CA2272685A1 - A method and apparatus using digital credentials and other electronic certificates for electronic transactions - Google Patents
A method and apparatus using digital credentials and other electronic certificates for electronic transactions Download PDFInfo
- Publication number
- CA2272685A1 CA2272685A1 CA002272685A CA2272685A CA2272685A1 CA 2272685 A1 CA2272685 A1 CA 2272685A1 CA 002272685 A CA002272685 A CA 002272685A CA 2272685 A CA2272685 A CA 2272685A CA 2272685 A1 CA2272685 A1 CA 2272685A1
- Authority
- CA
- Canada
- Prior art keywords
- user
- information
- short
- term certificate
- needs
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/085—Payment architectures involving remote charge determination or related payment systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
- G06Q20/102—Bill distribution or payments
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4016—Transaction verification involving fraud or risk level assessment in transaction processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/403—Solvency checks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/04—Billing or invoicing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/03—Credit; Loans; Processing thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/12—Accounting
- G06Q40/128—Check-book balancing, updating or printing arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Abstract
A method for performing electronic transactions, comprising receiving a long-term certificate, authenticating a user associated with the long-term certificate, and then sending a short-term certificate to the authenticated user. In addition, risk associated with the user can be evaluated, and this risk information, as well as other information, can be included in the short-term certificate.
Description
WO 99/I984S PC'f/US98119717 A METHOD AND APPARATUS USING DIGITAL
CREDENTIALS AND OTHER ELECTRONIC
CERTIFICATES FOR ELECTRONIC TRANSACTIONS
CROSS REFERENCE TO RELATED APPLICATIONS
This application claims priority to Provisional Application Serial No. 60/060643, filed on Oc;ober l, 1997.
FIELD OF 'IHE INVEN'fIt'~N
The present invention relates to digital credentials and other electronic certificates. More particularly, the present invention relates to a service for using digital credentials and other electronic certificates 1 S to practice commerce on a network.
BACKGROI1ND OF '"HE TNVENTION
7'c exercise certain ribhts and privileges, people need to possess or show various types of credentials. Credentials are certificates such 2 o as birth certificates, Social Security Cards, driver's licenses, membership cards, admission badges, charge cards, and the like that represent some certified assertion about a person. In the case of a driver's license, an officer of the state certifies that a specific person is licensed to give a vehic':e. A charge card represents an assertion, 2 5 certified by some bank or other organization, that a person has a charge a~~count at that bank. Companies issue credentials for their employees, usually ir_ the form of ID badges. Generally, the certificate will include some means of identifying to whom the assertion applies (the holder or subject of the credential), a~~d who is certifying the assertion (the 30 ecrtifier ofthe credential, ~~1.,~ is often the issuer).
In the case of a drive_°~'s license or corporate ID, the holder is typically identified by a photograph and signature specimen laminated EU~'STtTUTE afilEi~a'I' (RULE .f6) WO 99/19845 PCT/US98/19717 ~.
to the certificate and the ce~rtifier of the credential is usually identified by a logo, layout, and Borne other means such as a hologram.
With the advent of electronic commerce) standard credentials have be torte ~.nsufficient, and tl-.e reed for digital credentials has necome more widespreao. Digital credentials are electronic certificates having the property that the assertions about the holder can be interpreted and verified by a computer, the certifier can be reliably recognized by a computer, and the holder's present intention to use the credentials can be recognized by a computer (often remotely, through a l0 network). Digital credent' GIs can use a cryptographic mechanism known as a digital signat<ic~ An electronic document can be signed by applying a cryptographic secret key controlled by the signer. A
signature can be verified usi=ig public information (known as the public key). The verification process can use the public key to verify that the signer's secret key was used to sign the document. The science of public key cryptography enables this.
Examples of digital credentials are automatic teller machine (ATM) or bank cards. As opposed to other types of certificates mentioned earlier, these a:-e not usually presented - to people for 2 0 verification. They are norma.liy presented to an ATM and ultimately to a specialized computer network. The relevant information regarding the certifier is digitally enc.3ded on a magnetic strip and the cardholder is identifies: by a Persona' ida~r~tity i~lumber or PIN. Furthermore, the holder's present intention to apply the rights asserted by the credential (such as withdrawing maney~ is signified by the holder's entry of the F~~a. This .4'TT~I card allows ~ "ze holder to use electronic banking over specialized digital networ3~,s The present form of digital credentials, however. can support only a minimal variety of services over specialized and non-spenialized networks such as the Internet.
Present ways oa' za:ying digital credentials (using PINS and ~t~I~S~T1TU'r"~ ~l~l~-i:~~' (~tJl.~ :~~~) WO 99/19845 PG"T/US98/19717 ~.
CREDENTIALS AND OTHER ELECTRONIC
CERTIFICATES FOR ELECTRONIC TRANSACTIONS
CROSS REFERENCE TO RELATED APPLICATIONS
This application claims priority to Provisional Application Serial No. 60/060643, filed on Oc;ober l, 1997.
FIELD OF 'IHE INVEN'fIt'~N
The present invention relates to digital credentials and other electronic certificates. More particularly, the present invention relates to a service for using digital credentials and other electronic certificates 1 S to practice commerce on a network.
BACKGROI1ND OF '"HE TNVENTION
7'c exercise certain ribhts and privileges, people need to possess or show various types of credentials. Credentials are certificates such 2 o as birth certificates, Social Security Cards, driver's licenses, membership cards, admission badges, charge cards, and the like that represent some certified assertion about a person. In the case of a driver's license, an officer of the state certifies that a specific person is licensed to give a vehic':e. A charge card represents an assertion, 2 5 certified by some bank or other organization, that a person has a charge a~~count at that bank. Companies issue credentials for their employees, usually ir_ the form of ID badges. Generally, the certificate will include some means of identifying to whom the assertion applies (the holder or subject of the credential), a~~d who is certifying the assertion (the 30 ecrtifier ofthe credential, ~~1.,~ is often the issuer).
In the case of a drive_°~'s license or corporate ID, the holder is typically identified by a photograph and signature specimen laminated EU~'STtTUTE afilEi~a'I' (RULE .f6) WO 99/19845 PCT/US98/19717 ~.
to the certificate and the ce~rtifier of the credential is usually identified by a logo, layout, and Borne other means such as a hologram.
With the advent of electronic commerce) standard credentials have be torte ~.nsufficient, and tl-.e reed for digital credentials has necome more widespreao. Digital credentials are electronic certificates having the property that the assertions about the holder can be interpreted and verified by a computer, the certifier can be reliably recognized by a computer, and the holder's present intention to use the credentials can be recognized by a computer (often remotely, through a l0 network). Digital credent' GIs can use a cryptographic mechanism known as a digital signat<ic~ An electronic document can be signed by applying a cryptographic secret key controlled by the signer. A
signature can be verified usi=ig public information (known as the public key). The verification process can use the public key to verify that the signer's secret key was used to sign the document. The science of public key cryptography enables this.
Examples of digital credentials are automatic teller machine (ATM) or bank cards. As opposed to other types of certificates mentioned earlier, these a:-e not usually presented - to people for 2 0 verification. They are norma.liy presented to an ATM and ultimately to a specialized computer network. The relevant information regarding the certifier is digitally enc.3ded on a magnetic strip and the cardholder is identifies: by a Persona' ida~r~tity i~lumber or PIN. Furthermore, the holder's present intention to apply the rights asserted by the credential (such as withdrawing maney~ is signified by the holder's entry of the F~~a. This .4'TT~I card allows ~ "ze holder to use electronic banking over specialized digital networ3~,s The present form of digital credentials, however. can support only a minimal variety of services over specialized and non-spenialized networks such as the Internet.
Present ways oa' za:ying digital credentials (using PINS and ~t~I~S~T1TU'r"~ ~l~l~-i:~~' (~tJl.~ :~~~) WO 99/19845 PG"T/US98/19717 ~.
passwords) are notoriously insecure, very user-unfriendly, and generally inadequate for electronic commerce. For example, while hand-written signatures on documents car:. make paper records auditable, PINs and passwords are not very usefi:l for this purpose. In particular, they do not have persistent properf:ie as signatures do. For example, one can directly verify a signature pest-hoc, but PINs and passwords can be verified only at time of use. Tl~e certified digital signature can substitute for a hand-written signature.
The importance of digital credentials is rapidly increasing because networks are becoming more open and public. Whereas a person's identity on a closed network is known through a network operating system, and privileges can be determined by database look ups, such is not the case on the Internet, for example.
Digitally-signed certificates have been used in electronic payment systems that have arisen over the past five years or so. At least three distinct types of payment systems exist, each of which differs from the current invention in significant ways. The three systems are referred to as e-check, e-charge, and e-cash.
An e-check is designed to function in a way similar to the way 2 0 paper checks function. ~Vhi Ie a paper check is a signed request for a bank to pay a given amoun: from the payer's account to the party that is reamed on the check (the payee j, an e-check is a message requesting the same procedvcre, but i:,s electronically signed by the payer. The electronic silnat°4,re certifies ~ ~; in tie case of a paper check that the user attests to tre payment requ~s~. and to the specifics of the payee and the amount. With a paper ch,~:k, t~~e payee has the option of verifying the identity of the payer in p~~rs~n; often demanding one or more alternate methods of payer identiticav:io;~, or the payee can sometimes wait until thp check "clears" before ~r,,~~idin~; value in return for the check.
3 0 Clearing m°ans that the pa~~ee'bank receives payment from the payer's ~~0~~;~'~"fUT~ ~i i ~~:T' (i~it,5i~ ~~ j WO 99/19845 PC"TNS98/19717 ~.
The importance of digital credentials is rapidly increasing because networks are becoming more open and public. Whereas a person's identity on a closed network is known through a network operating system, and privileges can be determined by database look ups, such is not the case on the Internet, for example.
Digitally-signed certificates have been used in electronic payment systems that have arisen over the past five years or so. At least three distinct types of payment systems exist, each of which differs from the current invention in significant ways. The three systems are referred to as e-check, e-charge, and e-cash.
An e-check is designed to function in a way similar to the way 2 0 paper checks function. ~Vhi Ie a paper check is a signed request for a bank to pay a given amoun: from the payer's account to the party that is reamed on the check (the payee j, an e-check is a message requesting the same procedvcre, but i:,s electronically signed by the payer. The electronic silnat°4,re certifies ~ ~; in tie case of a paper check that the user attests to tre payment requ~s~. and to the specifics of the payee and the amount. With a paper ch,~:k, t~~e payee has the option of verifying the identity of the payer in p~~rs~n; often demanding one or more alternate methods of payer identiticav:io;~, or the payee can sometimes wait until thp check "clears" before ~r,,~~idin~; value in return for the check.
3 0 Clearing m°ans that the pa~~ee'bank receives payment from the payer's ~~0~~;~'~"fUT~ ~i i ~~:T' (i~it,5i~ ~~ j WO 99/19845 PC"TNS98/19717 ~.
bank. With an e-check system, the payee can also wait until the check clears from the payer's bank. or the payee can accept the legitimacy of the payer's digital signature Iay checking the certificate that the payer's bank issues to the payer which certifies the payer's signing key. In the latter case, the payee ri;~ks the possibility that the digital signature certificate has been revokes::. This risk is reduced when the payee checks an electronic "Ce rti.Ficate Revocation List" or CRL.
Nonetheless, the residual risk exists that the CRL is not up to date.
Additional ly, the traditional r. isle exists that the payer's account may l0 have insufficient funds, and the e-check will not clear.
E-checks use the s~une clearing system and clearing networks used by paper checks. The systems and networks are relatively expensive to use, and when one adds the cost of administering CRLs and the cost of processing, e-checks returned for insufficient funds, the use of e-checks for relatively small payments of a few dollars or less is not cost effective. In the present invention, these inefficiencies are addressed by reducing trie dependency on CRLs, and by use of a novel approach to risk managerx~ent, integrating risk management parameters directly into a certificate.
Another use of sli.gic~~l certificates in payment systems is illustrated by the Sec are F~ lectronic Transaction ("SET") standard that has been proposed by ivlasterC~ard end Visa. SET describes a relatively complex mechanism for ma~ci~~~; ~ payment using certificates within the current credit card paymer~.t support infr~astnuaure. A number of parties 2 5 exist in SET: the cardholder, the payee (or merchant), the issuing bank, the acquirer (or merchant's ua~i:<), the payment gateway, and optionally, "third parties" that r~pre~,env one or more of the financial institutions involved. In SET, fi=rP cliff~raant parties have certificates. Cardholder certificates function as an f~lectronic representation of the payment card.
Merchant certificates function as an electronic substitute for the SUSS'1 !'~'E~'~ ~. ~t~if~~v~' ~;I~UL.It fib) *rB
Nonetheless, the residual risk exists that the CRL is not up to date.
Additional ly, the traditional r. isle exists that the payer's account may l0 have insufficient funds, and the e-check will not clear.
E-checks use the s~une clearing system and clearing networks used by paper checks. The systems and networks are relatively expensive to use, and when one adds the cost of administering CRLs and the cost of processing, e-checks returned for insufficient funds, the use of e-checks for relatively small payments of a few dollars or less is not cost effective. In the present invention, these inefficiencies are addressed by reducing trie dependency on CRLs, and by use of a novel approach to risk managerx~ent, integrating risk management parameters directly into a certificate.
Another use of sli.gic~~l certificates in payment systems is illustrated by the Sec are F~ lectronic Transaction ("SET") standard that has been proposed by ivlasterC~ard end Visa. SET describes a relatively complex mechanism for ma~ci~~~; ~ payment using certificates within the current credit card paymer~.t support infr~astnuaure. A number of parties 2 5 exist in SET: the cardholder, the payee (or merchant), the issuing bank, the acquirer (or merchant's ua~i:<), the payment gateway, and optionally, "third parties" that r~pre~,env one or more of the financial institutions involved. In SET, fi=rP cliff~raant parties have certificates. Cardholder certificates function as an f~lectronic representation of the payment card.
Merchant certificates function as an electronic substitute for the SUSS'1 !'~'E~'~ ~. ~t~if~~v~' ~;I~UL.It fib) *rB
S
payment brand decal that appears in a store window. Payment Gateway certificates are used by .-~ : ~lL:irer's or their processors for the systems that process authorization and capture messages. In addition, Acquirer certificates and Issuer certificates aid in the distribution of Merchant and Issuer certificates, respectively. In general, the various certificates are used to support cryptographic keys that are used to provide credit card transaction mESSages with security properties such as privacy and authenticity.
SET is, overall, an °laborate scheme that is described in the "SET Secure Electronic Payment Transaction Specification" published by MasterCard and Visa. The certificates involved in SET may need to be revoked for any of a number of reasons such as key compromise, or change of status of the party holding the certificate. In contrast to the present invention, the scheme requires a certificate hierarchy, on-line verification procedures, and a certificate revocation infrastructure.
Transactions require a sis;nificant amount of computation by multiple parties to complete.
Another use of digital certificates in payment systems is illustrated in electronic cash (e-cash j systems where cash is either 2 0 represented by digital bea er certificates or by "value registers" in smart cards. Iru the case of digi~.~' bearer certificates, a digital signature is applied to an assertion that r'~ ~ certificate may be redeemed for a certain arr;nunt of cash at a Lerta::; b;~ plc or financial institution. A bank will issue certificates that can bused to verify the authenticity of the signature an the be4.rer certit~cate. Because digital bearer certificates cart be freely copie~3, a r~ k exsts that users will attempt to repeatedly use the same certificate. '1'h:refore, risk management measures must be employed to ensure that ~°a~:h certificate is spent precisely once.
Typically, either a sr:,:art :.ao~_I i-: used to contain the certificates and to 3 o participate in a two party p;°'~t ~col that marks certificates as used, or a sl~~S'ffff~'f~ ~.~y.~~.~. ~I~~L"c 2tli network-based mechanism may be employed that records each certificate as it is used, and allows any payee to see if the certificate tendered is being used fc;r tIm first time.
In the case of value rel;isters in smart cards, certificates are used to certify the keys used tc~ verify the digital signatures on messages that are exchanged between two ~ oftware applications running on the smart cards. For example, a payez's smart card debits its value register (or current cash balance), and signs and sends a message affirming the act to the payee. The payee, upon receiving the message affirming the debit can check the signat<zre on the certificate and verify the signature on the message.
Multiple risks exist in this system as well. In particular, the credit and debit operations must be encapsulated within smart cards or some other physically secure containers that must be distributed and maintained. In addition, mould the certificates be compromised, counterfeit e-casl~i can be prc,auced that is indistinguishable from e-cash that is issued by a legitirrl3te originator. Should the physical container of a card be compromises. then clones of that card could be created that never debit their balances but nonetheless dispense e-cash acceptable to 2 0 other cartis. i'hese are ca't!~~,~i "golden goose'' cards. Thus, this type of e-c;~sh, as a payment sy~tez~.. :recuires signifcant risk management measures. Another ~afticu~tY~ :associated with this payment scheme has to do with recovery fiozn e~~oz~s. A communication error can literally destroy value. For examl;le; if one smart card sends a signed message "1 have debited my value r e~i~ter by $20" to another smart card, yet the second srn. art card does not re~;ei.ve that message intact, no credit will be offset to the debit. A stzppart structure to make amends for these type of errors is required.
The shortcomings with the prior art involve the difficulty in 3 0 using credentials that have been distributed electronically in a highly ~~~v~~~~~'~.~'~! 't~'.. ~~'1~~:.~'.~ Y~ ~.~h"~. al~i.~". ~.~~
payment brand decal that appears in a store window. Payment Gateway certificates are used by .-~ : ~lL:irer's or their processors for the systems that process authorization and capture messages. In addition, Acquirer certificates and Issuer certificates aid in the distribution of Merchant and Issuer certificates, respectively. In general, the various certificates are used to support cryptographic keys that are used to provide credit card transaction mESSages with security properties such as privacy and authenticity.
SET is, overall, an °laborate scheme that is described in the "SET Secure Electronic Payment Transaction Specification" published by MasterCard and Visa. The certificates involved in SET may need to be revoked for any of a number of reasons such as key compromise, or change of status of the party holding the certificate. In contrast to the present invention, the scheme requires a certificate hierarchy, on-line verification procedures, and a certificate revocation infrastructure.
Transactions require a sis;nificant amount of computation by multiple parties to complete.
Another use of digital certificates in payment systems is illustrated in electronic cash (e-cash j systems where cash is either 2 0 represented by digital bea er certificates or by "value registers" in smart cards. Iru the case of digi~.~' bearer certificates, a digital signature is applied to an assertion that r'~ ~ certificate may be redeemed for a certain arr;nunt of cash at a Lerta::; b;~ plc or financial institution. A bank will issue certificates that can bused to verify the authenticity of the signature an the be4.rer certit~cate. Because digital bearer certificates cart be freely copie~3, a r~ k exsts that users will attempt to repeatedly use the same certificate. '1'h:refore, risk management measures must be employed to ensure that ~°a~:h certificate is spent precisely once.
Typically, either a sr:,:art :.ao~_I i-: used to contain the certificates and to 3 o participate in a two party p;°'~t ~col that marks certificates as used, or a sl~~S'ffff~'f~ ~.~y.~~.~. ~I~~L"c 2tli network-based mechanism may be employed that records each certificate as it is used, and allows any payee to see if the certificate tendered is being used fc;r tIm first time.
In the case of value rel;isters in smart cards, certificates are used to certify the keys used tc~ verify the digital signatures on messages that are exchanged between two ~ oftware applications running on the smart cards. For example, a payez's smart card debits its value register (or current cash balance), and signs and sends a message affirming the act to the payee. The payee, upon receiving the message affirming the debit can check the signat<zre on the certificate and verify the signature on the message.
Multiple risks exist in this system as well. In particular, the credit and debit operations must be encapsulated within smart cards or some other physically secure containers that must be distributed and maintained. In addition, mould the certificates be compromised, counterfeit e-casl~i can be prc,auced that is indistinguishable from e-cash that is issued by a legitirrl3te originator. Should the physical container of a card be compromises. then clones of that card could be created that never debit their balances but nonetheless dispense e-cash acceptable to 2 0 other cartis. i'hese are ca't!~~,~i "golden goose'' cards. Thus, this type of e-c;~sh, as a payment sy~tez~.. :recuires signifcant risk management measures. Another ~afticu~tY~ :associated with this payment scheme has to do with recovery fiozn e~~oz~s. A communication error can literally destroy value. For examl;le; if one smart card sends a signed message "1 have debited my value r e~i~ter by $20" to another smart card, yet the second srn. art card does not re~;ei.ve that message intact, no credit will be offset to the debit. A stzppart structure to make amends for these type of errors is required.
The shortcomings with the prior art involve the difficulty in 3 0 using credentials that have been distributed electronically in a highly ~~~v~~~~~'~.~'~! 't~'.. ~~'1~~:.~'.~ Y~ ~.~h"~. al~i.~". ~.~~
distributed system that l~acics a reasonable means to revoke or update the credentials. For example, assume one holds a digital credential that authorizes the holder to purchase goods up to a value of one hundred thousand dollars (e.g., a corporate credit card). To use this credential, one must go to a central database to re-verify each time the credential is used.
"vVitlrin the kno ;, :-~ systems, risk management measures are required to properly support payment systems, and defend them against fraud. Yet the known systems do not contain an efficient way in which risk management is integrat:xi into the payment system.
SUMMARY OF THE INVENTION
The present invPnti~on relates to a method and apparatus for using digital credentials, or certificates to facilitate commerce on a network. In one embodiment of this invention, a party wishing to act as guarantor of a transaction would receive long-term certificates from a consumer after the consum;;r Iogs into the network. The guarantor analyzes the long-term certi~acates, at least to verify the identity of the consumer. The guarantor, after being satisfied with the information 2 0 presente:l, supplies short-t:ezT~ certificates containing assertions based or, informatior_ szorn t ~~~ :~t~o~~e anayses. 'i"he short-term certificates can then. be used tc~ purchasF ~cto~is from participating merchants on a nr.~twork.
In another e.~.bodu~uent, merchants use the short-term certificates 2 5 tc :~erify terms and ccnditions under which a given consumer can be billed tlL ouch the guara~ :,~ r. The sr~nrt-term certificates also certify the cryptographic public key ~, c ~ cons~zmers that are used to digitally sign statements re~~ue,~tina merc;i~~.nr:; ro bill for goods and services purchased t:ilrcsugh the guarantor. E'1i ~~g records associated with purchases are 3 0 forwarded to the guarantor or his agent, whereby the records are sorted ty~ ~I3:a"f1'i'k~~'LF z ~..~ ~:,~,- ~1:,,~ia~l.E ~&
WO x!/19845 PCT/US98J19'717 g by consumer identity a.nd used to construct periodic statements containing many billing records that are made available to consumers who can make a single payment. Detailed information about the purchases is thus provided to the guarantor who then helps merchants market goods accordingly. 'fhe biDling records may contain digitally signed statements by consul r~ers directing the merchant to bill through the guarantor.
BRIEF DESCRIPTION OF 'FHE DRAWINGS
FIGURE 1 illustrates a sysiem-level block diagram of an embodiment of the present invention.
FIGURE 2 i:5 a flow chart oi~ an embodiment of a method of the present invention.
FIGURE 3 illustrates an embodiment of an apparatus and system in accordance with the present invention.
DETAILED DESCRIPTION
The present invention is directed to ways of using digital credentials and other elec~rc,nic certificates to practice commerce over a network. The pyose is t;~ run a relatively convenient and efficient system using a combination of both long-term and short-term certificates.
bong-terra cerrificate;s, as defined here, are certificates that contain i~~fonnation or nv~ke an assertion hat is not expected to change over some .long period ot~ ~:m-:, For example, long-term certificates can be used to represent a person's identity. Revocation of long-term certificates is not necessary on any Large scale because the information contained >n long-terra cenificates is relatively static and benign.
Short-terra certifcues, on the otter hand, hold information or 3 0 nmlc~ assuz ions teat mw.y° rapidly change) and therefore are designed to S~lJe3~~Tff ~l'f~: s~IF~:T' ~F~tI,JLE 3y C;
expire after some relatively short period of time. For example. short-tes~-m cert:-ficates may cont;~in information about a person's credit history, shopping history, ~~r information about the short-term certificate's maximum value as currency. Short-term certificates may make assertions about what a person is authorized to do, or about agreements that they may have with other parties.
The validity of the short-term credentials can be based on an individual's identity. For example, when a person logs into a system, the person uses some means to verify identity (using long-term credentials, for example), and then the system supplies short-term credentials which say, for example. that the client is authorized to charge for commerce on the ~~orld wide web for purchases the amount of which is not to exceed some fixed amount. Typically the short-term credential can also certify cryptographic keys that can be used for digital signatures that affirm a persoyz's agreement with a contract. In addition, the short-term credential might con~:a.in the semantics attributed to the use of the person's digital signature as well as statements of limitations of liability.
Referring now in detaia to the drawings, Figure 1 illustrates a 2 0 system-le~~el ema,odir-tent o_'' the present invention. In this system, Cr:.stomer ~.:lzent 1J4 desir~ to purchase goods or services from Merchant 10a. '1'o ao this, C~zstorner Cl:~.ent I04 needs to present to 1VA'erchant I OS a form of payment that will be accepted by Mercl~nt 105.
In anticit~ation of this, ~'Iie nt I04 may present a long-term certificate to 2 5 a certifier to access a ;:e:rtiti cute of payment called a short-term certificate.
The long-term certi' leafs can be certified through known em:ryption te.~hri~~ra. The certifies is typically. for example, an Internet srvrvtce provicle.r., tank. or ary entity designed to certify 3 0 credentials. 'fhe long-term certificate contains. at the very least, t ;~'l~l~"~';''~tI'~ .~.: ~,-i~a~ r r~i.lJ9.l~ 2:~;
informatiori that verifies tl~p °.dentity of Customer Client 104. The long-term certificate znay contaa.r: other information desired by the certifies.
Cjnce the certifies is satisfied by Customer Client 104's Iong-term certificate information, the certifies sends Customer Client 104 one or 5 more short-term certificates from the short-term certificate database 103.
Short-teen certificates are digital in form, and contain information stating, at least, that the certifies guaranties payment up to a certain arnom-~t of value. In addition, the short-term certificate can contain marketing information. For example, a short-term certificate 10 can tell a participating merchant that goods and services may be charged by the client namea in the certificate to a specific account, through an agreed-upon channel, for up to the amount of $20. In addition, the short-term certificate may contain information that instructs Merchant 1 iJ5 to ahpi ~, ~. f.0% disc: u~ t to the: cost of the goods supplied to the bearer o~ thls ~aort-term c~~riaiiicate. Upon receiving a short-term cer tificate, Ivlerchant 1 OS ca: ~ send an optional query to the short-term database for various reasons such as double-checking the certificate's validity in the case when the purchase amount exceeds some threshold stated in the short-term certificate. i'he snort-term certificates are short 2 0 term in t~~e sense that they ;;c~r~tain in.formatian or make assertions based on in.forrn x~xon ti:at may c.'~ r~ ~ ig~; over a relatively short period of time.
Thev therefore ~:ar_ oe set tf expire in some short period of time. For example, a certifies may su~.~ply a short-term certificate to Customer Client 104 th~.t guanar~ties tinat tree Client can charge to an account the 2 5 purchase .-~.f any uern that coats up tn $20, but can only be used within 24 hours after Custome~° ~~lient 104 receives this certificate.
hierc;:ls.n~ 105 ~rci Customer Client 104 consummate a transaction. h -~ promaing (r~~z r.he part of Merchant 1 OS) to supply goods or services in ex,.har..~e for aa. affirmative indication on the part of the 30 Client tha~ the gooc_.s or cer<-'tceS Can be charged to a billing account .:~i.i~~.~ f'TtfCIE ;~ f°1~'-~;?!" ,~PJ'r.C a~) wo ~n9s4s Pcritrs9armrm m maintained in Billing System 106 according to and limited, by the inforrnatiun hrwided by a ~~ ort-tern certificate. Once the short-term certificatev is received, and the transaction is completed, the short-term certificate is sent along with ax. electronic record of a bill of sale through agreed-upnn channels for pa:yrrient from the certifier, or guarantor.
The above-mentioned agreed-upon channels, called Billing System I06, collect billing records, and their corresponding short-term certificates and renders there for payment. In addition to serving as a conduit fcr- pa ymer~t, tr ~: l3i.llin~ system may supply information to various subsystems that serve to analyze information about the transaction. The Transaction Analysis 107 collects details of the transaction. The Transaction Analysis 107 correlates different types of purchases with different demographics of this particular Customer Client 104, and then determines what offers might be made to this particular '~oz-~:.umer, fhe yntrpose of the transaction analysis is to determine patterns of consumer behavior so that some action may be taken. For example, Customer Client 104 might show a pattern of behavior That wot~id alert the certifier that Customer Client I 04 is in the market for an automobile. In other words, transactional information is 2 0 used to better match marketing with consumer-behavior information.
Once ni~~ tra:-~;~,acticr:~I an;-°°..lysis is complete, the results are used in Oi'ier wlanagemEnt i ~!'? to market goods or services to Customer Cfi:.nt 10:1, possibl:,~ by ::,ti~~~l~ing c~.ffers to short-tenor certificates in Short-Term-Certificrte ~~atal?;.~se 103. In this way, a type of high-gain feecibaek loop is coanpi°ted, as can rye seen in FIGURE 1. InFIGURE
1, c~nfer h-Iar:agemc.~nt 1 (?2. c: an use information received by Risk Managernelt ':yste;r: lf~'i(~), .oyalty S~~stem 102(b), and Market PartnP-s 10'?(c) to deterrn~%~e what, if any. i~brmation should go into the 3 0 short-term certificates a; ~r, ~ with any assertions that might be made ~,~.~~~~.'~: ; z~--~ t~~t :~ ~ ~R'~~ any about terms arsd conditions, credit limits, discounts, etc. Risk Management System 102(x:) can receive information from Billing System 106, thereby keeping data on a particular Customer Client's usage patterns. Risk Ntarragement System 106 can then analyze the information supplied by Billing System 106, and alert the certifier as to how much risk should. be taken with regard to a particuiar Customer Client. For example, Kisk Management System 102(a) can alert the certifier to change the credit limit, either up or down, for a particular Customer Client. The system also can determine whether or not the recent usage f,attenm of a person are indicative of fraud or other misuse (that may have resulted from a key management compromise whereby a consumer's identity certifrcaze and secret key have been compromised). This information passed between Billing System 106, Risk Management System 102(a), and the certifier can be updated and analyzed arbitrarily quicldy, possibly on a daily basis. This rapid response obviates tn~; need for use of certificate revocation lists.
Billing System ~ 06 can also supply information to Loyalty System 102(b). Loyalty System 102(b) is a system whereby consumers are rewarded for regular ,zse ~~f a particular merchant. An example of a lo3~alty sys~_em i~= found iv Trequent-flier programs. Loyalty System 102(b) can col=ert and mzlyze information, and then supply this information to she certifier's ~~~er Management 102 so the certifier can tailor its marketing thro ~~;1'~ Oifer Management 102 accordingly. In particular, the Offer Management process can author assertions to be 2 5 inserted into the short-term :~ertiticates that declare that loyalty points are avails ble to pay for nnrc;nasPS from participating merchants. Such a r:~erchant ca~~ r ~~as accept p~.yment ostensibly in loyalty points. but the merchant can ~e remur~eratP~i t3~rniyh the billing system in cash or other consideration upon pres~entrrmr~t ~f' a certificate-backed, signed purchase 3 0 ag:reemert. This >ystPrn. offe.-rs an advantage over other loyalty systems ;a~.~~,~~1,'1'tJrk: $'~t~Ih;:A~ ~;~sl.l~.~ ::~~
~. 3 because one purpose of a loya:Ity system is to reinforce good behavior by rewarding the user, and this system can reward the user arbitrarily rapidly.
Market Partners 102(c) can enter into agreements with testifiers to help the testifier tailor its marketing through Offer Management 102.
The idea is to capture the ~~alue of transactional information without severely impacting the consumer's privacy. Market Partner 102(e) provide information to the system about what Market Partner 102(c) desires in a consumer. This information might be a demographic l0 profile, a consumer-behavior profile, etc. For example, Market Partner 102(c) can tell the certifies that it wishes to target people who are shopping for new cars. differ Management i 02 then correlates the needs of Markr~t z= artner 102 (c) ,~~ ith 'the information it contains about the consumer.
Figure: 2 is a flow chart of a process in accordance with an etxibodiment of the present invention. In its most basic form, long-term certificates, or some other proof' of identity are received by the certifies at step 200. At step 201. the certifies then analyzes the information presented in the long-te;~m ;.ertificate and then, at step 202, supplies, 2 0 from a shor:-term-certifica.:te ciataoase. short-term certif Gates that can be to°d as in;,tntmwrts To pur~'aase goods from merchants on the network.
In addiu~n to receiving long-term certificates, the certifies may receive, ~t steo ?U3 in~~arnation from a billing system, at step 204 inronnation from a mark.a partner, and at step 205 information from a lo_~alty syste°n.
'f~~e short-term certi'icate can !ontain a maximum value for wr~ich testifier ~a~ilL~ct as gu=~rantor upon presentment by a merchant.
Try addition. !he shoat-term certificate can contain information about 3 0 offers to the c c~ns~ a~ner. i c~ centi ~r~programs, or loyalty programs.
'~f~l~ts~~ ky~,~~~!~: 4i~'°i:::~7 ~'.~~13~,.~~,"i}
WO 99/19845 PCT/US98/19717 ~.
As stated above, various subsystems, such as a risk management system, a loyalty system, or a marketing system can be interposed between the certifier and the merchant. The short-term certificate can contain information reflecting, for example, the risk-management S analysis with regard to a consumer, the loyalty-system analysis with regard to a consumer, or tl:.e marketing analysis with regard to the consumer. For example, the short-term certificate can contain a limit on the certificate's guaranty limits based on the risk-management analysis;
the certificate can contain a number of acquired consumer points based on the loyalty-system analysis; and the certificate can contain offers (including incentives) to the consumer based on the marketing analysis.
When a consumer desires to make a purchase from a participating merchant, he or she presents through the network one or more short-term certificates. 'i he merchant can analyze the short-term certificate, and determin,: amy guarantees of payment, any rights to use alternative methods of payment such as loyalty points, any discounts or other entitlements, and then Fnake appropriate adjustments to the consumer's bili or" sale. The rr~erchant's final price, terms, and couaitions for a sale as pax-. of a bill-of sale, are forwarded to the 2 0 consumer. who wiii indicate a~~ceptance, and make the purchase through some affirmative act (that may be required by a condition stated in the short-term certificate) such as signing the bill of sale with a digital signature whose ~~erificati ~n : ~y is certified by the short=term certificate.
Uiti~x~atelv; the certifi°r can collect for the goods or services 2 5 furnished guaranteed by creating ,a billing record containing references to sending the bil 1. o ;~ sa le ~.rsctr ~: short-term certificate obtained from the user ar d forwarding; this bi Iiir_g record through a regular billing channel to th: ceaifier. 't !1e eerti=ier can then collect all billing records associated with a snecit~:c T~s.er and present them to the user in a 30 statement ~~r exampl;., if t~~ certifies is a telephone company, the ;:itj63S°fl~.'d.~"~ f~:,~~i~~a~"'i 4~e"~~.f~ 'ss~;~
wo ~n9sas rcr~s9sn9~m y5 telephone c~arzpany can bill the user for amounts as stated in the short-ternn certificate by using thfa user's regular monthly telephone bill.
FIGURE 3 shows an embodiment of an apparatus in accordance with the ~,reaent invention ~hv apparatus includes processor 301, memory 302 that stores instrxctions adapted to be executed oy processor 301, and port 303 adap~ed to be connected to a network, with both port 303 and memory 302 coupled to processor 301. Memory includes any medium r.,~pable of storing. instmctions adapted to be executed by a processor Some examples c F:,uch media include, but are not limited to, floppy disks, CDR(JM, ma,netic tape, semiconductor memory, hard drives, and any other device that can store digital information. In one embodiment, the instructions are stored on the medium in a compressed and/or encrypted format. As used herein, the phrase "adapted to be executed by a processor" is meant to encompass instructions stored in a compressed and/or enCryT~teci format; as well as instructions that have to be compiled or installed by an installer before being executed by the processor.
In one ernbodimem ~ii'the present invention, memory 302 stores instructions adaptea to tye run on processor 301, to receive information, 2 0 analyze that informatioru.. ~nc then.. supply short-term certificates the cl:aracte4 of wiuich del:~erw,:4s un the results of the analysis. The information recf:iveci a~~d nnalvzed can come from market partners, a bitliug sys~:e~n, a I:,yzlty :..,rste:rs, and from long-term certificates sL.npliec by a co-.ist~~ner.
As explair~e~ in ;P-:a.il above the invention increases efficiency ana proaazvtl'nlty of commence o~i a network. By using digital credentials a;~c. other c~i~ital c°rtificates, micro-billing becomes more feasible by d°creasin ~ tY~:riS~."tOTI COStS, limiting risk, and allowing for e~ ,ilv upd~~red credentials.
3 0 Alrl ough ~Ta..~-ious emoodirnents a.re specif cally illustrated and ;~1;': 3~~1"ffifTE: ~.;~an.'~'.'f h~i~oi.~ 28y wo ~n~s rcr~us9sn~m 1~
aescribe~:l herein, it ~wih ~c~ ~jyr~,:ciated that modifications and variations of the ~.res.~nr, irl~rentian ar.°. co~~ ered~ by the above teachings and within tl;.e purview of the appends°::vclaims without departing from the spirit and inte8:d;ol scopf; ef ti:e invention.
cr,~~gc,~l°~'L~TE ~iHEET ~H!!~_E 2~6)
"vVitlrin the kno ;, :-~ systems, risk management measures are required to properly support payment systems, and defend them against fraud. Yet the known systems do not contain an efficient way in which risk management is integrat:xi into the payment system.
SUMMARY OF THE INVENTION
The present invPnti~on relates to a method and apparatus for using digital credentials, or certificates to facilitate commerce on a network. In one embodiment of this invention, a party wishing to act as guarantor of a transaction would receive long-term certificates from a consumer after the consum;;r Iogs into the network. The guarantor analyzes the long-term certi~acates, at least to verify the identity of the consumer. The guarantor, after being satisfied with the information 2 0 presente:l, supplies short-t:ezT~ certificates containing assertions based or, informatior_ szorn t ~~~ :~t~o~~e anayses. 'i"he short-term certificates can then. be used tc~ purchasF ~cto~is from participating merchants on a nr.~twork.
In another e.~.bodu~uent, merchants use the short-term certificates 2 5 tc :~erify terms and ccnditions under which a given consumer can be billed tlL ouch the guara~ :,~ r. The sr~nrt-term certificates also certify the cryptographic public key ~, c ~ cons~zmers that are used to digitally sign statements re~~ue,~tina merc;i~~.nr:; ro bill for goods and services purchased t:ilrcsugh the guarantor. E'1i ~~g records associated with purchases are 3 0 forwarded to the guarantor or his agent, whereby the records are sorted ty~ ~I3:a"f1'i'k~~'LF z ~..~ ~:,~,- ~1:,,~ia~l.E ~&
WO x!/19845 PCT/US98J19'717 g by consumer identity a.nd used to construct periodic statements containing many billing records that are made available to consumers who can make a single payment. Detailed information about the purchases is thus provided to the guarantor who then helps merchants market goods accordingly. 'fhe biDling records may contain digitally signed statements by consul r~ers directing the merchant to bill through the guarantor.
BRIEF DESCRIPTION OF 'FHE DRAWINGS
FIGURE 1 illustrates a sysiem-level block diagram of an embodiment of the present invention.
FIGURE 2 i:5 a flow chart oi~ an embodiment of a method of the present invention.
FIGURE 3 illustrates an embodiment of an apparatus and system in accordance with the present invention.
DETAILED DESCRIPTION
The present invention is directed to ways of using digital credentials and other elec~rc,nic certificates to practice commerce over a network. The pyose is t;~ run a relatively convenient and efficient system using a combination of both long-term and short-term certificates.
bong-terra cerrificate;s, as defined here, are certificates that contain i~~fonnation or nv~ke an assertion hat is not expected to change over some .long period ot~ ~:m-:, For example, long-term certificates can be used to represent a person's identity. Revocation of long-term certificates is not necessary on any Large scale because the information contained >n long-terra cenificates is relatively static and benign.
Short-terra certifcues, on the otter hand, hold information or 3 0 nmlc~ assuz ions teat mw.y° rapidly change) and therefore are designed to S~lJe3~~Tff ~l'f~: s~IF~:T' ~F~tI,JLE 3y C;
expire after some relatively short period of time. For example. short-tes~-m cert:-ficates may cont;~in information about a person's credit history, shopping history, ~~r information about the short-term certificate's maximum value as currency. Short-term certificates may make assertions about what a person is authorized to do, or about agreements that they may have with other parties.
The validity of the short-term credentials can be based on an individual's identity. For example, when a person logs into a system, the person uses some means to verify identity (using long-term credentials, for example), and then the system supplies short-term credentials which say, for example. that the client is authorized to charge for commerce on the ~~orld wide web for purchases the amount of which is not to exceed some fixed amount. Typically the short-term credential can also certify cryptographic keys that can be used for digital signatures that affirm a persoyz's agreement with a contract. In addition, the short-term credential might con~:a.in the semantics attributed to the use of the person's digital signature as well as statements of limitations of liability.
Referring now in detaia to the drawings, Figure 1 illustrates a 2 0 system-le~~el ema,odir-tent o_'' the present invention. In this system, Cr:.stomer ~.:lzent 1J4 desir~ to purchase goods or services from Merchant 10a. '1'o ao this, C~zstorner Cl:~.ent I04 needs to present to 1VA'erchant I OS a form of payment that will be accepted by Mercl~nt 105.
In anticit~ation of this, ~'Iie nt I04 may present a long-term certificate to 2 5 a certifier to access a ;:e:rtiti cute of payment called a short-term certificate.
The long-term certi' leafs can be certified through known em:ryption te.~hri~~ra. The certifies is typically. for example, an Internet srvrvtce provicle.r., tank. or ary entity designed to certify 3 0 credentials. 'fhe long-term certificate contains. at the very least, t ;~'l~l~"~';''~tI'~ .~.: ~,-i~a~ r r~i.lJ9.l~ 2:~;
informatiori that verifies tl~p °.dentity of Customer Client 104. The long-term certificate znay contaa.r: other information desired by the certifies.
Cjnce the certifies is satisfied by Customer Client 104's Iong-term certificate information, the certifies sends Customer Client 104 one or 5 more short-term certificates from the short-term certificate database 103.
Short-teen certificates are digital in form, and contain information stating, at least, that the certifies guaranties payment up to a certain arnom-~t of value. In addition, the short-term certificate can contain marketing information. For example, a short-term certificate 10 can tell a participating merchant that goods and services may be charged by the client namea in the certificate to a specific account, through an agreed-upon channel, for up to the amount of $20. In addition, the short-term certificate may contain information that instructs Merchant 1 iJ5 to ahpi ~, ~. f.0% disc: u~ t to the: cost of the goods supplied to the bearer o~ thls ~aort-term c~~riaiiicate. Upon receiving a short-term cer tificate, Ivlerchant 1 OS ca: ~ send an optional query to the short-term database for various reasons such as double-checking the certificate's validity in the case when the purchase amount exceeds some threshold stated in the short-term certificate. i'he snort-term certificates are short 2 0 term in t~~e sense that they ;;c~r~tain in.formatian or make assertions based on in.forrn x~xon ti:at may c.'~ r~ ~ ig~; over a relatively short period of time.
Thev therefore ~:ar_ oe set tf expire in some short period of time. For example, a certifies may su~.~ply a short-term certificate to Customer Client 104 th~.t guanar~ties tinat tree Client can charge to an account the 2 5 purchase .-~.f any uern that coats up tn $20, but can only be used within 24 hours after Custome~° ~~lient 104 receives this certificate.
hierc;:ls.n~ 105 ~rci Customer Client 104 consummate a transaction. h -~ promaing (r~~z r.he part of Merchant 1 OS) to supply goods or services in ex,.har..~e for aa. affirmative indication on the part of the 30 Client tha~ the gooc_.s or cer<-'tceS Can be charged to a billing account .:~i.i~~.~ f'TtfCIE ;~ f°1~'-~;?!" ,~PJ'r.C a~) wo ~n9s4s Pcritrs9armrm m maintained in Billing System 106 according to and limited, by the inforrnatiun hrwided by a ~~ ort-tern certificate. Once the short-term certificatev is received, and the transaction is completed, the short-term certificate is sent along with ax. electronic record of a bill of sale through agreed-upnn channels for pa:yrrient from the certifier, or guarantor.
The above-mentioned agreed-upon channels, called Billing System I06, collect billing records, and their corresponding short-term certificates and renders there for payment. In addition to serving as a conduit fcr- pa ymer~t, tr ~: l3i.llin~ system may supply information to various subsystems that serve to analyze information about the transaction. The Transaction Analysis 107 collects details of the transaction. The Transaction Analysis 107 correlates different types of purchases with different demographics of this particular Customer Client 104, and then determines what offers might be made to this particular '~oz-~:.umer, fhe yntrpose of the transaction analysis is to determine patterns of consumer behavior so that some action may be taken. For example, Customer Client 104 might show a pattern of behavior That wot~id alert the certifier that Customer Client I 04 is in the market for an automobile. In other words, transactional information is 2 0 used to better match marketing with consumer-behavior information.
Once ni~~ tra:-~;~,acticr:~I an;-°°..lysis is complete, the results are used in Oi'ier wlanagemEnt i ~!'? to market goods or services to Customer Cfi:.nt 10:1, possibl:,~ by ::,ti~~~l~ing c~.ffers to short-tenor certificates in Short-Term-Certificrte ~~atal?;.~se 103. In this way, a type of high-gain feecibaek loop is coanpi°ted, as can rye seen in FIGURE 1. InFIGURE
1, c~nfer h-Iar:agemc.~nt 1 (?2. c: an use information received by Risk Managernelt ':yste;r: lf~'i(~), .oyalty S~~stem 102(b), and Market PartnP-s 10'?(c) to deterrn~%~e what, if any. i~brmation should go into the 3 0 short-term certificates a; ~r, ~ with any assertions that might be made ~,~.~~~~.'~: ; z~--~ t~~t :~ ~ ~R'~~ any about terms arsd conditions, credit limits, discounts, etc. Risk Management System 102(x:) can receive information from Billing System 106, thereby keeping data on a particular Customer Client's usage patterns. Risk Ntarragement System 106 can then analyze the information supplied by Billing System 106, and alert the certifier as to how much risk should. be taken with regard to a particuiar Customer Client. For example, Kisk Management System 102(a) can alert the certifier to change the credit limit, either up or down, for a particular Customer Client. The system also can determine whether or not the recent usage f,attenm of a person are indicative of fraud or other misuse (that may have resulted from a key management compromise whereby a consumer's identity certifrcaze and secret key have been compromised). This information passed between Billing System 106, Risk Management System 102(a), and the certifier can be updated and analyzed arbitrarily quicldy, possibly on a daily basis. This rapid response obviates tn~; need for use of certificate revocation lists.
Billing System ~ 06 can also supply information to Loyalty System 102(b). Loyalty System 102(b) is a system whereby consumers are rewarded for regular ,zse ~~f a particular merchant. An example of a lo3~alty sys~_em i~= found iv Trequent-flier programs. Loyalty System 102(b) can col=ert and mzlyze information, and then supply this information to she certifier's ~~~er Management 102 so the certifier can tailor its marketing thro ~~;1'~ Oifer Management 102 accordingly. In particular, the Offer Management process can author assertions to be 2 5 inserted into the short-term :~ertiticates that declare that loyalty points are avails ble to pay for nnrc;nasPS from participating merchants. Such a r:~erchant ca~~ r ~~as accept p~.yment ostensibly in loyalty points. but the merchant can ~e remur~eratP~i t3~rniyh the billing system in cash or other consideration upon pres~entrrmr~t ~f' a certificate-backed, signed purchase 3 0 ag:reemert. This >ystPrn. offe.-rs an advantage over other loyalty systems ;a~.~~,~~1,'1'tJrk: $'~t~Ih;:A~ ~;~sl.l~.~ ::~~
~. 3 because one purpose of a loya:Ity system is to reinforce good behavior by rewarding the user, and this system can reward the user arbitrarily rapidly.
Market Partners 102(c) can enter into agreements with testifiers to help the testifier tailor its marketing through Offer Management 102.
The idea is to capture the ~~alue of transactional information without severely impacting the consumer's privacy. Market Partner 102(e) provide information to the system about what Market Partner 102(c) desires in a consumer. This information might be a demographic l0 profile, a consumer-behavior profile, etc. For example, Market Partner 102(c) can tell the certifies that it wishes to target people who are shopping for new cars. differ Management i 02 then correlates the needs of Markr~t z= artner 102 (c) ,~~ ith 'the information it contains about the consumer.
Figure: 2 is a flow chart of a process in accordance with an etxibodiment of the present invention. In its most basic form, long-term certificates, or some other proof' of identity are received by the certifies at step 200. At step 201. the certifies then analyzes the information presented in the long-te;~m ;.ertificate and then, at step 202, supplies, 2 0 from a shor:-term-certifica.:te ciataoase. short-term certif Gates that can be to°d as in;,tntmwrts To pur~'aase goods from merchants on the network.
In addiu~n to receiving long-term certificates, the certifies may receive, ~t steo ?U3 in~~arnation from a billing system, at step 204 inronnation from a mark.a partner, and at step 205 information from a lo_~alty syste°n.
'f~~e short-term certi'icate can !ontain a maximum value for wr~ich testifier ~a~ilL~ct as gu=~rantor upon presentment by a merchant.
Try addition. !he shoat-term certificate can contain information about 3 0 offers to the c c~ns~ a~ner. i c~ centi ~r~programs, or loyalty programs.
'~f~l~ts~~ ky~,~~~!~: 4i~'°i:::~7 ~'.~~13~,.~~,"i}
WO 99/19845 PCT/US98/19717 ~.
As stated above, various subsystems, such as a risk management system, a loyalty system, or a marketing system can be interposed between the certifier and the merchant. The short-term certificate can contain information reflecting, for example, the risk-management S analysis with regard to a consumer, the loyalty-system analysis with regard to a consumer, or tl:.e marketing analysis with regard to the consumer. For example, the short-term certificate can contain a limit on the certificate's guaranty limits based on the risk-management analysis;
the certificate can contain a number of acquired consumer points based on the loyalty-system analysis; and the certificate can contain offers (including incentives) to the consumer based on the marketing analysis.
When a consumer desires to make a purchase from a participating merchant, he or she presents through the network one or more short-term certificates. 'i he merchant can analyze the short-term certificate, and determin,: amy guarantees of payment, any rights to use alternative methods of payment such as loyalty points, any discounts or other entitlements, and then Fnake appropriate adjustments to the consumer's bili or" sale. The rr~erchant's final price, terms, and couaitions for a sale as pax-. of a bill-of sale, are forwarded to the 2 0 consumer. who wiii indicate a~~ceptance, and make the purchase through some affirmative act (that may be required by a condition stated in the short-term certificate) such as signing the bill of sale with a digital signature whose ~~erificati ~n : ~y is certified by the short=term certificate.
Uiti~x~atelv; the certifi°r can collect for the goods or services 2 5 furnished guaranteed by creating ,a billing record containing references to sending the bil 1. o ;~ sa le ~.rsctr ~: short-term certificate obtained from the user ar d forwarding; this bi Iiir_g record through a regular billing channel to th: ceaifier. 't !1e eerti=ier can then collect all billing records associated with a snecit~:c T~s.er and present them to the user in a 30 statement ~~r exampl;., if t~~ certifies is a telephone company, the ;:itj63S°fl~.'d.~"~ f~:,~~i~~a~"'i 4~e"~~.f~ 'ss~;~
wo ~n9sas rcr~s9sn9~m y5 telephone c~arzpany can bill the user for amounts as stated in the short-ternn certificate by using thfa user's regular monthly telephone bill.
FIGURE 3 shows an embodiment of an apparatus in accordance with the ~,reaent invention ~hv apparatus includes processor 301, memory 302 that stores instrxctions adapted to be executed oy processor 301, and port 303 adap~ed to be connected to a network, with both port 303 and memory 302 coupled to processor 301. Memory includes any medium r.,~pable of storing. instmctions adapted to be executed by a processor Some examples c F:,uch media include, but are not limited to, floppy disks, CDR(JM, ma,netic tape, semiconductor memory, hard drives, and any other device that can store digital information. In one embodiment, the instructions are stored on the medium in a compressed and/or encrypted format. As used herein, the phrase "adapted to be executed by a processor" is meant to encompass instructions stored in a compressed and/or enCryT~teci format; as well as instructions that have to be compiled or installed by an installer before being executed by the processor.
In one ernbodimem ~ii'the present invention, memory 302 stores instructions adaptea to tye run on processor 301, to receive information, 2 0 analyze that informatioru.. ~nc then.. supply short-term certificates the cl:aracte4 of wiuich del:~erw,:4s un the results of the analysis. The information recf:iveci a~~d nnalvzed can come from market partners, a bitliug sys~:e~n, a I:,yzlty :..,rste:rs, and from long-term certificates sL.npliec by a co-.ist~~ner.
As explair~e~ in ;P-:a.il above the invention increases efficiency ana proaazvtl'nlty of commence o~i a network. By using digital credentials a;~c. other c~i~ital c°rtificates, micro-billing becomes more feasible by d°creasin ~ tY~:riS~."tOTI COStS, limiting risk, and allowing for e~ ,ilv upd~~red credentials.
3 0 Alrl ough ~Ta..~-ious emoodirnents a.re specif cally illustrated and ;~1;': 3~~1"ffifTE: ~.;~an.'~'.'f h~i~oi.~ 28y wo ~n~s rcr~us9sn~m 1~
aescribe~:l herein, it ~wih ~c~ ~jyr~,:ciated that modifications and variations of the ~.res.~nr, irl~rentian ar.°. co~~ ered~ by the above teachings and within tl;.e purview of the appends°::vclaims without departing from the spirit and inte8:d;ol scopf; ef ti:e invention.
cr,~~gc,~l°~'L~TE ~iHEET ~H!!~_E 2~6)
Claims (31)
1. A method for performing an electronic transaction, comprising:
(a) receiving a long-term certificate;
(b) authenticating a user associated with the long-term certificate;
(c) sending a short-term certificate to the user authenticated in (b).
(a) receiving a long-term certificate;
(b) authenticating a user associated with the long-term certificate;
(c) sending a short-term certificate to the user authenticated in (b).
2. The method of claim 1, further comprising:
(d) evaluating a risk associated with the user; and (e) including in the short-term certificate information about the risk associated with the user.
(d) evaluating a risk associated with the user; and (e) including in the short-term certificate information about the risk associated with the user.
3. The method of claim 2, wherein the risk associated with the user is reflected in an upper limit on the short-term certificate's value.
4. The method of claim 1, further comprising:
(d) receiving information about the user's spending history;
and (e) including in the short-term certificate information based on the user's spending history.
(d) receiving information about the user's spending history;
and (e) including in the short-term certificate information based on the user's spending history.
5. The method of claim 4, wherein the information about a user's spending history includes marketing offers.
6. The method of claim 1, further comprising:
(d) receiving from a market partner information about the market partner's needs; and (e) including in the short-term certificate information about the market partner's needs.
(d) receiving from a market partner information about the market partner's needs; and (e) including in the short-term certificate information about the market partner's needs.
7. The method of claim 6, wherein the information about a market partner's needs includes marketing offers.
8. The method of claim 2, further comprising:
(f) receiving, information about the user's spending habits;
and (g) including in the short-term certificate information about the user's spending habits.
(f) receiving, information about the user's spending habits;
and (g) including in the short-term certificate information about the user's spending habits.
9. The method of claim 2, further comprising:
(f) receiving from a market partner information about the market partner's needs; and (g) including in the short-term certificate information about the market partner's needs.
(f) receiving from a market partner information about the market partner's needs; and (g) including in the short-term certificate information about the market partner's needs.
10. The method of claim 4, further comprising:
(f) receiving from a market partner information about the market partner's needs; and (g) including in the short-term certificate information about the market partner's needs.
(f) receiving from a market partner information about the market partner's needs; and (g) including in the short-term certificate information about the market partner's needs.
11. The method of claim 8, further comprising:
(h) receiving from a market partner information about the market partner's needs; and (i) including the short-term certificate information about the market partner's needs.
(h) receiving from a market partner information about the market partner's needs; and (i) including the short-term certificate information about the market partner's needs.
12. The method of claim 1, further comprising:
(d) billing the user through a regular billing channel between the certifier and the user.
(d) billing the user through a regular billing channel between the certifier and the user.
13. The method of claim 12, wherein the regular billing channel is a telephone bill.
14. The method of claim 12, wherein the regular billing channel is a credit-card bill.
15. The method of claim 8, further comprising:
(h) billing the user through a regular billing channel between the certifier and the user.
(h) billing the user through a regular billing channel between the certifier and the user.
16. The method of claim 11, further comprising:
(j) billing the user through a regular billing channel between the certifier and the user.
(j) billing the user through a regular billing channel between the certifier and the user.
17. An apparatus for practicing commerce on a network, comprising:
(a) a processor;
(b) a port coupled to said processor; and (c) a memory also coupled to said processor, storing instructions adapted to be executed by said processor to receive a long-term certificate;
(ii) authenticate a user associated with the long-term certificate; and (iii) send short-term certificates to the user authenticated in (ii).
(a) a processor;
(b) a port coupled to said processor; and (c) a memory also coupled to said processor, storing instructions adapted to be executed by said processor to receive a long-term certificate;
(ii) authenticate a user associated with the long-term certificate; and (iii) send short-term certificates to the user authenticated in (ii).
18. The apparatus of claim 17, further comprising:
(d) a memory storing instructions adapted to be executed by said processor to (i) evaluate the risk associated with the user; and (ii) include in the short-term certificate information about the risk associated with the user.
(d) a memory storing instructions adapted to be executed by said processor to (i) evaluate the risk associated with the user; and (ii) include in the short-term certificate information about the risk associated with the user.
19. The apparatus of claim 18, wherein the risk associated with the user is reflected in an upper limit on a value of the short-term certificate.
20. The apparatus of claim 17, further comprising:
(d) a memory storing instructions adapted to be executed by said processor to (i) receives information about the user's spending history; and (ii) include in the short-term certificate information based on the user's spending history.
(d) a memory storing instructions adapted to be executed by said processor to (i) receives information about the user's spending history; and (ii) include in the short-term certificate information based on the user's spending history.
21. The apparatus in claim 20, wherein the information about the user's spending habits includes marketing offers.
22. The apparatus of claim 17, further comprising:
(d) a memory storing instructions adapted to be executed by said processor to (i) receive from a market partner information about the market partner's needs; and (ii) include in the short-term certificate information about the market partner's needs.
(d) a memory storing instructions adapted to be executed by said processor to (i) receive from a market partner information about the market partner's needs; and (ii) include in the short-term certificate information about the market partner's needs.
23. The apparatus of claim 22, wherein the information about the market partner's needs includes marketing offers.
24. The apparatus of claim 18, further comprising:
(e) a memory storing instructions adapted to be executed by said processor to (i) receive information about the user's spending habits; and (ii) include in the short-term certificate information about the user's spending habits.
(e) a memory storing instructions adapted to be executed by said processor to (i) receive information about the user's spending habits; and (ii) include in the short-term certificate information about the user's spending habits.
25. The apparatus of claim 18, further comprising:
(e) a memory storing instructions adapted to be executed by said processor to (i) receive from a market partner information about the market partner's needs; and (ii) include in the short-term certificate information about the market partner's needs.
(e) a memory storing instructions adapted to be executed by said processor to (i) receive from a market partner information about the market partner's needs; and (ii) include in the short-term certificate information about the market partner's needs.
26. The apparatus of claim 20, further comprising:
(e) a memory storing instructions adapted to be executed by said processor to (i) receive from a market partner information about the market partner's needs; and (ii) include in the short-term certificate information about the market parter's needs.
(e) a memory storing instructions adapted to be executed by said processor to (i) receive from a market partner information about the market partner's needs; and (ii) include in the short-term certificate information about the market parter's needs.
27. The apparatus of claim 24, further comprising:
(e) a memory storing instructions adapted to be executed by said processor to (i) receive from a market partner information about the market partner's needs; and (ii) include in the short-term certificate information about the market partner's needs.
(e) a memory storing instructions adapted to be executed by said processor to (i) receive from a market partner information about the market partner's needs; and (ii) include in the short-term certificate information about the market partner's needs.
28. A computer-readable medium that stores instructions adapted to be executed by a processor to perform the steps of:
(a) receiving a long-term certificate;
(b) authenticating a user associated with the long-term certificate;
(c) sending a short-term certificate to the user authenticated in (b).
(a) receiving a long-term certificate;
(b) authenticating a user associated with the long-term certificate;
(c) sending a short-term certificate to the user authenticated in (b).
29. The computer-readable medium of claim 28, further comprising (d) evaluating the risk associated with the user; and (e) including in the short-term certificate information about the risk associated with the user.
30. The computer-readable medium of claim 28, further comprising:
(d) receiving information about the user's spending history;
and (e) including in tire short-term certificate information about the user's spending history.
(d) receiving information about the user's spending history;
and (e) including in tire short-term certificate information about the user's spending history.
31. The computer-readable medium of claim 28, further comprising:
(d) receiving from a market partner information about the market partner's needs' (e) including in the short-term certificate information about the market partner's needs.
(d) receiving from a market partner information about the market partner's needs' (e) including in the short-term certificate information about the market partner's needs.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US6064397P | 1997-10-01 | 1997-10-01 | |
US60/060,643 | 1997-10-01 | ||
PCT/US1998/019717 WO1999019845A1 (en) | 1997-10-01 | 1998-09-21 | A method and apparatus using digital credentials and other electronic certificates for electronic transactions |
Publications (1)
Publication Number | Publication Date |
---|---|
CA2272685A1 true CA2272685A1 (en) | 1999-04-22 |
Family
ID=22030862
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002272685A Abandoned CA2272685A1 (en) | 1997-10-01 | 1998-09-21 | A method and apparatus using digital credentials and other electronic certificates for electronic transactions |
Country Status (6)
Country | Link |
---|---|
US (3) | US6125349A (en) |
EP (1) | EP0941526B1 (en) |
BR (1) | BR9806293A (en) |
CA (1) | CA2272685A1 (en) |
DE (1) | DE69809189T2 (en) |
WO (1) | WO1999019845A1 (en) |
Families Citing this family (150)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2317790B (en) * | 1996-09-26 | 1998-08-26 | Richard Billingsley | Improvements relating to electronic transactions |
US6125349A (en) * | 1997-10-01 | 2000-09-26 | At&T Corp. | Method and apparatus using digital credentials and other electronic certificates for electronic transactions |
US7356502B1 (en) * | 1998-03-03 | 2008-04-08 | Crosscheck, Inc. | Internet based payment system |
US20020174069A1 (en) * | 1998-03-03 | 2002-11-21 | Labadie Timothy S. | Check conversion plus |
US6085321A (en) * | 1998-08-14 | 2000-07-04 | Omnipoint Corporation | Unique digital signature |
CA2371791A1 (en) | 1999-02-12 | 2000-08-17 | Mack Hicks | System and method for providing certification-related and other services |
EP1617389A3 (en) * | 1999-02-18 | 2006-09-27 | Matsushita Electric Industrial Co., Ltd. | Server apparatus and terminal of a user for use in an electronic asset utilisation system |
US7571139B1 (en) * | 1999-02-19 | 2009-08-04 | Giordano Joseph A | System and method for processing financial transactions |
US7565546B2 (en) * | 1999-03-30 | 2009-07-21 | Sony Corporation | System, method and apparatus for secure digital content transmission |
US7730300B2 (en) | 1999-03-30 | 2010-06-01 | Sony Corporation | Method and apparatus for protecting the transfer of data |
US20040139004A1 (en) * | 1999-04-08 | 2004-07-15 | Aceinc Pty Ltd. | Secure online commerce transactions |
EP1049056A3 (en) * | 1999-04-26 | 2001-06-13 | CheckFree Corporation | Electronic bill presentment and/or payment clearinghouse |
US8397058B1 (en) * | 1999-07-28 | 2013-03-12 | Mondex International Limited | System and method for communication between smart cards |
US7376583B1 (en) | 1999-08-10 | 2008-05-20 | Gofigure, L.L.C. | Device for making a transaction via a communications link |
US7720762B1 (en) | 2002-10-03 | 2010-05-18 | Gofigure Payments, Llc | System and method for electronically processing commercial transactions based upon threshold amount |
CA2384158A1 (en) * | 1999-09-10 | 2001-03-15 | David Solo | System and method for providing certificate validation and other services |
US20020029200A1 (en) | 1999-09-10 | 2002-03-07 | Charles Dulin | System and method for providing certificate validation and other services |
AU7596200A (en) * | 1999-09-20 | 2001-04-24 | Ethentica, Inc. | Electronic commerce with cryptographic authentication |
US7391865B2 (en) | 1999-09-20 | 2008-06-24 | Security First Corporation | Secure data parser method and system |
US7260724B1 (en) | 1999-09-20 | 2007-08-21 | Security First Corporation | Context sensitive dynamic authentication in a cryptographic system |
CA2384242A1 (en) | 1999-09-24 | 2001-04-05 | Mary Mckenney | System and method for providing payment services in electronic commerce |
US6876991B1 (en) | 1999-11-08 | 2005-04-05 | Collaborative Decision Platforms, Llc. | System, method and computer program product for a collaborative decision platform |
US6789068B1 (en) * | 1999-11-08 | 2004-09-07 | At&T Corp. | System and method for microbilling using a trust management system |
US7039614B1 (en) | 1999-11-09 | 2006-05-02 | Sony Corporation | Method for simulcrypting scrambled data to a plurality of conditional access devices |
GB2357664B (en) * | 1999-12-22 | 2004-03-10 | Nokia Mobile Phones Ltd | Electronic commerce system |
AU782518B2 (en) * | 2000-01-07 | 2005-08-04 | International Business Machines Corporation | A method for inter-enterprise role-based authorization |
US6763459B1 (en) | 2000-01-14 | 2004-07-13 | Hewlett-Packard Company, L.P. | Lightweight public key infrastructure employing disposable certificates |
US7269726B1 (en) | 2000-01-14 | 2007-09-11 | Hewlett-Packard Development Company, L.P. | Lightweight public key infrastructure employing unsigned certificates |
US7010683B2 (en) | 2000-01-14 | 2006-03-07 | Howlett-Packard Development Company, L.P. | Public key validation service |
US7340600B1 (en) | 2000-01-14 | 2008-03-04 | Hewlett-Packard Development Company, L.P. | Authorization infrastructure based on public key cryptography |
US20060053132A1 (en) * | 2004-09-07 | 2006-03-09 | Steve Litzow | System and method for dynamic price setting and facilitation of commercial transactions |
US7072858B1 (en) * | 2000-02-04 | 2006-07-04 | Xpensewise.Com, Inc. | System and method for dynamic price setting and facilitation of commercial transactions |
US7484088B2 (en) * | 2000-03-17 | 2009-01-27 | United States Postal Service | Methods and systems for proofing identities using a certificate authority |
US7080035B1 (en) * | 2000-03-20 | 2006-07-18 | Bellsouth Intellectual Property Corp. | System and method for notifying an electronic billing vendor of a customer status change |
US20040186996A1 (en) * | 2000-03-29 | 2004-09-23 | Gibbs Benjamin K. | Unique digital signature |
AU5488301A (en) * | 2000-04-19 | 2001-08-14 | Magicaxess | Electronic payment method and device |
FR2808104B1 (en) * | 2000-04-21 | 2002-06-14 | Karim Benjelloun | ONLINE PAYMENT PROCESS |
US7593893B1 (en) | 2000-06-13 | 2009-09-22 | Fannie Mae | Computerized systems and methods for facilitating the flow of capital through the housing finance industry |
US6988082B1 (en) | 2000-06-13 | 2006-01-17 | Fannie Mae | Computerized systems and methods for facilitating the flow of capital through the housing finance industry |
US7702580B1 (en) | 2000-06-13 | 2010-04-20 | Fannie Mae | System and method for mortgage loan pricing, sale and funding |
JP2002041695A (en) * | 2000-07-27 | 2002-02-08 | Hitachi Ltd | Method for issuing certificate, method for confiring certificate and certificate issuing center system |
US6978369B2 (en) | 2000-08-04 | 2005-12-20 | First Data Corporation | Person-centric account-based digital signature system |
JP2004506245A (en) * | 2000-08-04 | 2004-02-26 | ファースト データ コーポレイション | Linking the device's public key with information during manufacture |
US6983368B2 (en) | 2000-08-04 | 2006-01-03 | First Data Corporation | Linking public key of device to information during manufacture |
US7558965B2 (en) | 2000-08-04 | 2009-07-07 | First Data Corporation | Entity authentication in electronic communications by providing verification status of device |
US7080046B1 (en) * | 2000-09-06 | 2006-07-18 | Xanboo, Inc. | Method for amortizing authentication overhead |
US7000105B2 (en) | 2000-09-08 | 2006-02-14 | Identrus, Llc | System and method for transparently providing certificate validation and other services within an electronic transaction |
EP1325599A1 (en) | 2000-09-08 | 2003-07-09 | Guy S. Tallent | System and method for providing authorization and other services |
US6807577B1 (en) | 2000-09-14 | 2004-10-19 | International Business Machines Corporation | System and method for network log-on by associating legacy profiles with user certificates |
AU2002239481A1 (en) * | 2000-10-30 | 2002-05-27 | Raf Technology, Inc. | Verification engine for user authentication |
GB0027291D0 (en) * | 2000-11-08 | 2000-12-27 | Vodafone Ltd | Biometric authentication |
US20020112170A1 (en) * | 2001-01-03 | 2002-08-15 | Foley James M. | Method and apparatus for using one financial instrument to authenticate a user for accessing a second financial instrument |
US7028009B2 (en) * | 2001-01-17 | 2006-04-11 | Contentguardiholdings, Inc. | Method and apparatus for distributing enforceable property rights |
US8069116B2 (en) | 2001-01-17 | 2011-11-29 | Contentguard Holdings, Inc. | System and method for supplying and managing usage rights associated with an item repository |
US7774279B2 (en) * | 2001-05-31 | 2010-08-10 | Contentguard Holdings, Inc. | Rights offering and granting |
US20020095390A1 (en) * | 2001-01-17 | 2002-07-18 | Benik Hovsepian | Pre-paid electronic access system and method |
KR20010035419A (en) * | 2001-02-13 | 2001-05-07 | 이종호 | Automatic ticketing system use by IC card |
GB2372342A (en) | 2001-02-17 | 2002-08-21 | Hewlett Packard Co | Determination of a credential attribute value of a digital certificate |
GB2372343A (en) | 2001-02-17 | 2002-08-21 | Hewlett Packard Co | Determination of a trust value of a digital certificate |
US20020120537A1 (en) * | 2001-02-28 | 2002-08-29 | Dominic Morea | Web based system and method for managing business to business online transactions |
US8429067B1 (en) | 2001-04-17 | 2013-04-23 | Paymentech, Llc | System and method for detecting changes in business stability |
US7747853B2 (en) | 2001-06-06 | 2010-06-29 | Sony Corporation | IP delivery of secure digital content |
US7774280B2 (en) | 2001-06-07 | 2010-08-10 | Contentguard Holdings, Inc. | System and method for managing transfer of rights using shared state variables |
AU2002312351B2 (en) * | 2001-06-07 | 2006-11-30 | Contentguard Holdings, Inc. | Method and apparatus managing the transfer of rights |
US20030018588A1 (en) * | 2001-07-23 | 2003-01-23 | Guillemin Gustavo M. | Method and processing system for using biometric characteristics to monitor machine usage |
AU2002326635A1 (en) * | 2001-08-15 | 2003-03-03 | Shea Writer | Methods for verifying cardholder authenticity and for creating billing address database |
US6854057B2 (en) * | 2001-09-06 | 2005-02-08 | America Online, Inc. | Digital certificate proxy |
US20030074315A1 (en) * | 2001-10-16 | 2003-04-17 | Sterling National Bank | System and apparatus for remotely printing certified documents |
US8020201B2 (en) | 2001-10-23 | 2011-09-13 | Intel Corporation | Selecting a security format conversion for wired and wireless devices |
US8601566B2 (en) * | 2001-10-23 | 2013-12-03 | Intel Corporation | Mechanism supporting wired and wireless methods for client and server side authentication |
US20030167231A1 (en) * | 2002-03-04 | 2003-09-04 | First Data Corporation | Method and system for processing credit card payments |
JP3657263B2 (en) * | 2002-03-29 | 2005-06-08 | 有限会社スペースビックバーン | Consideration payment management method and server, consideration payment management program, computer-readable recording medium, consideration payment management medium, and consideration payment recording medium |
US7343623B2 (en) * | 2002-05-29 | 2008-03-11 | Raf Technology, Inc. | Authentication query strategizer and results compiler |
US20040078331A1 (en) * | 2002-10-17 | 2004-04-22 | Fakih Adonis El | Payment system using electronic stamps |
US7729996B2 (en) * | 2002-11-01 | 2010-06-01 | Checkfree Corporation | Reuse of an EBP account through alternate authentication |
US8073773B2 (en) * | 2002-11-01 | 2011-12-06 | Checkfree Corporation | Technique for identifying probable billers of a consumer |
US7724907B2 (en) | 2002-11-05 | 2010-05-25 | Sony Corporation | Mechanism for protecting the transfer of digital content |
US8572408B2 (en) | 2002-11-05 | 2013-10-29 | Sony Corporation | Digital rights management of a digital device |
US6904136B1 (en) * | 2002-11-18 | 2005-06-07 | Sprint Communications Company, L.P. | Secure method of payment |
US6860423B2 (en) * | 2002-12-19 | 2005-03-01 | Ncr Corporation | Serialized system for image replacement documents |
AU2003297296A1 (en) | 2002-12-30 | 2004-07-29 | Fannie Mae | System and method for creating and tracking agreements for selling loans to a secondary market purchaser |
AU2003295787A1 (en) | 2002-12-30 | 2004-07-29 | Fannie Mae | System and method for facilitating delivery of a loan to a secondary mortgage market purchaser |
WO2004061556A2 (en) | 2002-12-30 | 2004-07-22 | Fannie Mae | System and method of processing data pertaining to financial assets |
US8666879B1 (en) | 2002-12-30 | 2014-03-04 | Fannie Mae | Method and system for pricing forward commitments for mortgage loans and for buying committed loans |
US7742981B2 (en) | 2002-12-30 | 2010-06-22 | Fannie Mae | Mortgage loan commitment system and method |
WO2004061565A2 (en) | 2002-12-30 | 2004-07-22 | Fannie Mae | System and method for facilitating sale of a loan to a secondary market purchaser |
AU2003295771A1 (en) * | 2002-12-30 | 2004-07-29 | Fannie Mae | System and method for defining loan products |
US7593889B2 (en) | 2002-12-30 | 2009-09-22 | Fannie Mae | System and method for processing data pertaining to financial assets |
AU2003298688A1 (en) | 2002-12-30 | 2004-07-29 | Fannie Mae | System and method for pricing loans in the secondary mortgage market |
US20040128230A1 (en) | 2002-12-30 | 2004-07-01 | Fannie Mae | System and method for modifying attribute data pertaining to financial assets in a data processing system |
US7885889B2 (en) | 2002-12-30 | 2011-02-08 | Fannie Mae | System and method for processing data pertaining to financial assets |
US20040181665A1 (en) * | 2003-03-12 | 2004-09-16 | Houser Daniel D. | Trust governance framework |
US8019989B2 (en) * | 2003-06-06 | 2011-09-13 | Hewlett-Packard Development Company, L.P. | Public-key infrastructure in network management |
US8046298B1 (en) | 2003-07-21 | 2011-10-25 | Fannie Mae | Systems and methods for facilitating the flow of capital through the housing finance industry |
US7653592B1 (en) | 2003-12-01 | 2010-01-26 | Fannie Mae | System and method for processing a loan |
US7822680B1 (en) | 2003-12-31 | 2010-10-26 | Fannie Mae | System and method for managing data pertaining to a plurality of financial assets for multifamily and housing developments |
US7657475B1 (en) | 2003-12-31 | 2010-02-02 | Fannie Mae | Property investment rating system and method |
US20110010238A1 (en) * | 2004-03-01 | 2011-01-13 | Richard Postrel | Method and system for issuing, aggregating and redeeming merchant rewards |
US20050279827A1 (en) * | 2004-04-28 | 2005-12-22 | First Data Corporation | Methods and systems for providing guaranteed merchant transactions |
SE0401411D0 (en) * | 2004-06-02 | 2004-06-02 | Solidx Ab | Securing electronic transactions |
US7314166B2 (en) * | 2004-06-16 | 2008-01-01 | American Express Travel Related Services Company, Inc. | System and method for calculating recommended charge limits |
US7451308B2 (en) * | 2004-10-12 | 2008-11-11 | Sap Ag | Method and system to automatically evaluate a participant in a trust management infrastructure |
KR20060032888A (en) * | 2004-10-13 | 2006-04-18 | 한국전자통신연구원 | Apparatus for managing identification information via internet and method of providing service using the same |
US8266438B2 (en) | 2004-10-25 | 2012-09-11 | Security First Corp. | Secure data parser method and system |
US7143936B2 (en) * | 2005-02-09 | 2006-12-05 | American Express Travel Related Services Company, Inc. | System and method for calculating expected approval rates |
US7676433B1 (en) | 2005-03-24 | 2010-03-09 | Raf Technology, Inc. | Secure, confidential authentication with private data |
US7801809B1 (en) | 2005-06-24 | 2010-09-21 | Fannie Mae | System and method for management of delegated real estate project reviews |
US7840489B2 (en) * | 2005-07-01 | 2010-11-23 | Sony Corporation | Key sharing for DRM interoperability |
US20070162366A1 (en) * | 2005-12-30 | 2007-07-12 | Ebay Inc. | Anti-phishing communication system |
US8280805B1 (en) | 2006-01-10 | 2012-10-02 | Sas Institute Inc. | Computer-implemented risk evaluation systems and methods |
US7912773B1 (en) | 2006-03-24 | 2011-03-22 | Sas Institute Inc. | Computer-implemented data storage systems and methods for use with predictive model systems |
US7747526B1 (en) | 2006-03-27 | 2010-06-29 | Fannie Mae | System and method for transferring mortgage loan servicing rights |
US20070255620A1 (en) * | 2006-03-30 | 2007-11-01 | Obopay Inc. | Transacting Mobile Person-to-Person Payments |
EP2100404B1 (en) | 2006-11-07 | 2016-01-27 | Security First Corp. | Systems and methods for distributing and securing data |
EP2482218A3 (en) | 2006-12-05 | 2012-10-31 | Security First Corporation | Improved storage backup method using a secure data parser |
US8346691B1 (en) | 2007-02-20 | 2013-01-01 | Sas Institute Inc. | Computer-implemented semi-supervised learning systems and methods |
US8015133B1 (en) | 2007-02-20 | 2011-09-06 | Sas Institute Inc. | Computer-implemented modeling systems and methods for analyzing and predicting computer network intrusions |
US8190512B1 (en) | 2007-02-20 | 2012-05-29 | Sas Institute Inc. | Computer-implemented clustering systems and methods for action determination |
US20090319425A1 (en) * | 2007-03-30 | 2009-12-24 | Obopay, Inc. | Mobile Person-to-Person Payment System |
CN103152170A (en) | 2007-09-14 | 2013-06-12 | 安全第一公司 | Systems and methods for managing cryptographic keys |
US10726440B1 (en) * | 2007-11-02 | 2020-07-28 | Fair Isaac Corporation | System and method for executing consumer transactions based on credential information relating to the consumer |
US10002384B1 (en) * | 2007-12-20 | 2018-06-19 | Jpmorgan Chase Bank, N.A. | Automated card notification system and method |
US8793487B2 (en) | 2008-01-18 | 2014-07-29 | Identrust, Inc. | Binding a digital certificate to multiple trust domains |
US8656167B2 (en) | 2008-02-22 | 2014-02-18 | Security First Corp. | Systems and methods for secure workgroup management and communication |
EP2266083A4 (en) * | 2008-03-14 | 2012-01-25 | Obopay Inc | Network-based viral payment system |
US8521631B2 (en) | 2008-05-29 | 2013-08-27 | Sas Institute Inc. | Computer-implemented systems and methods for loan evaluation using a credit assessment framework |
US20100082133A1 (en) * | 2008-09-30 | 2010-04-01 | Ics Triplex Isagraf Inc. | Application builder for industrial automation |
US10943030B2 (en) | 2008-12-15 | 2021-03-09 | Ibailbonding.Com | Securable independent electronic document |
US9235831B2 (en) | 2009-04-22 | 2016-01-12 | Gofigure Payments, Llc | Mobile payment systems and methods |
CN102428686A (en) | 2009-05-19 | 2012-04-25 | 安全第一公司 | Systems and methods for securing data in the cloud |
US8505813B2 (en) | 2009-09-04 | 2013-08-13 | Bank Of America Corporation | Customer benefit offer program enrollment |
CA2781872A1 (en) | 2009-11-25 | 2011-06-09 | Security First Corp. | Systems and methods for securing data in motion |
JP5663083B2 (en) | 2010-03-31 | 2015-02-04 | セキュリティー ファースト コープ. | System and method for securing data in motion |
US8824492B2 (en) | 2010-05-28 | 2014-09-02 | Drc Computer Corporation | Accelerator system for remote data storage |
US8499150B1 (en) * | 2010-11-11 | 2013-07-30 | Symantec Corporation | Selectively trusting signed files |
US9892419B1 (en) | 2011-05-09 | 2018-02-13 | Bank Of America Corporation | Coupon deposit account fraud protection system |
US8751298B1 (en) | 2011-05-09 | 2014-06-10 | Bank Of America Corporation | Event-driven coupon processor alert |
US8768866B2 (en) | 2011-10-21 | 2014-07-01 | Sas Institute Inc. | Computer-implemented systems and methods for forecasting and estimation using grid regression |
KR101316377B1 (en) * | 2012-12-26 | 2013-10-08 | 신한카드 주식회사 | Control method for mobile transaction device |
US9881177B2 (en) | 2013-02-13 | 2018-01-30 | Security First Corp. | Systems and methods for a cryptographic file system layer |
US9594907B2 (en) | 2013-03-14 | 2017-03-14 | Sas Institute Inc. | Unauthorized activity detection and classification |
US9231979B2 (en) | 2013-03-14 | 2016-01-05 | Sas Institute Inc. | Rule optimization for classification and detection |
US9733849B2 (en) | 2014-11-21 | 2017-08-15 | Security First Corp. | Gateway for cloud-based secure storage |
US9843452B2 (en) * | 2014-12-15 | 2017-12-12 | Amazon Technologies, Inc. | Short-duration digital certificate issuance based on long-duration digital certificate validation |
US10826900B1 (en) * | 2014-12-31 | 2020-11-03 | Morphotrust Usa, Llc | Machine-readable verification of digital identifications |
US10769626B2 (en) * | 2015-12-17 | 2020-09-08 | Mastercard International Incorporated | Method and system for distribution, use and validation of electronic entitlement certificates |
US10313480B2 (en) | 2017-06-22 | 2019-06-04 | Bank Of America Corporation | Data transmission between networked resources |
US10511692B2 (en) | 2017-06-22 | 2019-12-17 | Bank Of America Corporation | Data transmission to a networked resource based on contextual information |
US10524165B2 (en) | 2017-06-22 | 2019-12-31 | Bank Of America Corporation | Dynamic utilization of alternative resources based on token association |
CN107527201A (en) * | 2017-07-03 | 2017-12-29 | 阿里巴巴集团控股有限公司 | Data processing method, device and equipment |
Family Cites Families (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5623547A (en) * | 1990-04-12 | 1997-04-22 | Jonhig Limited | Value transfer system |
CA2194475A1 (en) * | 1994-07-19 | 1996-02-01 | Frank W. Sudia | Method for securely using digital signatures in a commercial cryptographic system |
US5797133A (en) * | 1994-08-31 | 1998-08-18 | Strategic Solutions Group, Inc | Method for automatically determining the approval status of a potential borrower |
US5717989A (en) * | 1994-10-13 | 1998-02-10 | Full Service Trade System Ltd. | Full service trade system |
US5715314A (en) * | 1994-10-24 | 1998-02-03 | Open Market, Inc. | Network sales system |
US5732400A (en) * | 1995-01-04 | 1998-03-24 | Citibank N.A. | System and method for a risk-based purchase of goods |
IL113259A (en) * | 1995-04-05 | 2001-03-19 | Diversinet Corp | Apparatus and method for safe communication handshake and data transfer |
US5677955A (en) * | 1995-04-07 | 1997-10-14 | Financial Services Technology Consortium | Electronic funds transfer instruments |
CA2223787A1 (en) * | 1995-06-06 | 1996-12-12 | Interactive Media Works, L.L.C. | Promotional and product on-line help methods via internet |
US5692132A (en) * | 1995-06-07 | 1997-11-25 | Mastercard International, Inc. | System and method for conducting cashless transactions on a computer network |
US5790677A (en) * | 1995-06-29 | 1998-08-04 | Microsoft Corporation | System and method for secure electronic commerce transactions |
US5794221A (en) * | 1995-07-07 | 1998-08-11 | Egendorf; Andrew | Internet billing method |
US5761648A (en) * | 1995-07-25 | 1998-06-02 | Interactive Coupon Network | Interactive marketing network and process using electronic certificates |
US5768385A (en) * | 1995-08-29 | 1998-06-16 | Microsoft Corporation | Untraceable electronic cash |
US5878403A (en) * | 1995-09-12 | 1999-03-02 | Cmsi | Computer implemented automated credit application analysis and decision routing system |
US5671279A (en) * | 1995-11-13 | 1997-09-23 | Netscape Communications Corporation | Electronic commerce using a secure courier system |
US6138107A (en) * | 1996-01-04 | 2000-10-24 | Netscape Communications Corporation | Method and apparatus for providing electronic accounts over a public network |
US5862325A (en) * | 1996-02-29 | 1999-01-19 | Intermind Corporation | Computer-based communication system and method using metadata defining a control structure |
US5850442A (en) * | 1996-03-26 | 1998-12-15 | Entegrity Solutions Corporation | Secure world wide electronic commerce over an open network |
US5987140A (en) * | 1996-04-26 | 1999-11-16 | Verifone, Inc. | System, method and article of manufacture for secure network electronic payment and credit collection |
US5915022A (en) * | 1996-05-30 | 1999-06-22 | Robinson; Rodney Aaron | Method and apparatus for creating and using an encrypted digital receipt for electronic transactions |
US6070150A (en) * | 1996-10-18 | 2000-05-30 | Microsoft Corporation | Electronic bill presentment and payment system |
US5903882A (en) * | 1996-12-13 | 1999-05-11 | Certco, Llc | Reliance server for electronic transaction system |
US7003480B2 (en) * | 1997-02-27 | 2006-02-21 | Microsoft Corporation | GUMP: grand unified meta-protocol for simple standards-based electronic commerce transactions |
US6477513B1 (en) * | 1997-04-03 | 2002-11-05 | Walker Digital, Llc | Method and apparatus for executing cryptographically-enabled letters of credit |
US6125349A (en) * | 1997-10-01 | 2000-09-26 | At&T Corp. | Method and apparatus using digital credentials and other electronic certificates for electronic transactions |
-
1998
- 1998-06-30 US US09/107,785 patent/US6125349A/en not_active Expired - Lifetime
- 1998-09-21 CA CA002272685A patent/CA2272685A1/en not_active Abandoned
- 1998-09-21 WO PCT/US1998/019717 patent/WO1999019845A1/en active IP Right Grant
- 1998-09-21 DE DE69809189T patent/DE69809189T2/en not_active Expired - Lifetime
- 1998-09-21 EP EP98947187A patent/EP0941526B1/en not_active Expired - Lifetime
- 1998-09-21 BR BR9806293-0A patent/BR9806293A/en not_active Application Discontinuation
-
2000
- 2000-03-09 US US09/521,685 patent/US7043441B1/en not_active Expired - Fee Related
-
2006
- 2006-01-05 US US11/326,067 patent/US7577609B1/en not_active Expired - Fee Related
Also Published As
Publication number | Publication date |
---|---|
DE69809189T2 (en) | 2003-08-28 |
DE69809189D1 (en) | 2002-12-12 |
BR9806293A (en) | 2001-09-18 |
EP0941526A1 (en) | 1999-09-15 |
WO1999019845A1 (en) | 1999-04-22 |
US6125349A (en) | 2000-09-26 |
EP0941526B1 (en) | 2002-11-06 |
US7043441B1 (en) | 2006-05-09 |
US7577609B1 (en) | 2009-08-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2272685A1 (en) | A method and apparatus using digital credentials and other electronic certificates for electronic transactions | |
US20180053167A1 (en) | Processing of financial transactions using debit networks | |
Sumanjeet | Emergence of payment systems in the age of electronic commerce: The state of art | |
US7731086B2 (en) | System and method for mass transit merchant payment | |
US7204412B2 (en) | Family stored value card program | |
KR100641824B1 (en) | A payment information input method and mobile commerce system using symmetric cipher system | |
CN107230055B (en) | Method and system for paying digital currency | |
CN107230079B (en) | Method and system for off-line payment by using digital currency chip card | |
US20120054104A1 (en) | Approving the use of the source of funds | |
US20140337206A1 (en) | Electronic Currency System | |
Harb et al. | SecureSMSPay: secure SMS mobile payment model | |
JP2002512711A (en) | Transaction method with portable identification element | |
BRPI0721200A2 (en) | METHOD, AND COMPUTER-READABLE MEANS | |
CN112037068A (en) | Resource transfer method, system, device, computer equipment and storage medium | |
US9165297B2 (en) | Virtual account and token-based digital cash protocols | |
EP1334440A1 (en) | A computerized method and system for a secure on-line transaction using cardholder authentication | |
CN107230071B (en) | Method and system for exchanging digital currency into physical cash | |
US20020042781A1 (en) | Universal and interoperable system and method utilizing a universal cardholder authentication field (UCAF) for authentication data collection and validation | |
CN107230299B (en) | Bank storage method and system for digital currency | |
US20040139015A1 (en) | Method for preparing a payment transaction in a communication network | |
CN107230300B (en) | Method and system for exchanging physical cash by using digital currency chip card | |
CN107230072B (en) | Method and system for online payment using digital currency chip card | |
CN112215590A (en) | Virtual digital currency double-off-line payment method | |
JP7258378B2 (en) | Systems and methods for processing payment transactions over blockchain networks | |
TWI226562B (en) | Financial information input method using symmetrical key security algorithm and commercial transaction system for mobile communications |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
FZDE | Discontinued |