JP2002508547A - How to use telephone calling cards for business transactions - Google Patents

Abstract

(57) [Summary] This is a method using a telephone calling card to conduct business transactions electronically. In one embodiment, a user initiates a telephone call to a merchant using a calling card provided by a service provider. The service provider first checks the user's identity by using the PIN code (1). Once the user's identity has been verified, the user's call to the merchant is established. The user and the merchant then agree on the sale of the goods, at which time the invoice is provided by the merchant to the service provider. The invoice is then approved by the user and the merchant is disconnected from the call. In another embodiment, the user is connected to the merchant over the Internet, and the user's identity has already been verified by the Internet service provider. The user drags a copy of the invoice to the application running on the web page. The application attaches the user's digital signature to the invoice and emails it to the merchant. The merchant then presents the signed invoice to a server that authenticates the user's signature before approving the sale.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001] The present invention relates to the field of commercialization for business transactions. More specifically, the present invention relates to the problem of securely and efficiently using telephone calling cards as credit cards for business transactions.

BACKGROUND OF THE INVENTION An increasing number of consumers are choosing to complete a purchase without having to physically go to the location where the service or goods are located. This social phenomenon is reflected in the Internet, especially in the World Wide Web, and in home shopping networks (Hom
Other electronic-based shopping networks, such as e-Shopping Network, have become widespread in recent years. In fact, virtual malls are available that allow consumers to browse from one virtual store to another by using a personal computer. In addition to home shopping, other areas that may eventually become widely available through e-commerce include movie on demand, video games, video libraries, home banking, and music on demand. The ability to purchase goods and services without the hassle of searching for parking places or waiting in line is particularly attractive to consumers. In fact, e-commerce could at some time become the primary vehicle used to purchase any and all goods or services, and will certainly revolutionize the way businesses are done.

In today's economy, consumers who want to make a modest electronic purchase (ie, without being physically present) have only two options. If you are doing business through a computer, you can use a secure electronic payment scheme such as eCash or MilliCent. Otherwise, the only means available is a regular credit card.

[0004] eCash is a software-based payment system that allows
Users can make electronic payments from one computer to any other computer over any computer network, including the Internet. Purchasing with eCash requires three participants: a buyer, a seller, and a bank. First, a buyer withdraws a digital coin or eCash from his bank account. A digital coin is actually a message having a sequence of digits, each digit sequence corresponding to a different digital coin. These messages are sent to the buyer's computer where the eCash software automatically handles digital coins. Buyers with eCash at hand,
h Can be purchased from sellers or merchants registered with the transaction system. However, before the sale is completed between the buyer and the seller, the seller's software automatically sends the digital coins received from the buyer to the bank. By sending coins to the bank, the seller can protect himself from fraudulent activity. Therefore, banks are used as central institutions. To protect buyer privacy, eCash is available from Chaum, David L.D. "B
US Patent No. 4, entitled "Lind Signature Systems".
759,063, and Chaum, David L. et al. "Returned
"Blind signatures (bl) as described in U.S. Pat. No. 4,949,380 entitled" Value Blind Signature Systems ".
ind signature) ". One disadvantage of this system is that both buyers and sellers must have accounts in the eCash system in order to make a purchase. This drawback is not particularly recognizable in that the urge to purchase goods or services may not last as long as consumers take to register with such a system. Another disadvantage is that each purchase requires processing by an intermediary, such as a bank, before the purchase is considered completed.

[0005] MilliCent is another software-based payment system designed primarily for content-based Internet commerce. Mil
The liCent system is based on the use of "scrips". Scrips are basically prepaid electronic coupons that replace cash at the time of purchase.
Scrips are issued by brokers or vendors that act as intermediaries between consumers and vendors. Basically, a consumer purchases a vendor specific scrip from a broker or vendor, e.g., using a credit card, i.e., a scrip that can only be used to purchase content from a particular vendor, and then Make a purchase using that scrip. MilliCent
The system does not require a user account, but has drawbacks. For one, each user subscribes to the MilliCent software and
nt software must be used. In addition, scrips are vendor specific, thus limiting the flexibility of the shopping consumer. Therefore, eCas
Like h, MilliCent can negatively impact the urge to make an instant purchase.
On the other hand, the low transaction costs associated with systems such as eCash or MilliCent are particularly attractive for purchasing goods or services as low as 10 cents.

[0006] eCash and MilliCent are just two of many prior art schemes that provide secure e-commerce transactions over computer networks. Other well-known schemes include CyberCash, NetBill,
NetCash, and NetCheck, and Netscape, Fir
Includes systems provided by St Virtual Holding, and NTT. Despite the diversity of these e-commerce systems, they have a common goal of providing a system that is secure against fraud, breaches, or counterfeiting, and that guarantees the privacy of consumers. Share. To provide an adequate degree of security, almost all e-commerce systems use encryption technology. Therefore, public and private key encryption or decryption schemes must be used to verify the identity of the buyer or merchant, to verify information, and to provide a legally binding and less counterfeit electronic signature. Used for

[0007] Consumers who use credit cards to shop remotely have become eCash
Or consumers using e-commerce systems such as MilliCent,
Gives you more flexibility in choosing who to do business with. A consumer using a credit card to make an electronic purchase first requests a purchase from a merchant. The merchant then contacts the agency that issued the consumer's credit card for authorization. If the purchase is approved, the merchant will eventually be given a token that the merchant will transfer to his bank account, and the consumer will be billed by the institution. The use of credit cards to make electronic purchases has a series of problems. First,
Although encryption is used in credit card transactions to protect information such as credit card numbers, credit card security is not sufficient. Any merchant can take the information provided by the user, purchase additional merchandise from other merchants, and even if the fraudulent activity is discovered,
There is little hope to find the bad guy. The risk of eavesdropping or snooping by a transaction outsider also poses a significant risk. More importantly,
The risk associated with an intrusion at the host where the credit card number is stored. Second, and perhaps more importantly, credit card overhead is generally high ($ 0.20 + 2% of transaction cost is normal). This makes payment by credit card unsuitable for payments below $ 1.00.

[0008] Benefits are methods and systems that allow consumers to purchase goods or services from a merchant without the need for both the merchant and the consumer to install their own software. Further, such a system or method should be secure without requiring consumers to publish private information, such as potentially misused credit card numbers. Finally, such a system should be ubiquitous so that any consumer can purchase without visiting a store.

SUMMARY OF THE INVENTION The present invention is a method and system for making a payment using a telephone card as part of an e-commerce transaction.

The system includes an eCard server connected to a public network through which consumers and merchants can communicate and transact. According to this system, the public network is the Internet or the PSTN (Public).
Switched Telephone Network). Thus, the system provides a home shopping opportunity without the consumer having to own a personal computer or credit card.

In accordance with the present invention, a secret encryption key is shared by a user and a calling card server when making a purchase over the Internet. Generally, when a user or consumer wants to make a purchase, they contact the vendor that prepares the invoice. The user signs the invoice using his telephone calling card number and PIN code. Next, the merchant sends the signed invoice to the eCard server. The server authenticates the signature, verifies that the user has sufficient funds for the purchase, and sends confirmation information to the merchant. After receiving the confirmation information, the merchant then informs the user of the successful purchase. The user is later charged for the item on the telephone bill, and the invoice is stored on the eCard server for financial audits and to ensure that transactions are not rejected. . According to the invention, no private information is passed to the merchant (even the name of the customer can be hidden). Thus, the risk of fraudulent activity is reduced.

According to one embodiment of the present invention, the purchase may be made on the PSTN. According to this embodiment, the user first initiates a telephone call to the merchant using his telephone calling card. In this way, the user first identifies himself to the telephone network. The telephone network then completes the call to the merchant, so that the merchant and the user can negotiate the transaction. Upon completion of the negotiation, either the user or the merchant signals to the telephone system to route the transaction. For example, a user may use a flash-hook / dialed code, or a merchant may use the Internet. The trader is the user's P
Send the audible invoice to the eCard server along with the IN (this allows the user to authenticate that the purchase is actually taking place). The eCard server is
The audible invoice and the user's pin are then played back to the user, thereby allowing the user to agree to accept or decline the purchase. If the purchase is agreed, the user will be charged for the item on a later billed telephone bill and the invoice will again be for future accounting audits and without refusal To be saved. A further extension of this embodiment of the invention includes that the user purchases a prepaid calling card, thereby eliminating the additional step of charging the user later.

[0013] According to another embodiment of the invention, transactions may be performed using the World Wide Web over the Internet. In this embodiment, the consumer first contacts an Internet service provider (ISP), which may be a telephone company.
Dial the server maintained by). As part of the ongoing dialing,
The identity of the consumer is confirmed. The user then drags a copy of the invoice or purchase order to the application running on the web page. The application attaches the user's digital signature to the invoice and emails it to the merchant. The merchant then presents the signed invoice to an eCard server that authenticates the user's signature before approving the sale.

The present invention offers several advantages over the prior art. These benefits include:
Includes the following:

[0015] The wide availability of calling cards provides merchants with more sales opportunities. Because calling cards are more widely available than credit cards, a greater portion of the purchasing public is made available to merchants as e-commerce prospects. More importantly, there is no need for these customers to be financially trustworthy as they can purchase prepaid cards with different levels of digital money available.

Even if billing is required, the billing overhead is actually lower because every telephone customer is already billed monthly.

[0017] Unlike most credit cards, calling cards are secure (depending on the customer's utility service). Telephone service providers have greater leverage compared to typical banks, so
The need to spend a large amount of money on lection is low.

The calling card infrastructure is designed to handle much smaller payments as compared to the financial services infrastructure.

The telephone company increases the security available from existing PSTNs to provide better security and user authentication.

[0020] Telephone companies are generally trusted by both the public and merchants,
It can function as an appropriate "trusted third party" in the contract protocol.

The identity of the user can then be kept secret with respect to transactions without shipping (eg, payment for downloaded maps or videos).

Further objects, advantages and novel features of the present invention are described in the following description,
In view of the following description, those skilled in the art will become, in part, more obvious or will understand the practice of the invention. The objects and advantages of the invention may be realized and attained by means of the instruments and combinations particularly pointed out in the appended claims.

DETAILED DESCRIPTION OF THE INVENTION Referring to FIG. 1, a generalized schematic diagram of a system 100 according to the present invention is shown. The system 100 is a PSTN (Public Switched Te)
A user or consumer 101 is connected to various merchants or businesses 105 and financial institutions 106 through a lephone network or the Internet 111. The connection of the user 101 to the merchant 105 is established by a service provider or a trusted third party 112, ie, an Internet service provider (ISP).
) Or established or managed by the telephone company. Calling card or eC
The ard server 115 is also connected to the network 111 and stores a calling card number, PIN, username and address, and a list of credit lines, if any, (shown as database 116). Although the merchant 105 and the service provider 112 are shown separately, the merchant and the service provider
Note that it can be the same party. For example, some telephone companies already
Some have their own online shopping network. Generally, after the service provider 112 connects the user 101 to the merchant 105, the user 101 starts operating the system by selecting goods or services provided by the merchant. When the price is negotiated between the user 101 and the merchant 105, the user 101 selects eCard as the payment method. Once the payment method is selected, a series of actions, described in more detail below, are initiated and managed by the eCard server 115, which allow the user 101 to
You are charged for a service or product.

Calling cards are issued by all major telephone companies. These cards have proven to be an effective and convenient way for customers to make long distance calls when away from home. Typically, a user dials a toll free number and types in his calling card number and secret code (PIN). The service provider checks the validity of the number and the correctness of the PIN and allows the user to place a toll call. The charge for the call is stated on the user's telephone bill. Thus, calling cards have already provided a secure way of connecting users over the PSTN. The present invention enhances the security already present in the PSTN and uses cryptographic techniques to improve this security over, for example, a computer network such as the Internet.

The main cryptographic technique used in the present invention is a secret digital signature. To use these signatures, user 101 and server 115 share a secret key.
To sign a document, user 101 attaches a private key to the document and calculates a cryptographic checksum using a standard cryptographic hash function such as MD5 or SHA. The checksum is sent to the server 115 together with the document, and the server 115 performs the same checksum processing. If these checksums match, server 115 is convinced that the document was signed by user 101. Private digital signatures are a preferred encryption method. This is because the customer of each telephone calling card can be given a secret key when the card is distributed. Private key encryption is also more suitable for the present invention. That's because there is no indefinite person to whom consumers have to announce themselves. More importantly, private key encryption can be implemented cheaper and takes advantage of the fact that service providers issue calling cards and act as trusted third parties. Nevertheless, public key cryptography can also be used to authenticate customer signatures.

Referring now to FIG. 2, method steps of a first embodiment of the present invention that enable a consumer to make purchases on the PSTN are shown. As FIG. 2 shows, when a consumer or customer 101 places a telephone call 202 to a merchant 105 from a consumer's home or using a calling card or some other mechanism that allows the PSTN to identify itself. Then, the process is started. Once the identity of the consumer is confirmed, the consumer's service provider system or PSTN 11
And establish a call 202 between the merchants 105. Consumers 101 and traders 105
Next, transaction 208 is negotiated.

When the negotiation is completed, the consumer 101 presses * 678 after a predetermined key sequence 210 on the telephone pad, for example, a flash hook, and the consumer wants the service provider system 111 to purchase. To the effect.
When the service provider system 111 receives this sequence or signal 210, the system 111 temporarily disconnects the merchant 105 from the consumer 101 and two new calls, a call 212 to the consumer 101 and Establish another call 214 to merchant 105. Alternatively, instead of temporarily disconnecting the merchant 105 and the consumer 101, the system can temporarily and temporarily disconnect the merchant 105 and the consumer 101 from the call. If the consumer is using a calling card, the consumer is queried at step 216 for his PIN. Of course, if the consumer is calling from home, a PIN may not be needed. While in step 216 the customer is queried for his PIN, the merchant is also queried in step 218 to enter the transaction volume. Next, each of the consumer and merchant returns the information requested in steps 220 and 222, respectively. When returning the requested information, both consumers and merchants
It may request that additional information associated with the transaction be returned, or may allow additional information associated with the transaction to be returned. For example, consumers
Your name and address can be entered at step 224 and this information can be recorded by service provider 111. Similarly, at step 226, the merchant can enter his name and the item purchased and have this information recorded by service provider 111. This additional information provided by the merchant may be made available to consumers and vice versa. In addition, the merchant can send this information to the service provider via an audible invoice or an invoice on the Internet. However, this additional information is not required to complete the sale. This is because here both transactions already know the selected item and its price.

The service provider then checks at step 227 the consumer and merchant records to select the appropriate form of payment, and checks the consumer's ability to obtain funds. As shown in FIG. 2, step 227 includes an eCard
Involves service providers accessing server 115. In the above description,
Although the service provider system 111 has been described as collecting information from consumers and merchants, the service provider system 111 allows the eCard server 115 to request, collect, and manage the entire transaction in a traffic police ( Note that it can also function as a traffic cop).

Once the payment method is selected, the service provider plays the product description and price to the consumer at step 230 and receives confirmation information from the consumer at step 232. If confirmation information is received, then step 23
At 5, the consumer and merchant are reconnected.

In a second embodiment of the present invention, as shown in FIG. 3, the consumer can also purchase items on the Internet using applications available on the World Wide Web (Web). it can. In step 302, the consumer
Initiate a transaction by dialing the Internet Service Provider (ISP) modem pool and entering a user identification code and password. The ISP then verifies the user at step 304 and establishes a connection to the web page from which the customer negotiates goods and prices. The consumer then clicks on the eCard icon on the web page used to negotiate the transaction at step 306. Note that the web page may be a web page of a consumer or other trusted third party.
As a result, two new connections are made. That is, one is that eCa
A connection 308 to the rd server, one from the eCard server to the merchant (step 310). The eCard server then queries the consumer at step 312 for a calling card PIN. At the same time, the merchant is required to enter the transaction volume on the invoice or purchase order 314. As with the above embodiments of the invention, the consumer and merchant may optionally record messages at steps 318 and 320, respectively, indicating other specific conditions related to the transaction. Using voice, web pages, or offline email, the service provider system may optionally play a recording of the customer's voice and name. The system then proceeds to step 33
At 0, check customer and merchant records and select the appropriate form of payment (typically on a calling card account, but also possible by credit card, ATM, etc.). The system then confirms the product description and price to the customer at step 336 and receives confirmation from the customer at step 338. After confirming the customer in step 338, the consumer is free to move around the web again and make another purchase.

The above description has been presented only to illustrate and describe the invention.
It is not intended to be exhaustive or to limit the invention to the precise form disclosed. Many modifications and variations are possible in light of the above teaching. The above-described embodiments are designed to enable others skilled in the art to best utilize the invention in various embodiments and with various modifications that are suitable for the particular use contemplated. And has been selected and described in order to best explain its practical application.

[Brief description of the drawings]

FIG. 1 is a diagram showing a system architecture of the present invention.

FIG. 2 is a state diagram showing an information flow between elements shown in FIG. 1 when executing a transaction on the PSTN.

FIG. 3 is a state diagram showing an information flow between elements shown in FIG. 1 when executing a transaction on the Internet.

──────────────────────────────────────────────────続 き Continuation of front page (81) Designated country EP (AT, BE, CH, CY, DE, DK, ES, FI, FR, GB, GR, IE, IT, LU, MC, NL, PT, SE ), OA (BF, BJ, CF, CG, CI, CM, GA, GN, GW, ML, MR, NE, SN, TD, TG), AP (GH, GM, KE, LS, MW, SD, SL, SZ, UG, ZW), EA (AM, AZ, BY, KG, KZ, MD, RU, TJ, TM), AE, AL, AM, AT, AU, AZ, BA, BB, BG, BR , BY, CA, CH, CN, CU, CZ, DE, DK, EE, ES, FI, GB, GD, GE, GH, GM, HR, HU, ID, IL, IN, IS , JP, KE, KG, KP, KR, KZ, LC, LK, LR, LS, LT, LU, LV, MD, MG, MK, MN, MW, MX, NO, NZ, PL, PT, RO, RU, SD, SE, SG, SI, SK, SL, TJ, TM, TR, TT, UA, UG, UZ, VN, YU, ZA, ZW (72) Inventor Cohen Ernest Samuel United States 19119 Philadelphia, PA West Durham Street 319 (72) Inventor Sri Navigne United States 08536 Plainsboro Hopkins Court, New Jersey 6 F-term (reference) 5K025 BB10 CC01 EE24 EE25 GG14

Claims (9)

[Claims] 1. A method of electronic commerce using a trusted third party, wherein a customer identifies himself to a network using a telephone calling card, and the network establishes a connection between the customer and the merchant. Completing the steps of: negotiating terms of sale of the article selected by the customer between the buyer and the merchant; and determining that the identified customer desires to purchase the credit. Signaling to a third party; sending, by the customer, a PIN to the trusted third party; sending, by the merchant, an invoice to the customer with information about the selected item. Sending the invoice to a server to confirm the customer's approval and funding capabilities; How to the steps of safely signaled approval serial supplier invoice, by the server, to the customer and the skill, characterized in that it comprises a step of signaling the approval of money payment. 2. The method of claim 1 further comprising the step of charging the purchase on the customer's telephone or calling card bill. 3. The method of claim 2, wherein the step of identifying a customer comprises the step of the user dialing a telephone service provider number, wherein the dialed number has a PIN code uniquely associated with the customer. The method of claim 2, wherein a telephone service provider verifies the customer's identity based on the dialed PIN code. 4. The step of the customer signaling an approval, wherein the telephone service provider is a call to the customer and the merchant respectively.
Establishing two separate telephone calls; the telephone system playing a recording of the merchant's invoice for the customer; and the telephone system authorizing a key or verbal authorization from the user. Collecting the responses. A method as claimed in claim 3, comprising: 5. The approval of the invoice by a customer, wherein the sub-step of the user obtaining a copy of the invoice and the digital signature created by the user using either public or private key cryptography. Signing the invoice with a sub-step. 6. The method of claim 1, wherein the step of identifying the customer to the network comprises dialing an Internet service provider modem pool. 7. The step of allowing the customer to identify himself to the network includes the step of the user dialing into the Internet service provider modem pool using a computer and entering a unique identification code by the user. The method of claim 6, further comprising the step of: and the Internet service provider verifying the identity of the customer based on the entered unique identification code. 8. The method of claim 1, wherein the step of the customer signaling the approval of the invoice includes: the step of the customer placing a copy of the invoice in an eCard application running on the customer's computer; Querying a customer for a password; the eCard application creating a digital signature for the customer based on the password; the eCard application attaching the digital signature to the invoice; An application mailing a copy of the attached invoice to the merchant; the merchant submitting the signed invoice to an eCard server; Characterized in that it comprises a step of checking the signature of the customer, the method according to claim 7. 9. The method of claim 8, wherein the step of creating a customer digital signature is performed using either public or private key cryptography.