WO2000025245A1 - Mechanism for multiple party notarization of electronic transactions - Google Patents
Mechanism for multiple party notarization of electronic transactions Download PDFInfo
- Publication number
- WO2000025245A1 WO2000025245A1 PCT/US1999/024570 US9924570W WO0025245A1 WO 2000025245 A1 WO2000025245 A1 WO 2000025245A1 US 9924570 W US9924570 W US 9924570W WO 0025245 A1 WO0025245 A1 WO 0025245A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- electronic transaction
- transaction document
- party participant
- document
- acceptance
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/04—Billing or invoicing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/389—Keeping log of transactions for guaranteeing non-repudiation of a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/407—Cancellation of a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/004—Notarisation, Time-Stamp, Date-Stamp
Definitions
- the invention relates to computer systems used for business transactions, and more particularly to client-server software systems which exchange business transaction data between participants to business transactions.
- Business management systems include accounting, order processing, job tracking, billing and resource planning.
- Business communications systems include electronic mail (e-mail) for exchanging messages between people, electronic data interchange (EDI) for sending and receiving structured messages for purchasing, inventory control and financial payments between organizations.
- EDI electronic data interchange
- World Wide Web referred to herein as the "Web" technology has allowed companies to provide interfaces to business systems, workflow and collaboration through standardized Web browsers such as Microsoft Internet Explorer, Netscape Navigator and Netscape Communicator. All of these systems can allow some form of commercially significant business transaction. Companies need to track, manage, verify, audit and share records of these business transactions.
- EDI messages are typically generated from a company's order processing or requisition system and sent to a communications system that transmits the message over a computer network to the destination company.
- a communications system that transmits the message over a computer network to the destination company.
- an EDI message is delivered from one company to another, the message is loaded into a data conversion system that will convert the standardized EDI message data format into the data format required by the receiving company's order processing system.
- a communications subsystem (which might be an e-mail system, for example), might automatically add a digital signature to each message transmitted from one party to another, to enable the recipient's communications subsystem to verify the authenticity of the message. But these functions take place at the level of the communications subsystem, not at the level of the order processing or requisition system. They are frequently transparent to the order processing or requisition system, and to the users.
- the digital signature appended to the message might be that of the company instead of the individual who placed or acknowledged an order, and no auditable record is kept in the order processing or requisition system of who signed each message sent or received.
- a number of financial services companies use similar technology to enable customers to access bank and stock accounts and to make monetary transfers, bill payments or perform stock trades over the Web.
- these financial services systems might print an order tracking number to the screen or may send an e-mail message containing the order tracking number.
- Some providers also send a printed paper receipt to the customer using regular postal service.
- Another type of business transaction involves the acceptance of terms and conditions and contracts online.
- an online service that is offered over a Web browser or with custom software (for example a home banking application with customized software on the client computer that communicates to a server at the bank over a computer network) prints a screen of contractual terms regarding the use of the service.
- the customer is asked to click a button that concerns the customer's acceptance of these terms and conditions.
- Once a customer accepts these terms, the service is activated.
- the service provider can legally cancel the service agreement if the customer violates these terms.
- an online transaction system allows users to accept or reject received electronic transaction documents, wherein the acceptance is non-repudiable and is based on the content and terms of the received electronic transaction document.
- the present invention provides a method and apparatus for conducting electronic transactions between at least first and second parties in which the first party sends to the second party an electronic transaction document evidencing content which is non-repudiable by the first party; the second party may accept the content of the electronic transaction document and send a response to the first party that is non-repudiable by the second party.
- the present invention provides a method and apparatus for conducting electronic transactions between at least first and second parties in which the first party obtains the digital signature of a non-party participant and includes this in an electronic transaction document evidencing content that is non- repudiable by the first party; the first party transmits the electronic document to a second party; the second party may accept the content of the electronic transaction document and send a response to the first party that is non-repudiable by the second party. The second party may also obtain the digital signature of another non-party participant and include this in the non-repudiable response.
- the present invention provides a method and apparatus for auditing electronic transaction documents by validating digital signatures and verifying that the content of stored electronic transaction documents has not been compromised.
- Fig. 1 illustrates symbolically the architecture of the which may be used for implementing the present invention
- Fig. 2 illustrates symbolically the electronic transaction document
- FIG. 3 is a flowchart showing the steps which are performed to conduct an online transaction
- Fig. 4 is a flowchart showing the steps which are performed to reject an electronic transaction document
- Fig. 5a is a flowchart showing the steps which are performed to gather multiple digital signatures in parallel;
- Fig. 5b is a flowchart showing the steps which are performed to gather multiple digital signatures in a serial manner
- Fig. 6a is a flowchart showing the steps which are performed to conduct a transaction requiring the digital signature of a single non-party participant
- Fig. 6b is a flow diagram showing the logical sequence of steps executed by the present invention to conduct a transaction requiring the digital signatures of multiple non-party participants;
- Fig. 7a is an illustration of a user interface screen used to view and accept electronic transaction documents;
- Fig. 7b is an illustration of a user interface screen used to display and manipulate received electronic documents
- Fig. 7c is an illustration of a user interface screen showing a list of related documents
- Fig. 7d is flowchart showing the steps which are performed to audit electronic transaction documents.
- Fig. 8 is a schematic in block diagram form showing a high level representation of a computer system used to implement the present invention.
- a transaction is a communicative action or activity involving two or more parties that reciprocally affect or influence each other.
- Important examples of transactions include promises and agreements which describe current or future activity or inactivity, as well as activities that have already taken place.
- the term "transaction" includes sub-transactions, which are transactions that are themselves parts of larger transactions.
- a transaction that is an agreement includes a transaction in which one party makes a promise to a second party, and another transaction in which the second party makes a promise to the first party.
- an agreement among three parties may include one transaction in which party A makes promises to party B, and a second transaction in which party B makes promises to party C, and so on.
- Entities participating in transactions may include party and non-party participants.
- Parties are the primary participants in a transaction, and indicate consent to be bound to the terms of the transaction by attaching signatures to the document evidencing the transaction. If the transaction includes a promise, for example, the party participants in the transaction include the promisor and the promisee.
- Non-party participants include entities such as notaries, auditors, or other signatories required to serve to validate the transaction, grant permission to a party to participate in a transaction, or otherwise serve as a witness to the transaction.
- the signature of a non-party participant serves to acknowledge the transaction without incurring an obligation or indicating acceptance of terms by the non-party participant.
- a promise can be conditional and/or one-sided.
- a purchase order for example, can evidence a promise on the part of the purchaser to pay a certain amount of money if the vendor delivers the requested product or service.
- a credit card draft for example, can evidence a promise on the part of the purchaser to pay money in accordance with a cardmember agreement.
- a credit card draft might also evidence activity that has already taken place, for example delivery of purchased goods from the vendor to the purchaser.
- An "Agreement” includes reciprocal promises by or among at least two parties.
- Atransaction document describes the essence of a transaction.
- Transaction documents may include offer letters, purchase orders, acceptance letters, receipts, sales slips, etc.
- a transaction document is signed by or otherwise evidently associated with the party or parties incurring an obligation under that transaction document, and may also bear the signatures of non-party participants.
- Transaction documents establish that the transaction actually occurred, so that no party may later repudiate it.
- Transaction documents identify the terms of the transaction, the responsibilities of the respective parties to the transaction, any products, services or moneys exchanged, and bear non-repudiable marks of identification of the parties to the transaction, signifying their acceptance of the transaction.
- Transaction documents usually provide some safeguard that makes evident any alteration to the transaction document after a party has placed his or her non-repudiable mark on the transaction document.
- carbon copies of transaction documents may be used to verify original transaction documents.
- signatures may be certified.
- the basis of trust in transactions is the simultaneous presence of both parties to the agreement to witness the transaction document's content and signing. In the on-line world, such simultaneous presence is neither possible nor desirable. Instead, electronic transaction documents provide proof that copies held by both parties are identical with respect to terms and signatures.
- a transaction document sent from a first party to a second party often triggers a subsequent transaction document to be sent from the second party to the first party in response to the preceding transaction document.
- a given action or event occurs "in response to" to a preceding action or event if the preceding action or event influenced the given action or event. If there is an intervening action, event or time period, the given action or event can still be “in response to” the preceding action or event. If the intervening action, event or time period combines more than one action or event, the subsequent action or event is considered “responsive" to each of the action or event inputs. If the given action or event is the same as the preceding action or event, this is merely a degenerate case in which the given action or event is still considered to be "in response" to the preceding action or event.
- electronic transaction document refers to an electronic document that establishes an online transaction between two or more participants.
- An electronic transaction document may contain data describing the transaction, digital signatures (certificates) identifying the parties to the transaction, and a tamper-proof seal (e.g. checksum on an encrypted coding of the contents of the electronic transaction document) that safeguards the authenticity of the electronic transaction document.
- Other information may appear in an electronic transaction document as required in various applications or legal jurisdictions.
- electronic transaction documents typically include the date of issue or signing.
- a single electronic transaction document, bearing the digital signatures of all of the parties may be used to establish the transaction.
- a plurality of transaction documents considered together may establish the transaction, with each electronic transaction document establishing separate aspects of the transaction.
- Electronic transaction documents may be transmitted over communication networks such as the Web.
- issuer the entity that issues an electronic transaction document
- recipient the entity that receives the electronic transaction document is issued
- issuers and recipients are signatories who are parties to the transaction and are required to place their digital signatures on the electronic transaction documents.
- recipients may also include third party signatories, such as notaries or auditors, who are participants but not parties to the transaction.
- the Transaction Document System 10 enables electronic business transactions to be conducted across the World Wide Web 20 or other communication systems that support remotely located computer systems.
- the communication subsystem can include a web interface system, an e-mail system, (with or without its own cryptographic features), an EDI system, a private direct communication link, or any other communication subsystem, either separate from or built into the Transaction Document System 10.
- the Transaction Document System 10 comprises a Transaction Document Server 30 implemented on an issuer's computer system, and a Transaction Document Client 70 implemented on a recipient's computer system.
- the business logic of a transaction is implemented in the workflow system 90 and the Transaction Document Server 30 executes protocols for obtaining signatures.
- the API 40 may be customized to accommodate various workflow systems.
- the Transaction Document Server 30 is implemented on the issuer's computer system and is used by the issuer to produce and publish an electronic transaction document bearing the issuer's digital signature.
- the Transaction Document Server 30 includes a set of computer instructions that, when executed by a computer system, executes the method of the present invention.
- the Transaction Document Server 30 may be implemented as a service plug-in to a regular web server or commerce server using, for example, the servlet API, ISAPI or NSAPI. Protocols are executed for gathering signatures when the Transaction Document Server 30 receives a request from a commerce server or other workflow system 90 to generate an electronic transaction document for a Web-based transaction, or from a file server to generate an electronic transaction document to be transmitted with a file.
- the Transaction Document Client 70 is implemented on the recipient's computer system and is used by recipients to receive and sign their copies of an electronic transaction document.
- the Transaction Document Client 70 includes a set of computer instructions that, when executed by a computer system, executes the method of the present invention.
- the Transaction Document Client 70 may be implemented as an extension to a file transfer client (such as the FileDrive client available from Differential, Inc., Cupertino, CA), or for web-based transactions, as a browser plug-in or Java applet. In the latter two cases, the Transaction Document Client 70 installs itself on the recipient's system such that it is invoked seamlessly when an electronic transaction document is received.
- Computer instructions for performing various tasks as described herein can be stored on a non-volatile computer storage medium (e.g. hard drive, floppy disk, optical disk, or the like), or in a volatile computer storage medium, such as a computer's main memory or cache memory, or any combination or storage media, either in one location or spread over a number of locations.
- a non-volatile computer storage medium e.g. hard drive, floppy disk, optical disk, or the like
- a volatile computer storage medium such as a computer's main memory or cache memory, or any combination or storage media, either in one location or spread over a number of locations.
- the Electronic Transaction Document Server 30 and Client 70 include an Application Specific Interface (API) 40.
- the API 40 allows the Transaction Document Server 30 and/or Client 70 to communicate with outside application programs such as workflow systems 90.
- the API 40 provides connectivity to other software systems that utilize the Transaction Document System 10.
- the API 40 may contain three or more levels. These include a high level API, a low level API, and a workflow API.
- the high level API has a minimal set of calls, may include UI components, and performs most of its functions through calls to the low level API.
- the low level API may be platform independent, and incorporates an extensive set of functions. As the low level is mostly used by the high level API, the low level API does not require a UI.
- the workflow API provides connectivity to the workflow 90, which may be an external commerce server or corporate workflow system. Additionally, a crypto API may be included, which hides differences between various API's which may be used by different systems such as BSAFE or MSCryptoAPI. The crypto API provides the low level API with platform independence.
- the Transaction Document Server 30 and Client 70 may also provide a web-browser user interface (UI) 42 for recipients that allows them to sign and validate electronic transaction documents as well as track transmission and provide auditing functions.
- UI web-browser user interface
- a validator module 44 may be incorporated into Transaction Document Server 30 and Client 70.
- the validator module 44 checks the validity of an electronic transaction document.
- the validator module 44 is called whenever an electronic transaction document is received, or it may be called as needed for auditing purposes.
- the validator module 44 validates each signature (certificate) on the electronic transaction document by verifying the certificate with the appropriate certificate authority (CA), e.g. Verisign. It also verifies that the contents of the electronic transaction document have not been altered, by validating the tamper-proof seal (i.e. the digital signature, the checksum on the encrypted contents of an electronic transaction document).
- CA certificate authority
- the method of validation depends on the signing standard adopted for the particular embodiment.
- OTP keeps separate checksums for different parts of the document; in this case, the validator module 44 would validate each section separately. Conversely, PKCS#7 does not keep a separate checksum in the clear; the validator module 44 has to reconstruct it from the message itself.
- the Transaction Document Server 30 may also include a server administration module 46 provides screens that allow the administrative users to perform the most important tasks of setting up, configuring and maintaining the Transaction Document Server 30.
- the administration module 46 provides a user interface that may be web-based, allowing for remote administration. Administrative functions include: • Setting up the server port and connections parameters.
- the Data Definition 50 is utilized by both the Transaction Document
- the Data Definition 50 contains libraries that describe the various representations of electronic transaction documents, and transformations from one representation to another.
- the Data Definition 50 specifies required data, optional data, and protocols for subclassing and adding data to electronic transaction documents.
- the transformation methods define the mapping between representations as required for compliance with different standards supported by the system. Representations include Internal, Database and Published.
- the Data Definition 50 also includes a worldwide unique ID for each individual electronic transaction document, consisting of a combination of the Issuer's Certificate Authority's ID, the Issuer's Certificate ID, and a tracking number generated by the Issuer.
- the Data Definition 50 may also include indexing "hooks" for associating electronic transaction documents with a Transaction ID, and for associating them with one another in sequential relationship (i.e. a chain of transaction documents) and replacement.
- the Internal Representation 52 provides the classes for the various types of electronic transaction documents implemented on a Transaction Document Server 30 or Transaction Document Client 70.
- a generic transaction document class may be implemented on the Server 30 and Client 70, as well as other classes with specialized data and workflow behavior. Examples of the classes defined in the Internal Representation 52 are provided below.
- ⁇ receipt_ID id "CA0199/853/4 CN1040/72/8901/009 TX04/0119/5281 RN00001"/> ⁇ description "Request for service”/>
- ⁇ receipt_ID id "CA0199/853/4 CN1040/72/8901/009 TX04/0119/5282 RN00001"/>
- the Database Representation 54 provides relational database specifications for fields corresponding to members of the aforementioned class(es), and tables establishing relations among electronic transaction documents (e.g. chains) and between electronic transaction document contents and external data. These specifications may follow standard SQL.
- the Published Representation 56 describes an electronic transaction document as it is transmitted between issuer and recipient. It uses an extended Markup Language (XML) notation, following the electronic transaction document data format given in the Open Trading Protocol (OTP) standard.
- XML extended Markup Language
- the published representation 56 describes both the embedded data to be read by the Transaction Document Server 30, Transaction Document Client 70, and workflow system 90, and the appearance of an electronic transaction document (as in a web browser).
- the organization of the embedded data is referred to herein as the formal electronic transaction document.
- the electronic transaction document as it appears is referred to herein as the visible electronic transaction document.
- the formal electronic transaction document consists of a document encoded according to a known BER (Binary Encoding Rules) standard, and signed according to the
- PKCS#7 standard for signing documents. It contains the data elements listed below.
- Each signature in an electronic transaction document may contain several information fields, in addition to the usual signature algorithm identifiers, signature certificate references and the encrypted digest itself. These fields may include: date of signing (UTC), meaning of signature (a coded field with values related to received, acknowledged, fulfilled., etc.), and an optional comment. These extra fields may be added to the signed part of the electronic transaction document.
- UTC date of signing
- meaning of signature a coded field with values related to received, acknowledged, fulfilled., etc.
- an optional comment may be added to the signed part of the electronic transaction document.
- the formal electronic transaction document may be all that is needed.
- an alternative form of the electronic transaction document, or multiple alternative forms may be delivered along with the formal electronic transaction document.
- Each visible form also carries a short message explaining: the importance of the signed, non-repudiable electronic transaction document, how to save the electronic transaction document, including the formal electronic transaction document to a disk file in commonly used software, how to obtain client software for electronic transaction document validation, etc.
- Electronic transaction documents can be embodied in different forms transmitted via a number of different transport mechanisms, such as HTTP (for the Web), via FTP (for FileDrive) or by E-mail (for offline interchange).
- HTTP for the Web
- FTP for FileDrive
- E-mail for offline interchange
- the forms sent are determined by content negotiation.
- MIME may be used to combine the multiple forms.
- the formal electronic transaction document may be encapsulated in an S/MIME package by base64 encoding and attachment of appropriate headers.
- the formal electronic transaction document may be generated by hierarchical construction of the electronic transaction document data below as an XML document. This is then canonicalized according to the process defined in the OTP preliminary specification (elimination of white space, etc).
- the canonical XML object is digested, and the digest is signed by the issuer (e.g. according to XML canonicalisation algorithm contained in OTP spec (OTP Func. Spec, v ⁇ .9, scn3J3.6.2)).
- OTP spec OTP Func. Spec, v ⁇ .9, scn3J3.6.2
- the XML object, and the version identifier, digest algorithm identifiers, certificates, certificate revocation lists, and signer information are packaged as a BER object according to the PKCS#7 rules.
- the signing and packaging process may be recursively repeated to attach the recipient's signature if multiple signatories are involved.
- the data contained in the electronic transaction document may also be contained in an XML document constructed hierarchically from the following data items according to an XML document type definition.
- the document type definition and the exact tags to be used conform closely to either the XML/EDI guidelines or to the OTP proposed specification.
- Electronic transaction document data may include: software version information (used to maintain backwards compatibility); type of electronic transaction document (includes information used to decide on future processing, for example whether this electronic transaction document requires further signing); references to related electronic transaction documents; a unique electronic transaction document ID; and content of the electronic transaction document.
- the content of electronic transaction document may include a description of the issuer and recipients, date of issue, date the first signature was affixed to the document, description of the transaction, decorations to be included in the visible form of the document, and the layout of the visible form.
- the issuer's certificate may be sent as part of the electronic transaction document.
- a unique reference to the issuer's certificate, consisting of the certificate issuing authorities distinguished name composed with the issuer's distinguished name as given in the certificate, is sent with the electronic transaction document as part of the signature information defined by the PKCS#7 specification.
- the recipient's certificate may be sent as part of the returning electronic transaction document.
- a unique reference to the recipient's certificate consisting of the certificate issuing authorities distinguished name composed with the recipient's distinguished name as given in the certificate, is sent with the returning electronic transaction document as part of the signature information defined by the PKCS#7 specification.
- the Transaction Document Server 30 and Transaction Document Client 70 each incorporate a database 60.
- the database 60 includes a signatories table 62, a transaction document table 64, and a transaction documents relations table 66. Received transaction documents and messages are stored in the transaction documents table 64.
- the transaction documents relations table stores chains of indexing hooks that reference associated electronic transaction documents.
- Fig. 2 is an illustration depicting the structure of an electronic transaction document as used in accordance with the present invention.
- the core aspects of the electronic transaction document 200 include the contents 202 that are issued by the Transaction Document Server 30, the encrypted digest 204, and digital signature 206.
- the contents 202 may name the parties and contain the terms of the transaction, or reference the terms contained in a separate document.
- the contents 202 are secured by digest 204 and the issuer's digital signature 206.
- the contents 202, document digest 204 and signature 206 are sent to the Transaction Document Client 70, who verifies one or more of them and adds an additional document digest 214 and signature 216.
- Fig. 3 is a flow chart illustrating the logical sequence of steps executed to create and transmit an electronic transaction document and obtain a digital signature from a single recipient as shown in Fig. 2.
- the Transaction Document Server 30 prepares transaction document content, comprising a Transaction Document ID number, Description of the Issuer, Description of the Transaction, Description of the recipient, and references to other transaction documents.
- the content optionally refers to one or more previous transactions (via their unique identifiers) to which this transaction is related.
- Transaction content usually describes or refers to contractual terms of the transaction (e.g.
- Transaction Document content is supplied to the Transaction Document Server 30 from the workflow system 90 via API 40.
- the Transaction Document Server 30 then inserts the issuer's digital signature into the electronic transaction document and encrypts the electronic transaction document, using the Issuer's certificate (such as available from Verisign) and generating a digest on the encrypted form of the electronic transaction document content.
- the digital signature verifies the identity of the participant and indicates agreement to the terms described or implied in the electronic transaction document. Signing is the means by which the identity of the issuer is rendered non-repudiable.
- the issuer then generates a tamper proof seal by creating, for example, an encrypted checksum on an encrypted encoding of the electronic transaction document's contents.
- This tamper proof seal is the means by which the content of the electronic transaction document is rendered non-repudiable.
- the issuer then encrypts the electronic transaction document for transmission. Encryption can take place at the OPR level or at the level of the communication subsystem, or both, and the communication subsystem may or may not add its own further cryptographic functions.
- the Transaction Document Server 30 transmits the electronic transaction document to the Transaction Document Client 70. This transmission may be implemented using the Secure Socket Layer (SSL).
- SSL Secure Socket Layer
- the electronic transaction document can also be sent using any network protocol such as HTTP, HTTPS, FTP, SMIME email, etc.
- the Transaction Document Server 30 may also notify the workflow 90 that an electronic transaction document has been issued and a signature is pending.
- the Transaction Document Client 70 receives and decrypts the electronic transaction document. Control continues to step 308, where the Transaction Document Client 70 validates the issuer's digital signature. If the digital signature is invalid, indicating either a false identity or the contents of the electronic transaction document have been compromised, the Transaction Document Client 70 rejects the electronic transaction document, notifying both the recipient (step 312) and the Transaction Document Server 30 (step 314), which inturnnotifies the issuer. If the issuer's signature is valid, the Transaction Document Client 70 presents the document to the recipient for review ( step 310). The recipient may be either a person, viewing the document in a browser or email message, or an automated system, parsing the XML-tagged data fields of the document.
- the recipient may decide either to accept or reject the electronic transaction document or delay this decision. It is to be understood that acceptance of the electronic transaction document indicates acceptance of the content or terms contained in the electronic transaction document; it is not merely an acknowledgment that the electronic transaction document was received. Depending on the application, the recipient may also be able to add some data to the electronic transaction document, such as a date-of-signature timestamp.
- step 316 the rejection protocol is executed.
- the rejection protocol is explained in more detail below with reference to Fig. 4.
- the recipient decides to accept the electronic transaction document, he or she first carries out any actions required by the electronic transaction document.
- the electronic transaction document may include required data entry fields or requests to obtain and submit other documents (such as notarized transaction documents or affidavits) and cite their reference numbers on the electronic transaction document.
- the actions may require some time to complete and the recipient may choose to delay signing and returning the electronic transaction document.
- the Transaction Document Client 70 stores the transaction document in its database 60, so that the recipient may retrieve it when ready to sign. The Transaction Document Client 70 then notifies the Transaction Document Server 30 (step 320) of the delay.
- the Transaction Document Server 30 makes an entry in the transaction documents table 64 reflecting that the recipient is deferring signing, and notifies the issuer at step 324.
- the Transaction Document Client 70 signs the electronic transaction document with the recipient's digital signature (step 326), thereby authenticating it and sealing any added content against tampering.
- This signed electronic transaction document is referred to herein as an acceptance message, and refers to the unique transaction identifier on the original electronic transaction document and indicates acceptance of the terms.
- the acceptance message may or may not include all the terms or other information contained in the original electronic transaction document, depending on the particular application.
- the Transaction Document Client 70 stores a copy of the acceptance message in its transaction document table 64.
- the Transaction Document Client 70 then encrypts and transmits the acceptance message back to the Transaction Document Server 30 (step 330).
- This transmission may also be implemented using SSL, and may transmit copies of it to third parties, such as auditors.
- third parties such as auditors.
- this routing to third parties could be handled by the Transaction Document Server 30 or left to the workflow system.
- the Transaction Document Server 30 may perform the optional steps of creating and sending to the Transaction Document Client 70 an acknowledgment message.
- the Transaction Document Client 70 prepares a rejection message (step 402).
- the rejection message is an electronic transaction document that refers to the unique transaction identifier on the original electronic transaction document and indicates rejection of the terms.
- the recipient signs the rejection note with his or her digital signature.
- the rejection message is then encrypted (step 406) and transmitted to the Transaction Document Server 30 (step 408).
- the Transaction Document Server 30 receives the encrypted rejection message (step 410), decrypts and validates the message (step 412). If the recipient's signature is invalid, the Transaction Document Server 30 reports to the workflow system 90 (step 414) and the Transaction Document Client 70 (step 416) that the signature is invalid.
- the Transaction Document Server 30 reports to the workflow system 90 that the original transaction document sent to the Transaction Document Client 70 was rejected by the recipient (step 418).
- the Transaction Document Server 30 may perform the optional steps of creating and sending to the Transaction Document Client 70 an acknowledgment message.
- An electronic transaction document may contain multiple digital signatures. For example, approval cycles or notarization of the transaction may require third party signatures.
- Signatures may be applied in parallel or cascaded. A cascaded signature testifies that the signatory has inspected the other signatures, and once a cascaded signature has been applied to an electronic transaction document, no additional parallel signatures can be permitted above the cascaded signature. However, other signatures may be applied in parallel to the cascaded signature and a further level (or levels) of cascaded signatures may be added.
- the Parallel Protocol (Fig. 5a) sends copies of the electronic transaction document to all signatories concurrently, and then collates the responses onto a single final-issue electronic transaction document.
- the Serial Protocol (Fig. 5b) passes the electronic transaction document to each signatory in turn, so that each digital signature encloses the previous one.
- the procedure for gathering each signature is similar to steps 304 - 334 described in Fig. 3.
- the Serial Protocol differs from the Parallel Protocol in that the Serial Protocol may abort the signature gathering process if any one signatory rejects or submits an invalid document. It notifies the workflow system, which decides whether to continue gathering other signatures.
- the Transaction Document Server 30 prepares transaction document content at step 500 and inserts the issuer's digital signature into the electronic transaction document and encrypts the electronic transaction document at step 502. Steps 500 and 502 are performed in a similar manner as described in steps 300 and 302 of Fig. 3. Continuing to step 504, for each of the recipients involved in the multiple signature parallel protocol, similar steps enumerated in steps 304 - 334 of Fig. 3 are performed. If one or more of the received response messages contain an invalid signature, control proceeds to step 506, where receipt of the invalid signature is reported to the workflow 90 and the client (508). The optional step 510 may be included where the Transaction Document Server 30 stores the partially signed document in the transaction documents table 64.
- step 512 the Transaction Document Server 30 embeds all of the received documents in the original electronic transaction document.
- the fully signed document is stored in the transaction document table 64 at step 514 and the workflow 90 is notified at step 516 that all recipients have signed the document.
- the fully signed document is encrypted at step 518, and copies are sent to each of the recipients at step 520.
- Completing the protocol at step 522 each of the individual Transaction Document Clients 70 belonging to the recipients validates the received fully signed document and stores it in transaction documents table 64.
- a cascaded signature test ifies that the signatory has inspected the other signatures, and once a cascaded signature has been applied to an electronic transaction document, no other parallel signatures can be permitted.
- the serial protocol is executed to obtain cascaded signatures.
- the Transaction Document Server 30 prepares transaction document content (step 550), inserts the issuer's digital signature into the electronic transaction document and encrypts the electronic transaction document (step 502).
- Steps 500 and 502 are performed in a similar manner as described in steps 300 and 302 of Fig. 3.
- a signature collection procedure is executed, similar to the steps enumerated in steps 304 - 334 of Fig. 3.
- step 556 receipt of the invalid signature is reported to the workflow 90 and the client 70 (step 558).
- step 560 may be included where the Transaction Document Server 30 stores the partially signed document in the transaction document table 64. If the recipient responded with a properly signed response message, control proceeds to step 562, where the Transaction Document Server 30 embeds the received signature into the original electronic transaction document. To send the partially signed document to the next signatory in the chain, control returns to step 552, where the partially signed document is signed and encrypted. This sequence is repeated for the remaining signatories.
- the fully signed document is stored in the transaction document table 64 at step 564 and the workflow 90 is notified at step 566 that all recipients have signed the document.
- the fully signed document is encrypted at step 568, and copies are sent to each of the recipients at step 570. Completing the protocol at step 572, each of the individual Transaction Document Clients 70 belonging to the recipients validates the received fully signed document and stores it in its own database.
- Some transaction documents may require the signatures of non-party participants, such as notaries, supervisors, or similar entities to complete a transaction.
- the present invention implements these types of transactions in an online setting by allowing non-party participants to use the Transaction Document System 10 to affix his or her digital signature to the electronic transaction document.
- Figs. 6a and 6b illustrate the logical sequence of steps executed by the present invention to accommodate the signatures non-party participants in electronic transaction documents. For illustrative purposes, these examples incorporate the digital signature of a notary, but other non- party participants may be used as well.
- Fig. 6a is a flowchart illustrating the logical sequence of steps that execute a notarized transaction according to the present invention.
- a notary participates in the transaction between a merchant (issuer) and customer (recipient).
- the merchant and customer are conducting transactions surrounding the sale of goods or services.
- the merchant uses a Transaction Document Server 30, and the customer and notary use separate Transaction Document Clients 70.
- the Transaction Document Server 30 creates an electronic transaction document, affixes the merchant's digital signature, and encrypts the document in a similar manner as described in steps 300-302 of Fig. 3.
- the issuer transmits the electronic transaction document to the notary. This transmission may be implemented using the Secure Socket Layer (SSL).
- SSL Secure Socket Layer
- the electronic transaction document can also be sent using any network protocol such as HTTP, HTTPS, FTP, SMTME email, etc.
- the Transaction Document Server 30 may also notify the workflow 90 that an electronic transaction document has been issued and a signature is pending.
- the notary receives and verifies the electronic transaction document.
- the notary's Transaction Document Client 70 then encrypts a checksum of the electronic transaction document and notarizes the electronic transaction document by affixing its digital signature to the electronic transaction.
- the notary may also store a copy of the electronic transaction document in a database for future reference.
- the notary transmits the notarized electronic transaction document back to the merchant.
- the merchant receives the notarized electronic transaction document at step 608.
- the merchant may verify the signature of the notary and store it in a database for future reference and proof that the electronic transaction document was notarized.
- the merchant transmits the electronic transaction document to the customer.
- the merchant may send either the original electronic transaction document or the notarized electronic transaction document, depending on the business requirements.
- the customer receives the electronic transaction document and verifies the digital signature of the merchant.
- the customer may also verify the notary's digital signature, if the notary's signature was appended to the electronic transaction document. The customer may then process the electronic transaction document.
- Processing the document may include storing it in a database for future reference, presenting the electronic transaction document to a user who could interactively approve or deny the electronic transaction document, or entering the document into a purchasing system, accounting system or document management system.
- the customer generates an electronic transaction document that responds to the received electronic transaction document.
- This response can be either an approval, denial or pending notification.
- the response can optionally refer to the original electronic transaction document by its ID number, or the checksum and signature of the merchant, or by the notary. Alternatively, the response can actually contain the original electronic transaction document itself as part of the response electronic transaction document.
- the response electronic transaction document is checksummed and signed with the customer's private key. The response is then transmitted to the merchant.
- the merchant receives the electronic transaction document response from the customer.
- the merchant then processes the electronic transaction document response. Processing may include verifying the customer's digital signature, storing the electronic transaction document response for future reference, entering the response into an order processing system, and the like.
- the merchant transmits a copy of the electronic transaction document response to the notary. The merchant may affix his digital signature the electronic transaction document before sending.
- the notary receives the electronic transaction document response from the merchant. The notary may then verify the signatures of the merchant and customer, and reconcile the electronic transaction document response with the original electronic transaction document. The notary may also store the response in a database for future reference.
- the notary transmits a response message back to the merchant indicating that the customer's response was notarized and recorded.
- the notary's response message may also be an electronic transaction document.
- the notary's response may contain simply a reference to the original electronic transaction document and the electronic transaction document response from the customer, or it may contain the actual original electronic transaction document and the electronic transaction document response.
- the merchant receives the notary's response message. The merchant may then verify the notary's digital signature and initiate or complete a transaction, such as shipping goods, performing services and the like.
- the explanation above describes a process in which an electronic transaction document must be notarized before sending, the delivery and approval/denial/pending of the electronic transaction document is notarized, and the entire process must be completed before the transaction is finalized.
- the merchant could start the process when the electronic transaction document response is received from the customer in step 616, and the final notarization could be performed for record keeping purposes only.
- the merchant could also process the transaction after step 616, and attach the results of that transaction to the message that is sent in step 618 to the notary to provide evidence that the transaction was originated, received and processed.
- the process illustrated in Fig. 6a may be executed once for the initiation of the order and a second time for the completion of the transaction.
- Fig. 6b describes an alternative notarization protocol which is similar to the protocol described in Fig. 6a, but includes interaction with two separate notaries. This allows both parties (merchant and customer) involved in the transaction to have the entire process audited by their own trusted third party. The notaries may collectively reconcile the transactions between the merchant and customer. In this protocol, it is assumed that the merchant has selected notary A and the customer has selected notary B. Again, the merchant uses the Transaction Document Server 30, and the customer, notary A and notary B each use their own Transaction Document Client 70.
- the merchant's Transaction Document Server 30 creates the electronic transaction document, affixes the merchant's digital signature, and encrypts the document in a similar manner as described in steps 300- 302 of Fig. 3.
- the merchant transmits the electronic transaction document to notary A. This transmission may be implemented using the Secure Socket Layer (SSL).
- the electronic transaction document can also be sent using any network protocol such as HTTP, HTTPS, FTP, SMTME email, etc.
- the Transaction Document Server 30 may also notify the workflow 90 that an electronic transaction document has been issued and a signature is pending.
- notary A receives and verifies the electronic transaction document.
- Notary A's Transaction Document Client 70 then encrypts a checksum of the electronic transaction document and notarizes the electronic transaction document by affixing its digital signature to the electronic transaction.
- Notary A may also store a copy of the electronic transaction document in a database for future reference.
- notary A transmits the notarized electronic transaction document back to the merchant.
- the merchant receives the notarized electronic transaction document at step 658.
- the merchant may verify the signature of notary A and store the notarized document in a database for future reference and proof that the electronic transaction document was notarized.
- the merchant transmits the electronic transaction document to the customer.
- the merchant may transmit either the original electronic transaction document or the notarized electronic transaction document, depending on the business requirements.
- the customer receives the electronic transaction document and verifies the digital signature of the merchant.
- the customer may also verify notary A's digital signature, if notary A's signature was appended to the electronic transaction document.
- the customer may then process the electronic transaction document. Processing the document may include storing it in a database for future reference, presenting the electronic transaction document to a user who could interactively approve or deny the electronic transaction document, or entering the document into a purchasing system, accounting system or document management system.
- the customer generates an electronic transaction document that responds to the received electronic transaction document. This response can be either an approval, denial or pending notification.
- the response can optionally refer to the original electronic transaction document by its ID number, or the checksum and signature of the merchant, or the notary.
- the response can actually contain the original electronic transaction document itself as part of the response electronic transaction document.
- the response electronic transaction document is checksummed and signed with the customer's private key.
- the response is then transmitted to notary B.
- Notary B receives and verifies the response, and notarizes the response by creating a digest of the response and signing the response and its digest with its private key.
- Notary B may also store a copy of the response in a database for future reference.
- notary B transmits the notarized response back to the customer.
- the customer receives the notarized response and may verify the signature of notary B. The customer may store the notarized response in a database for future reference and proof that the document was notarized.
- the customer transmits the response to the merchant.
- the customer may send the original electronic transaction document response or the notarized response.
- the merchant receives the response from the customer.
- the merchant may then verify the digital signature of the customer and process the response. Processing may include storing the response for future reference, processing by an order processing system, etc.
- the merchant transmits a copy of the response to notary A.
- the merchant may sign the response before sending.
- notary A receives the response from the merchant.
- Notary A may verify the signatures contained in the response, reconcile the response with the original electronic transaction document, and attach its digital signature to the response.
- Notary A may also store this document in a database for future reference.
- notary A transmits a message back to the merchant indicating that the customer's response was notarized and recorded.
- This message may also be a electronic transaction document, and may contain simply a reference to the original electronic transaction document and the response from the customer, or it could contain the actual original electronic transaction document and the response.
- the merchant receives the message from notary A, and may verify notary A's digital signature. The merchant then processes the message. This could mean actually initiating or completing a transaction. Similar alternatives are available as those set forth above with respect to the notarized transaction illustrated in Fig. 6a.
- Figs. 6a and 6b describe the interaction of notaries in the operation of the Transaction Document System 10
- other third party signatories such as auditors may be substituted for notaries in the above examples.
- the UI 42 may be summoned by the user to display the document.
- the UI 42 displays screen 700.
- the electronic transaction document is displayed in window 702.
- the user may view the contents of the document, or print the document.
- the user may press the accept button 704, the delay signing button 706, or the reject button 708.
- Screen 700 thus allows a user to manually control the acceptance or rejection of the electronic transaction document.
- acceptance or rejection refers to acceptance or rejection of the contents or terms of the document rather than acceptance or rejection of the delivery of the document.
- the UI 42 may be configured to perform the accept/reject/delay process automatically.
- the show related button 710 allows a user to view a list of stored electronic transaction documents that are related to the currently displayed document (Fig. 7c).
- the UI 42 provides auditing functions for tracking, verifying, and generating reports on electronic transaction documents stored in the database 60.
- screen 720 (Fig. 7b) appears and displays information related to the transmission of electronic transaction documents and related responses.
- the displayed information may be used to ensure delivery and to verify acceptance or rejection.
- the user may choose to track all documents, or documents of a selected status, such as accepted documents, failed transmissions, rejected documents, or indeterminate transmissions. Additionally, the user may specify a date from which tracking is performed. Once the above selections have been made, a list of documents matching the user's query are displayed below, organized by fields.
- the fields may include document description, which is usually an identifier that has been attached to a particular document, customer name, date and time the document was issued, status, and a field indicating whether related documents exist.
- a user wishes to view the list of related documents, pressing the Show Related Documents button 722 will summon the Related Documents Screen 730 (Fig. 7c).
- the link documents button 724 By pressing the link documents button 724, the user is guided through a process that allows the user to view lists of stored documents, select documents, and establish links between the selected documents and the current electronic transaction documents. The list of currently linked documents may then be displayed on the Related Transaction Documents Screen 730.
- the workflow 90 may automatically establish the relationships between electronic transaction documents according to their role in a transaction. Links between electronic transaction documents may also be removed through a similar process by pressing the remove links button 726. Manipulating links between electronic transaction documents may be performed on both the Transaction Document Server 30 or Server 70.
- the UI 42 also allows a user to audit any document or group of documents stored the database 60.
- the validator module 44 is invoked to verify that a selected document or group of documents has not been altered since the putative date of issue and that signature certificates are valid. The results may be presented to the user in tabular form.
- Electronic transaction documents held by separate parties be reconciled in this manner to verify that they are identical.
- Screen 730 displays and organizes a list of documents related to a document selected from screen 720 according to reference number, type, date of issue, and issuer name. Other information may also be displayed if desired. Since cross-references to electronic transaction documents may form an unbounded network, an electronic transaction document network containing only direct references to and from the current electronic transaction document are displayed. The user may then explore the chain(s) by selecting another electronic transaction document and expanding it in turn.
- the UI 42 also may display a subset of the electronic transaction document network, fanning out from the current electronic transaction document and including electronic transaction documents of relevant types.
- the search may be both breadth- and depth-bounded (for instance, stop at an electronic transaction document that connects to more than two others). Items at the end of the displayed portion of a branch may be marked (e.g. with ellipses, highlighting, shading, etc.) to indicate that the user can view more by selecting them.
- the documents related to PO Confirmation 1457 may be selected according to the following rules:
- Fig. 7d is a flowchart showing the steps required to audit electronic documents stored in the electronic transaction documents table 64.
- the user selects electronic transaction documents from the list displayed in screen 720. Selection may be performed by manipulating a mouse or other pointing device included in the computer system, or by pressing keys on a keyboard.
- the user selects the audit transactions button 728. By pressing the audit transactions button 728 when electronic transaction documents have been selected from the list, each selected document is passed to the the Validator module 44.
- the Validator module 44 inspects the digital signatures and encrypted digests covering the documents and notes whether any documents are unsigned, have been tampered with since the documents were signed, or suffer other verification problems.
- the results of the audit are reported to the user. Reporting may achieved through a variety of methods, such as displaying or printing a report file, constructing and displaying a table containing fields such as document name and the result of the audit for the document, or other meaningful representations of the auditing results.
- Fig. 8 is high-level block diagram view of an embodiment of a computer system having a computer program that causes the computer system to perform the method of the present invention.
- the Transaction Document Server 30 and the Transaction Document 70 are both implemented on computer systems such as the one shown in Fig. 8.
- the computer system 846 includes a processor 830 and memory 825.
- Processor 830 may contain a single microprocessor, or may contain a plurality of microprocessors for configuring the computer system as a multi-processor system.
- Memory 825 stores, in part, instructions and data for execution by processor 830. If the system of the present invention is wholly or partially implemented in software, including a computer program, memory 825 stores the executable code when in operation.
- Memory 825 may include banks of dynamic random access memory (DRAM) as well as high speed cache memory.
- DRAM dynamic random access memory
- the system 846 further includes a mass storage device 835, peripheral device(s) 840, input device(s) 855, portable storage medium drive(s) 860, a graphics subsystem 870 and a display 885.
- a mass storage device 835 for simplicity, the components shown in Fig. 8 are depicted as being connected via a single bus 880. However, the components may be connected through one or more data transport means.
- processor 830 and memory 825 may be connected via a local microprocessor bus
- the mass storage device 835, peripheral device(s) 840, portable storage medium drive(s) 860, and graphics subsystem 870 may be connected via one or more input/output (I/O) buses.
- I/O input/output
- Mass storage device 835 which is typically implemented with a magnetic disk drive or an optical disk drive, is a non-volatile storage device for storing data and instructions for use by processor 830.
- mass storage device 835 stores the computer program implementing the method of automating a microelectronic manufacturing process for purposes of loading such computer program to memory 825.
- the method of the present invention also may be stored in processor 830.
- Portable storage medium drive 860 operates in conjunction with a portable non-volatile storage medium, such as a floppy disk, or other computer-readable medium, to input and output data and code to and from the computer system 846.
- a portable non-volatile storage medium such as a floppy disk, or other computer-readable medium
- the method of the present invention for automating a microelectronic manufacturing process is stored on such a portable medium, and is input to the computer system 846 via the portable storage medium drive 860.
- Peripheral device(s) 840 may include any type of computer support device, such as an input/output (I/O) interface, to add additional functionality to the computer system 846.
- peripheral device(s) 840 may include a network interface card for interfacing computer system 846 to a network, a modem, and the like.
- Input device(s) 855 provide a portion of a user interface.
- Input device(s) 855 may include an alpha-numeric keypad for inputting alpha-numeric and other key information, or a pointing device, such as a mouse, a trackball, stylus or cursor direction keys.
- the computer system 846 includes graphics subsystem 870 and display 885.
- Display 885 may include a cathode ray tube (CRT) display, liquid crystal display (LCD), other suitable display devices, or means for displaying, that enables a user to interact with the computer program to configure the application objects and implement the workflows.
- Graphics subsystem 870 receives textual and graphical information and processes the information for output to display 885.
- Display 885 can be used to display an interface to interact with the computer program to configure the application objects and implement the workflows and/or display other information that is part of a user interface.
- the display 885 provides a practical application of the method of automating a microelectronic manufacturing process since the method of the present invention may be directly and practically implemented through the use of the display 885.
- the system 846 includes output devices 845. Examples of suitable output devices include speakers, printers, and the like.
- the devices contained in the computer system 846 are those typically found in general purpose computer systems, and are intended to represent a broad category of such computer components that are well known in the art.
- the computer system of Fig. 8 illustrates one platform which can be used for practically implementing the method of the present invention. Numerous other platforms can also suffice, such as Macintosh-based platforms available from Apple Computer, Inc., platforms with different bus configurations, networked platforms, multi-processor platforms, other personal computers, workstations, mainframes, navigation systems, and the like.
- Alternative embodiments of the use of the method of the present invention in conjunction with the computer system 846 further include using other display means for the monitor, such as CRT display, LCD display, projection displays, or the like.
- display means for the monitor such as CRT display, LCD display, projection displays, or the like.
- any similar type of memory other than memory 825, may be used.
- Other interface apparatus in addition to the component interfaces, may also be used including alpha-numeric keypads, other key information or any pointing devices such as a mouse, trackball, stylus, cursor or direction key.
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Development Economics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Bioethics (AREA)
- Economics (AREA)
- Marketing (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU12150/00A AU1215000A (en) | 1998-10-27 | 1999-10-20 | Mechanism for multiple party notarization of electronic transactions |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10577898P | 1998-10-27 | 1998-10-27 | |
US60/105,778 | 1998-10-27 | ||
US22369198A | 1998-12-30 | 1998-12-30 | |
US09/223,691 | 1998-12-30 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2000025245A1 true WO2000025245A1 (en) | 2000-05-04 |
WO2000025245A9 WO2000025245A9 (en) | 2000-10-26 |
Family
ID=26802934
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US1999/024570 WO2000025245A1 (en) | 1998-10-27 | 1999-10-20 | Mechanism for multiple party notarization of electronic transactions |
Country Status (2)
Country | Link |
---|---|
AU (1) | AU1215000A (en) |
WO (1) | WO2000025245A1 (en) |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001099388A2 (en) * | 2000-06-21 | 2001-12-27 | Docutouch Corporation | Digital signature system and method |
WO2001098956A1 (en) * | 2000-06-21 | 2001-12-27 | Elisa Communications Oyj | Method for charging for internet content or services subject to a charge |
WO2002007493A2 (en) * | 2000-07-13 | 2002-01-24 | Koninklijke Philips Electronics N.V. | Auditing system for e-commerce via consumer appliance |
WO2002011091A1 (en) * | 2000-07-28 | 2002-02-07 | Verisign, Inc. | Digital receipt for a transaction |
WO2002017124A2 (en) | 2000-08-25 | 2002-02-28 | Reveo, Inc. | Internet-based method of and system for authorizing electronic payment using time-space stamping |
ES2182671A1 (en) * | 2000-12-28 | 2003-03-01 | Web Trust Technologies S A | Electronic transaction notarising system and method |
EP1300747A1 (en) * | 2001-10-04 | 2003-04-09 | MSG Software SARL | Method for appending plurality of digital signatures to an electronic document on-line |
FR2834158A1 (en) * | 2001-12-21 | 2003-06-27 | Radiotelephone Sfr | Mobile telephone/pay TV telecommunication subscriber network electronic signatures having server receiving message/validating/producing over signature and second message sent with transaction section/signature with over writing. |
WO2004021667A2 (en) * | 2002-08-28 | 2004-03-11 | Koninklijke Philips Electronics N.V. | Secure logging of transactions |
EP1923813A2 (en) | 2001-04-05 | 2008-05-21 | Sap Ag | A security service for an electronic marketplace |
WO2009037663A3 (en) * | 2007-09-21 | 2009-10-15 | Koninklijke Philips Electronics N.V. | Method and a system for managing adaptations of digital content |
US7707624B2 (en) * | 2002-11-26 | 2010-04-27 | Rpost International Limited | System for, and method of, proving the transmission, receipt and content of a reply to an electronic message |
BE1018397A3 (en) * | 2008-12-30 | 2010-10-05 | Group Dado 13 Bv Met Beperkte | METHOD FOR LABELING DATA PACKAGES, UNITS TO REALIZE THIS METHOD, AND NETWORK THAT USES THIS METHOD. |
FR2950770A1 (en) * | 2009-09-30 | 2011-04-01 | Trustseed Sas | SYSTEM AND METHOD FOR SCHEDULING AND EXECUTING SECURE ELECTRONIC CORRESPONDENCE OPERATIONS |
EP1922644A4 (en) * | 2005-09-09 | 2012-09-05 | Microsoft Corp | Directed signature workflow |
US10503817B2 (en) | 2011-01-12 | 2019-12-10 | Crucs Holdings, Llc | System and method for multi-party document revision |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5497422A (en) * | 1993-09-30 | 1996-03-05 | Apple Computer, Inc. | Message protection mechanism and graphical user interface therefor |
-
1999
- 1999-10-20 AU AU12150/00A patent/AU1215000A/en not_active Abandoned
- 1999-10-20 WO PCT/US1999/024570 patent/WO2000025245A1/en active Application Filing
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5497422A (en) * | 1993-09-30 | 1996-03-05 | Apple Computer, Inc. | Message protection mechanism and graphical user interface therefor |
Cited By (28)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001098956A1 (en) * | 2000-06-21 | 2001-12-27 | Elisa Communications Oyj | Method for charging for internet content or services subject to a charge |
WO2001099388A3 (en) * | 2000-06-21 | 2002-08-22 | Docutouch Corp | Digital signature system and method |
WO2001099388A2 (en) * | 2000-06-21 | 2001-12-27 | Docutouch Corporation | Digital signature system and method |
WO2002007493A2 (en) * | 2000-07-13 | 2002-01-24 | Koninklijke Philips Electronics N.V. | Auditing system for e-commerce via consumer appliance |
WO2002007493A3 (en) * | 2000-07-13 | 2003-08-28 | Koninkl Philips Electronics Nv | Auditing system for e-commerce via consumer appliance |
WO2002011091A1 (en) * | 2000-07-28 | 2002-02-07 | Verisign, Inc. | Digital receipt for a transaction |
US8370916B2 (en) | 2000-07-28 | 2013-02-05 | Verisign, Inc | Digital receipt for a transaction |
US7694332B2 (en) | 2000-07-28 | 2010-04-06 | Verisign, Inc. | Digital receipt for a transaction |
WO2002017124A2 (en) | 2000-08-25 | 2002-02-28 | Reveo, Inc. | Internet-based method of and system for authorizing electronic payment using time-space stamping |
ES2182671A1 (en) * | 2000-12-28 | 2003-03-01 | Web Trust Technologies S A | Electronic transaction notarising system and method |
EP1923813A2 (en) | 2001-04-05 | 2008-05-21 | Sap Ag | A security service for an electronic marketplace |
EP1923813A3 (en) * | 2001-04-05 | 2008-08-13 | Sap Ag | A security service for an electronic marketplace |
EP1300747A1 (en) * | 2001-10-04 | 2003-04-09 | MSG Software SARL | Method for appending plurality of digital signatures to an electronic document on-line |
CN100409614C (en) * | 2001-12-21 | 2008-08-06 | 法国无线电话公司 | Electronic signature method |
FR2834158A1 (en) * | 2001-12-21 | 2003-06-27 | Radiotelephone Sfr | Mobile telephone/pay TV telecommunication subscriber network electronic signatures having server receiving message/validating/producing over signature and second message sent with transaction section/signature with over writing. |
WO2003056749A1 (en) * | 2001-12-21 | 2003-07-10 | Societe Francaise Du Radiotelephone | Electronic signature method |
JP2005537559A (en) * | 2002-08-28 | 2005-12-08 | コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ | Secure record of transactions |
WO2004021667A3 (en) * | 2002-08-28 | 2004-04-22 | Koninkl Philips Electronics Nv | Secure logging of transactions |
WO2004021667A2 (en) * | 2002-08-28 | 2004-03-11 | Koninklijke Philips Electronics N.V. | Secure logging of transactions |
US7707624B2 (en) * | 2002-11-26 | 2010-04-27 | Rpost International Limited | System for, and method of, proving the transmission, receipt and content of a reply to an electronic message |
EP1922644A4 (en) * | 2005-09-09 | 2012-09-05 | Microsoft Corp | Directed signature workflow |
WO2009037663A3 (en) * | 2007-09-21 | 2009-10-15 | Koninklijke Philips Electronics N.V. | Method and a system for managing adaptations of digital content |
BE1018397A3 (en) * | 2008-12-30 | 2010-10-05 | Group Dado 13 Bv Met Beperkte | METHOD FOR LABELING DATA PACKAGES, UNITS TO REALIZE THIS METHOD, AND NETWORK THAT USES THIS METHOD. |
FR2950770A1 (en) * | 2009-09-30 | 2011-04-01 | Trustseed Sas | SYSTEM AND METHOD FOR SCHEDULING AND EXECUTING SECURE ELECTRONIC CORRESPONDENCE OPERATIONS |
WO2011039077A1 (en) * | 2009-09-30 | 2011-04-07 | Trustseed Sas | System and method for planning and performing secure electronic correspondence operations |
US20120191976A1 (en) * | 2009-09-30 | 2012-07-26 | Trustseed Sas | System and method for scheduling and executing secure electronic correspondence operations |
US9386026B2 (en) | 2009-09-30 | 2016-07-05 | Trustseed Sas | System and method for scheduling and executing secure electronic correspondence operations |
US10503817B2 (en) | 2011-01-12 | 2019-12-10 | Crucs Holdings, Llc | System and method for multi-party document revision |
Also Published As
Publication number | Publication date |
---|---|
WO2000025245A9 (en) | 2000-10-26 |
AU1215000A (en) | 2000-05-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10970274B2 (en) | System and method for electronic data capture and management for audit, monitoring, reporting and compliance | |
US11093652B2 (en) | Web-based method and system for applying a legally enforceable signature on an electronic document | |
US6578015B1 (en) | Methods, devices and systems for electronic bill presentment and payment | |
US5970475A (en) | Electronic procurement system and method for trading partners | |
CA2275574C (en) | Method and system for processing electronic documents | |
JP5346330B2 (en) | Method for providing a settlement service in electronic commerce | |
US7519560B2 (en) | System and method for electronic authorization of batch checks | |
US6721716B1 (en) | Payment certification string and related electronic payment system and method | |
US20040039692A1 (en) | On-line payment system | |
WO2000025245A1 (en) | Mechanism for multiple party notarization of electronic transactions | |
WO2005038589A2 (en) | Electronic document management system | |
US20030167210A1 (en) | System and method for providing warranties in electronic commerce | |
US20140379542A1 (en) | Transaction account interface | |
WO2008108861A1 (en) | Electronic document processing | |
WO2000025246A1 (en) | Method and apparatus for establishing electronic transactions | |
AU4060502A (en) | Method and system for processing electronic documents | |
US9135614B2 (en) | System and method for managing issuance of financial accounts | |
KR100456032B1 (en) | Credit and debt inquiry system and method | |
CA2289955A1 (en) | Secure payment and trade management system | |
KR100432188B1 (en) | Supplier Relationship Management System and Method by using Digital Credit Certificate | |
AU3819202A (en) | Method and system for processing electronic documents | |
KR20010097821A (en) | Surtax processing system using internet and surtax reporting method using the system | |
Radicchio et al. | Report and Recommendations Of CEN/ISSS e-Invoicing Focus Group on Standards and Developments on electronic invoicing relating to VAT Directive 2001/115/EC | |
Pao | Security management of electronic data interchange | |
WO2002027615A1 (en) | Payment certification string and related electronic payment system and method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
ENP | Entry into the national phase |
Ref country code: AU Ref document number: 2000 12150 Kind code of ref document: A Format of ref document f/p: F |
|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
AK | Designated states |
Kind code of ref document: C2 Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: C2 Designated state(s): GH GM KE LS MW SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
COP | Corrected version of pamphlet |
Free format text: PAGES 1/12-12/12, DRAWINGS, REPLACED BY NEW PAGES 1/12-12/12; DUE TO LATE TRANSMITTAL BY THE RECEIVING OFFICE |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
122 | Ep: pct application non-entry in european phase |