which may also include the SIM identity and interrogation 730, for authentication purposes. 通常,客户机将请求移动模块705用设备705的共享秘密740或诸如SIM设备令牌的其他密钥来签名和/或加密-尽管这可以是或可以不是必要的。 Typically, the client will request that the mobile module 705 with apparatus 705 shared secret 740 or other device such as a SIM key token signed and / or encrypted - although this may or may not be necessary. 能使用例如共享秘密740确认其中的请求安全令牌响应和询问应答735。 It can be used, for example, wherein the shared secret 740 to confirm the request security token response and the challenge response 735. 注意,如前所示,可以或可以不通过用来生成询问应答735的同一密钥签名和/或加密请求安全令牌响应。 Note that, as previously indicated, may or may not be used to generate the challenge by the same key signature response 735 and / or encrypt the request security token response. 在任一情况下,如果移动基础结构720确认询问应答735 (即询问应答有效并且移动模块具有有效的记帐帐户),移动基础结构720和/或认证服务器715能通过生成包含具有使用共享秘密740签名和/或加密的加密会话密钥的网络安全令牌745的消息应答。 In either case, if the mobile infrastructure 720 confirmation query response 735 (i.e., challenge response is valid and the mobile module has a valid billing account), the mobile infrastructure 720 and / or 715 via the authentication server 740 generates a signature with the use of a shared secret network security token message and / or encryption key 745 encrypted session response. 该消息能使用认证服务器715'自己的安全令牌(例如X. 509证书、Kerberos证书等等)或使用移动基础结构720'的安全令牌进一步签名。 The authentication server 715 can use the message 'own security token (e.g. X. 509 certificates, Kerberos credentials, etc.) or using the mobile infrastructure 720' further security token signatures. 因此,客户机710能认证该签名消息并将加密网络会话密钥传送到SIM705,用于解密。 Thus, the client 710 can authenticate the signed message and the encrypted network session key to SIM705, for decryption. 使用共享秘密740,则移动模块705能将未加密的会话密钥750返回给客户机710。 Using the shared secret 740, module 705 can not encrypted session key 750 back to the mobile client 710.

[0121] 注意,在上述发出网络安全令牌745之时,移动模块705通常需要在移动基础结构720上声誉良好的有效记帐帐户。 [0121] Note that, makes a network security token 745, the mobile module 705 typically needs on the mobile infrastructure 720 reputation valid billing account for the above. 因此,在验证询问应答735和该有效记帐帐户信息后,可在SIM 705与产生虚拟安全信道的移动基础结构720之间建立信任。 Therefore, in the authentication challenge response 735 after the effective billing and account information, may be established between SIM 705 and generates a virtual secure channel of the mobile infrastructure 720 trust. 然后,将会话密钥750 从移动模块705委托或传递到主计算设备710的软件平台或堆栈,以及从移动运营商720 到认证服务器715(如果需要的话)。 Then, the session key 750 from the mobile module 705 is transmitted to delegate or software platform or stack of the host computing device 710, and from the mobile operator 720 to the authentication server 715 (if needed). 注意移动模块705与主计算设备710的物理邻近程度(可以经由USB端口、蓝牙或其他无线或有线连接与其连接)以及移动基础结构720与认证服务器715之间的信任关系。 Note that the trust relationship between the mobile module the mobile infrastructure 720 and the authentication server 715 and the physical proximity of the host computing device 710 (which can be connected thereto via USB port, Bluetooth or other wireless or wired connection) and 705. 然后,由客户机710和信任服务器715使用这些会话密钥,用于建立安全通信755。 Then, by the client to trust the server 710 and 715 use these session key for establishing secure communication 755.

[0122] 注意,可以存在用于认证移动模块705的第二操作模式,它可以由移动基础结构720使用。 [0122] Note that, there may be a second mode of operation for authenticating the mobile module 705, which may be used by the mobile infrastructure 720. 在这种情况下,客户主机710可以请求SIM 705生成和签名它自己的询问(通常以Nonce形式)。 In this case, the client host 710 may request the SIM 705 generates its own inquiry and signature (usually in the form of Nonce). 然后,当从受信任服务器715或移动基础结构720请求网络安全令牌725 时,客户机710可附加作为设备令牌的一部分的信息。 Then, when the mobile infrastructure 715 or trusted servers 720 to request the network security token 725, the client 710 may be attached as part of the device information of the token. 如果移动运营商720能验证设备令牌包含有效询问应答735,则可将网络令牌745直接发回到客户机710,用于解密上述的会话S朗ο If the mobile operator 720 can verify that the device token contains a valid challenge response 735 may be sent directly to a network token 745 back to the client 710 for decryption in the session S Long ο

[0123] 如在下文更详细地描述地,通常需要该网络级安全令牌745来允许对能用来从第三方服务请求服务和/或商品的经认证服务令牌的客户机访问。 [0123] As described in more detail below, typically this network level security token required to allow access to 745 can be used to request services and / or goods from a third party authenticated token service clients and services. 还注意,为了获得网络令牌,上文假定了客户机或主机计算设备710已经成功地确定了用于认证服务器715和/或移动基础结构720的网络端点。 Note also that, in order to obtain the network token, the above assumes that the client or host computing device 710 has successfully determined the network endpoint for the authentication server 715 and / or mobile infrastructure 720. 另外,假定客户机710和用户(未示出)已经向SIM设备705进行了认证。 It is assumed that client 710 and the user (not shown) has been authenticated to the SIM device 705. 如上所述,网络安全级令牌745被用于后续认证阶段中,并且提供传输层安全性来加密和签名客户机710与受信任服务器715之间的进一步交互。 As described above, the network security level token 745 is used in subsequent authentication phases and provides transport level security to encrypt and sign further interactions with clients 710 between a trusted server 715. 由认证服务器715或移动运营商720控制网络令牌745(和其他令牌)的使用期。 Use of the authentication server 715 or mobile operator 720 controls the network token 745 (and other tokens) is. 因为网络令牌745用作SIM设备705与移动基础结构720之间的会话环境,所以可将使用期限定到几小时或几天、 传递的字节数,和/或仅当移动模块705适当地连接到客户机710时有效。 Because the number of bytes in the session context between the mobile infrastructure 705 and a network token 720 as SIM device 745, it may be used in a given period of hours or days to, transfer, and / or only when the mobile module 705 suitably when connected to the client 710 is valid.

[0124] 如前所述,用户安全级表示用户已经通常通过提供在SIM705或主机计算设备710 外存储的信息,向网络(受信任服务器715、移动基础结构720或其他服务)认证。 [0124] As described above, the user security level indicates a user has typically by providing information SIM705 host computing device 710 or the external memory to the network (the trusted server 715, mobile infrastructure 720, or other service) authentication. 因此, 结合网络安全级的用户安全级基于拥有SIM 705的证明和一些外部知识(例如用户名/ 口令),建立多因素认证。 Therefore, the combination of network-level security based on user-level security has proved SIM 705 and a number of external knowledge (eg username / password), the establishment of multi-factor authentication. 通常,受信任服务器715或移动基础结构720仅是签发用户级安全的组件,然而,在一些实例中第三方服务也可以签发这种用户令牌。 Typically, the mobile infrastructure 715 or trusted servers 720 are issued only user-level security components, however, in some instances, third-party service may also issue such user token. 因此,移动基础结构720(或视具体情况而定的其他服务)在将用户安全级令牌发送回客户机710前,将通过询问应答机制验证用户。 Therefore, the mobile infrastructure 720 (or, as the case may be, other services) in the user-level security token is sent back to the client before 710, by asking the user to verify the response mechanism. 注意,由客户机使用用户安全令牌来签名和/或加密对服务令牌的请求,如下所述。 Note that, by the client user security token signed and / or encrypted token request for service, as described below. 除受信任服务器外,不推荐客户机将用户安全令牌发送到任何服务(因为通常无其他服务将能验证/使用它)。 In addition to the trusted server, the client is not recommended to send the user to any security token service (usually because no other services will be able to verify / use it). 与上述网络令牌745 —样,用户令牌可以具有受移动运营商720控制的有限使用期,并可受持续时间、传递的字节数和/或移动模块705和客户机710之间的连接存在的限制。 The connection between the sample 710, the user token may have a limited lifetime controlled by the mobile operator 720, and by the duration, number of bytes transmitted and / or mobile client module 705, and - the above network token 745 existing restrictions.

[0125] 图7B示出配置成发出用于在客户机710和认证服务器715间建立多级安全通信的用户级安全令牌的独立网络700。 [0125] FIG 7B illustrates an independent network 700 configured to emit for establishing a multilevel secure communication between client 710 and an authentication server 715 of the user-level security token. 用户网络认证阶段允许移动运营商720(或其他服务器)验证已知的人是否拥有已知设备705。 User authentication phase allows mobile network operators to 720 (or other server) to verify whether the person known to have known device 705. 有效地,用户网络阶段是一两因素认证阶段,并且使网络免受分布式拒绝服务攻击。 Effectively, the user network stage is the twelve-factor authentication phase, and the network from distributed denial of service attack. 另外,通过防止不适当地使用被偷SIM设备705来保护用户。 Further, by preventing the improper use of stolen SIM device 705 to protect the user.

[0126] 主机计算设备710可以发出用户令牌765的请求,该请求经由受信任服务器715 发送到移动基础结构720。 [0126] The host computing device 710 may issue a user token request 765, the request 715 sent via the trusted server 720 to the mobile infrastructure. 通常,当由认证/受信任服务器715接收时将不签名请求765, 然后在发送到移动基础结构720前认证/受信任服务器715可签名和/或加密该请求,用于确认该请求来自认证服务器715。 Typically, when the authentication / trusted server 715 receives the request 765 will not sign, and then transmitted to the mobile infrastructure 720 before the authentication / trusted server 715 may sign and / or encrypt the request for confirming the request from the authentication server 715. 然后,受信任服务器715可向移动基础结构720或移动运营商查询询问770,然后将该查询770发送到移动模块705。 Then, the trusted server 715 can query asked 770 mobile infrastructure to mobile operators or 720, then the query is sent to the mobile module 770 705. 注意,可以使用不同于用于向网络认证设备705的询问730的算法来生成询问770。 Note that, the interrogator can be different from the network authentication device 705 of the algorithm to generate interrogation 730 770. 客户机710将从令牌消息提取询问770并将其传递到移动模块705,表示这是用户认证。 The client 710 will extract the token interrogation message 770 and passes it to the mobile module 705, which represents the user authentication. 因此,SIM 705将从客户机710请求用户凭证775。 Therefore, SIM 705 from the client 710 requests user credentials 775. 然后,主机计算机710向用户760查询用户输入780,并将其返回移动模块705。 Then, the host computer 710 queries the user 760 to the user input 780, the mobile module 705 and returns it. SIM 705或客户机710可以可任选地判定用户输入780或凭证应当用先前获得的网络安全密钥(即会话密钥)750加密。 SIM 705 or client 710 may optionally be determined that the user input 780 or 750 should be encrypted credentials with the network security key (i.e., session key) previously obtained.

[0127] 使用用户输入780,移动模块705将生成询问应答785并将其返回给客户机710, 客户机710将生成和发送请求安全令牌应答,包括例如SIM标识符、询问770和询问应答785。 [0127] using the user input 780, the mobile module 705 will generate a challenge response 785 and return it to client 710, client 710 generates and sends a request security token response including an identifier such as a SIM, 770 and inquiry 785 Challenge Response . 通常,客户机710将请求移动模块705用网络安全令牌745、共享密钥740或SIM 705 专用密钥来签名和/或加密请求安全令牌响应。 Typically, client 710 will request that the mobile module 705 with the network security token 745, the shared key 740 or the SIM 705 private key to sign and / or encrypt the request security token response. 与上文类似地,使用例如共享秘密740,或其他移动模块705专用密钥,能确认其中的请求安全令牌应答和询问应答785。 Similarly to the above, for example, shared secret 740, or other mobile module 705 specific key, which can confirm the request security token response and the challenge response 785. 注意,如上所述,可以或可以不通过用来生成询问应答785的同一密钥来签名和/或加密请求安全令牌应答。 Note that, as described above, may or may not by the same key used to generate the challenge response 785 to the signature and / or encrypt the request security token response. 在任一情况下,如果移动基础结构720确认询问应答785 (即所提供的用户凭证是正确的),则移动基础结构720和/或认证服务器715能通过生成包含具有使用共享秘密740或其他设备705专用密钥签名和/或加密的加密用户密钥的用户安全令牌795的消息来应答。 In either case, if the mobile infrastructure 720 confirmation query response 785 (user credential that is provided is correct), the mobile infrastructure 720 and / or authentication server 715 can generate contain 740 or other device 705 having a shared secret is used user security token private key signatures and / or encryption key encrypted user message 795 replies. 该消息能使用认证服务器715'自己的安全令牌(例如X. 509证书、Kerberos证书等等)或使用移动基础结构720的安全令牌来进一步签名。 The authentication server 715 can use the message 'own security token (e.g. X. 509 certificates, Kerberos credentials, etc.) or using the mobile infrastructure for further secure token 720 to the signature. 然后,客户机710能验证签名消息并将加密用户密钥传递到SIM 705,用于解密。 Then, the client 710 can verify the signed message and pass the encrypted user key to the SIM 705, for decryption. 使用共享秘密740(或视具体情况而定,其他密钥),移动模块705然后可将未加密的用户密钥790返回给客户机710,从而向网络795认证用户。 Using the shared secret 740 (or, as the case may be, other keys), the mobile module 705 can then be encrypted user key 790 is not returned to the client 710, thereby authenticating the user to the network 795.

[0128] 用户服务认证阶段向移动网络运营商720提供代表第三方服务的认证。 [0128] User authentication phase provides services on behalf of third-party certification services to mobile network operators 720. 与用户网络安全级类似,用户服务阶段是多因素认证阶段,并在认证的至少一个阶段期间,防止在用户760不存在的情况下网络发出服务令牌。 And user network security level is similar stage of customer service is multi-factor authentication stage, and during at least one stage of certification, to prevent the issue without the user's token service 760 does not exist in the network. 与如何发出服务令牌有关,通常存在认证服务器715的两种操作模式。 And how to issue a token related services, generally there are two modes of operation of the authentication server 715. 首先,如果用户760先前已经获得用户令牌,则受信任服务器715 可以将用户760视为认证过,并自动发出服务令牌(假定使用用户令牌790、795适当地签名对服务令牌的请求)。 First, if the user has previously obtained 760 user token, the trusted server 715 can be regarded as authenticated users 760 and automatically issues a service token (assuming the user token 790,795 appropriately signature request for a service token ). 另一方面,如果移动基础结构720尚未发出用户令牌790、795,则将要求用户760以与上文概述相同的方式认证,用于请求用户令牌790、795。 On the other hand, if the mobile infrastructure 720 has not been issued a user token 790,795, 760 to the user will be requested in the same manner outlined above authentication, a request for a user token 790,795.

[0129] 图7C示出当在客户机710与第三方服务器7¾之间建立安全通信时,不同网络实体如何在独立网络700上通信。 [0129] Figure 7C shows when establishing secure communication between a client 710 and third party server 7¾, how different network entities communicate over the independent network 700. 如上所示,移动设备705和用户760能向移动运营商系统720认证,如前所述。 As described above, the mobile user device 705 and 760 to be able to authenticate the mobile operator system 720 as previously described. 因此,在适当确认移动设备705的记帐帐号以及认证用户760拥有它之后,在认证服务器715与客户机710之间存在安全通信。 Thus, after appropriate acknowledgment mobile device 705 user's billing account number 760 and have it authenticated, secure communication exists between the authentication server 715 and the client 710. 然后,当例如客户机710希望从第三方服务7¾购买服务和/或商品时,受信任服务器715 (或移动基础结构720,视具体情况而定)能发出用于不同服务的服务令牌724。 Then, for example, when the client 710 desired service from a third party for later 7¾ services and / or goods, a trusted server 715 (or mobile infrastructure 720 as the case may be) can issue service tokens 724 for various services. 因此,客户机710能将服务令牌7¾发送到第三方服务器,然后通过认证服务器715确认该令牌722。 Thus, the client 710 can send 7¾ token service to third-party servers, and then confirm the token 722 by the authentication server 715. 注意,第三方服务器7¾可以或可以不要求另外的认证,并可使用如前所述的、用于执行这种确认的各种机制。 Note that the third party server 7¾ may or may not require additional authentication and can be used as described above, various mechanisms for performing such confirmation. 还注意,使用服务令牌7¾不仅在客户机710与第三方服务器7¾之间建立了安全通信,而且还可以以与前述类似的方式,表示用户760'支付一个或多个服务和/或商品的能力。 Note also that the use of the service token 7¾ not only between a client and a third party server to establish a secure communication 7¾ 710, but also in a similar manner to the above, indicating that the user 760 'pay for one or more services and / or goods ability.

[0130] 注意,通常直到将服务令牌发送到客户机710为止,所发出的安全令牌对除认证服务器715外的任何其他服务是无价值的。 [0130] Note that in general until a token is sent to the client until the service 710, security token issued by any other service in addition to the authentication server 715 is worthless. 原因在于安全分层结构能防止任何外部用户准确地解码设备令牌、网络令牌或甚至用户令牌,因为它们均由仅为SIM设备705和移动基础结构720所了解的根或共享密钥740导出。 The reason is that the security hierarchy can prevent any external user accurately decoding device token, a network token, or even a user token, as they are only by the SIM device 705 and the mobile infrastructure 720 or shared understanding of the root key 740 export. 这通常在认证服务器715发出任意第三方7¾ 网络服务能利用安全令牌724的服务令牌7M之后。 This is usually 715 issued any third-party authentication server 7¾ network services can take advantage of the security token service 724 token after 7M. 还注意到,上述安全令牌和消息(例如询问、询问应答等等)可以采用各种格式和方案。 Also noted that the above security tokens and messages (e.g. interrogation, interrogation reply, etc.) can be employed in various formats and programs. 例如,令牌和/或消息可以是XML、二进制或其他类似的编码格式,能由可能或可能不希望将网络SIM通信的某些要素展现给中间方的移动运营商720发出。 For example, tokens and / or messages may be XML, binary, or other similar encoding format, a can or may exhibit may not want certain elements of the network to SIM communications intermediary 720 mobile operators issued.

[0131] 上述将便携式硬件设备705用于认证、识别和/或支付确认能用于购买在线或本地零售服务和/或商品(例如在线报纸、音乐、软件应用程序或其他商品和服务),或用于允许访问在本地PC或客户机710上运行的应用程序(例如Word®、AbodePhotoshop、Print 程序、到期即付软件等等)。 [0131] The above-mentioned portable hardware device 705 for authentication, identification and / or confirmation of payment can be used to purchase online or local retail services and / or merchandise (such as online newspapers, music, software applications, or other goods and services), or to allow applications to access running on a local PC or client 710 (eg Word®, AbodePhotoshop, Print program, pay as you go software, etc.). 因此,上述实施例对自由解锁多个主机设备710上的分布式保护软件或内容(例如音乐、视频、游戏等等)特别有利。 Accordingly, the above-described embodiments of the distributed protected software or free unlock content (e.g., music, video, games, etc.) on a plurality of host devices 710 is particularly advantageous. 换句话说,许可现在变为依赖于便携式移动设备705,它能被如上所述认证,从而允许便携式数字识别不与有限计算设备集相牵连。 In other words, the license now becomes dependent on the portable mobile device 705, it can be authenticated as described above, thereby allowing the portable identification number is not implicated in the finite set of computing devices. 同样地,用户706进入朋友的房间且不必携带所有他/她的节目或其他保护内容,而可经由便携式设备705存取和认证。 Likewise, the user 706 to enter a friend's room and do not have to carry all of his / her program or other protected content, and can be accessed via the portable device 705 and authentication.

[0132] 如应当从上文意识到地,本文中所述的本发明存在多个方面,能彼此无关地使用, 包括涉及身份令牌、支付令牌,选择多个身份提供者中的一个、选择多个支付提供者中的一个,以及商业交易软件在终端用户系统上的存在、服务提供者系统、身份提供者系统、以及支付提供者系统的各个方面。 [0132] As will be appreciated from the above, the present invention is described herein in the presence of various aspects can be used independently of each other, including those involving identity tokens, payment tokens, selecting a plurality of identities of a person, select more than one payment provider, and commercial transactions software exists on the user system, the service provider system, the identity provider system, as well as all aspects of the payment provider system. 还应当意识到:在一些实施例中,能一起使用所有上述功能部件,或在特定实现中能一起采用上述功能部件的任意组合或子集,因为本发明的各方面不限于这一方面。 It should also be appreciated that: In some embodiments, can be used with all of the above features, can be employed together or in any combination or subset of the functional members in a particular implementation, as the aspects of the present invention are not limited in this respect.

[0133] 本发明的上述实施例能够以多种方法的任一个实现。 [0133] The embodiments of the present invention can be implemented in any of a variety of methods. 例如,可以使用硬件、软件或其组合实现这些实施例。 For example, hardware, software or a combination of these embodiments. 当用软件实现时,软件代码能在任何适当的处理器或处理器集上执行,不管在单一计算机还是分布在多个计算机中提供。 When implemented in software, the software code can be executed on any suitable processor or set of processors, whether provided in a single computer or distributed among multiple computers. 应意识到,执行上述功能的任何组件或组件集通常能视为控制上述功能的一个或多个控制器。 It should be appreciated that any component or set of components capable of performing the functions described above generally regarded as one or more of the above-described controller functions. 能以各种方式实现一个或多个控制器,诸如通过专用硬件,或通过使用微代码或软件编程来执行上述功能的通用硬件(例如一个或多个处理器)。 One or more controllers can be implemented in various ways, such as by dedicated hardware, general purpose hardware or by performing the functions described above (e.g., one or more processors) programmed using microcode or software.

[0134] 应意识到,在此概述的方法可以编码为可在采用多种操作系统或平台的任一个的一个或多个处理器上执行的软件。 [0134] It should be appreciated, the methods outlined herein may be coded as one or a plurality of software executed on any processor using a variety of operating systems or platforms. 另外,该软件可使用多种适当的编程语言和/或传统的编程或脚本工具编写,也可以编译为可执行机器代码。 In addition, the software can use a number of suitable programming languages ​​and / or conventional programming or scripting tools to write, you can be compiled as executable machine code. 在这一方面,应当意识到,本发明的一个实施例针对计算机可读介质或多个计算机可读介质(例如计算机存储器、一个或多个软盘、压缩盘、光盘、磁带等等),其上编码一个或多个程序,当在一个或多个计算机或其他处理器上执行这些程序时执行实现上述本发明的各个实施例的方法。 In this regard, it should be appreciated that embodiments are directed to a computer-readable medium or multiple computer-readable media embodiments of the present invention (e.g., a computer memory, one or more floppy discs, compact discs, optical disks, tape, etc.), which encoding one or more programs executed to implement various embodiments of the method of the present invention, the program when executed on one or more computers or other processors. 计算机可读介质或媒介是可运送的,以使得在其上存储的程序或多个程序能加载到一个或多个不同的计算机或其他处理器上,以实现如上所述的本发明的各个方面。 The computer-readable medium or media are transported, stored thereon such that the program or programs can be loaded onto one or more different computers or other processors to implement various aspects of the present invention as described above .

[0135] 应理解:在一般意义上使用术语“程序”来表示能用来编程计算机或其他处理器实现如上所述的本发明的各个方面的任何类型的计算机代码或指令集。 [0135] should be understood that: the term "program" is represented in a general sense can be used to program a computer or any other type of processor-implemented aspects of the present invention as described above computer code or set of instructions. 另外,应意识到:根据本发明的一个方面,在被执行时,执行本发明的方法的一个或多个计算机程序不需要驻留在单一计算机或处理器上,而是可以以模块方式分布在多个不同计算机或处理器中,以便实现本发明的各个方面。 Further, it should be appreciated that: According to one aspect of the present invention, when executed, perform the method of the present invention, one or more computer programs need not reside on a single computer or processor, but it may be distributed in a modular fashion a plurality of different computers or processors to implement various aspects of the invention.

[0136] 可以单独、结合或以在上文实施例中未具体论述的各种配置来使用本发明的各个方面,以及在此所述的本发明的方面在其应用方面不限于上文中阐述或在图中示出的组件的细节和配置。 [0136] may be used alone, in combination or in various embodiments not specifically discussed in the configuration of the above embodiment is used the various aspects of the invention, and aspects of the invention described herein is not limited in its application set forth above or details and components of the configuration shown in FIG. 本发明的各方面能是其他实施例,并且能以各种方法实施或执行。 Aspects of the present invention is capable of other embodiments and of being practiced or carried out in various ways. 本发明的各个方面能结合任何类型的网络、群集或结构实现。 Various aspects of the present invention are capable of binding to any type of network, cluster or configuration implemented. 对网络实现无限制。 The network for unlimited. 因此,上述描述和附图仅作为示例。 Accordingly, the foregoing description and drawings merely by way of example.

[0137] 在权利要求书中使用序数术语,诸如“第一”、“第二”、“第三”等等修改权利要求要素本身不暗示任何优先级、先后次序或一个权利要求要素在另一个上,或执行方法动作的时间顺序,而仅用作将具有某一名称的一个权利要求要素与具有相同名称(若非使用序数术语)的另一要素区分开来以便区分权利要求要素的标记。 [0137] In use of the ordinal term book as claimed in claim elements themselves such as "first", "second", "third" and the like does not imply any modification as claimed in claim priority, precedence, or in another claim element , the method of performing an operation or of the chronological order, but merely as claimed having a certain name element having a same name (but for use of the ordinal term) to distinguish the other elements in order to distinguish the claim elements labeled.

[0138] 同时,本文中使用的措辞和术语用于描述目的,并且不应当视为限制。 [0138] Also, the phraseology and terminology used herein is for the purpose of description and should not be regarded as limiting. 使用“包括”、“由…组成”或“具有”、“包含”、“涉及”和本文中的变体旨在包含此后列出的项及其等效项,以及另外的项。 Use "comprising", "consisting of ..." or "having", "containing", "involving" and variations thereof herein is intended to encompass hereinafter listed items and equivalents thereof, as well as additional items.

Claims (9)

1.在包括用于消费者、商家、和至少一个支付提供者的计算设备的系统中,一种由用于消费者、商家、和至少一个支付提供者的计算设备执行的计算机实现方法,所述方法用于通过在用于所述消费者、所述商家和所述至少一个支付提供者的的计算设备之间建立数据的三方交换,来提供用于在线购买服务、商品或两者的安全商业交易,所述方法包括:消费者计算设备,其向商家计算设备发送购买由商家提供的一个或多个服务、商品或两者的在线请求;所述消费者从所述商家接收记帐信息,其包括与购买所述一个或多个服务、商品或两者有关的价格;所述消费者将所述记账信息发送到至少一个支付提供者计算设备;所述至少一个支付提供者存储所述记账信息;所述消费者请求所述至少一个支付提供者提供支付令牌,来作为所述消费者支付所述一个或多 1. In a computer system comprising consumers, merchants, and at least one payment provider computing device, a method used by the consumers, merchants, and at least one payment provider computing device-implemented method, the said the method used by a consumer, the merchant and the establishment of at least one payment data between computing equipment provider tripartite exchange, to provide secure online purchasing services, goods, or both for commercial transactions, said method comprising: a consumer computing device, which device transmits purchase one or more services, goods, or both an online request provided by the merchant to merchant calculation; the consumer receives billing information from the merchant , which includes the purchase of the one or more services, goods, or both, about the price; the consumer to the billing information to the computing device transmits the at least one payment provider; at least one payment provider stores said billing information; the consumer requests the at least one payment provider provides payment token to pay for the one or more, as the consumer 服务、商品或两者的价格的能力的证明,其中所述支付令牌包括所述记账信息, 并且所述消费者具有关于所述至少一个支付提供者的记账帐户;消费者从所述至少一个支付提供者接收所述支付令牌,其中所述支付令牌唯一地标识对所述价格的支付授权,而不必向所述商家提供有关所述消费者的所述记帐帐户的敏感信息;所述消费者向所述商家发送所述支付令牌;在最终化来自所述消费者的对所述一个或多个服务、商品或两者的请求之前,所述商家向至少一个支付提供者发送所述支付令牌,以向所述至少一个支付提供者验证支付;所述至少一个支付提供者将从所述商家处接收到的所述支付令牌内的记账信息与从所述消费者处接收到的所存储的记账信息进行比较,以验证所述支付令牌;所述商家接收来自所述至少一个支付提供者的支付令牌已被验证 Service, the ability to price goods, or both proof, wherein the payment token includes the billing information, and the consumer has on at least one payment provider's billing account; from the consumer at least one payment provider receives the payment token, which uniquely identifies the payment token payments authorized for the price, without having to provide the relevant billing account the consumer to the merchant sensitive information ; the customer sending the payment token to the merchant; prior to finalization of the request for one or more services, goods, or both from the consumer to the merchant providing at least one payment sends the payment token to the at least one payment provider to verify the payment; at least one payment in the accounting information received from the provider at the merchant with the payment token from the consumers accounting information received at the stored comparison, to validate the payment token; the merchant receives from the at least one payment provider a payment token has been verified 确认;所述商家通过向所述消费者发送所述确认来最终化对购买所述一个或多个服务、商品或两者的请求;以及所述消费者接收对所述支付令牌的有效性的确认,其指示将所述一个或多个服务、商品或两者从所述商家适当地转移到所述消费者。 Acknowledgment; the merchant by sending the acknowledgment to the consumer of the final purchase request for the one or more services, goods, or both; and the consumer receives the validity of the payment token acknowledgment, indicating that the one or more services, goods, or both, is suitably transferred from the merchant to the consumer.
2.如权利要求1所述的方法,其特征在于,所述记账信息进一步包括所述服务、商品或两者的描述、来自所述商家的可用支付选项、或商家专用信息的一个或多个。 2. The method according to claim 1, wherein the billing information further comprises the services, goods description, or both, available payment options from the merchant, or merchant specific information or a.
3.如权利要求1所述的方法,其特征在于,所述支付令牌可由所述消费者、所述至少一个支付提供者或两者撤消。 The method according to claim 1, wherein the payment token is revocable by the consumer, at least one payment provider, or both withdrawn.
4.如权利要求1所述的方法,其特征在于,所述支付令牌唯一地标识对所述价格的支付授权,而不必向所述商家提供有关所述消费者的所述记帐帐户的敏感信息,因为所述支付令牌由所述至少一个支付提供者签名、加密或两者,并且其中向所述至少一个支付提供者确认所述支付令牌包括验证所述签名、加密或两者。 4. The method according to claim 1, wherein the payment token uniquely identifies the authorization of payment of the price, without having to provide about the billing account of the consumer to the merchant sensitive information, because a payment token by said at least one payment provider signed, encrypted, or both, and wherein the at least one payment provider includes validating the payment token verifying the signatures, encryption, or both .
5.如权利要求1所述的方法,其特征在于,所述一个或多个服务、商品或两者要求预订或多笔支付,其中所述支付令牌可对该支付使用多次。 5. The method according to claim 1, wherein said one or more services, goods, or both request a booking or a plurality of payment, wherein said payment token can be used multiple times of the payments.
6.如权利要求1所述的方法,其特征在于,所述一个或多个服务、商品或两者要求预订或多次支付,且其中所述支付令牌仅对所述预约或多笔支付的整笔支付才有效,且其中需要另外的令牌用于后续支付。 6. The method according to claim 1, wherein said one or more services, goods, or both required subscription or multiple payments, and wherein the payment token to pay only for the reservation or pen the lump sum is valid, and wherein additional tokens need for subsequent payments.
7.如权利要求1所述的方法,其特征在于,从所述商家发送到所述消费者的所述记账信息由所述商家来加密或签名,所述方法还包括:所述商家在接收到所述支付令牌之际验证所述支付令牌内的经加密或签名的记账信息的真实性,以将所述支付令牌验证为已从所述消费者处接收到。 7. The method according to claim 1, characterized in that the transmission from the merchant to the consumer to the billing information is encrypted or signed by the merchant, the method further comprising: in the merchant the authenticity of the payment token received on the occasion of verifying the encrypted payment token or signature of the accounting information to the payment token validation is received from the consumer to place.
8.具有所存储的计算机可执行指令的一个或多个计算机存储介质,所述指令在由包括用于消费者、商家、和至少一个支付提供者的计算设备的系统中的一个或多个处理器执行时,执行一种方法,所述方法通过在用于所述消费者、所述商家和所述至少一个支付提供者的的计算设备之间建立数据的三方交换,来提供用于在线购买服务、商品或两者的安全商业交易,所述方法包括:消费者计算设备,其向商家计算设备发送购买由商家提供的一个或多个服务、商品或两者的在线请求;所述消费者从所述商家接收记帐信息,其包括与购买所述一个或多个服务、商品或两者有关的价格;所述消费者将所述记账信息发送到至少一个支付提供者计算设备;所述至少一个支付提供者存储所述记账信息;所述消费者请求所述至少一个支付提供者提供支付令牌,来作为所 8. The computer-executable instructions stored having one or more computer storage media, the instructions by a computing device comprising a system provider's consumers, merchants, and at least one or more processing payments for when perform, perform a method, the method by the consumer, the merchant and the establishment of at least one payment data between computing equipment provider for the tripartite exchange, to provide for online purchase services, goods, or both, of the security of commercial transactions, the method comprising: consumer computing device, the device sends a request to purchase one or more online services, goods, or both, provided by businesses to calculate their businesses; the consumer receiving billing information from the merchant, which includes the purchase one or more services, goods, or both the relevant price; the consumer to the billing information is sent to at least one payment provider computing device; the said at least one payment provider for storing the billing information; providing the customer requesting the payment token at least one payment provider, as the 消费者支付所述一个或多个服务、商品或两者的价格的能力的证明,其中所述支付令牌包括所述记账信息, 并且所述消费者具有关于所述至少一个支付提供者的记账帐户;消费者从所述至少一个支付提供者接收所述支付令牌,其中所述支付令牌唯一地标识对所述价格的支付授权,而不必向所述商家提供有关所述消费者的所述记帐帐户的敏感信息;所述消费者向所述商家发送所述支付令牌;在最终化来自所述消费者的对所述一个或多个服务、商品或两者的请求之前,所述商家向至少一个支付提供者发送所述支付令牌,以向所述至少一个支付提供者验证支付;所述至少一个支付提供者将从所述商家处接收到的所述支付令牌内的记账信息与从所述消费者处接收到的所存储的记账信息进行比较,以验证所述支付令牌;所述商家接收来自所述至少一个支付 Consumers pay for the one or more proof of the ability of the price of services, goods, or both, wherein the payment token includes the billing information, and the consumer has on at least one payment provider bookkeeping accounts; consumers from at least one payment provider receives the payment token, which uniquely identifies the payment token payments authorized for the price, without having to provide information about the consumer to the merchant the sensitive billing account information; the consumer sends the merchant the payment token; prior to finalization of the request for one or more services, goods, or both from the consumer , the merchant to provide at least one payment sends the payment token to the at least one payment provider to verify the payment; at least one from the payment provider to the merchant receives payment token accounting information is compared with the billing information received from the consumers to be stored, to validate the payment token; the merchant receives payment from the at least one 供者的支付令牌已被验证的确认;所述商家通过向所述消费者发送所述确认来最终化对购买所述一个或多个服务、商品或两者的请求;以及所述消费者接收对所述支付令牌的有效性的确认,其指示将所述一个或多个服务、商品或两者从所述商家适当地转移到所述消费者。 Donors have been validated payment token acknowledgment; the merchant by sending an acknowledgment to finalize the purchase request for the one or more services, goods, or both, to the consumer; and the consumer receiving acknowledgment of the validity of the payment token indicating that the one or more services, goods, or both, is suitably transferred from the merchant to the consumer.
9.如权利要求1所述的方法,其特征在于,所述支付令牌唯一地标识对所述价格的支付授权,而不必向所述商家提供有关所述消费者的所述记帐帐户的敏感信息,因为所述支付令牌不包括所述敏感信息。 9. The method according to claim 1, wherein the payment token uniquely identifies the authorization of payment of the price, without having to provide about the billing account of the consumer to the merchant sensitive information, since the payment token to the sensitive information is not included.
CN 201110364986 2005-04-19 2006-04-19 Network commercial transactions CN102368325A (en)

Priority Applications (9)

Application Number Priority Date Filing Date Title
US67275405P true 2005-04-19 2005-04-19
US60/672,754 2005-04-19
US11/376,535 US7849020B2 (en) 2005-04-19 2006-03-15 Method and apparatus for network transactions
US11/376,535 2006-03-15
US11/379,143 US8996423B2 (en) 2005-04-19 2006-04-18 Authentication for a commercial transaction using a mobile module
US11/379,133 US20060235795A1 (en) 2005-04-19 2006-04-18 Secure network commercial transactions
US11/379,133 2006-04-18
US11/379,143 2006-04-18
CN200680011140.22006.04.19 2006-04-19

Publications (1)

Publication Number Publication Date
CN102368325A true CN102368325A (en) 2012-03-07

Family

ID=37115927

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 201110364986 CN102368325A (en) 2005-04-19 2006-04-19 Network commercial transactions

Country Status (12)

Country Link
EP (1) EP1872188A4 (en)
JP (1) JP2008541206A (en)
KR (1) KR20070120125A (en)
CN (1) CN102368325A (en)
AU (1) AU2006236243B2 (en)
BR (1) BRPI0608591A2 (en)
CA (1) CA2601785A1 (en)
IL (1) IL185978D0 (en)
MX (1) MX2007012648A (en)
NO (1) NO20074614L (en)
SG (1) SG161290A1 (en)
WO (1) WO2006113834A2 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102646252A (en) * 2012-03-19 2012-08-22 重庆先迈通信技术有限公司 Business server system and business processing method of negotiated price transaction business
CN103678966A (en) * 2012-08-31 2014-03-26 Ncr公司 Security module and method of securing payment information
CN104144146A (en) * 2013-05-10 2014-11-12 中国电信股份有限公司 Method and system for visiting website
CN105378776A (en) * 2013-02-26 2016-03-02 维萨国际服务协会 Methods and systems for providing payment credentials

Families Citing this family (81)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8762263B2 (en) 2005-09-06 2014-06-24 Visa U.S.A. Inc. System and method for secured account numbers in proximity devices
US7739169B2 (en) 2007-06-25 2010-06-15 Visa U.S.A. Inc. Restricting access to compromised account information
US8121942B2 (en) 2007-06-25 2012-02-21 Visa U.S.A. Inc. Systems and methods for secure and transparent cardless transactions
DE102007048044A1 (en) * 2007-10-05 2009-04-09 T-Mobile International Ag Content Distribution with inherent user-oriented authentication
US7720764B2 (en) 2008-02-01 2010-05-18 Kenneth James Emerson Method, device, and system for completing on-line financial transaction
US9015074B2 (en) 2008-02-01 2015-04-21 Mazooma Technical Services, Inc. Device and method for facilitating financial transactions
US8620826B2 (en) 2008-03-27 2013-12-31 Amazon Technologies, Inc. System and method for receiving requests for tasks from unregistered devices
US20090307140A1 (en) * 2008-06-06 2009-12-10 Upendra Mardikar Mobile device over-the-air (ota) registration and point-of-sale (pos) payment
US8219489B2 (en) 2008-07-29 2012-07-10 Visa U.S.A. Inc. Transaction processing using a global unique identifier
CA2742963A1 (en) 2008-11-06 2010-05-14 Visa International Service Association Online challenge-response
US9715681B2 (en) 2009-04-28 2017-07-25 Visa International Service Association Verification of portable consumer devices
US9038886B2 (en) 2009-05-15 2015-05-26 Visa International Service Association Verification of portable consumer devices
US8893967B2 (en) 2009-05-15 2014-11-25 Visa International Service Association Secure Communication of payment information to merchants using a verification token
US8602293B2 (en) 2009-05-15 2013-12-10 Visa International Service Association Integration of verification tokens with portable computing devices
US8534564B2 (en) 2009-05-15 2013-09-17 Ayman Hammad Integration of verification tokens with mobile communication devices
US9105027B2 (en) 2009-05-15 2015-08-11 Visa International Service Association Verification of portable consumer device for secure services
US7891560B2 (en) 2009-05-15 2011-02-22 Visa International Service Assocation Verification of portable consumer devices
JP5418025B2 (en) 2009-07-08 2014-02-19 株式会社リコー The information processing apparatus, method system management, a recording medium recording the system management program, and the program
US10255591B2 (en) 2009-12-18 2019-04-09 Visa International Service Association Payment channel returning limited use proxy dynamic value
US10255601B2 (en) 2010-02-25 2019-04-09 Visa International Service Association Multifactor authentication using a directory server
US20120089450A1 (en) * 2010-10-07 2012-04-12 Microsoft Corporation Loyalty offer
US9525548B2 (en) 2010-10-21 2016-12-20 Microsoft Technology Licensing, Llc Provisioning techniques
US8805434B2 (en) 2010-11-23 2014-08-12 Microsoft Corporation Access techniques using a mobile communication device
US9509686B2 (en) 2010-12-03 2016-11-29 Microsoft Technology Licensing, Llc Secure element authentication
SG193510A1 (en) 2011-02-22 2013-10-30 Visa Int Service Ass Universal electronic payment apparatuses, methods and systems
US10223730B2 (en) 2011-09-23 2019-03-05 Visa International Service Association E-wallet store injection search apparatuses, methods and systems
AU2013214801B2 (en) 2012-02-02 2018-06-21 Visa International Service Association Multi-source, multi-dimensional, cross-entity, multimedia database platform apparatuses, methods and systems
CN103503010B (en) 2011-03-04 2017-12-29 维萨国际服务协会 Ability to pay combined elements of a computer security
US9280765B2 (en) 2011-04-11 2016-03-08 Visa International Service Association Multiple tokenization for authentication
BG110910A (en) * 2011-04-11 2012-10-31 Красимир ПОПОВ A method to fulfill complex tasks, valuation and payment effected in a common computer environment
US8880040B2 (en) 2011-05-23 2014-11-04 Microsoft Corporation Mobile network operator identification
US9582598B2 (en) 2011-07-05 2017-02-28 Visa International Service Association Hybrid applications utilizing distributed models and views apparatuses, methods and systems
AU2012278963B2 (en) 2011-07-05 2017-02-23 Visa International Service Association Electronic wallet checkout platform apparatuses, methods and systems
US9704155B2 (en) 2011-07-29 2017-07-11 Visa International Service Association Passing payment tokens through an hop/sop
US10242358B2 (en) 2011-08-18 2019-03-26 Visa International Service Association Remote decoupled application persistent state apparatuses, methods and systems
US9355393B2 (en) 2011-08-18 2016-05-31 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
WO2013029014A2 (en) 2011-08-24 2013-02-28 Visa International Service Association Method for using barcodes and mobile devices to conduct payment transactions
EP2801061A4 (en) 2012-01-05 2015-06-03 Visa Int Service Ass Data protection with translation
WO2013113004A1 (en) 2012-01-26 2013-08-01 Visa International Service Association System and method of providing tokenization as a service
US10282724B2 (en) 2012-03-06 2019-05-07 Visa International Service Association Security system incorporating mobile device
US9524501B2 (en) 2012-06-06 2016-12-20 Visa International Service Association Method and system for correlating diverse transaction data
WO2014008403A1 (en) 2012-07-03 2014-01-09 Visa International Service Association Data protection hub
US9846861B2 (en) 2012-07-25 2017-12-19 Visa International Service Association Upstream and downstream data conversion
US9256871B2 (en) 2012-07-26 2016-02-09 Visa U.S.A. Inc. Configurable payment tokens
US9665722B2 (en) 2012-08-10 2017-05-30 Visa International Service Association Privacy firewall
AU2013315510A1 (en) * 2012-09-11 2015-04-02 Visa International Service Association Cloud-based Virtual Wallet NFC Apparatuses, methods and systems
US8959032B2 (en) 2012-10-10 2015-02-17 Quisk, Inc. Self-authenticating peer to peer transaction
US20140258123A1 (en) * 2013-03-05 2014-09-11 Quisk, Inc. Tokenized Payment Service Registration
WO2014066559A1 (en) 2012-10-23 2014-05-01 Visa International Service Association Transaction initiation determination system utilizing transaction data elements
US9911118B2 (en) 2012-11-21 2018-03-06 Visa International Service Association Device pairing via trusted intermediary
US10304047B2 (en) 2012-12-07 2019-05-28 Visa International Service Association Token generating component
US9741051B2 (en) 2013-01-02 2017-08-22 Visa International Service Association Tokenization and third-party interaction
US10223710B2 (en) 2013-01-04 2019-03-05 Visa International Service Association Wearable intelligent vision device apparatuses, methods and systems
US9978062B2 (en) 2013-05-15 2018-05-22 Visa International Service Association Mobile tokenization hub
WO2015013522A1 (en) 2013-07-24 2015-01-29 Visa International Service Association Systems and methods for communicating risk using token assurance data
US9978094B2 (en) 2013-10-11 2018-05-22 Visa International Service Association Tokenization revocation list
US10115102B2 (en) 2013-10-14 2018-10-30 Equifax Inc. Providing identification information to mobile commerce applications
SG10201900029SA (en) 2013-11-19 2019-02-27 Visa Int Service Ass Automated account provisioning
KR20160101117A (en) 2013-12-19 2016-08-24 비자 인터네셔널 서비스 어소시에이션 Cloud-based transactions methods and systems
US9922322B2 (en) 2013-12-19 2018-03-20 Visa International Service Association Cloud-based transactions with magnetic secure transmission
US9846878B2 (en) 2014-01-14 2017-12-19 Visa International Service Association Payment account identifier system
US10026087B2 (en) 2014-04-08 2018-07-17 Visa International Service Association Data passed in an interaction
US9942043B2 (en) 2014-04-23 2018-04-10 Visa International Service Association Token security on a communication device
CN106233664A (en) 2014-05-01 2016-12-14 维萨国际服务协会 Data verification using access device
US9848052B2 (en) 2014-05-05 2017-12-19 Visa International Service Association System and method for token domain control
US20150379505A1 (en) * 2014-06-30 2015-12-31 Intuit Inc. Using limited life tokens to ensure pci compliance
US9780953B2 (en) 2014-07-23 2017-10-03 Visa International Service Association Systems and methods for secure detokenization
US9775029B2 (en) 2014-08-22 2017-09-26 Visa International Service Association Embedding cloud-based functionalities in a communication device
US10140615B2 (en) 2014-09-22 2018-11-27 Visa International Service Association Secure mobile device credential provisioning using risk decision non-overrides
AU2015319804B2 (en) 2014-09-26 2019-03-14 Visa International Service Association Remote server encrypted data provisioning system and methods
US10015147B2 (en) 2014-10-22 2018-07-03 Visa International Service Association Token enrollment system and method
US10325261B2 (en) 2014-11-25 2019-06-18 Visa International Service Association Systems communications with non-sensitive identifiers
US10257185B2 (en) 2014-12-12 2019-04-09 Visa International Service Association Automated access data provisioning
US10187363B2 (en) 2014-12-31 2019-01-22 Visa International Service Association Hybrid integration of software development kit with secure execution environment
US10096009B2 (en) 2015-01-20 2018-10-09 Visa International Service Association Secure payment processing using authorization request
US10164996B2 (en) 2015-03-12 2018-12-25 Visa International Service Association Methods and systems for providing a low value token buffer
US10333921B2 (en) 2015-04-10 2019-06-25 Visa International Service Association Browser integration with Cryptogram
US10298583B2 (en) 2015-05-11 2019-05-21 Soteria Services Llc Integrated activity management system and method of using same
SG11201805266YA (en) 2016-01-07 2018-07-30 Visa Int Service Ass Systems and methods for device push provisioning
US10223685B2 (en) * 2016-02-26 2019-03-05 Arithmetic Operations Incorporated Systems, methods, and media for pay-per-access micropayment-based web browsing and server applications
US10313321B2 (en) 2016-04-07 2019-06-04 Visa International Service Association Tokenization of co-network accounts

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7152045B2 (en) * 1994-11-28 2006-12-19 Indivos Corporation Tokenless identification system for authorization of electronic transactions and electronic transmissions
US5671279A (en) * 1995-11-13 1997-09-23 Netscape Communications Corporation Electronic commerce using a secure courier system
US5812668A (en) * 1996-06-17 1998-09-22 Verifone, Inc. System, method and article of manufacture for verifying the operation of a remote transaction clearance system utilizing a multichannel, extensible, flexible architecture
DE19630920C1 (en) * 1996-07-31 1997-10-16 Siemens Ag Subscriber authentication and/or data encryption method
US5892900A (en) * 1996-08-30 1999-04-06 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
JP2000036000A (en) * 1998-06-30 2000-02-02 Sun Microsyst Inc Neutral observer in electronic commercial transaction
US6327578B1 (en) * 1998-12-29 2001-12-04 International Business Machines Corporation Four-party credit/debit payment protocol
EP1315951A2 (en) * 1999-07-21 2003-06-04 E-Payments A method for performing a transaction over a network
FI20000760A0 (en) * 2000-03-31 2000-03-31 Nokia Corp The authentication packet data network
NZ523366A (en) * 2000-05-25 2005-10-28 Echarge Corp Secure transaction protocol
JP2002207929A (en) * 2001-01-12 2002-07-26 Nippon Telegr & Teleph Corp <Ntt> Method and device for customer authentication, provider device and its processing method, and sales service providing device and its processing method
US20020147820A1 (en) * 2001-04-06 2002-10-10 Docomo Communications Laboratories Usa, Inc. Method for implementing IP security in mobile IP networks
DE10149298A1 (en) * 2001-10-05 2003-04-17 Siemens Ag Method for electronic posting and payment of invoices, involves setting up connection from customer to bank server
JP3899890B2 (en) * 2001-10-18 2007-03-28 日本電信電話株式会社 Charging method and system and the purchase control terminal and the authentication accounting server and sales server and charging program, and a storage medium storing the accounting program
JP2003168035A (en) * 2001-12-04 2003-06-13 Senshukai General Service Co Ltd Method for acquiring detailed information of client
US7996888B2 (en) * 2002-01-11 2011-08-09 Nokia Corporation Virtual identity apparatus and method for using same
WO2005022428A1 (en) * 2003-08-28 2005-03-10 Ibm Japan, Ltd. Attribute information providing server, attribute information providing method, and program
GB2406925B (en) * 2003-10-09 2007-01-03 Vodafone Plc Facilitating and authenticating transactions
US20050114261A1 (en) * 2003-11-21 2005-05-26 Chuang Guan Technology Co., Ltd. Payment system for using a wireless network system and its method

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102646252A (en) * 2012-03-19 2012-08-22 重庆先迈通信技术有限公司 Business server system and business processing method of negotiated price transaction business
CN103678966A (en) * 2012-08-31 2014-03-26 Ncr公司 Security module and method of securing payment information
CN105378776A (en) * 2013-02-26 2016-03-02 维萨国际服务协会 Methods and systems for providing payment credentials
CN104144146A (en) * 2013-05-10 2014-11-12 中国电信股份有限公司 Method and system for visiting website
CN104144146B (en) * 2013-05-10 2017-11-03 中国电信股份有限公司 Method and system for access to the site

Also Published As

Publication number Publication date
BRPI0608591A2 (en) 2010-01-19
JP2008541206A (en) 2008-11-20
WO2006113834A9 (en) 2007-11-01
MX2007012648A (en) 2007-12-13
EP1872188A4 (en) 2011-04-27
KR20070120125A (en) 2007-12-21
EP1872188A2 (en) 2008-01-02
AU2006236243B2 (en) 2011-03-24
AU2006236243A1 (en) 2006-10-26
CA2601785A1 (en) 2006-10-26
NO20074614L (en) 2007-11-16
WO2006113834A2 (en) 2006-10-26
IL185978D0 (en) 2008-01-20
WO2006113834A3 (en) 2009-04-23
SG161290A1 (en) 2010-05-27

Similar Documents

Publication Publication Date Title
US7548889B2 (en) Payment information security for multi-merchant purchasing environment for downloadable products
US7778934B2 (en) Authenticated payment
US8074257B2 (en) Framework and technology to enable the portability of information cards
KR100912613B1 (en) Secure transaction protocol
US6889325B1 (en) Transaction method and system for data networks, like internet
JP5479111B2 (en) Control of the distribution and use of digital id presentation
US7003501B2 (en) Method for preventing fraudulent use of credit cards and credit card information, and for preventing unauthorized access to restricted physical and virtual sites
US8898762B2 (en) Payment transaction processing using out of band authentication
US5850442A (en) Secure world wide electronic commerce over an open network
JP4955894B2 (en) Secure electronic commerce execution method and system according to the loop-back authorization request data
US5809144A (en) Method and apparatus for purchasing and delivering digital goods over a network
US6219652B1 (en) Network license authentication
US7925591B2 (en) Retail transactions involving digital content in a digital rights management (DRM) system
US7734527B2 (en) Method and apparatus for making secure electronic payments
US8793192B2 (en) Device enrollment system and method
US6941285B2 (en) Method and system for a virtual safe
US9400979B2 (en) Transactional security over a network
US20010032878A1 (en) Method and system for making anonymous electronic payments on the world wide web
CN102341817B (en) payment system
EP1684229A1 (en) Product locker for multi-merchant purchasing environment for downloadable products
JP6386567B2 (en) Network token system
US7149722B1 (en) Retail transactions involving distributed and super-distributed digital content in a digital rights management (DRM) system
JP5575935B2 (en) System and method for confirming the financial means
US20050246193A1 (en) Methods and apparatus for enabling transaction relating to digital assets
US6931382B2 (en) Payment instrument authorization technique

Legal Events

Date Code Title Description
C06 Publication
C10 Request of examination as to substance
C02 Deemed withdrawal of patent application after publication (patent law 2001)