WO2000075749A2 - Systeme de paiement sur internet - Google Patents

Systeme de paiement sur internet Download PDF

Info

Publication number
WO2000075749A2
WO2000075749A2 PCT/US2000/015827 US0015827W WO0075749A2 WO 2000075749 A2 WO2000075749 A2 WO 2000075749A2 US 0015827 W US0015827 W US 0015827W WO 0075749 A2 WO0075749 A2 WO 0075749A2
Authority
WO
WIPO (PCT)
Prior art keywords
credit card
merchant
consumer
consumers
electronic commerce
Prior art date
Application number
PCT/US2000/015827
Other languages
English (en)
Other versions
WO2000075749A3 (fr
Inventor
Dennis R. Floyd
Timothy L. Heaton
Brian S. Anderson
Stanley W. Anderson
Original Assignee
Intelishield.Com, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intelishield.Com, Inc. filed Critical Intelishield.Com, Inc.
Priority to AU54755/00A priority Critical patent/AU5475500A/en
Publication of WO2000075749A2 publication Critical patent/WO2000075749A2/fr
Publication of WO2000075749A3 publication Critical patent/WO2000075749A3/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/351Virtual cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes

Definitions

  • the present invention relates to Internet commerce, also known as electronic commerce. More particularly to credit card purchases over the Internet.
  • Websites When a consumer chooses to make a website on-line purchase they may use a credit card. Websites will require the consumer's name, credit card data, expiration date and typically the consumer's address, as well as the address the consumer would like the purchased items shipped to. When providing this data, a consumer types it into their browser, which transmits the data over the Internet, which is a public network. This transmission is not secure, and may be intercepted.
  • Websites allow consumers to save their credit card data: actual credit card number, expiration date, name on the card, and other personal information, in the website's database. The next time the consumer shops, their data will be available without the need to type in the data. Once a consumer purchases items at multiple websites, the consumer's credit card data is held by multiple databases on the Internet. Having data in more than one place increases the odds of having data stolen or intercepted.
  • Secure web-browsers exist, which encrypts the information being sent from the consumers browser to the website server. Typically secure web-browsers use Secure Socket Layer (SSL) technology. Secure servers also exist which utilize encryption, firewalls, and other means in an attempt to save consumers data from being stolen.
  • SSL Secure Socket Layer
  • Figure 2 An example of current systems and processes is shown in Figure 2, a block diagram illustrating the current e-commerce process and typical credit card transaction process.
  • Figure 2 illustrates a typical credit card transaction process with either a non-Internet merchant 200 or an Internet merchant 202, in which the process is the same.
  • Consumer 204 decides to make a purchase with either merchant (a non-Internet merchant 200 or an Internet merchant 202) . Consumer 204 then provides their credit card data to either merchant, represented by lines 208. Either merchant sends the credit card data to standard credit card approval network 206, line 210.
  • Standard credit card approval network 206 then processes the order and signifies to either merchant whether the transaction has been approved or disapproved, line 212. Either merchant then informs consumer 204 whether the transaction has been approved or disapproved, line 214. Current systems allow either merchant to view consumer's 204 credit card data.
  • the Internet merchant through interaction with consumer 204, also receives the data, line 208, over a public network, the Internet.
  • U.S. Patent No. 5,826,241 discloses a computerized system for making payments and authenticating transactions over the Internet.
  • the '241 patent requires both the consumer and the merchant to have an account with the system.
  • the '241 invention inserts itself into each financial transaction, charges the consumer's credit card, receives payment from the company the consumer has a credit card merchant account with, may remove credit card fees and service charges, and then passes the money onto the merchant.
  • the merchant is paid long after the purchase is consummated, maybe 30 days or more.
  • Electronic mail (E-mail) is used to verify a purchase with a consumer, which may be a time consuming process. Transactions are approved by the consumer via email utilizing either "yes", “no", or "fraud” in the E-mail messages.
  • the '214 patent uses the consumers' surrogate credit card number as the personal identification number (PIN) and shares the surrogate credit card number with the merchant.
  • U.S. Patent No. 5,757,917 discloses a computerized payment system for purchasing goods and services on the Internet. Transactions are approved by the consumer via E-mail utilizing either "yes", “no” or “fraud” messages, which are slow and time- consuming.
  • the '917 patent uses the consumers' surrogate credit card number as the personal identification number (PIN) and shares the surrogate credit card number with the merchant.
  • the '917 patent also uses hardwired ethernet connections between a an Internet- connected computer, "front end” and a computer, "back end", which contains both the surrogate and actual credit card data and which communicates with the credit card approval network.
  • the present invention eliminates consumer fears about releasing credit card data. Consumers' credit card data is kept securely and never transmitted over a public network such as the Internet.
  • the standard credit card transaction takes place and the merchant receives their payment through their merchant account provider just as with any other of their credit card transactions.
  • a merchant does not need a secure site, digital identification certificate, and other time consuming and expensive additions to their website for the purpose of providing secure transmissions for Internet commerce when using the present invention.
  • Credit card data is never sent over a public network, such as the Internet.
  • the present invention maintains a point of sale (POS) terminal for each member merchant.
  • POS point of sale
  • the POS is connected over secure telephone lines to the merchant's processor, the same as any of the merchant's other POS terminals. Therefore, the approval process takes only seconds.
  • merchants may be the victims of less fraud.
  • the consumer invokes the present invention by clicking an icon on the merchant's standard Internet order form.
  • the invocation of the present invention is done instantly and in real-time.
  • the consumers' credit card data is kept on a server located behind a firewall, and multiple other security barriers, which are not connected to the Internet.
  • the server containing the credit card data uses multiple layers of security that permanently isolate the server from both the consumer and merchant transactions and the credit card approval loop.
  • the server containing the credit card data is never directly connected to any data transmission capability.
  • the server also utilizes advanced multi-layered data mining and data management application programming interfaces to protect the internal data structures from data access outside of the standard transaction process. Additionally, the server utilizes multiple data filters to prevent data outflows from transmission pathways other then those included in the transaction process. These processes, along with multiple gateways and firewalls, effectively isolate the server from the Internet, the internal Intranet, the telecommunication network used by the PBX system, and the external credit card authorization network.
  • Special software does not need to be loaded onto the consumer's computer.
  • the consumer may use any computer, anywhere, without the need for installing special software.
  • the present invention also checks the consumers preferred shipping address with the address provided by the consumer at the time of purchase. This check provides yet another level of security. If a credit card is lost, a criminal could order merchandise and have it shipped to the criminals account. If the surrogate credit card number is lost, the criminal must also know the PIN number to be able to purchase merchandise with the account. Even if the PIN number is lost, the merchandise will only be shipped to the address contained on the secure server. The criminal will not be able to send the merchandise to an address of the criminal's choosing without entering another verification number which is other than the surrogate credit card number or the PIN number, such as a portion of the person ' s social security number or the name of a relative, i.e. data that would not be known to the criminal.
  • Another level of consumer security comes from the fact that the consumer's credit data is only on one server, not spread through out the internet on multiple merchant servers. Therefore, the consumer may inactivate their account by only having to access only one server, which denies use of the consumer's credit card data by everyone.
  • a consumer is able to validate their purchase in real time while on-line.
  • a transaction only occurs after correct verification of the surrogate credit card number, PIN, and shipping address.
  • the present invention is a system and method for providing electronic commerce without providing a consumer's credit card data over the Internet, or any other public network.
  • the consumer uses a surrogate credit card number to make purchases over the
  • An ultra-secure server network is provided in which the surrogate credit card number can only be translated into the actual credit card data when the consumer, who is on-line while a purchase is being made, personally authorizes the purchase using a separate personal identification number.
  • the converted credit card data is transmitted directly to the bank that handles the merchant's credit card account, just as though the consumer's actual credit card were physically passed through a point-of-sale terminal at the merchant's premises.
  • the data then proceeds through the standard electronic credit card approval loop.
  • the surrogate card issuer acts as a front-end, independent third party enabling prior consumer approval of each transaction while operating seamlessly with the standard credit card approval system.
  • Figure 1 is a block diagram illustrating the process of the present invention.
  • Figure 2 is a block diagram illustrating the current e-commerce process and standard credit card transaction process.
  • FIG 3 is a block diagram illustrating the process of the present invention as shown in Figure 1, in more detail.
  • Figure 4 is a block diagram illustrating the overall process of the present invention between servers.
  • FIG. 6 is a block diagram of the transaction process for the present invention.
  • Figure 7 is a block diagram continuing the transaction process of Figure 6 for the present invention.
  • Figure 8 is a block diagram illustrating a step from Figure 7 with additional steps.
  • Figure 9 is a block diagram of the process for establishing a consumer's account with the present invention.
  • Figure 10 is a block diagram of the process for establishing a merchant's membership with the service that implements the present invention.
  • figure 1 is a block diagram illustrating the process of the present invention.
  • the present invention internal network 100 is illustrated by block 100.
  • Consumer 102 interacts with merchant 104.
  • Transactions are made through a standard credit card approval network 106.
  • Lines labeled 108 through 122 illustrate the process of the present invention.
  • Line 108 illustrates consumer 102 choosing to purchase a product or service and utilize internal network 100.
  • Merchant 104 sends the following to internal network 100: merchant ID, transaction amount, indicated shipping address (as typed in by the member), and merchant's 104 internal order number, line 110.
  • Merchant 104 also sends the internet protocol address of consumer 102, line 110.
  • Internal network 100 sends a Purchase Authorization Screen (PAS) to consumer 102, represented by line 112, by utilizing the internet protocol address supplied by merchant 104.
  • PAS Purchase Authorization Screen
  • the PAS is displayed upon the consumer's 102 computer screen as a window which details to consumer 102 merchant's 104 name and transaction amount.
  • the PAS then prompts consumer 102 to enter their surrogate credit care number and PIN to authorize the transaction. Consumer 102 sends this data to internal network 100, line 114.
  • Internal network 100 securely converts consumers surrogate credit card number to the actual credit card data necessary to conduct a credit card transaction.
  • Line 116 transmits consumer's 102 credit card data to merchant's 104 merchant processor using a standard POS terminal for a standard credit card approval network 106.
  • Consumer's 102 data is not sent over the Internet or any other public network.
  • Standard credit card approval network 106 then replies with either an approval or disapproval, 118. If approved, an order confirmation is sent to consumer 102 through line 120 and a confirmation is also sent to merchant 104 through line 122. Merchant 104 never views the consumer's surrogate credit card number, PIN number, nor credit card data.
  • FIG. 3 is a block diagram illustrating the process of the present invention as shown in Figure 1, in more detail.
  • Blocks and lines, 100 through 122 are identical to Figure 1. Please read Figure 1 in conjunction with Figure 3. The following information describes the present invention internal network 100 in greater detail.
  • Internal network 100 consists of web server 300 which is connected to the Internet.
  • Web server 300 registers consumers and receives transaction data from merchant 104, including: merchant ID, transaction amount, indicated shipping address (as typed in by the member), and merchant's 104 internal order number, line 110.
  • Consumer 102 chooses to make a purchase of goods and/or services from merchant 104, line 108.
  • Web server 300 then sends a PAS to consumer 102, represented by line 112.
  • the PAS then prompts consumer 102 to enter their surrogate credit card number and PIN. Consumer 102 enters the data, which is then passed back to web server 300. Web server 300 transmits, arrow 306, the data to server 303.
  • Server 303 is isolated from the Internet and is part of an intranet operated behind a secure firewall by the entity that provides the service described in this invention.
  • Server 304 resides behind a gateway that incorporates multiple security barriers.
  • Server 304 is only connected to an isolated, internal network connection and is permanently isolated from the Internet, consumer 102, merchant 104, and standard credit card approval network 106.
  • Server 303 compares the surrogate credit card number and PIN for validation, line 314, and transmits a command through the secure gateway to server 304 which then converts the surrogate credit card number to the corresponding actual credit card data.
  • the data from merchant 104 and consumer 102 actual credit card data is passed to terminal server 302, line 312.
  • Terminal server 302 transmits the received data to the standard credit card approval network 106 through a POS terminal, which is maintained within terminal server 302, through a secure gateway, and over secure dedicated telephone lines, line 116.
  • a POS terminal is maintained for each individual merchant 104, the standard credit card approval network 106 does not know whether the credit card was processed by the present invention or merchant 104 directly.
  • terminal server 302 to standard credit card approval network 106 is not over a public network, nor over the Internet, it is over secure telephone lines linking terminal server 302 to the standard credit card approval network 106.
  • Standard credit card approval network 106 then replies with either an approval or disapproval, line 118.
  • the approval or disapproval is sent with an order confirmation number and actual credit card data over the same secure telephone lines to the merchant's POS terminal located within terminal server 302.
  • Terminal server 302 then transmits the order confirmation number, approval or disapproval, and actual credit card data to server 304, arrow 310.
  • Server 304 then converts the credit card data back to consumer's 102 surrogate credit card number.
  • Server 304 then transmits the order confirmation number and surrogate credit card number through the secure gateway to server 303, line 316.
  • Server 303 then transmits the data through the firewall to web server 300, arrow 308.
  • Web server 300 then sends order confirmation, approval or disapproval, to consumer 102, line 120, and order confirmation, approval or disapproval, to merchant 104, line 122.
  • Figure 4 is a block diagram illustrating the overall process of the present invention between servers. Shown in Figure 4 are the pathways between the various servers, layers of security represented by the firewall, and the gateways. Consumer 102 and merchant 104 are connected to Internet 402. Web server 300 is connected to Internet 402 and to server 303 through security firewall 406. Server 303 is then connected to intranet 408 through gateway 410.
  • PBX System 404 is accessed by consumer 102 through conventional phone lines, line 401, to a specific phone at the number listed in consumers 102 subscription. Using PBX system 404 consumer 102 enters their actual credit card data through secure gateway 402 into server 304. Server 304 communicates with terminal server 302 through connection 412. Server 304 and server 302 are located in close proximity within a vault that has highly restricted access.
  • Terminal server 302 is cormected to standard credit card approval network 106 through gateway 414, completing the system.
  • FIG. 6 is a block diagram of the transaction process for the present invention.
  • step 600 the consumer decides to make a purchase at a merchant's website.
  • step 602 the consumer proceeds to checkout, to pay for the products or services selected.
  • step 604 after successful completion of all data fields required by the merchant's Internet order system, including the shipping address, the consumer, when presented with the payment data options, selects to use the present invention as their payment vehicle and then submits their order. Selecting the present invention is as simple as clicking on an icon or text link which signifies the present invention and is recognized by the consumer.
  • step 606 the merchant assigns an internal order number, having previously validated the data entered on the order entry screen. For example the consumer will enter a shipping address and the data entered needs to be verified, e.g. the zip code must be of a predefined length, etc.. This validation is done within the merchant's own network. If the data is not validated the member is passed back to the order entry screen to complete any required fields.
  • step 608 upon validation of the data by the merchant, the transaction is passed to the present invention's web server.
  • the data passed to the web server includes the following data: merchant ID, transaction amount, indicated shipping address (as typed in by the member), and the merchant's internal order number. Also passed to web server is the Internet protocol (IP) address of the consumer who, at this point, is unknown by the entity that provides the service described in the present invention.
  • IP Internet protocol
  • Step 610 prompts the consumer for verification of their order.
  • a PAS is sent to the consumer.
  • the PAS is sent by the present invention's web server and not by the merchant. The following process steps are transparent to the merchant and the merchant does not know what is being done between the present invention's web server and the consumer.
  • the PAS is displayed upon the consumer's computer screen as a window that details to the consumer the merchant name and transaction amount.
  • the PAS then prompts the consumer to enter their surrogate credit card number and PIN.
  • step 612 web server queries the secure intranet server operated by the entity that provides the service described in this invention for validation of the consumer account ID, surrogate credit card account number, and PIN.
  • step 614 determines if the data is valid. If not valid then the consumer is prompted to re-enter the data again in Step 616, otherwise the process passes to step 618. If the data fails validation again, the member is prompted to contact consumer service and the web server sends the merchant a transaction fail notice.
  • Step 618 attempts another layer of security by querying the web server for verification of the address entered by the consumer on the merchant's system against the address contained within the web server. If the addresses match, the transaction continues to step 624. If the addresses do not match, because the consumer is shipping goods to another address, the consumer is asked to provide another validation in step 620. In step 620 the last four digits of the consumers social security number, or some other data that is not likely to be known to anyone other than the member-consumer, is requested to authorize the transaction. In step 622, if this supplemental data is valid, the transaction passes to step 624. Otherwise, if it is not valid, the transaction is declined and the consumer is prompted to contact consumer service and the web server sends the merchant a transaction failure notice in step 628.
  • Step 624 sends the data to the merchant's processor via the standard credit card approval network, additional steps shown in more detail in Figure 8.
  • Step 626 determines whether the merchant processor verified the transaction and completed the transaction. If the transaction was not completed, then a failure notice is sent to the merchant in step 628 and the process ends.
  • the merchant receives the data into their e-commerce platform and continues to process the transaction in order for the goods to be shipped and the transaction closed.
  • Step 800 begins the process in which the web server converts the member ID and PIN into an internal routing number.
  • the web server then passes the following data to the gateway: merchant's ID, transaction amount, merchant's internal order number, and the internal routing number.
  • the data is passed securely through the gateway to the isolated internal network.
  • Step 806 validates the routing number by passing the routing number to the secure server network which converts the routing number to the respective credit card data, number and expiration date.
  • the secure server then passes the credit card data, along with the remaining transaction data to the terminal server, in step 808.
  • the terminal server preferably a Level III compliant POS terminal, receives the transaction data and converts the merchant ID into the merchant name and the merchant processor merchant ID number.
  • the terminal server then compiles the data and in step 810 transmits the data over the standard credit card authorization network.
  • the transaction returns to the terminal server.
  • the transaction data is passed back through the secure server where it is re-converted to the surrogate account data and passed to the intranet server and on to the web server.
  • step 812 the transaction has been completed.
  • the merchant processor has seen a standard transaction come to them for authorization, and the merchant processor responded in their normal fashion.
  • the merchant has seen a standard credit card transaction being handled in a fully secure manner with only a modest deviation to their standard e-commerce process, and they have completed a purchase for one of their consumers.
  • the consumer has been given full assurance that the transaction conducted over the Internet was handled in such a manner so as to provide complete privacy of the consumer's credit card data.
  • the process then passes back to step 626 in Figure 7.
  • FIG. 9 is a block diagram of the process for establishing a consumer's account with the present invention.
  • the consumer initiates the set up of a new account preferably through a website, web server, or by calling a 1-800 phone number.
  • the prospective member provides the following data: full name, primary mailing and shipping address (street addresses only, no post office box numbers), e-mail address, telephone number and fax number if available, last four digits of their social security number, date of birth or some other supplemental security field, general demographic data, and the consumer's chosen four digit designated PIN number.
  • step 904 the consumer receives an eight digit inactive surrogate credit card number.
  • step 906 an internal routing number is assigned, which is never seen by the member.
  • a welcome kit is sent to the consumer with the following data: a member surrogate credit card number, instructions on how to activate the account, instructions on the use of the system, a merchant listing, a member agreement indicating the member accepts the terms and conditions of the agreement upon activation of the account, and general marketing materials, specials, and other relevant data.
  • step 910 the consumer calls a toll free number to activate their account.
  • the phone call is answered by a secure PBX VRU (Voice Response Unit) which resides in the secure area of the network.
  • the VRU is consistent with industry standards by providing an invisible layer of authentication for the user by verifying the phone number that the call is placed from to the phone number contained within the Web server.
  • the VRU prompts the consumer to enter via touch tone telephone number their surrogate credit card number, their pre-selected PIN, and the last four digits of their social security number.
  • the caller is validated by verifying the entry within the web server, the consumer is prompted to enter their designated credit card data which is verbally repeated back to the caller for further verification.
  • the user is given two opportunities for validation. If denied, the caller is prompted to contact consumer service.
  • step 912 the PBX then queries the web server for the routing number assigned to the consumer record.
  • the web server returns the routing number to the PBX which then passes the routing number to the secure server which creates a record for the consumer which contains the routing number and the consumer's designated credit data.
  • step 914 the consumer account is "Active" and the consumer may begin making transactions.
  • FIG 10 is a block diagram of the process for establishing a merchant's membership with the entity providing the service described in the present invention.
  • a merchant requests to be registered with the system.
  • Step 1004 attempts to determine if the merchant is qualified to be registered by meeting the following criteria: currently accept Visa and/or MasterCard (either credit or debit), currently has an a-commerce web presence and have has been conducting e-commerce for approximately one year, their defined e-commerce methodology is compatible with the present invention, their e-commerce platform meets the system requirements of the present invention, they meet credit worthiness requirements and are a business in good standing, presumably accomplished through the Dun & Bradstreet directory.
  • step 1006 the process passes to step 1006 in which an agreement is executed.
  • step 1008 the merchant provides the following data: credit card merchant processor merchant identification number, merchant processor name, appropriate contact data at the merchant processor.
  • the present invention then contacts the merchant processor and obtains the following data: telephone number for routing transaction data, confirms data format utilized for authorizations of card transactions, provides the present invention with a new POS terminal identification assigned to the present inventions Merchant's membership number.
  • Step 1010 then assigns the merchant a member-merchant identification and creates a record for the merchant within the present invention terminal server.
  • This record includes the following: Merchant ID, merchant name and contact data, processor name and contact data, processor merchant ID, and telephone number for transaction processing.
  • step 1012 the present invention then provides the programming required to enable the merchant to accept transactions. This includes working within the merchant's existing platform to offer the present invention as another payment option path to consumers. Embedded within this code is the ability to capture the total transaction purchase price, the merchant's internal order number, the consumer address data and the merchant ID. Upon testing, verification, and certification, the merchant is setup and may begin accepting transactions.
  • the surrogate credit card number and/or PIN does not have to be a number, it may be a digital certificate or other means of identifying the consumer.

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Finance (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Development Economics (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

L'invention concerne un système et un procédé de commerce électronique dans lequel il n'est pas nécessaire de fournir des données figurant sur la carte de crédit d'un consommateur via Internet ou via tout autre réseau public. Les consommateurs ont des craintes lorsqu'il s'agit de fournir des données concernant leur carte de crédit via Internet. Grâce à cette invention, les consommateurs ont la possibilité de réaliser des achats avec leur carte de crédit sans avoir à fournir les données de leur carte via Internet. Cette invention fournit aux consommateurs une carte de substitution pour réaliser leurs achats sur Internet, et les consommateurs autorisent eux-mêmes leurs achats pendant qu'ils sont en ligne. Les données réelles de la carte de crédit du consommateur ne sont jamais transmises via Internet. L'entité tierce qui fournit le service selon l'invention confirme en ligne chaque achat, ce qui réduit les risques d'escroquerie.
PCT/US2000/015827 1999-06-09 2000-06-08 Systeme de paiement sur internet WO2000075749A2 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU54755/00A AU5475500A (en) 1999-06-09 2000-06-08 Internet payment system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US32842299A 1999-06-09 1999-06-09
US09/328,422 1999-06-09

Publications (2)

Publication Number Publication Date
WO2000075749A2 true WO2000075749A2 (fr) 2000-12-14
WO2000075749A3 WO2000075749A3 (fr) 2001-02-01

Family

ID=23280917

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2000/015827 WO2000075749A2 (fr) 1999-06-09 2000-06-08 Systeme de paiement sur internet

Country Status (2)

Country Link
AU (1) AU5475500A (fr)
WO (1) WO2000075749A2 (fr)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001088770A1 (fr) * 2000-05-15 2001-11-22 David Gordon Attwells Procede ameliore d'achat et de location de produits sur internet
WO2001095268A2 (fr) * 2000-06-06 2001-12-13 Mohammad Husain Systeme et procede d'authentification sure d'un abonne de services de reseau
WO2002052460A1 (fr) * 2000-12-27 2002-07-04 Mark Christie Systeme de protection contre les fraudes par carte de credit ou de debit
WO2002052478A2 (fr) * 2000-12-22 2002-07-04 Okaikei, Inc. Systeme destine aux achats et aux ventes electroniques
WO2002058018A2 (fr) * 2001-01-19 2002-07-25 Haissam Malas Procede et systeme de paiement, et carte de paiement utilisee avec ledit systeme
FR2837643A1 (fr) * 2002-03-25 2003-09-26 France Telecom Procede de securisation d'un paiement par carte de credit
AU774531B2 (en) * 2000-05-15 2004-07-01 David Gordon Attwells An improved method of purchasing or hiring products on the internet
US6895391B1 (en) 1999-11-09 2005-05-17 Arcot Systems, Inc. Method and system for secure authenticated payment on a computer network
EP3023927A1 (fr) * 2001-02-02 2016-05-25 OpenTV, Inc. Système de gestion de suite de plateforme de service
GB2518277B (en) * 2013-07-15 2017-05-03 Mastercard International Inc Improvements relating to secure payment transactions
GB2544998A (en) * 2015-12-02 2017-06-07 Eckoh Uk Ltd Tokenisation in cardholder - not - present transactions
WO2020123966A1 (fr) * 2018-12-14 2020-06-18 Jpmorgan Chase Bank, N.A. Systèmes et procédés pour utiliser des cartes virtuelles intégrées de paiement sur demande

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5727163A (en) * 1995-03-30 1998-03-10 Amazon.Com, Inc. Secure method for communicating credit card data when placing an order on a non-secure network
US5757917A (en) * 1995-11-01 1998-05-26 First Virtual Holdings Incorporated Computerized payment system for purchasing goods and services on the internet
US5825881A (en) * 1996-06-28 1998-10-20 Allsoft Distributing Inc. Public network merchandising system
US5890137A (en) * 1995-12-15 1999-03-30 Kabushiki Kaisha N.K. Kikaku On-line shopping system and the method of payment settlement
US5903652A (en) * 1996-11-25 1999-05-11 Microsoft Corporation System and apparatus for monitoring secure information in a computer network
US5903721A (en) * 1997-03-13 1999-05-11 cha|Technologies Services, Inc. Method and system for secure online transaction processing
US6023682A (en) * 1997-10-21 2000-02-08 At&T Corporation Method and apparatus for credit card purchase authorization utilizing a comparison of a purchase token with test information

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5727163A (en) * 1995-03-30 1998-03-10 Amazon.Com, Inc. Secure method for communicating credit card data when placing an order on a non-secure network
US5757917A (en) * 1995-11-01 1998-05-26 First Virtual Holdings Incorporated Computerized payment system for purchasing goods and services on the internet
US5890137A (en) * 1995-12-15 1999-03-30 Kabushiki Kaisha N.K. Kikaku On-line shopping system and the method of payment settlement
US5825881A (en) * 1996-06-28 1998-10-20 Allsoft Distributing Inc. Public network merchandising system
US5903652A (en) * 1996-11-25 1999-05-11 Microsoft Corporation System and apparatus for monitoring secure information in a computer network
US5903721A (en) * 1997-03-13 1999-05-11 cha|Technologies Services, Inc. Method and system for secure online transaction processing
US6023682A (en) * 1997-10-21 2000-02-08 At&T Corporation Method and apparatus for credit card purchase authorization utilizing a comparison of a purchase token with test information

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7330836B2 (en) 1999-11-09 2008-02-12 Arcot Systems, Inc. Method and system for secure authenticated payment on a computer network
US6895391B1 (en) 1999-11-09 2005-05-17 Arcot Systems, Inc. Method and system for secure authenticated payment on a computer network
WO2001088770A1 (fr) * 2000-05-15 2001-11-22 David Gordon Attwells Procede ameliore d'achat et de location de produits sur internet
AU774531B2 (en) * 2000-05-15 2004-07-01 David Gordon Attwells An improved method of purchasing or hiring products on the internet
WO2001095268A2 (fr) * 2000-06-06 2001-12-13 Mohammad Husain Systeme et procede d'authentification sure d'un abonne de services de reseau
US6978380B1 (en) 2000-06-06 2005-12-20 Commerciant, L.P. System and method for secure authentication of a subscriber of network services
WO2001095268A3 (fr) * 2000-06-06 2003-05-01 Mohammad Husain Systeme et procede d'authentification sure d'un abonne de services de reseau
WO2002052478A3 (fr) * 2000-12-22 2004-02-26 Okaikei Inc Systeme destine aux achats et aux ventes electroniques
WO2002052478A2 (fr) * 2000-12-22 2002-07-04 Okaikei, Inc. Systeme destine aux achats et aux ventes electroniques
WO2002052460A1 (fr) * 2000-12-27 2002-07-04 Mark Christie Systeme de protection contre les fraudes par carte de credit ou de debit
WO2002058018A2 (fr) * 2001-01-19 2002-07-25 Haissam Malas Procede et systeme de paiement, et carte de paiement utilisee avec ledit systeme
WO2002058018A3 (fr) * 2001-01-19 2003-02-13 Haissam Malas Procede et systeme de paiement, et carte de paiement utilisee avec ledit systeme
WO2002058017A1 (fr) * 2001-01-19 2002-07-25 Haissam Malas Procede et systeme de paiement mondial et carte de paiement utilisee avec ce procede et ce systeme
EP3023927A1 (fr) * 2001-02-02 2016-05-25 OpenTV, Inc. Système de gestion de suite de plateforme de service
WO2003081547A1 (fr) * 2002-03-25 2003-10-02 France Telecom Procede et systeme de securisation d'un paiement par carte de credit
FR2837643A1 (fr) * 2002-03-25 2003-09-26 France Telecom Procede de securisation d'un paiement par carte de credit
GB2518277B (en) * 2013-07-15 2017-05-03 Mastercard International Inc Improvements relating to secure payment transactions
GB2544998A (en) * 2015-12-02 2017-06-07 Eckoh Uk Ltd Tokenisation in cardholder - not - present transactions
WO2020123966A1 (fr) * 2018-12-14 2020-06-18 Jpmorgan Chase Bank, N.A. Systèmes et procédés pour utiliser des cartes virtuelles intégrées de paiement sur demande

Also Published As

Publication number Publication date
WO2000075749A3 (fr) 2001-02-01
AU5475500A (en) 2000-12-28

Similar Documents

Publication Publication Date Title
JP5638046B2 (ja) コンピュータ・ネットワーク上において行われる購買を許可する方法およびシステム
AU2006100814C4 (en) Transaction System
US8543497B1 (en) Secure authentication payment system
US7921038B2 (en) Conducting commerce between individuals
US20100179906A1 (en) Payment authorization method and apparatus
CA2462398C (fr) Systeme de paiement en ligne securise
US20070005445A1 (en) Secure transaction processing system and method
CZ20004781A3 (cs) Ověřený platební systém
AU2002315501A1 (en) Secure authentication and payment system
WO2000075843A1 (fr) Systeme de paiement sur l'internet
EP1134707A1 (fr) Procédé et dispositif d'authorisation de paiement
WO2000075749A2 (fr) Systeme de paiement sur internet
US20020156689A1 (en) System and method for securing transactions between buyer and credit authorizer
US20020123935A1 (en) Secure commerce system and method
GB2360383A (en) Payment authorisation
WO2002054315A1 (fr) Systeme de traitement de transactions securisees
IE20020450U1 (en) A secure on-line payment system

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase in:

Ref country code: JP