CN1324051A - Safe communication - Google Patents
Safe communication Download PDFInfo
- Publication number
- CN1324051A CN1324051A CN 00121358 CN00121358A CN1324051A CN 1324051 A CN1324051 A CN 1324051A CN 00121358 CN00121358 CN 00121358 CN 00121358 A CN00121358 A CN 00121358A CN 1324051 A CN1324051 A CN 1324051A
- Authority
- CN
- China
- Prior art keywords
- user
- confirmation code
- communication network
- purchase
- internet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/42—User authentication using separate channels for security data
- G06F21/43—User authentication using separate channels for security data wireless channels
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/385—Payment protocols; Details thereof using an alias or single-use codes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/42—Confirmation, e.g. check or permission by the legal debtor of payment
- G06Q20/425—Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Strategic Management (AREA)
- Computer Security & Cryptography (AREA)
- General Business, Economics & Management (AREA)
- Finance (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Telephonic Communication Services (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The present invention relates to the validation of internet purchases. The intending purchaser supplies a vendor's website with identification data, The website then accesses a database of contact data, preferably a telecommunications network , to locate contact data (e.g. the purchaser's phono number) for the purchaser. The web site then telephones the purchaser's phone number to validate the purchaser' s identity. Preferably the vendor's website then issues an invoice to the purchaser's telephone company and the purchaser is debited for the purchase in his telephone bill.
Description
The invention relates on a communication network method and apparatus of move instruction safely, the present invention especially is applicable to and carries out online business transaction.
The Internet commerce increases rapidly at present, relates to the user and buys commodity, service and information (as down-load music is paid).
In order to buy, user will be sent to website by retailer's operation to its instruction by the Internet, and this instruction may comprise user's credit card and account information, usually these information be printed on credit card originally on one's body.This retailer approves this transaction (can send commodity with charge free as the retailer), and the user's that correspondingly debts credit card.
Above-mentioned system relates to a safety problem, and promptly the data on credit card also can be visited for the third party that can visit this card, and he just can remember to be printed on the data on the card, and buys with its oneself account in the time afterwards.
A common user will repeatedly buy from same website in one period, repeatedly transmit same credit card for fear of this user, as everyone knows, a credit card information storehouse is often kept for each user in the website, each user is provided (selection) identification data and is used to identify himself, this identification data generally includes a password and a user name, no matter when when this user wants to buy from this website, he just provides his identification data to this website, credit card database is just visited with this identification data in this website, and retrieves this user's credit card information.
This configuration has more worsened above-mentioned safety problem, also can utilize this website to buy because can visit the third party of this identification data, and a such third party for example is this retailer's operating personnel.In addition, this third party can visit this identification data, because this user is recorded in somewhere (on paper) to it, to avoid remembeing it.In fact, relevant with on-line purchase crime problem is also increasing rapidly.
Although as described, the internet security problem shows sharply especially in on-line purchase, and it also appears in other affairs, has a lot of examples to show that the user wishes to communicate with the website safely.
The present invention is devoted to provide the method and apparatus that carries out secure network communications, especially transmits trading instruction to the Internet retailers.
Generally speaking, the present invention advises that the user provides in order to identify his data to the website, and this website visiting relates to the contact data base of one second telecommunications network, so that search user's contact data.For example, this second telecommunications network can be a telephone network (as mobile telephone network), and this contact data just can be a user's telephone number.This second telecommunications network contact user of this website use is so that check user's sign.
For example, this website can send a confirmation code to the user, the some that it can be used as message sends on the user's mobile phone, and this user reads this confirmation code, and sends it to this website by the Internet (as key in this sign indicating number on the webpage of user browser).If the third party can visit the telecommunications network relevant with this contact data in this second communication network like this, also only can use the user account of this website.
This database can be safeguarded by website itself as a contact data base.In addition, this database can be the operating personnel's maintenance by second telecommunications network.In fact, a plurality of phone operation personnel can safeguard database separately.This user can indicate his telephone number to the website, so that the corresponding telephone operating personnel can be got in touch in this website, and correct database.After having verified user ID, this website just normally mode (import credit card details, or the database by the previous credit card information of keying in of visit) as the request user send bill to a credit card account about this purchase.Preferably the bill at this purchase is to pay the bill from the capital account that second telecommunications network is relevant therewith.For example, it can appear on user's the telephone bill of next month, and this needing just have been avoided independent credit card account.
With reference to the accompanying drawings, at length explained the present invention as an example, wherein:
Fig. 1 illustrates the screen that is shown to the user in the first embodiment of the present invention;
Fig. 2 is the block scheme of the step in the second embodiment of the present invention.
With reference to Fig. 1, be labeled as 1 zone and schematically show and be engraved in a demonstration on the user browser, i.e. user's display screen at a time.This screen 1 is the demonstration that is produced by a server, and its function is as an online retailer.Screen 1 an indication repertory (as user's " shopping frame "), by checking this frame (and roughly clicking " purchase " button), this user indicates him to think to be " project 2 " payment.
Show to transform to screen 2 then, the indication user keys in identification data, especially its username and password.This server has been kept the database of a username and password, so that it can check results, if not success of user, he will be directed to screen 3, keys in again.
The Fac success, the user just can enter into screen 4.It is sending a piece of news to a mobile phone user (or other message sink equipment in this server indication, as pager), and provide cell-phone number, this cell-phone number can extract from the database of this identification data visit of server by utilizing, and perhaps user oneself is typed into telephone number in the screen 4.Under latter event, verification that a user relevant with telephone number with this input identification data (as the operator by call connection system) is arranged.
Show and transform to screen 5.The message that sends to mobile phone comprises a confirmation code.This user imports its (can read from the display screen of hand mobile phone) so that carry out verification.If it is incorrect that this user keys in, then enter screen 6, require to re-enter.
If the sign indicating number that the user keys in is correct, then enter screen 7, finished this time purchase, server sends a bill to the account relevant with this Mobile Directory Number.
Get back to Fig. 2, the block scheme of nine payment steps has been shown in the second embodiment of the present invention.
At first, show screen 11, inquire that this user verifies that with visa, cash (delivering to site operation person with mailing way) or by phone (according to the present invention) pays the bill to the user.
In step 1, the user states that he wants the phone checking, so transform to screen 12.Require the user to import a user ID, password and telephone number (indicating the phone account that the user wishes to be used to verify) are in these data of step 2 input.
Verify that by visiting a database (safeguarding) (step 3), this database comprise all details of user name, password and telephone number to all data by the Telephone Operator.
Then, retail server sends a signal to a SMS (Short Message Service) server (step 4).The SMS server sends a message, and (step 5), this message comprise an identifying code (utilize a random generator to produce as retailer server, or produce and send to retailer server by SMS server oneself) to the telephone number that is indicated by the user.
In step 6, show screen 13 to the user, and require to key in identifying code that this identifying code can be read by the display screen of its mobile phone, can finish in step 7.
In step 8, this identifying code that this retailer server verification has been remembered.Then, it just sends a bill to a billing proxy, and this billing proxy can be have traditional Fare Collection System in the industry any, as telecommunication, practicality, bank or financial institution, can be the operator of mobile phone as it.
After this Transaction Success ground is handled, send to acknowledge message (step 9) of user.
Although the present invention is illustrated at certain embodiments, the people in the present technique field, can carry out a lot of modifications within the scope of the invention.For example, although the present invention is not limited to this respect with respect to indicating the purchase stage to explain, and this method can be used to wish a lot of environment of verified users sign.
Further, although this method is illustrated with reference to a kind of telex network (mainly being to pass through the Internet), the present invention also is applicable to the occasion that user and retailer communicate by another kind of communication network, for example, the user can use a point-of-sale terminal point, observes the content that screen shows on this terminal.
Claims (7)
1, a kind of method that is used to confirm to buy instruction based on the Internet, this method comprises:
Receive purchase information by the Internet there from the user, this has bought information declaration single purchase that takes place of user expectation;
Receive the identification information of this user ID of indication from the user by the Internet;
Utilize this identification information from a database, to extract user's the contact details on a second communication network;
By this second communication network, utilize these contact details to send a confirmation code to the user;
Receive a confirmation code from the user there by the Internet; And
The confirmation code that verification sends to the user meets the confirmation code that receives from this user.
2, according to the process of claim 1 wherein that this second communication network is a telephone network, as mobile telephone network.
3, claim 1 or 2 method, wherein said confirmation code sends with text message.
4, according to the described method of aforementioned arbitrary claim, also comprise the capital account that debts, this account is bought about this time and is associated with this user and second communication network.
5, a kind of server system that moves Internet commerce, this server has:
The interface generating means is used to produce a user interface so that receive the identification information of the purchase information and the indication user ID of the purchase of stating that the user wishes to take place from a user;
Buy satisfied device, be used to finish purchase by this purchase information appointment;
Extraction element is used for extracting the contact details of a plurality of users on a second communication network from database, and for a specific user, described contact details are based on this identification information; And
Dispensing device is used for sending a confirmation code by this second communication network to the user according to the contact details of being extracted;
Interface arrangement is used for from this user by the Internet confirmation of receipt sign indicating number; And
This server system also comprises and is used for the device that confirmation code that verification sends to this user meets the confirmation code that receives from this user, and control is bought satisfied device and finished this time purchase when meeting.
6, according to the server system of claim 5, messenger service wherein by notifying one to send to the user, the contact data that this dispensing device utilization is extracted sends this confirmation code to user, a text message that comprises this confirmation code.
7, a kind of method of verified users sign, this method comprises:
Receive the identification information of this user ID of indication from this user by one first communication network;
Utilize this identification information from a database, to extract the contact details of this user on a second communication network;
Utilize these contact details to send a confirmation code to this user by this second communication network;
Receive a confirmation code by this first communication network from the user; And
The confirmation code that verification sends to this user meets the confirmation code that receives from this user.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB0011673.1 | 2000-05-15 | ||
| GB0011673A GB2362489A (en) | 2000-05-15 | 2000-05-15 | Secure communication |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1324051A true CN1324051A (en) | 2001-11-28 |
Family
ID=9891614
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 00121358 Pending CN1324051A (en) | 2000-05-15 | 2000-07-21 | Safe communication |
Country Status (5)
| Country | Link |
|---|---|
| CN (1) | CN1324051A (en) |
| AU (1) | AU4384000A (en) |
| CA (1) | CA2313832A1 (en) |
| GB (1) | GB2362489A (en) |
| HK (1) | HK1034416A2 (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE10218729B4 (en) * | 2002-04-26 | 2004-05-27 | Andawari Gmbh | Methods for authenticating and / or authorizing people |
| WO2006106405A1 (en) * | 2005-04-05 | 2006-10-12 | The Standard Bank Of South Africa Limited | A method of authenticating a user of a network terminal device and a system therefor |
| FR2888691A1 (en) * | 2005-07-13 | 2007-01-19 | Gemplus Sa | TRANSACTION AUTHORIZATION METHOD AND DEVICE |
| EP1802155A1 (en) | 2005-12-21 | 2007-06-27 | Cronto Limited | System and method for dynamic multifactor authentication |
| US8837465B2 (en) | 2008-04-02 | 2014-09-16 | Twilio, Inc. | System and method for processing telephony sessions |
| US8306021B2 (en) | 2008-04-02 | 2012-11-06 | Twilio, Inc. | System and method for processing telephony sessions |
| FR2955682B1 (en) * | 2010-01-28 | 2012-03-16 | Paycool Int Ltd | METHOD FOR PROVIDING A DYNAMIC CODE THROUGH A TELEPHONE |
| US8737962B2 (en) | 2012-07-24 | 2014-05-27 | Twilio, Inc. | Method and system for preventing illicit use of a telephony platform |
| US9226217B2 (en) | 2014-04-17 | 2015-12-29 | Twilio, Inc. | System and method for enabling multi-modal communication |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| AU1390395A (en) * | 1994-01-14 | 1995-08-01 | Michael Jeremy Kew | A computer security system |
| US5881226A (en) * | 1996-10-28 | 1999-03-09 | Veneklase; Brian J. | Computer security system |
-
2000
- 2000-05-15 GB GB0011673A patent/GB2362489A/en not_active Withdrawn
- 2000-07-04 AU AU43840/00A patent/AU4384000A/en not_active Abandoned
- 2000-07-11 CA CA 2313832 patent/CA2313832A1/en not_active Abandoned
- 2000-07-21 CN CN 00121358 patent/CN1324051A/en active Pending
- 2000-08-17 HK HK00105183A patent/HK1034416A2/en not_active IP Right Cessation
Also Published As
| Publication number | Publication date |
|---|---|
| GB2362489A (en) | 2001-11-21 |
| GB0011673D0 (en) | 2000-07-05 |
| CA2313832A1 (en) | 2001-11-15 |
| AU4384000A (en) | 2001-11-22 |
| HK1034416A2 (en) | 2001-09-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7287270B2 (en) | User authentication method in network | |
| US7392940B2 (en) | In-lane money transfer systems and methods | |
| KR100376959B1 (en) | The electronic settlement system, electronic settlement method and cash paying method using lcd barcode displayed on mobile terminal | |
| US20020062257A1 (en) | Net shopping method, system therefor, and automatic payment transfer device | |
| US20070094113A1 (en) | Transactional mobile system | |
| NZ535428A (en) | System and method for secure credit and debit card transactions using dynamic random CVV2 code to mobile communications device | |
| WO2001097060A2 (en) | Member information registration method and system,and member verification method and system | |
| RU2263347C2 (en) | Method for performing transactions of users of mobile communication devices and computerized cashless transaction system for realization of said method | |
| AU2001247953B2 (en) | System and method for purchasing goods and services through financial data network access points | |
| EP1348185A1 (en) | Payment system | |
| CN1324051A (en) | Safe communication | |
| KR20000012607A (en) | certification system using radio communication device | |
| JP4071445B2 (en) | Transaction mediation system, transaction mediation apparatus and program | |
| US20020156728A1 (en) | Method and arrangement for the transmission of an electronic sum of money from a credit reserve by wap | |
| WO2001041093A1 (en) | A system and method for conducting a financial transaction | |
| JP2008152338A (en) | System and method for credit card settlement using personal digital assistance | |
| US7017804B2 (en) | Method for providing identification data of a banking card to a user | |
| KR20030082018A (en) | Method of a credit card approval using interactive short message service | |
| KR20010091827A (en) | A remittance system via telecommunication terminal number and remittance method using the same | |
| JP4881088B2 (en) | Account transaction suspension system | |
| KR20090051392A (en) | System and method for transferring cash withdrawal with affiliated store and recording medium | |
| KR20050015475A (en) | System and Method For Accounting By Certification Code | |
| KR20000059253A (en) | An Electronic Payment Method Using A Value-Added Network | |
| JP2003067344A (en) | Information processing system, terminal and authentication method | |
| JP2005293343A (en) | Credit granting processing method in electronic commerce system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |