JP2002518749A - Check payment system - Google Patents

Abstract

Abstract: A distributed, verified trusted third party system (VPS) with improved privacy and security to include an entire payment range from very large to very small And a method for enabling electronic / digital transactions through real-time verification and authentication. The VPS (10) stores the client data and includes a hub (16-20) connecting the client and (22) to the vendor (24) to mediate secure electronic transactions. The data can be pre-registered by other owners, managers and issuers of the bottle light (30) and the payment system (32). The owner of the payment system, such as a business card / purchase card, may authorize use by a third party within predetermined limits, allowing the third party to monitor and control the delegated authority. The central account authority (12) provides a registration service that indicates which hubs provide services to which clients. The VPS (10) implements a dual key transaction system in which the matched instructions are passed to the client (22) and the vendor (24) before completing the transaction in a manner accepted by the client (22) and the vendor (24). Must be emitted separately and completely independently from The VPS (10) allows clients (22), vendors (24), and associated payment methods and systems (30-32) to be known in a certain amount and to be pre-registered within an authorization manager. I do. The client (22) and vendor (24) can select the payment method and currency at the end of any transaction, and the payment is always closed without either party accessing or knowing the details of the other payment system. Made in the system. A real-time audit trail of all parties is implemented, and clients (22), vendors (24), and banks (30) track transactions, generate reports and refunds for such secure transactions. Can be started. The VPS (10) is independent of software and / or hardware, and is a mobile phone (28) for purchasing and credit / debit payment arrangements for any form of commerce using electronic transactions, palmtops It may be implemented by a computer and any known network topology for digital or electronic transactions using digital television.

Description

DETAILED DESCRIPTION OF THE INVENTION

BACKGROUND OF THE INVENTION The present invention relates to electronic commerce, and more particularly to a distributed payment system for conducting secure electronic commerce transactions.

The Global Internet The Internet has, at its widest, become a global central system and is increasingly the medium of all kinds of transactions, from personal transactions to multilateral transactions. However, having to exchange primary data, such as data from various payment systems, every time an electronic transaction is performed is insecure and impractical. At the same time, data owners or controllers, including businesses, banks and individuals, must be able to protect their privacy, access their own data, verify their identities with each other, And it must be possible to control the mechanisms used to identify themselves in a secure manner to authorize transactions.

[0003] All parties involved in a transaction require fair records for validation, automation, and verification.

Electronic Commerce Electronic commerce is becoming more prevalent as the Internet and other communication networks are used to facilitate consumer / vendor interaction. For a variety of relatively secure e-commerce (E-commerce) transactions beyond the network connecting banks and credit card companies to vendors for use in the authorization and authentication of electronic deposit and over-the-counter (EFTPOS) payments Payment systems and transaction authentication systems are implemented in global ways, including via the Internet. However, such e-commerce and payment systems generally rely on subsequent verification. For example, a credit card user
A few days or weeks after the transaction, the credit card bill must be verified by examining the credit card statement. In known e-commerce systems,
Real-time matching over a network is not possible without requiring a lot of network and bandwidth capacity to simultaneously authenticate and match clients for a given e-commerce transaction.

[0005] Real-time verification and authentication uses, to some extent, smart cards and / or other payment systems, such as a debit card payment system, in which a client verifies a transaction with a personal debit card at the time and place of the transaction. Can be implemented. However, such debit cards generally require that the deposit be pre-loaded on the debit card, which ties up resources on debit cards that are not of interest and reduces client liquidity. Further, loss or theft of a debit card can be a significant problem for unfortunate clients. Alternatively, by minimizing the amount of funds pre-loaded on the debit card to avoid such problems, clients are limited in the size and number of transactions before loading additional amounts. This is for example $ 500 (USD)
Not suitable for commercial transactions beyond.

Accordingly, there is a need to provide transaction parties, including clients and vendors, with flexibility, security with real-time verification and authentication, and unlimited service.

In addition, known electronic commerce systems cannot easily handle micropayments, ie, payments below a specified limit, such as $ 10 or less than £ 10. Micropayment is a service fee for online resources such as, for example, the use of downloading data fragments, such as image files and icons, over the Internet, and accessing websites for information and / or software. It is becoming more and more popular. In addition to verification and authentication issues, e-commerce requires handling small payments and billing clients for outstanding small payments in a single large payment.

There is also a need for an e-commerce system that provides secure and authenticated micropayments.

[0009] In addition, many commercial transactions rely on credibility and identification that is established after many transactions. Provide the parties to the transaction with the services of identification, reconciliation, uncapped payments, and payments, unless this creditworthiness is built by previous relationships that are increasingly common in competitive and liquid markets Therefore, there is a need to enable transactions.

[0010] There is also a need for an e-commerce system that provides secure and authenticated micropayments.

In addition, e-commerce through the World Wide Web (WWW) interface, such as a browser, is becoming increasingly popular. However, such browser-based implementations are relatively insecure and require that browser information, such as "cookies", stored on the client's Internet-accessible computer be known to compromise the client's privacy and security. Need to use.

[0012] There is a need for an e-commerce system, including an Internet-based system, that does not rely on browsers and does not present the problem of security and privacy concerns for clients.

SUMMARY OF THE INVENTION [0013] From very small to very large sums accessed from all appliances and devices that have telecommunications capabilities for both immediate or delayed payment settlement and non-payment transactions. Disclosed are systems and methods for trusted third parties that enable secure electronic transactions throughout the transaction scope.

A distributed matching payment system as a trusted third party system that facilitates e-commerce through real-time authenticated electronic transactions with improved security, unpaid evidence, micropayments, etc. (VPS) and methods are disclosed. The VPS of the present application implements a dual key identification and authorization system in which the verified instructions must come in completely separately from the client and vendor before the transaction is initiated. This is not only more secure than receiving orders from only one source, as in standard EFTPOS transactions, but it can also combine flexibility with a controlled payment system. In this way, the system
The vendor and the associated payment method are known constant quantities and act like orbital switching systems pre-registered in the Authorization Manager.

After agreeing to the amount and currency specified by the vendor, the client may select a payment or authorization method from the payment or authorization methods provided by the client and accepted by the vendor. Authorization and / or payment is then made in a closed system without either party having access to the other party's payment system or knowing the details. The owner of the payment system, such as a business card / purchase card, may approve use by third parties within specified restrictions, thereby allowing delegated authority to be monitored and controlled.

In addition, real-time audit trails for all parties provide clients, vendors, and banks with access to transaction records, follow transactions, and create reports on such secure transactions. Implemented by the system of the present invention. The system according to the present invention can be used for any known electronic transactions using mobile phones, palmtop computers and digital television for purchasing and credit / debit payment agreements for any form of commerce using electronic transactions. Can be independent of software and / or hardware in that it can be implemented by any known network topology.

Further, the system supports that the payment system is pre-registered by the financial institution to improve the security of the process.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT Referring now to FIG. 1, a reconciliation including an account authority 12 connected via a network 14 to a plurality of distributed hubs 16-20 functioning as authorization processors. A payment system (VPS) 10 and method of operation are disclosed. All clients 22 and vendors 24 are connected to an electronic network 26 such as the Internet.
Authorization and / or payment can be made between the client 22 and the vendor 24 on a transaction-by-transaction basis, securely, efficiently, and inexpensively individually over the network 14.

As shown in FIG. 1, the hubs 16 to 20 store client information and vendor information corresponding to the respective clients 22 and vendors 24. In other and / or further embodiments, some clients 22 and vendors 24 are each connected to hubs 16-20 through a gateway capable of handling telephone communications or other communications such as, for example, cellular telephony. Connected to hubs 16-20 via a telephone or other communication system 28. Further, various entities such as a bank 30 and a payment system 32 such as a credit and / or debit card issuer connect directly or through the network 14 to a local authentication server 34 and / or gateway to the hubs 16-20. Can be done.

Network 14 may be a wide area network (WAN), part of the Internet, or other electronic network communication mechanism. Each hub 16-20 includes one or more authentication systems, such as a local authentication server 34, for authenticating electronic transaction requests registered by each client and each vendor for a given electronic transaction, or one or more authentication systems. It may be operatively connected to an authentication system.

Each hub 16-20 is connected to a secure hub internal network 38 having a web farm 40 via at least one firewall 36 for communication from the Internet 26, as shown in FIG. Web farm 40
Can support transaction requests and authentication services from other hubs 16-20, such as a "WINDOWS NT" based server for processing Internet communications such as HTML and HTTP data packets embodying electronic transactions. Web server. The authentication server 34 authenticates payment system details associated with the electronic transaction, such as valid credit card information, for further authentication,
The electronic transaction data is sent to a bank 30 or other payment system 32 for settlement and processing.

The VPS 10 is stored in a vendor database 24, a client 22, and a “WOLFPACK” SQL database server 42 that stores details of the payment system, for example.
Contains one or more databases. Electronic transactions are for communication between a client on one hub side and a vendor on the other hub side and vice versa, and / or indicate which hub is serving which client. The router 44 and the internal hub dedicated W to communicate with the account authority 12 to identify the hub that supports the given client or vendor and initiate data exchange between the hubs.
Transmitted through AN14. Each hub 16-20 provides services to its own respective vendor and client and also supports service requests from other hubs for its own clients and vendors, such as requests for identification and authorization. . Adapting and managing the services performed by each hub 16-20 can be implemented using "MICROSOFT LOAD BALANCING SERVICES" technology.

FIG. 3 is a diagram illustrating the general operation of the VPS 10 according to the present invention used by the client 22. As used herein, the term "client" refers to a client, customer, consumer, or other client that initiates and / or contracts with a vendor, which may include sellers, distributors, wholesalers, retailers, and the like. Any entity (
entity). Client 22 has communication capabilities to connect to the Internet 26, telephone system 28, or other communication mechanism from which to establish electronic transactions and / or goods, services, information, or archived data, online, A computing device 48 capable of electronically contacting the seller and / or vendor 24 to select other available materials or electronic goods and information, such as games, video clips, physical goods, and / or any Is used. The selected material may be software and / or uploaded to a consumer computing device 48 or telephone 50, such as a palmtop computer or digital TV.
Or distributed immediately, as in the case of music, or distributed in other ways, including physical delivery. Further, the selected material may be an online game or data that can be accessed with a usage fee charged for use. The VPS 10 does not rely on any method of pre-selecting goods, which is always based on direct communication between the vendor and the client.

In overview, the VPS 10 does not require direct communication between the client and the vendor, but follows the same basic procedures for the Internet, mobile / cellular phones,
It allows payment for goods and services accessed via electronic mechanisms such as digital TVs. Once the client has selected and agreed to pay for such goods or services, the vendor 24 may provide his identification information to the system 1
0, refer to the transaction and give the amount and currency of the transaction. The client also provides his identification information to the system 10, selects one of the client's pre-registered payment systems, and agrees to pay. The identity of both parties is verified and the selected payment data is secured and combined off-line. Transactions are authenticated in real-time through the gateway of the appropriate bank or other credit institution, and if appropriate, instructions are sent for immediate or delayed payment by the vendor's bank or payment agent. The vendor is automatically updated with the authentication result and the audit trail available to all parties to the transaction is updated. Each transaction is given a vendor and VPS reference number to facilitate confirmation and refund. Multiple hubs provide resiliency and scalability, and each hub provides authentication services to certain vendors and performs matching and information services on behalf of clients. The central account bureau provides a registration service that indicates which hub is serving which client.

The vendor 24 requests approval of the transaction from a respective hub, for example, the hub 16.
Clients also request payment approval from the vendor hub. Client 2
2 and the vendor 24 are authenticated, the client 22 or the vendor 24
A corresponding hub associated with one or both of the above may act as an authorization processor to authorize the transaction and / or ultimately charge the client 22 for the transaction, such as a card issuer, bank, or other such as a telephone company or electricity company. Payment system allows payments made to vendor 24 by payment system 32. The VPS 10 may also approve the transaction without incurring payment directly.

This double-key transaction for matching payment information and client authentication information is because both sets of information must come separately and completely independently before the transaction starts and / or completes. , Give higher security.

FIG. 4 shows the transaction process of FIG. 3 in more detail, wherein in step 56 the vendor 24 is a specific hub 16-20 associated with the vendor to approve the transaction (Tx). Generates and sends a request to the approval processor 52. This may be in response to a request from client 22 to initiate a transaction with vendor 24 in step 54. Next, the authorization processor 52 creates a transaction entry and searches for information about the vendor 24 at step 58, for example, to determine that the vendor 24 is a participant in the VPS 10.
If the vendor 24 is a participant of the VPS 10, the authorization processor 52 obtains details 60 about the vendor 24 in preparation for paying for the transaction and sends the vendor a message identifying the transaction Tx or a secret key. Returns a code such as a key that can be included.

The client 22 is not informed of the secret key but the transaction key, and in step 64 the client 22 uses the transaction key to identify the transaction to the authorization processor 52. The VPS 10 provides the vendor 24 with a transaction ID and a value such as a “checksum” or secret key, and the client 22 may use the identification ID to identify the transaction, but the VPS 10 and the vendor 24 The client 22 is not notified of the secret key included in all communications. This reduces the risk of fraud on the client 24 side.

In an exemplary embodiment, the client 22 may be accessing the vendor 24 website using the computer 48 to select goods or services to purchase from the vendor 24, step 62. In Vendor 2
4 redirects the browser of the client 22 to the verification and payment selection screen, using the transaction key as a parameter of the client 22 redirection. The interface of the vendor 24 provided to the client 22 may be, for example, a website and / or other graphic user interface (GUI) environment, such as "INTE
L "and" MICROSOFT WINDOWS "associated with Active Server Pages technology and / or Commerce Server Order Processing Pipeline technology, Unix and / or Apa
It may include a browser that uses plugins and / or scripts to support Perl scripts and the like for the che environment.

Alternatively, using telephone 50, client 22 may select a product or service from vendor 24's automated telephone service, for example, using a touch-tone telephone and a series of automated voice menus. Alternatively, at step 62, the client 24 redirects the client to the payment selection and approval screen via the telephone 50, or the approval processor 52 calls back the client 22 to allow the transaction to continue.

In step 64, client 22 sends a request for payment approval and / or selection to approval processor 52. Next, the authorization processor 52 verifies the authenticity of the client 22 and, at step 66, obtains payment information in response to the client's selection of a payment system. The client details 68 are obtained and verified from step 66, preferably by requesting this service from another hub, and then used to authorize payment.

Upon receiving both the vendor details 60 and the client details 68,
4 and the client 22, the authorization processor 52 sends an authorization message 70 to the payment system authorization receiving means 72, to which the payment system has authorized the transaction and, in some cases, the approved electronic transaction. About Vendor 24
Make a payment to. The authorization processor 52 then notifies the vendor 24 at step 74 and informs the client 22 at step 76 that the authorization has been completed and, therefore, payment has begun.
Completes the transaction by sending the selected goods or services.

FIG. 5 illustrates the overall process performed by the authorization processor 52 from step 58 of FIG. 4 to obtain and confirm what is considered a vendor as an approved vendor and create a transaction entry. Shows a key diagram showing the status of the deal by
The authorization processor 52 creates a temporary transaction entry, then the client details 68 arrive and be authenticated, payment system (PS) authorization is performed at step 72, and the respective client 22 and Wait for notification of vendor 24.

FIG. 6 is a diagram showing another state diagram of FIG. 5 showing the state of the transaction table in the vendor's hub. Before completing the transaction, it is communicated to the vendor 24. Client 22
If is not authenticated, the vendor 24 is notified of the reason and the request for transaction approval in step 56 may be denied. If authenticated, authenticated client 2
Vendor 24 may conduct a fulfillment transaction or a regular transaction to complete the approved transaction for 2. Other conditions, such as refunds, can also be handled.

FIG. 7 shows the processing of FIG. 5 in a state of waiting for client details by the approval processor 52 in step 66 of FIG. 4 in order to check and authenticate the client. And the approval processor 52 is waiting for the receipt of registration information from the client. Each authenticated client has been previously registered, and therefore, upon receiving the client details, the authorization processor attempts to match the alleged client with one of the authorized clients, and If so, the client details 68 are obtained.

FIG. 8 shows the payment options to the client 22 for the process of FIG. 5, and to approve the request for payment from the client 22 of FIG. FIG. 7 illustrates an Attempt Authorization state performed by the authorization processor 52 in steps 64, 66, 70 of the normal payment system in which the total amount of the transaction is provided to a payment system associated with the client, or A small amount to reduce the unpaid float that is collected when a transaction amount equal to or less than a predetermined amount is collected and the unpaid amount exceeds a predetermined limit, or is filled when the float reaches zero, for example. It is a payment system.

If the client details 68 are stored in a different hub from the authorization processor,
The status of the transaction is partially reflected at the client's hub to give the client the resiliency available and a complete transaction log. FIG. 9 illustrates the transaction table state of the client's hub while processing a request for client details. Such processing may be performed to determine whether the client's 22 account limit is exceeded by the client's selection, or that the micropayment is authorized and the client 22
Determining whether the payment option is acceptable between the client and an approved payment system of the client.

The account authority 12 is used by the Check Client process to identify which hubs can provide the desired client details.

As used herein, a vendor 24 is defined as an institution that receives payments through the VPS 10. Client 22 is defined as an individual or business entity registered with VPS 10 to enable transactions over an electronic network, such as, but not limited to, the Internet, and / or to pay for goods or services. Is done. The payment system, eg, payment system 32, may be used to make payments, such as access to credit / debit cards, direct debit card systems, bank accounts or specific fund transfer banking systems, utility billing or billing accounts, or otherwise. Including any system for authorizing transactions in the manner described. A reception system is broadly defined as a system that accepts payments and may include details such as a bank account or a seller number. The payment system owner is the client that owns or owns the payment system.

An approved client is a client whose owner has been authorized to use the payment system. The client's account is defined as the client's record on the VPS system 10. The hub operator operates the VPS hub 16
To 20 are defined as institutions that operate as semi-independent suppliers of VPS 10. A financial settlement service is defined as an entity that performs the actual transfer of funds, for example an acquiring bank for credit cards, but may include other financial institutions.

In general, the owner of the payment system is the individual owner of the credit card, but the owner of the payment system may be a corporate officer holding a corporate credit card or purchase card, or a billing account payment. It may be the accountant controlling the system. In the present application, the automatic payment feature is a feature that allows a client to enter a uniquely assigned username and / or personal identification number (PIN) only once during a session, rather than each time a purchase is made. The payment system owner may be a personal holder of a payment method such as a credit card owned by the client, the holder being an executive of the company responsible for the payment method, for example associated with use by the payment method He is an executive, treasurer, and / or procurement officer of a company that holds a corporate credit card and / or other billing account.

Using the VPS 10 of the present application, the client 22 can make payments to the VPS vendor 24 via the Internet 26 or other communication network. Information and details about each client 22 associated with a credit card or other payment system 32 are not transmitted clear over the Internet 26 or other communication network, instead the client 22 adds or modifies the client's account. It is only transmitted in an encrypted form to allow it to Alternatively, by providing the credit card details or other payment system details to client 22 by facsimile or other secure data transmission mechanism, Internet-based account changes may be avoided. In addition, the details of the payment system may be pre-registered by the bank or other issuer of the credit / holder of the account, for example, for verifying a known and correct address and delivery address from a bank, and communication such as the Internet By minimizing the data transmitted over the channel, it is possible to increase security.

Unless the payment system is managed by a vendor, such as a telephone account, the vendor 24 is not notified of details such as the client's credit card or other payment system 32. Payment is generally made directly to a given vendor 24 contracted by the client 22, and the client 22 may choose to be anonymous to the vendor. Alternatively, the client may provide the vendor with a minimum or maximum value from the VPS database to minimize the entry and transmission of data from the client and to minimize the exposure of the client's information to unsecured systems. May be able to capture name and address information. In another embodiment, the vendor 24 may provide a name, along with a payment request, to minimize the data entry required for a new user.
An address and / or other details may be sent. The convenience for the client with this option requires that the vendor know when the client is a new user.

In some embodiments of the VPS, a micropayment feature may be implemented in which very small payments, such as pence or cent, can be made without incurring the overhead of credit card transactions. Micropayment has two variants, the first is when the vendor assumes the risk of default, and the second is when the VPS takes an initial deposit and a pre-approved automatic credit and / or debit payment mechanism. This is a case where the first deposit is used to make a credit sale. A key feature of micropayment VPS implementations is the ability to automatically convert common currencies in the authorization processor to allow payments in multiple currencies.

Optionally, under the explicit agreement of the client, an automatic payment feature may be implemented in which the identification process can be set transparently after an initial identification during a session involving the client with a particular vendor. Such a transparent transaction process provides a simpler process for a series of transactions while maintaining the same security.

Access and use of a given payment system 32, such as a credit card system, is granted to other VPS clients 22 by the payment system owner. The owner can specify credit limits for authorized clients and view all transactions. Authorized clients can only see transactions initiated by the client.

The client 22 is “pre-loaded” by the financial settlement service, vendor, or company, and the pre-loading process allows designated customers to use a personal identification number (PIN) that is sent separately by the customer. Create a set of inactive accounts that can be active accounts. The pre-loaded account can be incorporated into an existing VPS account by the customer or used to create a new account.

Vendor 24 can issue reimbursement through VPS 10 and client 22 and vendor 24 approve payments to other customers so that VPS 10 provides flexibility and adaptability to various marketing and sales methods. sell.

The vendor 24 may choose to provide account means for a particular customer or group of customers. These account systems may make payments through a financial settlement service in the form of a micropayment if the account is out of bounds, or present a bill directly to the customer. When presenting bills directly, VPS 10 acts primarily as a reliable accounting system.

A statement to the client 22 and the vendor 24 may be available online. Other reports for banks 30, payment systems 32, and agents, and for managing institutional accounts, may also be available.

The VPS 10 is very secure for basic purposes and for physical, procedural, and programmatic access to secure information. In particular, client 22, payment system owner, and / or vendor 24
A minimum safe level may be specified. For example, the vendor 24 and / or the client 22 may assert a match above the PIN level of security details before allowing purchases over a certain amount.

Further, the VPS 10 may be able to export account information outside of the system 10 to, for example, external accounting means. The accounting information may include the number of regular transactions recorded depending on the type of payment system and the volume of the micropayment to enable the external accounting system to charge the vendor.

The VPS 10 is intended to be as open as possible so that it can be adapted to meet the great potential of, for example, Internet-based payments and e-commerce. The architecture of the VPS 10 allows for as many future options as possible. For example, VPS 10 and associated payment system 32 may include credit / debit cards, direct debit, in-store accounting,
Includes utility billing and other forms or methods of transferring money from one place to another. The VPS 10 also identifies the customer, for example, by receiving and accepting a simple username and password over a secure web connection. Alternatively, any other form of identification and verification may be used, including smart cards, digital certificates and digital signatures, and / or authentication methods based on biophysics / biometrics. Payment system 32 and / or customer data may be hosted by other agencies external to VPS 10.

[Features of Verification Payment System] The VPS 10 is a value-added authentication / settlement system that is highly convenient and provides a new security level. VPS includes banks and other credit providers, buyers, and
Reliable to maintain in a secure environment the details of the buyer, seller and payment system belonging to the credit provider to provide a link between the parties for electronic transfer or credit accounting transactions, such as the seller It is a third-party system. VPS 10 allows these parties to quickly and efficiently approve transactions and / or exchange funds, or automate their processes, without disclosing or exposing secure data. It is possible to do. Also, VPS10 is VSP1
0, all parties to all transactions enabling the service, ie, customers,
Provide fair, real-time audit trails to vendors and banks.

When a customer opens their first VSP account on the Internet, the customer can enter their bank and credit accounts through a secure interface to the VPS 10 such as a secure website or secure data entry mechanism. Enter details of a credit card or other payment system, such as Such information may be appropriate by SSL, for example via the web server of the VPS 10, or for the backing office where the information is protected from the web server, encrypted and isolated off-line, as appropriate for the initiator. Passed securely and protected by other secure encryption methods. The VSP 10 may be registered with the payment system offline or directly by a card issuer or credit provider, such as a telephone account, retail card, corporate credit account, or the like. A VSP account holder as a customer utilizing VSP 10 may register on a virtual account any number of payment systems that can all be accessed and controlled by the customer via the same unique ID.

Once the account is opened, the VSP account holder is not required to enter or carry a payment card or personal details over the Internet or any other media,
Instead, VSP account holders identify themselves with a unique username and password, such as a personal identification number (PIN) with any additional security checks. Transactions are mediated by a unique dual key system. That is, a code identifying the seller, transaction, and amount is transmitted from the seller, while the customer identifies himself and confirms that the customer is willing to pay for the selected transaction. These two information flows from the seller and the customer are combined at the authorization server 52 and the payment system authorization unit 72 and, if appropriate, via the high speed telecommunications link, the seller's selected payment system, For example, it is transmitted to a bank.

Next, information regarding the success or failure of the transaction is returned to the approval processor 52, where the success / failure information is recorded in the approval processor 52, step 74.
At both the VSP web server and the seller's server so that customers and sellers can be quickly informed, eg, within 3-7 seconds, of results.

Each transaction is uniquely identifiable via a code assigned by the seller and by the VPS 10, thereby facilitating reference checks, financial credibility, and refunds. The automatic payment feature allows the client 22 to identify itself to the vendor 24 only once for all transactions during a single session, for example on each vendor's website.

Very small payments can be treated specially, and all payments below the minimum predetermined amount agreed by each seller are classified as small payments and treated separately. Micropayments are part of the seamless service provided by sellers and account holders who use VPS10, and VPS10 collects such micropayments, and such micropayments are used by account holders to exceed the minimum limit. Unpaid totals are summed up to give rise to. Next, the VPS 10 will automatically attempt to pay for the sum of the outstanding micropayment plus the new transaction. Thus, a seller using VPS 10 can make a choice between two payment options. With the first option, the seller using the VPS 10 chooses to receive the payment directly, allowing customers to purchase goods and services with credit without having to pay up to an agreed limit. . The payment is not debited to the customer until the limit set by the seller is reached, and the seller receives payments for all micropayment transactions as one consolidated sum. This means that customers purchase small goods and services cumulatively, naturally increasing by downloading small files or information, such as applets, as well as data, such as search engine queries.

With the second option, the seller participates in a general VPS micropayment system, in which the account holder pays a single initial opening deposit, and the seller has a card and transaction from the merged payment. You will need to receive a post-pay monthly fee. When the account holder first conducts a micropayment transaction from any seller participating in the general VPS micropayment system, the account holder is provided with, for example, a minimum of $ 15 (USD).
Must be paid in advance. Then, the account holder can purchase goods and services from all sellers participating in the micropayment system. The customer will not be charged again until the payment limit is reached. Typically, the United States dollar is used as the unified currency for all global micropayment transactions. All payments in currencies other than the US dollar will be converted to US dollars prior to deduction from remaining float funds, and the converted amount will be displayed to the customer along with the original currency prior to underwriting. Merged funds owed to the seller are valued in US dollars, but such funds may be converted to the currency selected by the seller prior to the transfer.

Cards and other payment systems, and personal details are stored on the VPS secure database 42 in the hub 16, which acts as an authorization processor 52.
Registered in S10, such details are securely kept off-line apart from the interface with the vendor 24, such that such details are never used or obtained online. Account holders may register the desired number of cards and other payment systems in a single virtual wallet, including, for example, corporate or personal accounts that are paid monthly in arrears, accounts that are paid by direct debit, and the like. The account holder's registered payment system is accessed through identification checks, and details of such cards and other payment systems can be pre-registered by the issuer, so that the card holder can save his card or personal details. No need to give online. The collection and retention of such off-line information is such that the address is the correct billing address so that the VPS 10 can perform accurate address verification on behalf of the seller without disclosing the account holder's information to the seller.

According to the standard initial operation of the VPS 10, the account holder selects a unique combination of username and alphanumeric password as a PIN and uses the VPS 10 to be used as an identity check at any time thereafter. Enter additional security information in. Random questions based on additional security information are required for all changes to the customer's account, and such questions are optional with respect to transactions and audit trail references. Additional security information entered by the PIN and account holder can always be hidden as asterisks or blanks on the screen. A prompt mechanism may be provided to assist people with poor memory. Other forms of identification and matching may be used as deemed appropriate by banks, financial systems, and key users. Account holders may also select spending limits to limit spending on their own.

[0063] Online audit trails are provided for users and vendors with small time intervals down to the second, including for small payments. The account can be controlled online by the user so that purchase details can be checked and printed, and personal security and payment restrictions can be changed as desired. The account holder thus controls all electronic spending across different banks, cards and websites from a single online account.

Further, the owner of the payment system, such as the holder of a registered card or similar payment mechanism, may transfer the right to use the payment system to another account holder on the VPS 10. Can be operated via the transferred account holder's ID and billing is made to the owner's payment system. The payment limit is
Specified for the payment system owner and each assignee. Sub-accounts may also be restricted in use for certain vendors or vendor types. The payment limit is a pure operational safeguard for account holders, but the true limit on the use of any card or payment system is the credit limit on that card or system. Only the owner of each registered VPS account and sub-account can change details about the account.

All currency conversions are performed by the normal operation of credit cards, banks, and financial systems. Thus, account holders may always be able to pay their bills in a selected or desired currency, such as the currency of the account holder's country, by adding a conversion fee by purchasing goods in a different currency, It automates and provides security for electronic monetary transactions and provides the advantages of monetary conversion and use in the physical world.

If the account authority 12 detects three errors in the security response, eg, in one attempted transaction, the account is suspended and the VPS 10 logs all occurrences of the security error. Further, for example, the account approval authority 1
The account is also suspended when 2 detects 6 errors in different transactions during one period of 24 hours.

The VPS 10 firstly uses a username, password, and, as is known in telephone banking, a random question based on two words and one date to identify the account holder. Use a combination of security checks. However, VPS 10 also claims that VPS 10
It may be configured to accept other forms of identification and verification, such as digital certificates and digital signatures, voice recognition, pupil recognition, fingerprint recognition, and other known methods for authenticating a user accessing 10. For example, the authorization processor 52 may include identification using a smart card so that the VPS 10 works very well with smart card based systems and provides a direct link to the account holder's credit / debit card account. , Providing micropayments without upfront payments, online audit trails and more.

For sellers and vendors, VPS 10 provides a secure and cost-effective way to collect payments for all participating sellers. Payments are made directly to the seller through their bank and seller number. The VPS 10 is designed to enable sellers to build loyalty and brand awareness for customers, for example by ensuring customer security and privacy by both customers and sellers participating in the VPS 10. Because VPS 10 supports debit operations as well as credit operations, VPS 10 also facilitates cash-based customer incentive schemes and the promotion of generating various types of royalties made by sellers. The VPS 10 may also provide specific sellers with information about their own customers, sales patterns, marketing for comprehensive reports, and customers without disclosing customer details.

To use the VPS 10, the seller is linked to the VPS 10 by selecting simple or complex enabling and adapting communication software suitable for most standard platforms and web servers. The seller uses the VPS 10 setup installation and configuration appropriate for his platform and commerce server. For example, the VPS 10 is a software “MI
CROSOFT COMMERCE SERVER SUITE "and any other widely available commerce enabling software. VPS 10 is a very flexible system designed to meet the requirements of individual sellers and to open up new territories of e-commerce and web commerce, so VPS 10 works with customers as well as each customer's business needs. Generate a solution that suits your needs.

The VPS 10 is also very well suited to normal banking software and procedures where real-time verification is integrated directly with the seller himself and the transaction process, thereby allowing full automation, whereby the VPS 10 is Can be easily integrated,
It should be simple and easy to use by customers. The seller receives payment for all standard credit or debit card transactions directly via his seller number. The VPS 10 bills the seller for the fee, for example, based on a flat fee per transaction and on a monthly postpaid basis. The seller may choose to receive the consolidated micropayment either directly through his / her seller number or by bank transfer via a general VPS micropayment system. When using the VSP micropayment system, the seller receives a monthly postpaid payment minus the card fee and the VSP handling fee.

The seller receives immediate notification of payment for each order, and such notification is integrated as part of the seller's transaction sequence, thereby allowing automation and control over the security of the reconciliation process. Full integration with sellers and existing systems owned by the vendor also allows for seamless integration with ordering, checkout, and other software products.

To participate in the VSP 10 as a recipient of a credit or debit card payment, the seller using the credit card obtains an e-commerce-enabled seller number from his acquiring bank. The VSP 10 assigns a terminal ID (TID) to the seller from the reserved area for each bank, and then the VSP 10 informs the bank to settle the payment directly with the seller.

The VSP 10 uses a distributed hub arrangement to provide full scalability and optimal performance as a universal and global system.
Single or clustered regional hubs 16-20 provide fast, reliable, worldwide access and redundancy. The hub may be operated directly by the VSP 10, or may be connected to the VSP 10 by, for example, a bank, a group of banks,
Or as a series of combined joint ventures with a hub operator, such as a clearing house or financial institution. Sellers and account holders have one “home hub” as shown in FIG. 1, but VSP accounts can be used worldwide. While standard transactions are authenticated and settled through a link between the seller's hub and the seller's corresponding bank, micropayment transactions can be processed through the account holder's hub.

Secure international direct debit is performed so that the global banking system can be used to transfer amounts from a bank account in one currency zone to a bank account in another currency zone. Businesses, sellers and vendors can obtain funds, i.e. receive payments in at least the major international currencies in designated bank accounts, and bank customers can pay in any currency on their part It is. The seller and the vendor's company have a short notice that the expected funds are available and automatically received within the number of days specified by the acquiring bank and / or by the business audit commissioner, for example, usually within three business days. Notified immediately.

The VSP 10 can be used by vendors, customers, internationally using, for example, credit or corporate purchase cards and other established banking systems and relationships internationally as a medium of exchange.
And support the ability to interact globally with hubs. Thus, VSP is
It provides electronic payment / fund transfers, real-time online audit trails for all parties, controlled payment routes, and automated controls for systems that support multiple currencies. The VSP 10 provides such services by substantially or completely integrating each vendor's database server. Also, vendors operating within the VSP 10 and receiving funds, for example, via a seller number, must be authorized by a bank that supports the VSP 10 so that the VSP 10 is self-regulating. The payment system is securely registered in VSP 10, which acts as a trusted third party and is accessed using an identification number or transaction reference number.

The shared payment system provided by VSP 10 provides a secure and easy way to set up an international direct debit arrangement. The VSP 10 is also linked directly to the global banking system through individual banks 30 for real-time authentication and direct payment to seller accounts. However, the vendor is not given the details of the payment system, and exploits the details of the payment system because the payment system can only be used to transfer the gross amount to the account of the seller number held by the vendor in VSP 10 I can't.

A credit card system and another payment system dedicated to transferring funds from one source to another are registered in the VSP 10,
This dedicated application provides a closed circuit that is locked and thus completely secure. Although the VSP 10 may operate over the Internet 26, the VSP 10 is not dependent on the Internet 26 because all the main processes performed by the VSP 10 occur off-line. A major customer managing a large flow of funds may choose to communicate with the VSP 10 over a dedicated line. When using direct debit and closed circuits, secure information is not exchanged over the Internet 26, thereby increasing the level of encryption provided by the VSP 10, which increases the complexity and cost of the VSP 10. The necessity of using digital certificates and the like is avoided. Thus, VSP 10 provides a very simple and secure way to transfer the value of a transaction in different currencies.

VSP 10 also provides a universal and globally enhanced system for e-commerce, where one ID mediates all transactions through the same globally reputable system to users and vendors. The hub design provides quick service and backup means. Furthermore,
A pre-registered credit card is used, so that it is not necessary to make a new online registration for each customer's address and personal information for each credit card. Further, the card issuer can open dormant VSP accounts on behalf of their cardholders, adding the name and address to the card details, and for each account can be generated by the VSP 10 for this purpose. , A temporary PIN and a temporary user name. The cardholders are then given the temporary username and ID needed to access their VSP account, and normal security procedures are followed.

Once the customer has given his username and ID, which may be temporary, and confirmed his identity via the secure VPS interface, he makes the account an active account and a new username and ID You may choose to select a PIN, additional ID checks, and a customized payment limit, and optionally enter other details, including other payment systems and personal data. The customer may consolidate all his payment cards into one account that can be accessed, for example, by the same security check.

Since the basic VPS account information is provided directly by the card issuer, such information is provided by the card billing address, which allows the VPS 10 to initiate and verify the correct address verification at the same time as validating the transaction. including. Such address confirmation allows the seller to confirm that the delivery address given on the order slip is the billing address of the card.

The VPS 10 is also operated by the customer so that personal identification can be performed without additional hardware or software, ie, special hardware and software are required by the customer to use the VPS 10 And not. Inputs from customers to identify themselves and to transact with vendors are not transmitted through the web browser, thereby requiring an e-wallet and the "JAVA" applet and browser cookies required for VPS10 operation. And not. Thereby,
The VPS 10 is compatible with all devices having communication capability and can be interfaced.

By not disclosing customer information, a secure sub-account can be implemented, which allows the father to authorize his or her child to use his credit card up to a certain amount, May approve departments or individuals within a budget and within purchasing parameters to use a corporate purchase card, for example to use an account tied to a particular product, service, and / or vendor and client. The supplier authorizes the customer's business to use a credit account, which can then be subdivided between departments or individuals. Account holders can monitor and control all transactions using their payment system via the online VPS audit trail. The user is not given the details of the payment system, such as the card number used, or the given VPSID used by the account holder.
The customer does not own, but is authorized to use, the V of other payment systems
A payment system associated with the PS virtual wallet may be registered. With a VPS virtual wallet, customers can pay for goods and services through their VPSID and monitor spending. This highly flexible system is also the basis for establishing a store card account and direct debit, including payment of utility bills and monthly credit amounts. In this case, the account holder authorizes the vendor to use a payment system, such as a credit card account, to make periodic payments for agreed goods and services.

[Operation of Verification Payment System] In general, the VPS 10 has the following main data for each customer:
Address and Contact Information; Email Address; Username, PIN, Security Prompt and Authorization PIN for Bulk Loaded Accounts; Customer Contact Potential Fund Transferee to Confirm User ID Is Typed Correctly Verification codes as codes for notification; available payment systems such as credit card details, for example 2 per user at the user interface (UI) level
Any restrictions such as zero payment system; group name such as company name or family name; type of account such as "company" or "private"; status information such as "super" user, disabled account etc .; Customer preferences such as automatic payment, security level, desired payment system, etc .; credit limit for payment system; vendor specific account information; and minimum security level.

The customer may add himself to the VPS 10 during an online purchase or preemptively while at the same time as being present on the VPS 10 as a payment option. However, for groups, customers can be added by the group owner or group manager. For groups, some payment systems are hard coded and not accessible to unauthorized customers. A customer or group of customers is added through a "batch update" process and later activated by the customer using, for example, an approved PIN that is shipped separately.

The customer may make changes at any time to the VSP account including the username, PIN, security details, personal credit limit, and type and identity of the payment system. An authorized customer can lower the limit from the maximum set by the account holder, or raise the security level from the minimum set by the account holder. The customer can also generate and view various reports on the use of the system. If the account is deleted or the username is changed, the VSP account will be dormant for a predetermined period of time, such as six months, before the previous username is reused in VSP 10.

To manage a customer's account, the account administrator must add a new account, disable or enable an account, delete an existing account, and change the customer's personality associated with the account. Details, security details and / or payment system details can be changed and / or viewed, and customer preferences can be changed and / or viewed.

Loading the account in advance is a customizable operation, as the data format for account information may be different for each payment system. The account is pre-loaded into the holding table and the corresponding account holder is informed about the holding table and the pre-loaded state, for example, by a hardcopy letter to the owner. This notification may include an access code so that the account holder can access the VSP 10 and create a new account using the selected payment system 32, or add a new payment system to the owner's existing VSP account. The access code can be used to add

With respect to vendor 24, VSP 10 provides the following key data for each vendor: name; address; security username; security PIN; authorized payment system; TID, sort code, and account number for payment. Bank information; account details, customer details, for vendor-specific micropayments or billing accounts;
And transaction details; security / payment preferences; fee details; contacts; Internet Protocol (IP) domains; and business categories. Each vendor is operatively connected to at least one hub 16-20 that supports the vendor and manages all transactions between the vendor and the customer that initiated the transaction. To be set up, the vendor fulfills the contract and gives the VSP 10 bank approval for a payment system such as a third party TID payment and direct payment, or a debit card or credit card that allows the fee to be withdrawn. . These payment systems are accounts where the payment is not made immediately, but the vendor accepts financial risks. These payment systems as gross accounts may be a set of regular billing accounts, for example, for good stock, or may be paid when the account reaches a certain level, or may have a predetermined An unpaid micropayment account that is paid only after a period.

At least initially, the vendor's account is created by VSP staff or agents, but the initial details can be entered by the vendor through the Internet and / or the World Wide Web. The payment system is specified by the vendor to allow the fee to be withdrawn. Vendor seller ID and TI
A bank agreement should be given to adapt D or other payment system. An accompanying kit or installation kit may be provided to customers and / or vendors to perform acceptance testing on VSP 10. Then, preparation for operation with the VSP 10 of the vendor is completed.

The vendor can manage basic name and address details, preferred payment methods, customer-based billing accounts, and the like. For secure or confidential items, such as banking information, details of such items will be communicated directly as errors in them will cause the VSP 10 to stop operating or be entered into the wrong account. , Directly by the VSP staff.

The specific functions performed in each vendor's system include, for example, changing / viewing trading names or addresses, personal security information, authorized payment systems, bank and / or TID information, preferences, and billing accounts. Can include customer information.

To use VSP 10, one form of vendor-specific payment method may include a micro-payment instrument of the type in which a customer's payment system is only credited when a certain amount of transaction has been reached. Thus, a customer may purchase, for example, four or five items, for example, two weeks before his card is credited, and / or when the total value reaches, for example, $ 20 USD. May be. The second form is a "regular" billing account between the vendor and a potentially large customer, where the VSP 10 mediates the transaction and provides the vendor with billing information, but the vendor has direct access to the customer. Send an invoice. The vendor sets a credit limit on the billing account, and such a payment system may be considered to be owned by the vendor and transferred to the customer, for example, through an authorized customer representative.

The vendor may choose to pay the customer, for example, as a royalty, as a refund, or as a payment for a vendor prize or promotional activity. Payment may be made following a previous transaction so that the vendor does not need to know the details of the customer as enforced by VSP 10.
The transaction code from the vendor is used to identify the customer, credit card or payment system information, and any appropriate refunds. If the credit card is no longer valid, the equivalent amount is transferred to a holding account and the customer can be notified, for example, via email. The customer may then use the interface associated with the vendor and / or VSP 10 to specify which payment system should be credited.

If the credit card or other designated payment system client is no longer on the account authorization authority 12 of the VSP 10, the vendor is notified and the VSP
VSP 10 may provide the customer with a notification by mail, facsimile, e-mail, and allow the problem to be resolved directly, while VSP 10 Do not leak your personal information.

For daily settlement, the authorization processor 52 has authorized the transaction, but the funds are not transferred until the next batch settlement with the payment system. For gross payments, the payment is authorized, but the goods are not ready for shipment. Vendor is VSP10
Payment is required only when the product is notified that the product is ready for shipment. Complexity arises if the authorization expires and must be reconfirmed. With monthly billing, the vendor is notified of purchases made through the payment system on demand. This information and / or its own record is used to generate a bill for the customer.

For payments for outstanding debt, for example, a micropayment arrangement, transactions are collected until a certain limit is exceeded. At this point, payment system authentication / settlement is attempted for the unpaid amount. These transactions can be made through a general micropayment account or through a vendor-specific holding account for customers whose vendors take financial risks to the transaction.

To initiate an approved payment, the following information is provided to the payment system to enable the purchase request to be confirmed: transaction code; transaction amount; total payment, immediate settlement, account, small amount. Directly transmit the type or preference of the transaction, such as settlement, or additional security information, such as a zip code or other confirmation information. Also,
Transaction payments may be split across several payment systems for a particular customer, for example, for a total of $ 900 USD billing for a single transaction, $ 500 USD per credit card, etc. $ 400 on a credit card.

If the customer has a preferred payment system, then the preferred payment system is automatically set unless the transaction is a micropayment and the preferred payment system does not support micropayment, or the preferred payment system is not supported by the vendor. Is selected. Typically, a user selects a payment system to be used from a list of available payment systems that are compatible with the payment systems supported by a particular vendor.

After a successful or unsuccessful transaction, the customer returns to the appropriate point, such as the website where the customer was before the commencement of the transaction.

Automatic payment is a feature that can also be supported by VSP10. In the automatic payment process, a customer has his or her personal VP only once during one session of a transaction.
Check the SID. After the first payment during the session, browser-oriented cookies for Internet-based e-commerce to confirm the identity of the customer
Is used. Such cookies do not contain any secure information, are deleted when entering a new session, and have a limited lifetime. Automatic payments also time out if the time interval between individual transactions is too large.

The VPS 10 may also generate various reports for various purposes as shown in Table 1. Generally, reports and statements include dates, vendor and transaction codes, and associated amounts. Such a report allows a customer to be identified only if both the vendor and the customer have agreed to identify the customer according to their preferences.

[0102]

[Table 1] Security of the Match Payment System The security of the client, vendor and transaction is provided by that all communications such as secure data, eg user ID, PIN quantity, etc., are encrypted, eg at SSL 40 bit level. Can be Credit card transfers and other payment system details occur only once from the client to the VPS 10,
It is protected by at least, for example, 40 bits SSl. In addition, customers
You have the option of communicating these details separately by facsimile or telephone.

[0103] Internet security in the VPS 10 requires I
Performed by tracking the P address. The IP address for the vendor is
Checked against those domain names. The customer's IP address is recorded to enable tracking in case of fraud. If two transactions are attempted at the same time by the same customer, for example, if the user details of the customer are stolen, the customer may optionally be alerted or notified by email.

Security between hubs is implemented at a number of levels. At the highest level, the supervisor controls the access rights of the operator, but may have no authority beyond this administrative function. At least two passwords are maintained by different individuals and can be delegated to a trusted third party to handle emergency situations. The details of the encryption method should be known by all necessary agents, not just the director of the VPS10. Such details are securely committed externally. All source code that supports security is also protected by a password. The purpose of this highest level of security is to access and manage the intrinsic security of the VPS 10. Generally, this highest level of user is restricted to a limited area of the VPS 10.

The second security level enables management of internal users of the VPS 10.
Users at this level and their properties and access rights can be changed only by those with the highest security level, but users at the second
It has the ability to grant access to the PS10 operator. Further, these second-level users can inspect and / or generate audit trails as needed. The audit tray for the acquiring bank may include all of the customer's credit card details.

The third security level is for ordinary users, and in general,
Includes VPS 10 staff with access to the customer's account and the vendor's account to enter the credit card information received by the facsimile and confirm the transaction with the customer and the vendor with the appropriate identification information. All secure data, such as payment system details, is maintained in an encrypted database 42 to a high level of security.

Hub-to-hub security is provided such that all communications between hubs 16-20 and between hubs 16-20 and account authority 12 are encrypted to the highest level practicable. Cryptographic properties of the operating system such as PPTP may be used. Hash functions and other one-way functions may be used to increase scrambling and security.

Audit Trails Audit trails are provided for transactions within hubs, and since transactions are within audit trails at each hub, transaction duplication occurs when vendor hubs and customer hubs are different. . Audit trails are generally filtered to protect the privacy of the client 22. However, the acquiring bank may have the authority to audit certain customer data of the VPS 10 only for transactions involving bank approval.

[Account Approval Authority] The account approval authority 12 functions to prevent duplication of the customer ID when a new customer is added. For performance and resilience, the list of authorized customers and customer IDs is duplicated from the account authority 12 to all hubs 16-20. At each stage of operation using the account authority 12 and / or hubs 12-20, electronic transactions from settlement and consolidation requests are treated as a series of "micropayments." All system failures cause the VPS 10 to switch to backup, and transactions at risk can be identified and resolved manually. For example, in the event of a failure during approval, items passed through the bank for approval may be determined and checked as to which was received. Similarly, transmissions to the vendor for acceptance or rejection may also be identified in the event of a system failure.

For such operational performance, for communication between hubs 16-20,
Microsoft Message Queuing (MSMQ), which can guarantee all communication states, can be used. In general, in one embodiment, on a single ISDN channel, approximately 8 transactions per second per node are supported and 1 MB
128 transactions per second (tps) are supported on the link,
This is about 11 million transactions per day. At this rate, 1
The cost of MB pipes is negligible compared to the benefits of providing such high-speed transaction processing.

Message Format The preferred embodiment of the VPS 10 dispatches service requests, receives service results, and allows the interaction of vendors and customers with HTTP "POST".
Use a protocol. One embodiment is a message queue service, DCOM
Etc. may be included. This section describes a number of exemplary message and response formats that form the operating kernel of the VPS 10 for interfacing with the components of the VPS 10. In an Internet-based embodiment, the posting data may be encoded in a Universal Resource Locator (URL) and transmitted as if the posting data was dispatched by an execute button or an icon in the form of a GUI. AuthorizeTransaction messages are purely hub-to-hub messages, but other messages, such as CheckLimitsAndGetPSDetails, Ch
eckLimitsAndAuthorizeMicropay, BulkNotification, and TransactionAbando
ned etc. is an inter-hub message or an intra-hub message if the client and vendor are on the same hub.

The AuthorizeTransaction message is a packet dispatched in the authentication server queue, and the request packet is transmitted as follows.

[0113]

[Table 2] In response, the returned data packet is as follows.

[0114]

[Table 3] CheckLimitsAndGetPsDetails Post Payment System (PS) for Authentication
Is dispatched from the vendor hub to the client hub to capture the The client hub uses the ServicePaymentSystemInfoRequests message to check whether the account and payment system limit has been exceeded and returns either an error or payment system information.

The CheckLimitsAndGetPsDetails post is

[0116]

[Table 4] The corresponding response packet is as follows.

[0117]

[Table 5] CheckLimitsAndAuthorizeMicroPay posts are dispatched from the vendor hub to the client hub to approve micropayments. The expected response is authenticated or unauthenticated. The request packet to be transmitted is as follows.

[0118]

[Table 6] The corresponding response packet is as follows.

[0119]

[Table 7] The BulkNotification post or put was put into multiple batches to indicate that the transaction was settled, that the gross payment was deducted, or that the settled transaction was torn down and post-payment debiting was performed. Including notifications. The packet thus has a header indicating the version, overall size, and number of entries for each of the three sections, followed by three sections with details regarding the above-mentioned items.

[0120] The request packet is

[0121]

[Table 8] The settlement TX format is as follows.

[0122]

[Table 9] The format of DeferredFulfilmentCancellation is as follows.

[0123]

[Table 10] The ChargeBack format is as follows.

[0124]

[Table 11] A TransactionAbandoned packet is used to indicate that the transaction has been abandoned. If the transaction is rejected by the vendor hub's authentication server, the client may try another payment system, which may implicitly notify the client hub of the failure or the hub may abort the transaction. If aborted, this packet is sent to synchronize the client hub, which only applies if the client hub and the vendor hub are separate. If the hub is the same, the vendor component does all the writing and the client-server component is passive.
The request packet is as follows.

[0125]

[Table 12] Interface with the outside world, for example, requests from clients and vendors,
And the notification to the vendor is realized via HTTP post using SSL.
The following requests are: Vendor Transaction Start, Vendor Fulfilment, Notification, Vendor Credit against Transaction, and Client Transaction Payment Request. Is supported. The following notice to the vendor: transaction complete (stop, reject, authorize)
, Fulfillment Expiration Notification, and Exception Notification (Exc
eption Notification). Each subsection of this application identifies the required post variables and details the format of possible return values. The return code is plain text, in the format of "Name = Value" with one field per line. For example, OurTx = A23452-1234-232 IP = 255.255.200.2.

[0126] Messages in XML format can also be used. The content of the message can also be encrypted.

A vendor transaction start message is sent by a vendor to indicate that a client is about to purchase. VPS 10 registers the transaction in the transaction table and returns the transaction code and IP address for future client communications. The parameters are as follows:

[0128]

[Table 13]

[0129]

[Table 14] Then, the following message is returned:

[0130]

[Table 15] The VendorFullfilmentNotification message occurs when a vendor attempts to fulfill a deferred payment transaction. The parameters are as follows:

[0131]

[Table 16] The message returns:

[0132]

[Table 17] To generate credit for the transaction, a Vendor Credit against Transaction message is sent. The credit may be simply for a refund, for paying a prize, or the like. The parameters are as follows:

[0133]

[Table 18] The message returns:

[0134]

[Table 19] The Client Transaction Payment Request is generated when the vendor notifies the VPS 10 that there is a pending request, and the vendor redirects the client, such as the client's browser, to the respective hubs of the client. The URL address used is specifically Ventor Transa
Returned from ction Start message. Client Transaction Payment
Request parameters are as follows:

[0135]

[Table 20] The message has no specific return value, depending on the processing that takes place to respond to the request.

[0136] A Transaction Complete message is sent to the vendor website specified by the default URL or by the initial Transaction Request message when an active transaction is normally completed. The parameters are as follows:

[0137]

[Table 21] The message returns:

[0138]

[Table 22] A Fulfillment Expiry Notification message is sent to a vendor when a deferred payment transaction exceeds the validity period of the transaction. This message is informative and will be retransmitted until a response such as "OK" or "UNKNOWNTX" is received. The parameters are

[0139]

[Table 23] The message returns:

[0140]

[Table 24] The Status Request message allows the VPS 10 to be queried about the exact status of the transaction. Parameters are vendor or VPS10 transaction ID,
Includes vendor code and other information about the transaction. The message returns the status, amount, start time, and time and nature of the last action of the transaction.

From the foregoing, the disclosed payment system and method have been disclosed according to preferred embodiments. However, various changes may be made without departing from the spirit of the invention. For example, while the preferred embodiment has been described in terms of an Internet-based form, in connection with the present invention, as described above, primarily in a telephone-based form, for any form of commerce using electronic transactions, The purchase and credit / debit payment arrangements of any of the known network forms of electronic transactions, such as mobile phones,
It is intended to be implemented on palmtop computers and digital television. Further, the unified currency used by VPS 10 may be British pound, euro, eurodollar or other predetermined currency or currency / financial unit. Accordingly, the present invention has been described above by way of example, and not by way of limitation.

[Brief description of the drawings]

FIG. 1 illustrates a collation payment system according to the present invention.

FIG. 2 shows the hub of FIG. 1 in more detail.

FIG. 3 is a simple flowchart showing the operation of the matching payment system.

FIG. 4 is a more detailed flowchart showing the operation of the matching payment system.

FIG. 5 is a state diagram showing transaction processing.

FIG. 6 is a state diagram showing transaction processing.

FIG. 7 is a state diagram showing processing for waiting for client details.

FIG. 8 is a state diagram illustrating a process for attempting to approve a transaction.

FIG. 9 is a state diagram illustrating a process for attempting to approve a transaction.

[Procedural Amendment] Submission of translation of Article 34 Amendment of the Patent Cooperation Treaty

[Submission date] June 21, 2000 (2000.6.21)

[Procedure amendment 1]

[Document name to be amended] Statement

[Correction target item name] Claims

[Correction method] Change

[Correction contents]

[Claims]

[Procedure amendment 2]

[Document name to be amended] Statement

[Correction target item name] 0005

[Correction method] Change

[Correction contents]

[0005] Real-time verification and authentication uses, to some extent, smart cards and / or other payment systems, such as a debit card payment system, in which a client verifies a transaction with a personal debit card at the time and place of the transaction. Can be implemented. However, such debit cards generally require that the deposit be pre-loaded on the debit card, which ties up resources on debit cards that are not of interest and reduces client liquidity. Further, loss or theft of a debit card can be a significant problem for unfortunate clients. Alternatively, by minimizing the amount of funds pre-loaded on the debit card to avoid such problems, clients are limited in the size and number of transactions before loading additional amounts. This is for example $ 500 (USD)
Not suitable for commercial transactions beyond. `` An Intermediation and Payment Sy outside Pays
stem Technology '' Computer Networks and ISDN Systems, vol. 28, 1996, pp 1
1977-1206 describes a reconciliation payment system as described in the preamble of claim 1. Atomicity in Electronic Commerce Proceedings O by Tygar
f The Fifteenth Annual Acm Symposium OnPrinciples Of Distributed Computi
ng, 23-26 May 1996, pp 8-26, provides background information on e-commerce, especially "atomicity", which links logical operations so that either all or none are performed. ing.

──────────────────────────────────────────────────続 き Continuation of front page (81) Designated country EP (AT, BE, CH, CY, DE, DK, ES, FI, FR, GB, GR, IE, IT, LU, MC, NL, PT, SE ), OA (BF, BJ, CF, CG, CI, CM, GA, GN, GW, ML, MR, NE, SN, TD, TG), AP (GH, GM, KE, LS, MW, SD, SL, SZ, UG, ZW), EA (AM, AZ, BY, KG, KZ, MD, RU, TJ, TM), AE, AL, AM, AT, AU, AZ, BA, BB, BG, BR , BY, CA, CH, CN, CU, CZ, DE, DK, EE, ES, FI, GB, GD, GE, GH, GM, HR, HU, ID, IL, IN, IS , JP, KE, KG, KP, KR, KZ, LC, LK, LR, LS, LT, LU, LV, MD, MG, MK, MN, MW, MX, NO, NZ, PL, PT, RO, RU, SD, SE, SG, SI, SK, SL, TJ, TM, TR, TT, UA, UG, UZ, VN, YU, ZA, ZW [Continuation of summary] From (22) and vendor (24) They must be issued separately and completely independently. The VPS (10) allows clients (22), vendors (24), and associated payment methods and systems (30-32) to be known in a certain amount and to be pre-registered within an authorization manager. And The client (22) and the vendor (24) can choose the payment method and currency at the end of any transaction, and the payment is always made without any party accessing or knowing the details of the other payment system. Done in a closed system. Real-time audit trails of all parties are implemented, and clients (22), vendors (24), and banks (30) track transactions, generate reports, and provide information for such secure transactions. A refund may be initiated. The VPS (10) is a mobile telephone (28) for purchasing and credit / debit payment arrangements for any form of commerce using electronic transactions, independent of software and / or hardware; It may be implemented by a palmtop computer and any known network topology for any known electronic or digital transaction using digital television.

Claims (10)

[Claims] 1. A trusted third party registration system that allows identification, verification and secure and private registration of payment data by payment systems including clients, vendors and banks; and A dedicated network (14) to enable all parties to electronic / digital transactions, including (22) and vendors (24), to mediate secure electronic / digital transactions without direct communication between the parties. A plurality of hubs (16 to 20) to be connected; (c) an account authority that provides a registration service dealing with which hubs support which clients; and (d) each electronic / available to all parties. An audit trail generator for generating an audit trail for digital transactions, a VPS (10) (E) The VPS (10) has an automatic payment feature that allows the client (22) to provide its own identity only once for all transactions in a single session with the vendor (24). The matching payment system to be implemented. 2. The VSP (10) of claim 1, wherein the matched instructions from the vendor (24) to the client (22) in each electronic / digital transaction are received separately by the hub. 3. The hub (16-20) includes a user name, a digital certificate,
And storing the client and vendor data, including payment system data, wherein the hub (16-20) processes each electronic / digital transaction as a secure electronic / digital transaction and upon completion of each electronic / digital transaction. 2. The method of claim 1, wherein the private data is prevented from being disclosed to parties to the digital transaction.
SP (10). 4. Each of the plurality of hubs (16-20) includes an authorization processor capable of authorizing and / or reconciling digital transactions and / or initiating payment through a financial institution. VSP (10) according to 1. 5. The VSP (10) according to claim 1, wherein a set of rights to use each payment system, including a credit card system, is transferred to a client of the VPS (10) by an owner of each payment system. 6. The VSP (10) of claim 1, wherein said vendor (24) directs a client (22) to an authorization processor (12) in response to an authorization of an electronic / digital transaction. 7. The client (22) and the vendor (24) are electronic /
At least one network (26) for enabling digital transactions to be initiated;
The VSP (10) according to claim 6, which is connected to a plurality of hubs (16-20) through a hub.
). 8. The network (26) comprises one of the following: at least one of the Internet, satellite, cable, cellular, and infrared communication systems.
One or more telecommunications systems, wherein said client (22) communicates with said vendor (24) through an electronic interface.
8. The VSP (10) according to claim 7, wherein the VSP (10) transacts with the VSP. 9. The payment system according to claim 1, wherein the payment system including a credit and / or debit card system can be pre-registered in a universal system secured by a card issuer or another payment or credit system issuer. VSP (10). 10. The payment for completing the electronic / digital transaction is such that purchases below a predetermined value belong to the customer based on US dollars and are automatically performed by debiting a pre-arranged payment system. The V of claim 1, wherein the V payment is made using a micropayment arrangement debited from a prepaid credit amount that is satisfied.
SP (10).