WO2001090971A2 - Procede de paiement protege pour transactions en ligne - Google Patents

Procede de paiement protege pour transactions en ligne Download PDF

Info

Publication number
WO2001090971A2
WO2001090971A2 PCT/IB2001/001095 IB0101095W WO0190971A2 WO 2001090971 A2 WO2001090971 A2 WO 2001090971A2 IB 0101095 W IB0101095 W IB 0101095W WO 0190971 A2 WO0190971 A2 WO 0190971A2
Authority
WO
WIPO (PCT)
Prior art keywords
credit card
customer
retailer
card company
line
Prior art date
Application number
PCT/IB2001/001095
Other languages
English (en)
Other versions
WO2001090971A3 (fr
Inventor
Raul Sergio Cruz Themudo Lessa
Nilo Vilela Cardoso
Roger Delrue Chadel
Original Assignee
Nvcnet Web Business Services
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nvcnet Web Business Services filed Critical Nvcnet Web Business Services
Priority to AU2001264179A priority Critical patent/AU2001264179A1/en
Publication of WO2001090971A2 publication Critical patent/WO2001090971A2/fr
Publication of WO2001090971A3 publication Critical patent/WO2001090971A3/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means

Definitions

  • the present invention provides a linking process to provide a customer of goods or services on-line a secure payment process without relying upon the security of payment information residing at the retailer.
  • the present invention provides an on-line transaction wherein a customer purchases goods from an on-line retailer without providing credit card information to the retailer.
  • a credit card facilitates making purchases via telephone or over a network (i.e., the Internet).
  • potential customers are justifiably concerned about placing orders for merchandise on networks such as the Internet, for example via E-mail, because of the lack of secure communications.
  • Confidential data i.e., credit card numbers and associated information
  • Several on-line retailers have even been "hacked" and had database files containing customer information, including credit card numbers, accessed by hackers.
  • a similar approach for placing an order in current use is initiated when a customer sends an order, without credit card information, to a merchant over a non-secure network.
  • the merchant's clerk or an automated system sends an E-mail message to the customer containing an order number that uniquely identifies the order.
  • the customer dials a telephone number that connects to the merchant's facilities.
  • the customer enters the unique order number and correct credit card number for billing the order on a touch-tone telephone (assuming that the customer has placed the call on this type of phone).
  • the order number is used to match the correct order with the customer's credit card number.
  • a new method for ordering goods over a network is needed that enables a customer to place an order without concern that others may illicitly gain access to the customer's credit card information.
  • the order entry should be automated for optimum efficiency and to mimmize the time required for the customer to complete an order.
  • the present invention represents a workable solution to this problem that is relatively efficient and foolproof.
  • the present invention provides a process for completing an on-line transaction wherein a customer purchases goods from an on-line retailer, comprising:
  • step (e) providing the authorization code to the retailer to complete the sale of the goods.
  • the link to the credit card company with the customer is over a secure socket or an encrypted communication.
  • the identity of the customer or other customer data is not provided to the retailer.
  • the customer chooses a link to the credit card company wherein the customer owns an account and identified the credit card account only to the credit card company.
  • the process further comprises (f) having the retailer provide the authorization code and a retailer code to the credit card company; and (g) having the credit card company authorize the purchase and bill the customer. If the customer does not identify himself or herself in step (c), then the credit card company cancels the credit card provided.
  • Figure 1 is a screen-print from a hypothetical on-line retailer (Super CD) showing a purchase of three items for a total of US$71.00.
  • Super CD hypothetical on-line retailer
  • Figure 2 shows a screen-print of a form for obtaining customer information to be directed to a credit card company, wherein there are credit card logos for linking available at the bottom of the page.
  • Figure 3 is a hypothetical first page of a screen showing the first step for an authorization procedure with a customer giving credit card information only to a credit card company (American Express in the Figure).
  • Figures 4 and 5 show hypothetical screen-prints of an authorization process wherein the customer is given a period of time (30 seconds) to answer a question that the customer should know and provide a password.
  • Figure 6 shows a screen print of a completed authorization with a credit card company and providing an authorization code "26077" to the customer by the credit card company (American Express).
  • Figure 7 shows a screen-print of the customer being directed back to the retailer site to enter the authorization code (26077) supplied by the credit card company. It should be noted that the retailer does not have the credit card number of the customer.
  • Figure 8 shows a hypothetical screen-print of a completed transaction wherein the customer is supplied with an order number (81404) by the retailer.
  • Figure 9 shows a screen print of a hypothetical situation when a customer does not properly answer questions from the credit card company and the credit card is temporarily canceled.
  • the present invention addresses the need for greater credit card security so as to allow on-line retailers and on-line customers to more freely conduct business on the internet without fear or with reduced fear that credit card information will fall into the wrong hands.
  • the present inventive process takes the position that the on-line retailed does not need to know a customer's credit card information in order to conduct (business-to-consumer) business on-line. Definitions
  • “Credit card” is intended to encompass debit cards and any other form of credit or debit used to make a purchase by providing a reference number that uniquely identifies a purchaser's account from which funds used to pay a seller for goods or services will be transferred.
  • “Credit card transactions” encompass credit cards, debit cards, purchase cards, store cards or any card issued by an “issuing agent.”
  • a "credit card company” is a business that provides credit cards, such as VISA or a bank.
  • a "customer” is an individual or business that purchases goods or services.
  • Goods include items than can be purchased (e.g., a computer, automobile, or bicycle) or services (e.g., writing a patent application).
  • Issuing Agent is a business that issues credit cards. The most common issuing agents are VISA, Mastercard, American Express and Discover.
  • On-line retailer or “retailer” is a business that offers for sale goods or services oil an Internet Web site.
  • On-line transaction or “transaction” refers to any exchange of goods or services in the normal course of commerce wherein the primary means of communication between a customer and a retailer is via the Internet.
  • the present invention provides a process for completing an on-line transaction wherein a customer purchases goods from an on-line retailer, comprising: (a) determining the goods to be purchased and the total cost of the goods in an on-line connection between a customer and an on-line retailer;
  • FIGs 1-8 A hypothetical transaction is provided in Figures 1-8.
  • the customer Raul Lessa, of Sao Paulo (Figure 2) desires to purchase three items for a total purchase price of US$71.00 ( Figure 1).
  • the hypothetical retailer "Super CD” directs the customer to a credit card company with a choice of credit card companies identified by their logos ( Figure 2).
  • This procedure further provides a reduction of risk of fraud to the credit card company, who has the ability to avoid fraud by canceling any credit card that may have been stolen.
  • Selection of a credit card company will automatically link the customer to the secure site of the credit card company without having the retailer have any access to the information.
  • the link will send the "store code" of the retailer to the credit card company, along with transaction information including the order number and the purchase price amount.
  • the customer will provide his or her credit card number only to the credit card company (not to the retailer) and there will be no need to include additional information, such as expiration date or the card holder's name ( Figure 3).
  • the credit card company will then begin a verification process to identify the credit card holder and not necessarily the person holding the credit card (in case it was physically stolen).
  • the credit card company provides a series of questions that the credit card company knows the credit card holder can answer ( Figures 4 and 5). If the credit card company receives the correct answers (within a preset time period), the credit card company provides to the customer an authorization code (Figure 6). Preferably, this code is valid for a period of time and only for the retailer identified to the credit card company.
  • the authorization code provided by the credit card company is 26077.
  • the credit card company links the customer back to the retailer and the customer needed to have copied down the authorization code.
  • the retailer asks for the authorization code and this code is typed in by the customer (Figure 7).
  • the credit card company can cancel, temporarily or permanently, the credit card whose number was provided.
  • the credit card company also provides to the customer (assuming the customer was the valid card holder) a means for reinstating his or her credit card.
  • the inventive process provides a safe and secure means for facilitating on-line transactions and does not let retailers have credit card information stored in vulnerable databases. There is security provided to the retailer to insure that valid credit hard holders are properly using credit cards to insure payment. There is security to the customer to avoid having his or her credit card numbers stored on a retailer database, having varying levels of security from hackers. Moreover, the foregoing process shifts the verification burden from the retailer to the credit card company, with whom the contract with the customer exists. Therefore, no new infrastructure is needed to implement this process.

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

L'invention concerne un procédé de liaison fournissant à un client de marchandises ou de services un procédé de paiement protégé quelle que soit la sécurité des informations de paiement résidant chez le détaillant. L'invention porte, notamment, sur une transaction en ligne dans laquelle un client achète des marchandises à un détaillant en ligne sans fournir d'informations sur sa carte de crédit au détaillant.
PCT/IB2001/001095 2000-05-26 2001-05-24 Procede de paiement protege pour transactions en ligne WO2001090971A2 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001264179A AU2001264179A1 (en) 2000-05-26 2001-05-24 Secure payment process for on-line transactions

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US57944900A 2000-05-26 2000-05-26
US09/579,449 2000-05-26

Publications (2)

Publication Number Publication Date
WO2001090971A2 true WO2001090971A2 (fr) 2001-11-29
WO2001090971A3 WO2001090971A3 (fr) 2002-06-20

Family

ID=24316949

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2001/001095 WO2001090971A2 (fr) 2000-05-26 2001-05-24 Procede de paiement protege pour transactions en ligne

Country Status (2)

Country Link
AU (1) AU2001264179A1 (fr)
WO (1) WO2001090971A2 (fr)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5485510A (en) * 1992-09-29 1996-01-16 At&T Corp. Secure credit/debit card authorization
EP0779587A2 (fr) * 1995-12-15 1997-06-18 Kabushiki Kaisha N.K Kikaku Système d'achat on-line et méthode pour le règlement de la facture
EP0813325A2 (fr) * 1996-06-12 1997-12-17 AT&T Corp. Mécanisme permettant des transactions électroniques sécurisées sur Internet
WO1998030985A2 (fr) * 1997-01-06 1998-07-16 Aerotel Ltd. Systeme informatise de transfert d'argent
US5822737A (en) * 1996-02-05 1998-10-13 Ogram; Mark E. Financial transaction system
WO1999007121A2 (fr) * 1997-07-29 1999-02-11 Netadvantage Corporation Procede et systeme pour mener des transactions commerciales electroniques

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5485510A (en) * 1992-09-29 1996-01-16 At&T Corp. Secure credit/debit card authorization
EP0779587A2 (fr) * 1995-12-15 1997-06-18 Kabushiki Kaisha N.K Kikaku Système d'achat on-line et méthode pour le règlement de la facture
US5822737A (en) * 1996-02-05 1998-10-13 Ogram; Mark E. Financial transaction system
EP0813325A2 (fr) * 1996-06-12 1997-12-17 AT&T Corp. Mécanisme permettant des transactions électroniques sécurisées sur Internet
WO1998030985A2 (fr) * 1997-01-06 1998-07-16 Aerotel Ltd. Systeme informatise de transfert d'argent
WO1999007121A2 (fr) * 1997-07-29 1999-02-11 Netadvantage Corporation Procede et systeme pour mener des transactions commerciales electroniques

Also Published As

Publication number Publication date
WO2001090971A3 (fr) 2002-06-20
AU2001264179A1 (en) 2001-12-03

Similar Documents

Publication Publication Date Title
JP4955894B2 (ja) 認可要求データのループバックによる安全な電子商取引の実行方法及びシステム
AU720433B2 (en) Computerized payment system for purchasing goods and services on the internet
US7127427B1 (en) Secure transaction processing system and method
CA2223079C (fr) Agent securise pour la distribution ouverte d'argent electronique
US6748367B1 (en) Method and system for effecting financial transactions over a public network without submission of sensitive information
US20030130955A1 (en) Secure transaction systems
US20020046092A1 (en) Method for preventing fraudulent use of credit cards and credit card information, and for preventing unauthorized access to restricted physical and virtual sites
US7865446B2 (en) Method for secure electronic commercial transaction on-line processing
JPH07234904A (ja) 非現金取引を行う方法
JP2004511028A (ja) 情報を安全に収集、格納、及び送信する方法及びシステム
EP1234223A2 (fr) Systeme et procede pour effectuer des transactions electroniques sures
JP2002342688A (ja) 電子商取引方法、決済代行方法、使い捨て後払い方式情報発行方法、および決済依頼方法
JPH09297789A (ja) 電子商取引決済管理システム及び方法
US20040093277A1 (en) Method and system for secure electronic purchase transactions
WO2001011515A2 (fr) Procede et systeme permettant de faire des paiements electroniques anonymes sur le web
US20020123935A1 (en) Secure commerce system and method
JPH09114904A (ja) 情報販売方法およびシステム
KR20010073982A (ko) 전자상거래 시스템에 있어서의 일회성 가상 신용카드 거래승인방법 및 그 시스템
KR20000037129A (ko) 인터넷 쇼핑몰을 통한 상품, 용역 구매시 전자 결제 보안시스템 및 그 방법
WO2001090971A2 (fr) Procede de paiement protege pour transactions en ligne
KR20020003084A (ko) 클라이언트 결제 애플리케이션을 이용한 인터넷 기반 전자 상거래의 결제 서비스 제공 방법
Klur What an organization should know about using electronic cash
WO2002058018A2 (fr) Procede et systeme de paiement, et carte de paiement utilisee avec ledit systeme
JP2003044775A (ja) 電子商取引方法、電子商取引装置及びプログラム
JP2002183433A (ja) 電子商取引システムおよび電子商取引方法

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AU BR JP

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AK Designated states

Kind code of ref document: A3

Designated state(s): AU BR JP

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: COMMUNICATION UNDER RULE 69 EPC ( EPO FORM 1205A DATED 14/04/03 )

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase in:

Ref country code: JP