CA2384250A1 - Method of and system for making purchases over a computer network - Google Patents
Method of and system for making purchases over a computer network Download PDFInfo
- Publication number
- CA2384250A1 CA2384250A1 CA002384250A CA2384250A CA2384250A1 CA 2384250 A1 CA2384250 A1 CA 2384250A1 CA 002384250 A CA002384250 A CA 002384250A CA 2384250 A CA2384250 A CA 2384250A CA 2384250 A1 CA2384250 A1 CA 2384250A1
- Authority
- CA
- Canada
- Prior art keywords
- computer
- network
- location
- over
- consumer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/02—Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
- G06Q20/102—Bill distribution or payments
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
- G06Q20/105—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems involving programming of a portable memory device, e.g. IC cards, "electronic purses"
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
- G06Q20/3674—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/385—Payment protocols; Details thereof using an alias or single-use codes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
- G06Q30/0601—Electronic shopping [e-shopping]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
- G06Q30/0601—Electronic shopping [e-shopping]
- G06Q30/0603—Catalogue ordering
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
- G06Q30/0601—Electronic shopping [e-shopping]
- G06Q30/0613—Third-party assisted
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
- G06Q30/08—Auctions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/03—Credit; Loans; Processing thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
Abstract
A method of and system (10) for making purchases over a computer network using an ATM card or the like is provided. In accordance with the invention, a consumer (12) transmits his ATM card number over the network (24) to an on-line merchant (16). The on-line merchant (16) then forwards the ATM card number to a third party contractor (20), such as a bank, that will oversee and authorize the transaction. Simultaneously or thereafter, the consumer (12) transmits his PIN over the network to the third party contractor (20), who verifies that the ATM card number and PIN are valid.
Description
TITLE OF THE INVENTION
Method of and System for Making Purchases Over a Computer Network BACKGROUND OF THE INVENTION
1. Field of the Invention The present invention generally relates to a method of and system for making purchases over a computer network and, more particularly, to a method of and system for making purchases of goods and services over the Internet or other non-secure computer network using an automated-teller-machine (ATM) card, debit card or any other card which may require a valid personal-identification-number (PIN) for transaction authorization.
Method of and System for Making Purchases Over a Computer Network BACKGROUND OF THE INVENTION
1. Field of the Invention The present invention generally relates to a method of and system for making purchases over a computer network and, more particularly, to a method of and system for making purchases of goods and services over the Internet or other non-secure computer network using an automated-teller-machine (ATM) card, debit card or any other card which may require a valid personal-identification-number (PIN) for transaction authorization.
2. Description of the Prior Art The use of personal computers by consumers to purchase goods and services over the Internet via the World Wide Web and e-mail has become very popular in recent years and constitutes an ever-increasing part of the economy. In making a purchase over the Internet, the typical consumer uses a credit card or ATM card. After making his purchase selection, the consumer transmits his card information over the Internet to the on-line merchant. The on-line merchant then contacts the issuing bank to verify the card information and obtain authorization to complete the transaction. Depending on the response from the bank, the on-line merchant either accepts or rejects the purchase.
Because the Internet is a non-secure (i.e., public) network, there is a danger that the consumer's credit card or ATM card information will be intercepted by a third party.
If that third party is dishonest, he can make illegal charges to the credit card or, in the case of an ATM card, remove money directly from the consumer's bank account.
In recent years, numerous approaches have been implemented to reduce this security risk.
The most popular approach has been sophisticated encryption techniques which render the credit card or ATM card data virtually unreadable to third parties, such as 128-bit secure-sockets-layer (SSL) encryption.
When making purchases over the Internet using an ATM card, however, security considerations take on an added importance because, unlike with transactions at ATM
machines, PINS are presently not used in ATM transactions on the Internet.
Thus, should the ATM card number fall into the hands of an unscrupulous third party, the card-holder's entire bank account can be wiped out through fraudulent Internet transactions.
One way to overcome this problem is to require the use of PINs in ATM
transactions on the Internet. This has not been possible to date, however, because on-line merchants do not have the ability to verify PINs. Additionally, it is not desirable to provide the on-line merchant with both the ATM card number and the corresponding PIN
since unscrupulous employees of the on-line merchant can use the PIN to illegally access the card-holder's bank account and withdraw money therefrom.
Accordingly, it is an object of the present invention to provide a new method of and system for making purchases over the Internet using an ATM card wherein a valid PIN is required in order to obtain authorization for a given transaction. It is another object of the present invention to provide a new method of and system for making purchases over the Internet using an ATM card wherein a valid PIN is required in order to obtain authorization for a given transaction, and wherein the PIN is not supplied to the on-line merchant.
SUMMARY OF THE INVENTION
In accordance with a first aspect of the present invention, a method of making purchases over a non-secure computer network using an ATM card is provided. In accordance with said method, a consumer transmits his ATM card number over the network to an on-line merchant. The on-line merchant then forwards the ATM
card number to a third party contractor, such as a bank, that will oversee and authorize the transaction. Simultaneously or thereafter, the consumer transmits his PIN over the network to the third party contractor, bypassing the on-line merchant. Having both the ATM card number and the PIN, the third party contractor verifies that the ATM
card number and PIN are correct, checks for sufficiency of funds, and either authorizes or denies the transaction. The authorization or denial is communicated to the on-line merchant over the network, who either completes or rejects the purchase and so notifies the consumer.
In accordance with a second aspect of the present invention, a system for making purchases over a non-secure computer network using an ATM card is provided.
The system includes first, second and third computers connected to a computer network. The first computer transmits the consumer's ATM card number over the network to the second computer, which is operated by or for the on-line merchant. The second computer forwards the ATM card number over the network to the third computer, which is operated by or for the third party contractor. Simultaneously or thereafter, the first computer transmits the consumer's PIN over the network to the third computer, bypassing the second computer. The third computer then verifies that the ATM card number and PIN
are correct and that there are sufficient funds in the bank account to cover the transaction amount. The third computer then transmits the results of the verification procedure to the second computer. Depending on the verification results, the purchase is either completed or rej ected.
The present invention will now be described in detail, with frequent reference being made to the drawings identified below.
BRIEF DESCRIPTION OF THE DRAWINGS
In the accompanying drawings:
figure 1 is a block diagram of a system in accordance with one embodiment of the present invention;
figure 2 is a flow chart which illustrates the operation of the system of figure 1;
figure 3 shows a possible graphical user interface which can be used to enable the consumer to enter and transmit his PIN to the third party contractor;
figure 4 is a diagram which summarizes the flow of data through the system of figure 1.
DESCRIPTION OF THE PREFERRED EMBODIMENT
A system 10 in accordance with one embodiment of the present invention is schematically shown in figure 1. The system 10 includes a first computer 12 at a consumer location 14, a second computer 16 at an on-line merchant location 18, and a third computer 20 at a third party contractor location 22. The three computers 12, 16, 20 are connected together over a computer network 24 which, for purposes of this discussion, is the Internet, although the present invention may be practiced on any public or private computer network or combination thereof. As those of ordinary skill in the art know, the Internet 24 is a complex and amorphous computer network that comprises thousands of nodes and components and over which signals are transmitted by, inter alia, telephone lines, satellites and optical fibers.
The first computer 12, which will generally be located at the consumer's home or business (consumer location 14), will typically be a conventional personal computer (PC) that includes a chassis that houses a central processing unit (CPU) and supporting circuitry, as well as a floppy drive, a hard drive and an internal modem.
Connected to the CPU through the chassis are a keyboard, a mouse and a monitor. The keyboard and mouse are used by the consumer to control the operation of the first computer 12 and to input information into the first computer 12. The first computer 12 will usually be coupled to the Internet via a telephone line connected to the modem, although the computer can be connected to the Internet via a high speed data transmission line. The consumer will typically connect to the Internet using an Internet service provider, such as ErolsTM or America OnLineTM, but may have a direct connection to the Internet.
Although a conventional PC will typically be used by the consumer, the consumer may use any type of computer that can be connected to the Internet, including a work station on a local area network, and any operating system. The particular details of the first computer 12 are largely irrelevant to the present invention. The first computer 12 merely serves as a convenient interface for the consumer to place orders for goods and services over the Internet.
Next shown in figure 1 is the second computer 16 which is located at the on-line merchant location 18. The second computer 16 will preferably be a more powerful machine than a personal computer, such as a workstation, although a personal computer may also be used by the on-line merchant. Again, the particular details of the second computer 16 are largely irrelevant to the present invention.
Typically, the second computer 16 will be a Web server (a computer that provides direct access to the World Wide Web on the Internet and includes the necessary hardware, operating system, Web server software, TCP/IP protocols and Web site content) owned and operated by the on-line merchant or by an Internet service provider with whom the on-line merchant has contracted. For purposes of this discussion, the on-line merchant location 18 refers to the location of the second computer 16, and not necessarily the actual physical location of the on-line merchant.
Preferably, the second computer 16 will be running Windows NTTM 4.0, using Internet Information ServerTM 4.0 and Commerce ServerTM 3Ø The CPU of the second computer 16 must have acceptable power and should have at least 64 megabytes of RAM.
The second computer 16 will typically have an on-line catalog in memory which can be accessed and browsed by the consumer over the Internet 24 through an appropriate graphical use interface (GUI) supplied by the on-line merchant.
Next shown in figure 1 is the third computer 20 which is located at the third party contractor location 22. The third party contractor is an independent, insured organization, such as a bank, that has contracted with the on-line merchant to provide ATM
services.
Although the third computer 20 can be a personal computer, as with the second computer 16 it will preferably be a much more powerful machine, such as a workstation.
The third computer 20 is likewise preferably a Web server owned and operated by the third party contractor or by an Internet service provider with whom the third party contractor has contracted. The third party contractor location 22 refers to the location of the third computer 20 and not necessarily the actual physical location of the third party contractor.
As with the first and second computers 12, 16, the particular details of the third computer 20 are largely irrelevant to the present invention, so long as the third computer 20 is capable of performing the functions described herein. Preferably, the third computer is Compaq ProLiantTM server running at 500 MHZ with 128 MB RAM and using Windows NTTM 4Ø
The flow chart 26 provided in figure 2 illustrates the operation of the system 10.
As shown in block 28, the consumer initially establishes a connection over the Internet between the first computer 12 and the second computer 16 by accessing the on-line merchant's Web site using a commercially available browser, such as Internet ExplorerTM
or Netscape NavigatorTM. Then, as shown in blocks 30 and 32, using a GUI
supplied by the on-line merchant, the consumer browses the on-line catalog, selecting which goods and/or services he wishes to purchase. Once the consumer makes his selection and is ready to place an order, the consumer transmits a purchase order message over the Internet to the on-line merchant (block 34).
The consumer is then prompted for his payment information, as indicated in block 36, which for purposes of the present discussion is an ATM card number and expiration date, although the payment information can include additional data such as the consumer's name and address. The consumer then transmits his payment information over the Internet to the on-line merchant, as indicated in block 38. As used herein, the term "ATM card" includes bank cards, debit cards and any other cards for which the issuing bank or organization may require a valid PIN for use. The payment information is transmitted over the Internet using an encrypted connection, such as 128-bit encryption SSL.
When the on-line merchant receives the ATM card number, or earlier, the second computer 16 creates a unique session identifier by combining the consumer's IP
address, which uniquely identifies the consumer, with a date/time stamp. The ATM card number is then forwarded, or echoed, over the Internet by the second computer 16 to the third computer 20 at the third party contractor location 22 (block 40), along with the unique session identifier, a merchant id which uniquely identifies the on-line merchant, a terminal id which identifies the terminal being used by the on-line merchant, the expiration date of the ATM card and the purchase price. This data package is stored in memory on the third computer in a queue. Once again, 128-bit encryption SSL is preferably used.
The data package transmitted by the second computer 16 to the third computer is preferably transmitted in an industry standard format, such as ISO 8583 or VISA-K
format. However, the present invention is not limited to any particular format and may be used with any format which an on-line merchant might desire. A sample computer program written in Java which creates the unique session identifier and formats the data package is provided in Appendix A. This program is designed to run as an Active Server Page on Internet Server 4.0 under Windows NT 4.0, although the program can be used on other platforms and programming environments, and can readily be implemented by one of ordinary skill in the art. No express or implied license is granted herein to reproduce, prepare derivative works, distribute copies, display, or otherwise use the program attached hereto as Appendix A, except that the program may be reproduced as an appendix to a patent issuing herefrom.
Simultaneously or soon thereafter, the second computer executes a hyperlink to the third computer and the consumer is prompted by the third computer to input his PIN
(block 42). The consumer inputs his PIN into the first computer 12 and transmits it over the Internet to the third computer 20 (block 44). The connection between the first computer 12 and third computer 20 is encrypted and independent of the connection between the first computer 12 and the second computer 16 so that the on-line merchant is never in possession of the PIN. As with the second computer 16, the first computer 12 transmits the unique session identifier, the merchant id, the terminal id, the expiration date of the ATM card and the purchase price to the third computer 20 along with the PIN
in a data package.
Figure 3 shows a typical GUI 46 which may be supplied by the third-party contractor and which pops up on the consumer's screen to allow the consumer to enter his PIN and transmit it to the third party contractor. As is clear from figure 3, the GUI 46 emulates an actual ATM machine and includes a simulated key pad 48 and a screen 50.
The screen 50 indicates the on-line merchant's name and mailing address 52 and the purchase price 54. Using his mouse, the consumer inputs his PIN, as shown by the series of dots 56. By pressing the SUBMIT button 58, the PIN number is transmitted to the third party contractor. If the consumer makes a mistake, he presses the CLEAR
button 60 and re-types his PIN. If the consumer needs help from the third party contractor, he simply presses the HELP button 62, which causes a help menu provided by the third party contractor to pop up on the screen, which may then be navigated by the consumer.
The third computer 20 next verifies that the ATM card number and PIN are valid (block 64). Because the third-party contractor may be overseeing multiple transactions at any given time, the third computer 20 must synchronize the data packages received from the first and second computers 12, 16. To do this, the third computer 20 matches the unique session identifier, the merchant id, the terminal id, the expiration date of the ATM
card and the purchase price fields contained in the data packages received from the first and second computers 12, 16. A sample computer program for synchronizing the packages received from the first and second computers 12, 16 is provided in Appendix B.
The program is written in C++ and can readily be implemented by one of ordinary skill in the art. No express or implied license is granted herein to reproduce, prepare derivative works, distribute copies, display, or otherwise use the program attached hereto as Appendix B, except that the program may be reproduced as an appendix to a patent issuing herefrom.
All of the forgoing data fields must match in order for the transaction to take place. For security reasons, a two minute window for matching is preferably implemented. If there is no match within the two minute window, the transaction is aborted.
Once the data packages from the first and second computers 12, 16 are synchronized by the third computer 20, the third computer checks the ATM card number and PIN. If the ATM card number and PIN are invalid, the third computer 20 so informs the second computer 16 and the on-line merchant rejects the purchase order and notifies the consumer (block 66). If the ATM card number and PIN are valid, the third computer checks to see whether there are sufficient funds to cover the purchase price 56 (block 68). If there are sufficient funds in the account, the third computer transmits an authorization message to the second computer, debits the consumer's account, the 1 S purchase is completed and the consumer is notified (block 70). If there are insufficient funds, a rejection message is transmitted, the on-line merchant rejects the purchase and the consumer is notified (block 72).
If the ATM card was issued by the third party contractor, the verification steps (blocks 64 and 68) may be done by simply accessing an internal database in or connected 20 to the third computer 20. If, however, the ATM card was issued by another bank, then the third party contractor must verify the card information by contacting the issuing bank, either directly over a secure line, through a private ATM network, such as CIRRUS, or through any other available avenue.
The data flow through the system is summarized in figure 4. First, the consumer (first computer) transmits his ATM card number over the network to the on-line merchant (second computer) (block 74). Second, the on-line merchant forwards the ATM
card number over the network to the third party contractor (third computer) (block 76). Third, the consumer transmits his PIN over the network to the third party contractor (block 78).
As figure 4 indicates, the on-line merchant is completely bypassed and never receives the PIN. Fourth, the third party contractor verifies the ATM card number and PIN
and checks for sufficiency of funds (block 80). Fifth, the third party contractor transmits the results of the verification process over the network to the on-line merchant (block 82).
And sixth, the on-line merchant forwards the results over the network to the consumer, either completing or rejecting the purchase, depending on the verification results (block 84).
Thus, in accordance with the foregoing the objects of the present invention are achieved. Modifications to the present invention would be obvious to those of ordinary skill in the art, but would not bring the invention so modified beyond the scope of the appended claims.
APPENDIX A
import java.io.*~
import java.net.*;
import java.util.*;
import java.util.Date ;
import com.ms.com.*;
import com.ms.asp.*;
public class JRoute
Because the Internet is a non-secure (i.e., public) network, there is a danger that the consumer's credit card or ATM card information will be intercepted by a third party.
If that third party is dishonest, he can make illegal charges to the credit card or, in the case of an ATM card, remove money directly from the consumer's bank account.
In recent years, numerous approaches have been implemented to reduce this security risk.
The most popular approach has been sophisticated encryption techniques which render the credit card or ATM card data virtually unreadable to third parties, such as 128-bit secure-sockets-layer (SSL) encryption.
When making purchases over the Internet using an ATM card, however, security considerations take on an added importance because, unlike with transactions at ATM
machines, PINS are presently not used in ATM transactions on the Internet.
Thus, should the ATM card number fall into the hands of an unscrupulous third party, the card-holder's entire bank account can be wiped out through fraudulent Internet transactions.
One way to overcome this problem is to require the use of PINs in ATM
transactions on the Internet. This has not been possible to date, however, because on-line merchants do not have the ability to verify PINs. Additionally, it is not desirable to provide the on-line merchant with both the ATM card number and the corresponding PIN
since unscrupulous employees of the on-line merchant can use the PIN to illegally access the card-holder's bank account and withdraw money therefrom.
Accordingly, it is an object of the present invention to provide a new method of and system for making purchases over the Internet using an ATM card wherein a valid PIN is required in order to obtain authorization for a given transaction. It is another object of the present invention to provide a new method of and system for making purchases over the Internet using an ATM card wherein a valid PIN is required in order to obtain authorization for a given transaction, and wherein the PIN is not supplied to the on-line merchant.
SUMMARY OF THE INVENTION
In accordance with a first aspect of the present invention, a method of making purchases over a non-secure computer network using an ATM card is provided. In accordance with said method, a consumer transmits his ATM card number over the network to an on-line merchant. The on-line merchant then forwards the ATM
card number to a third party contractor, such as a bank, that will oversee and authorize the transaction. Simultaneously or thereafter, the consumer transmits his PIN over the network to the third party contractor, bypassing the on-line merchant. Having both the ATM card number and the PIN, the third party contractor verifies that the ATM
card number and PIN are correct, checks for sufficiency of funds, and either authorizes or denies the transaction. The authorization or denial is communicated to the on-line merchant over the network, who either completes or rejects the purchase and so notifies the consumer.
In accordance with a second aspect of the present invention, a system for making purchases over a non-secure computer network using an ATM card is provided.
The system includes first, second and third computers connected to a computer network. The first computer transmits the consumer's ATM card number over the network to the second computer, which is operated by or for the on-line merchant. The second computer forwards the ATM card number over the network to the third computer, which is operated by or for the third party contractor. Simultaneously or thereafter, the first computer transmits the consumer's PIN over the network to the third computer, bypassing the second computer. The third computer then verifies that the ATM card number and PIN
are correct and that there are sufficient funds in the bank account to cover the transaction amount. The third computer then transmits the results of the verification procedure to the second computer. Depending on the verification results, the purchase is either completed or rej ected.
The present invention will now be described in detail, with frequent reference being made to the drawings identified below.
BRIEF DESCRIPTION OF THE DRAWINGS
In the accompanying drawings:
figure 1 is a block diagram of a system in accordance with one embodiment of the present invention;
figure 2 is a flow chart which illustrates the operation of the system of figure 1;
figure 3 shows a possible graphical user interface which can be used to enable the consumer to enter and transmit his PIN to the third party contractor;
figure 4 is a diagram which summarizes the flow of data through the system of figure 1.
DESCRIPTION OF THE PREFERRED EMBODIMENT
A system 10 in accordance with one embodiment of the present invention is schematically shown in figure 1. The system 10 includes a first computer 12 at a consumer location 14, a second computer 16 at an on-line merchant location 18, and a third computer 20 at a third party contractor location 22. The three computers 12, 16, 20 are connected together over a computer network 24 which, for purposes of this discussion, is the Internet, although the present invention may be practiced on any public or private computer network or combination thereof. As those of ordinary skill in the art know, the Internet 24 is a complex and amorphous computer network that comprises thousands of nodes and components and over which signals are transmitted by, inter alia, telephone lines, satellites and optical fibers.
The first computer 12, which will generally be located at the consumer's home or business (consumer location 14), will typically be a conventional personal computer (PC) that includes a chassis that houses a central processing unit (CPU) and supporting circuitry, as well as a floppy drive, a hard drive and an internal modem.
Connected to the CPU through the chassis are a keyboard, a mouse and a monitor. The keyboard and mouse are used by the consumer to control the operation of the first computer 12 and to input information into the first computer 12. The first computer 12 will usually be coupled to the Internet via a telephone line connected to the modem, although the computer can be connected to the Internet via a high speed data transmission line. The consumer will typically connect to the Internet using an Internet service provider, such as ErolsTM or America OnLineTM, but may have a direct connection to the Internet.
Although a conventional PC will typically be used by the consumer, the consumer may use any type of computer that can be connected to the Internet, including a work station on a local area network, and any operating system. The particular details of the first computer 12 are largely irrelevant to the present invention. The first computer 12 merely serves as a convenient interface for the consumer to place orders for goods and services over the Internet.
Next shown in figure 1 is the second computer 16 which is located at the on-line merchant location 18. The second computer 16 will preferably be a more powerful machine than a personal computer, such as a workstation, although a personal computer may also be used by the on-line merchant. Again, the particular details of the second computer 16 are largely irrelevant to the present invention.
Typically, the second computer 16 will be a Web server (a computer that provides direct access to the World Wide Web on the Internet and includes the necessary hardware, operating system, Web server software, TCP/IP protocols and Web site content) owned and operated by the on-line merchant or by an Internet service provider with whom the on-line merchant has contracted. For purposes of this discussion, the on-line merchant location 18 refers to the location of the second computer 16, and not necessarily the actual physical location of the on-line merchant.
Preferably, the second computer 16 will be running Windows NTTM 4.0, using Internet Information ServerTM 4.0 and Commerce ServerTM 3Ø The CPU of the second computer 16 must have acceptable power and should have at least 64 megabytes of RAM.
The second computer 16 will typically have an on-line catalog in memory which can be accessed and browsed by the consumer over the Internet 24 through an appropriate graphical use interface (GUI) supplied by the on-line merchant.
Next shown in figure 1 is the third computer 20 which is located at the third party contractor location 22. The third party contractor is an independent, insured organization, such as a bank, that has contracted with the on-line merchant to provide ATM
services.
Although the third computer 20 can be a personal computer, as with the second computer 16 it will preferably be a much more powerful machine, such as a workstation.
The third computer 20 is likewise preferably a Web server owned and operated by the third party contractor or by an Internet service provider with whom the third party contractor has contracted. The third party contractor location 22 refers to the location of the third computer 20 and not necessarily the actual physical location of the third party contractor.
As with the first and second computers 12, 16, the particular details of the third computer 20 are largely irrelevant to the present invention, so long as the third computer 20 is capable of performing the functions described herein. Preferably, the third computer is Compaq ProLiantTM server running at 500 MHZ with 128 MB RAM and using Windows NTTM 4Ø
The flow chart 26 provided in figure 2 illustrates the operation of the system 10.
As shown in block 28, the consumer initially establishes a connection over the Internet between the first computer 12 and the second computer 16 by accessing the on-line merchant's Web site using a commercially available browser, such as Internet ExplorerTM
or Netscape NavigatorTM. Then, as shown in blocks 30 and 32, using a GUI
supplied by the on-line merchant, the consumer browses the on-line catalog, selecting which goods and/or services he wishes to purchase. Once the consumer makes his selection and is ready to place an order, the consumer transmits a purchase order message over the Internet to the on-line merchant (block 34).
The consumer is then prompted for his payment information, as indicated in block 36, which for purposes of the present discussion is an ATM card number and expiration date, although the payment information can include additional data such as the consumer's name and address. The consumer then transmits his payment information over the Internet to the on-line merchant, as indicated in block 38. As used herein, the term "ATM card" includes bank cards, debit cards and any other cards for which the issuing bank or organization may require a valid PIN for use. The payment information is transmitted over the Internet using an encrypted connection, such as 128-bit encryption SSL.
When the on-line merchant receives the ATM card number, or earlier, the second computer 16 creates a unique session identifier by combining the consumer's IP
address, which uniquely identifies the consumer, with a date/time stamp. The ATM card number is then forwarded, or echoed, over the Internet by the second computer 16 to the third computer 20 at the third party contractor location 22 (block 40), along with the unique session identifier, a merchant id which uniquely identifies the on-line merchant, a terminal id which identifies the terminal being used by the on-line merchant, the expiration date of the ATM card and the purchase price. This data package is stored in memory on the third computer in a queue. Once again, 128-bit encryption SSL is preferably used.
The data package transmitted by the second computer 16 to the third computer is preferably transmitted in an industry standard format, such as ISO 8583 or VISA-K
format. However, the present invention is not limited to any particular format and may be used with any format which an on-line merchant might desire. A sample computer program written in Java which creates the unique session identifier and formats the data package is provided in Appendix A. This program is designed to run as an Active Server Page on Internet Server 4.0 under Windows NT 4.0, although the program can be used on other platforms and programming environments, and can readily be implemented by one of ordinary skill in the art. No express or implied license is granted herein to reproduce, prepare derivative works, distribute copies, display, or otherwise use the program attached hereto as Appendix A, except that the program may be reproduced as an appendix to a patent issuing herefrom.
Simultaneously or soon thereafter, the second computer executes a hyperlink to the third computer and the consumer is prompted by the third computer to input his PIN
(block 42). The consumer inputs his PIN into the first computer 12 and transmits it over the Internet to the third computer 20 (block 44). The connection between the first computer 12 and third computer 20 is encrypted and independent of the connection between the first computer 12 and the second computer 16 so that the on-line merchant is never in possession of the PIN. As with the second computer 16, the first computer 12 transmits the unique session identifier, the merchant id, the terminal id, the expiration date of the ATM card and the purchase price to the third computer 20 along with the PIN
in a data package.
Figure 3 shows a typical GUI 46 which may be supplied by the third-party contractor and which pops up on the consumer's screen to allow the consumer to enter his PIN and transmit it to the third party contractor. As is clear from figure 3, the GUI 46 emulates an actual ATM machine and includes a simulated key pad 48 and a screen 50.
The screen 50 indicates the on-line merchant's name and mailing address 52 and the purchase price 54. Using his mouse, the consumer inputs his PIN, as shown by the series of dots 56. By pressing the SUBMIT button 58, the PIN number is transmitted to the third party contractor. If the consumer makes a mistake, he presses the CLEAR
button 60 and re-types his PIN. If the consumer needs help from the third party contractor, he simply presses the HELP button 62, which causes a help menu provided by the third party contractor to pop up on the screen, which may then be navigated by the consumer.
The third computer 20 next verifies that the ATM card number and PIN are valid (block 64). Because the third-party contractor may be overseeing multiple transactions at any given time, the third computer 20 must synchronize the data packages received from the first and second computers 12, 16. To do this, the third computer 20 matches the unique session identifier, the merchant id, the terminal id, the expiration date of the ATM
card and the purchase price fields contained in the data packages received from the first and second computers 12, 16. A sample computer program for synchronizing the packages received from the first and second computers 12, 16 is provided in Appendix B.
The program is written in C++ and can readily be implemented by one of ordinary skill in the art. No express or implied license is granted herein to reproduce, prepare derivative works, distribute copies, display, or otherwise use the program attached hereto as Appendix B, except that the program may be reproduced as an appendix to a patent issuing herefrom.
All of the forgoing data fields must match in order for the transaction to take place. For security reasons, a two minute window for matching is preferably implemented. If there is no match within the two minute window, the transaction is aborted.
Once the data packages from the first and second computers 12, 16 are synchronized by the third computer 20, the third computer checks the ATM card number and PIN. If the ATM card number and PIN are invalid, the third computer 20 so informs the second computer 16 and the on-line merchant rejects the purchase order and notifies the consumer (block 66). If the ATM card number and PIN are valid, the third computer checks to see whether there are sufficient funds to cover the purchase price 56 (block 68). If there are sufficient funds in the account, the third computer transmits an authorization message to the second computer, debits the consumer's account, the 1 S purchase is completed and the consumer is notified (block 70). If there are insufficient funds, a rejection message is transmitted, the on-line merchant rejects the purchase and the consumer is notified (block 72).
If the ATM card was issued by the third party contractor, the verification steps (blocks 64 and 68) may be done by simply accessing an internal database in or connected 20 to the third computer 20. If, however, the ATM card was issued by another bank, then the third party contractor must verify the card information by contacting the issuing bank, either directly over a secure line, through a private ATM network, such as CIRRUS, or through any other available avenue.
The data flow through the system is summarized in figure 4. First, the consumer (first computer) transmits his ATM card number over the network to the on-line merchant (second computer) (block 74). Second, the on-line merchant forwards the ATM
card number over the network to the third party contractor (third computer) (block 76). Third, the consumer transmits his PIN over the network to the third party contractor (block 78).
As figure 4 indicates, the on-line merchant is completely bypassed and never receives the PIN. Fourth, the third party contractor verifies the ATM card number and PIN
and checks for sufficiency of funds (block 80). Fifth, the third party contractor transmits the results of the verification process over the network to the on-line merchant (block 82).
And sixth, the on-line merchant forwards the results over the network to the consumer, either completing or rejecting the purchase, depending on the verification results (block 84).
Thus, in accordance with the foregoing the objects of the present invention are achieved. Modifications to the present invention would be obvious to those of ordinary skill in the art, but would not bring the invention so modified beyond the scope of the appended claims.
APPENDIX A
import java.io.*~
import java.net.*;
import java.util.*;
import java.util.Date ;
import com.ms.com.*;
import com.ms.asp.*;
public class JRoute
3 public Socket socSocket;
int m_iTimeout=10000;
J8583 msg = new J8583Q;
public int init(String input) l /NAR DECLARATIONS
int port=O,ok=0;//CONNECTION PORT,CHECKSUM
String hosmame="localhost";//DEFAULT
DataOutputStream the0utputStream;
int parnurrr-8;
Sling strlnput="' , String cardNumber-"",amount="",expirydate="",trannurr~"",tid="",mid="",unique--"",goAway="";
~s ///////////////////////////////////READ INI PARS
StringTokenizer tkToken = new StringTokenizer(input);
hostname = tkToken.nextToken();
port = Integer.parseInt(tkToken.nextToken());
m iTimeout = Integer.parseInt(tkToken.nextToken());
///////////////////////////////////
//CARD NEEDS TO BE SENT TO OKTOPUS
/BUILD MSG
msg.addField(2,cardNumber);
msg.addField(4,amount);
msg.addField( 14,expirydate);
msg.addField(37," 1 ");
msg.addField(4l,tid);
msg.addField(42,mid);
msg.addField(6l,unique);
//CREATE SOCKET
ttY
socSocket = new Socket(hostname,port);
socSocket.setSoTimeout(m iTimeout);
socSocket.setTcpNoDelay(true);
catch (UnknownHostException e) t return(-4); //HOST NOT FOUND
catch(IOException sockErr) return(-3);
catch(Exception all) return(-2);
msg.sendData(socSocket);
catch(Exception er) return(-I ); //SEND ERROR
f return(-1 );
public int listenfordataQ
msg.receive(socSocket);
try if(msg.decide(socSocket)==0) //APPROVAL
h'Y {
retum(0); //ITS GOOD
catch(Exception any) return(-2); //ERROR
]
else return( 1 ); //DENIED
catch(Exception e) return(-3); //ERRROR
import java.io.*;
import java.net.*;
public class J8583 private byte m_ba0ut[] = new byte[ 1024]; //OUTGOING BUFFER
private int m_baOutIndex=0; //0 BASED INDEX OF FILLED BYTES
private DataOutputStream m dosData;
private BufferedlnputStream m_bislnput;
private int m field[] = new int[30J;
private String m value[] = new String[30];
public J8583Q
[
//CONSTRUCTOR
public void readFieldsQ
i int x~;
for(x=O;x<30;x++) System.out.print(m_field[xJ+"="+m value[xJ+"art");
public void addField(int field,String value) [
im x,];
j = value.length();
m_ba0ut[m ba0utlndex] _ (byte)field;
m baOutIndex++;
for(x=O;x < j ;x++) //THE INDEX IS ONE HIGH TO LEAVE A NULL BETWEEN FIELDS
m ba0ut[x+m-ba0utlndex] _ (byte)value.charAt(x);
m ba0utlndex += j+1;//RESET THE INDEX
public void sendData(Socket socLocal) t NY
//SEND
m_dosData = new DataOutputStream(socL.ocal.getOutputStream());
m-dosData.write(m ba0ut,0,m baOutIndex);
catch (UnknownHostException e) System.out.print(e);
System.exit(0);
catch(IOException sockErr) i System.out.print("Socket Connection: "+sockErr);
System.exit(0);
catch(Exception all) System.out.print("Socket Error: "+all);
System.exit(0);
public String resolveFieldValue(int fieldNumber) int x~;
for(x=O;x<30;x++) if(m field[x]=fieldNumber) retum(m value[x]);
return("");
public void receive(Socket socL.ocal) {
NY
{
m bislnput=newBufferedInputStream(socL.ocal.getlnputStreamQ);
int k=l ,index=0;
byte buff ] = new byte[1024];
m bisInput.read(buf,0,1024);
fork=O;k<30;k++)//INITIALIZE THE NULL STRINGS
m value[k]="', k=I;
m_field[index] = buf[index]; //FIRST FIELD MARKED BY FIRST BYTE
while(k<1024) {
if(buf]k]!=0) {
m value[index]+=(char)buf(k++];
else i if(buf]k+I ])//END OF STREAM
break;
else {
index++;
m_field[index] = buf]k+1 ];
// System.out.print("~"+buf]k+I]+"~");
k+=2;
catch(IOException err) //TIMEOUT
//System.out.print((nTimeout)/1000+" Second Timeout");
ttY
{ socl.ocal.closeQ; }
catch(IOException Error){System.out.print("p"+Error);}
catch(Exception all) {
//MOST LIKELY A CLOSE ON IQ
System.out.print("Network Connection Closed " + all);
//redirect(urlTimeout);
}
public int decide(Socket socLocal) {
int k=O,index=0;
byte pResult=0;
fork=O;k<30;k++) if(m field[k]=39)//GRAB PIN FIELD
pResult=(byte)m value[k].charAt(0);
try {socLocal.closeQ; }
catch(IOException e){}
if(pResult=48/0 IS APPROVED
{
//System.out.print("Thank You For Shopping At Electronic Paycheck");
retum(0);
else {
//System.out.print("Denied");
retum(1 );
}
APPENDIX B
// webhostDlg.cpp : implementation file //
#include "stdafx.h"
#include "webhost.h"
#include "webhostDlg.h"
#include <afxtempl.h> // list #ifndef TimeOut #define TimeOut 200 #endif #define TimerID 0x4000 #ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS FILE[] = FILE ;
#endif /////////////////////////////////////////////////////////////////////////////
// CAboutDlg dialog used for App About class CAboutDlg : public CDialog {
public:
CAboutDlgQ;
// Dialog Data //{ {AFX DATA(CAboutDlg) enum { IDD=IDD_ABOUTBOX };
//} }AFX DATA
// ClassWizard generated virtual function overrides // { { AFX_V IRTUAL(CAboutDlg) protected:
virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV support //} }AFX-VIRTUAL
// Implementation protected:
//{ {AFX MSG(CAboutDlg) // } } AFX_M SG
DECLARE-MESSAGE MAP() };
CAboutDlg::CAboutDlg() : CDialog(CAboutDlg::IDD) {
//{ {AFX DATA INIT(CAboutDlg) //} }AFX DATA-INIT
void CAboutDlg::DoDataExchange(CDataExchange* pDX) {
CDialog::DoDataExchange(pDX);
//{{AFX DATA MAP(CAboutDlg) //} }AFX DATA MAP
BEGIN MESSAGE MAP(CAboutDlg, CDialog) //{ {AFX MSG_MAP(CAboutDlg) %/ No message handlers //}}AFX MSG MAP
END MESSAGE MAP() ///////////////////////////////////////////////////////////l/////////////////
// CWebhostDlg dialog CWebhostDIg::CWebhostDlg(CWnd* pParent /*=NULL*n CDialog(CWebhostDlg::IDD, pParent) {
//{{AFX DATA INIT(CWebhostDlg) m_in = 0;
m out = 0;
m=q = T(".,);
//}}AFX DATA_INIT
// Note that- LoadIcon does not require a subsequent DestroyIcon in Win32 m hlcon = AfxGetAppQ->LoadIcon(IDR MAINFRAME);
void CWebhostDlg::DoDataExchange(CDataExchange* pDX) CDialog::DoDataExchange(pDX);
//{ {AFX DATA MAP(CWebhostDlg) DDX_Control(pDX, IDC_LST, m 1st);
DDX_Text(pDX, IDC_IN, m in);
DDX_Text(pDX, IDC_OUT, m out);
DDX_Text(pDX, IDC-Q, m_q);
//}}AFX-DATA MAP
BEGIN MESSAGE MAP(CWebhostDlg, CDialog) //{{AFX MSG MAP(CWebhostDlg) ON_WM_SYSCOMMAND() ON_WM_PAINT() ON_WM-QUERYDRAGICONQ
ON_WM_TIMER() // } } AFX_M SG_MAP
END MESSAGE MAP() extern CWebhostApp theApp ;
CWebhostDlg* pDlg ;
char dbParam[256] ;
#include <ep init.h>
#include <format.h>
#define _STDC_ #include <d3des.h>
EPsql sql ;
Listener listener ;
CList<Auth*,Auth*> Qa ;
CList<EndPoint*,EndPoint*> Qe ;
int matchF[]={ 2,14,41,42,61,0 } ; // f61=uniqueID, f44="SA315405018B44C4"
unsigned char key[]={ 0x29, Oxda, 0x91, OxOb, 0x80, Ox9b, Oxfe, Oxd3 } ;
CString sDebug ;
void Listener::OnAccept(int nErrorCode) {
EndPoint* tmp=new EndPoint() ;
if (Accept(*tmp)) tmp->init() ; else delete tmp ;
}
int EndPoint::respond() {
const char *p ;
char pkt[1024],*s~kt ;
int i,d[]={ 35,43,47,48,52,62,102,103,0 } ;
if (getType()=0) return 0 ;
i=0 ; while (d(iJ) { set(d[iJ,NULL) ; i++ ; }
for (i=2; i<128; i++) { if (P=get(~)) { *s=~ ; strcpY(s+1,P) ; s+=strlen(P?~2 ; ) return Send(pkt,s-pkt) ;
int EndPoint::aging(int t) {
if (t) { if (t=-1 ) sec- ; else sec=t ; }
return sec ;
int EndPoint::match(M8583* m) {
int f,i=0 ;
while (f--matchF[i++]) if (strcmp(m->get(f),get(f))) return 0 ;
return I
void EndPoint::init() {
char buf]32] ;
CString ip0 ;
UINT port ;
BOOL nodelay=TRUE ;
SetSockOpt(TCP_NODELAY,&nodelay,sizeof(BOOL),IPPROTO TCP) ;
sec=TimeOut ; Qe.AddTail(this) ; pDlg->m in++ ;
GetPeerName(ip0,port) ; ip=inet addr(ip0) ;;
sprintf(buf,"Connect %08x",ip) ; pDlg->note(buf) ;
void EndPoint::reject(int code) {
char bufJ32] ;
sprintf(buf,"Reject %08x, code=%d",ip,code) ; pDlg->note(buf) ; sect ;
set(39,"100") ; set(44,buf+16) ; respond() ;
void EndPoint::OnReceive(int nErrorCode) {
Auth* a ;
EndPoint* e=NULL ;
POSITION posl,pos2 ;
BOOL fullTrans=TRUE ;
short len,l,i,f ;
const char* pp ;
char *p,pin[24J,pan[20],bufJ1024],scode[]--"1200", offset[J="0000" ;
if (nErrorCode) { sec=0 ; return ; }
len=Receive(buf,1020) ; bufJlenJ~ ; p=buf ; setType(1200) ; *pin=1 ;
while (*p) {
1=strlen(p) ; if ((*p=61 )&&(1=2)&&(p[ 1 ]='A')) fullTrans=FALSE ;
if (set(*p,p+1,8)<1 ) { reject(*p) ; return ; }
if ((*p=52)&&(1<14)) // clear PIN
{ *pin=0 ; pin[1]=1-I ; strcpy(pin+2,p+1) ; memset(pin+1+1,15,10) ; }
p+=(1+1 ) ; /l build PIN block if ((pp=get(52))&&(strncmp(pp;'FO1",3~0)) { reject(52) ; return ; }
i=0 ; while (f=matchF[i++]) if (get(fr-NULL) { reject(f) ; return ; }
if (*pin=0) { // got clear PIN, build PAN block, update PIN block strcpy(pan,offset) ; stmcpy(pan+4,get(2~+strlen(get(2))-13,12) ;
Pam ; for (i=0; i<16; i++) { *p=(*P~Pan(~J)8c1 S ; p++ ; ) for (i=0; i<8; i++) P~n[~]=(Pm(~*2J«4}+pin[i*2+1] ;
deskey(key,0) ; des((unsigned char*)pin,(unsigned char*)pan) ;
for (i=0; i<8; i++) bin2hex(pin+i*2,pan[i]) ; pin[16]=0 ; set(52,pin) ;
strcpy(buf,get(2)) ; strcat(buf,"=") ; strcat(buf,get(14)) ;
strcat(buf,scode) ; strcat(buf,offset) ; set(35,buf) ;
} // service code and offset hardcoded if (fullTrans) {
post=Qe.GetHeadPosition() ;
while (post) j posl=post ; e=Qe.GetNext(pos2) ;
if (!match(e)~~(e-this)) e=NULL ; else { Qe.RemoveAt(posl ) ; break ; }
}
if (!fullTrans~~fullTrans&&e) { a=new Auth(this,e) ; Qa.AddTail(a) ; Qe.RemoveAt(Qe.Find(this)) ; }
sprintf(buf,"Recv %08x %d, card=%s",ip,len,get(2)) ; pDlg->note(buf) ;
Auth::Auth(EndPoint* e1, EndPoint* e2) {
int i ;
const char* p ;
char f[16],dest[4]--"N?" ;
a[0]=el ; a[I ]=e2 ; cp(*el ) ;
if (e2) {
if (e2->getType(r-1200) setType(1200) ; set(3,"000000") ;
for (i=2; i<128; i++) if (p=e2->get(i)) set(i,p) ;
} else { set(3;'300000") ; set(4,"000000000000") ; }
if (fillMsg(*this,sql,dbParam,3)) // 1: BIN, 2: mid/tid { el->reject(1) ; if (e2) e2->reject(1 ) ; setType(0) ; return ; }
id=-~-+pDlg->m out ; pDlg->UpdateData(FALSE) ;
set(37,itoa(id,f,l0),8) ; pDlg->m-ep.cp(*this) ;
dest[1 ]=*(get(47}+1 ) ; pDlg->m-ep.send(dest) ;
BOOL Auth::isActive() {
if ((e[I ]=NULL)~~(e[0]->aging(0)>0)&&(e[ 1 ]->aging(Oy0)) return TRUE ;
setType(0) ; return FALSE ;
Auth::-AuthQ {
for (int i=0; i<2; i++) if (e[i]) { a[i]->cp(*this) ; a[i]->respond() ; delete a[i]
setType(0) ;
/////////////////////////////////////////////////////////////////////////////
// CWebhostDlg message handlers BOOL CWebhostDlg::OnInitDialogQ
{
CDialog::OnInitDialogQ;
// Add "About..." menu item to system menu.
// IDM_ABOUTBOX must be in the system command range.
ASSERT((IDM_ABOUTBOX & OxFFFO) = IDM_ABOUTBOX);
ASSERT(IDM-ABOUTBOX < OxF000);
CMenu* pSysMenu = GetSystemMenu(FALSE);
if (pSysMenu != NULL) CString strAboutMenu;
strAboutMenu.LoadString(IDS ABOUTBOX);
if (!strAboutMenu.IsEmpty()) pSysMenu->AppendMenu(MF SEPARATOR);
pSysMenu->AppendMenu(MF-STRING, IDM ABOUTBOX, strAboutMenu);
// Set the icon for this dialog. The framework does this automatically // when the application's main window is not a dialog Setlcon(m hlcon, TRUE); // Set big icon Setlcon(m hlcon, FALSE); // Set small icon /l TODD: Add extra initialization here char IP[256],name[4],title[16] ;
short TCPort,port ;
const char fmt[)="%s %hd %2s %s %hd %s" ;
const char usage[]="Usage: webhost IP port name DBparam listenPort" ;
if (sscanf(theApp.m lpCmdLine,fmt,IP,&TCPort,name,dbParam,&port~5) { ::MessageBox(NULL,usage,"Error",MB OK) ; EndDialog(0) ; return FALSE ; }
sprintf(title,"WebHost %s %d",name,port) ; SetWindowText(title) ;
if (!listener.Create(port)) {
::MessageBox(NULL,"Unable to create TCP/IP sockets.","Error",MB OK) ;
EndDialog(0) ; return FALSE ;
if(!listener.ListenQ) {
::MessageBox(NULL,"Network error.","Error",MB OK) ;
EndDialog(0) ; return FALSE ;
if (m ep.connect(IP,TCPort,name)) {
::MessageBox(NULL,"Error connecting to EProute.","Error",MB OK) ;
EndDialog(0) ; return FALSE ;
pDlg=this ; SetTimer(TimerID,l000,NULL) ;
return TRUE; // return TRUE unless you set the focus to a control void CWebhostDlg::OnSysCommand(UINT nID, LPARAM lParam) if ((nID & OxFFFO) = IDM-ABOUTBOX) {
CAboutDlg dlgAbout;
dlgAbout.DoModal();
else {
CDialog::OnSysCommand(nID, lParam);
// If you add a minimize button to your dialog, you will need the code below // to draw the icon. For MFC applications using the document/view model, // this is automatically done for you by the framework.
void CWebhostDlg::OnPaint() {
if (IslconicQ) j CPaintDC dc(this); // device context for painting SendMessage(WM-ICONERASEBKGND, (WPARAM) dc.GetSafeHdcQ, 0);
// Center icon in client rectangle int cxlcon = GetSystemMetrics(SM CXICON);
int cyIcon = GetSystemMefics(SM CYICON);
CRect rect;
GetClientRect(&rect);
int x = (rect. Width() - cxIcon + 1 ) / 2;
int y = (rect.HeightQ - cyIcon + 1 ) / 2;
// Draw the icon dc.DrawIcon(x, y, m hlcon);
else {
CDialog::OnPaint();
// The system calls this to obtain the cursor to display while the user drags // the minimized window.
HCURSOR CWebhostDlg::OnQueryDraglcon() j return (HCURSOR) m hIcon;
void CWebhostDlg::OnTimer(UINT nIDEvent) // TODD: Add your message handler code here and/or call default Auth* a ;
EndPoint* a ;
POSITION posl,pos2 ;
BOOL del=FALSE ;
if (nIDEvent==TimerID) j post=Qe.GetHeadPosition() ;
while (post) {
posl~os2 ; e=Qe.GetNext(pos2) ;
if (e->aging()<1 ) j Qe.RemoveAt(pos 1 ) ; del=TRUE ; delete a ; }
}
post=Qa.GetHeadPositionQ ;
while (post) j posl~os2 ; a=Qa.GetNext(pos2) ;
if (!a->isActive()) { Qa.RemoveAt(posl ) ; del=TRUE ; delete a ; }
if (del) note(NULL) ;
CDialog::OnTimer(nIDEvent);
void CWebhostDlg::note(const char* s) {
if (s) { m_Ist.AddString(s) ; if (m lst.GetCountQ>14) m lst.DeleteString(0) ; }
m-q.Format("%d %d",Qe.GetCountQ,Qa.GetCountQ) ; UpdateData(FALSE) ;
void On8583(short mType, EPacket* ep) int n,i ;
char s[64] ;
const char* p ;
POSITION posl,pos2 ;
Auth* a ;
if ((mType=-1 )~~ep->mustExitQ) { pDlg->EndDialog(0) ; return ; }
if (mType) return ; // ignore other administrative messages ep->receiveQ ; if (ep->getType(}=1430) return ;
if (p=ep->get(37)) n=atoi(p) ; else return ;
post=Qa.GetHeadPositionQ ;
while (post) {
posl=post ; a=Qa.GetNext(pos2) ;
if (a->match(n)) {
ep->set(37,NULL) ; for (i=2; i<128; i++) if (p=ep->get(i)) a->set(i,p) ;
Qa.RemoveAt(posl ) ; delete a ; pDlg->note(NULL) ; return ;
pDlg->note("reversal") ; ep->getType(s) ; memset(s+4,'0',18) ; s[22]=0 if (p=ep->get( 11 )) stmcpy(s+4,p,6) ;
if (p=ep->get(12)) strncpy(s+10,p,12) ;
if (p=ep->get(32)) strcpy(s+22,p) ;
ep->set(56,s) ; ep->setType(1420) ; ep->send(ep->getSenderQ) ;
/*
sDebug.Format("") ;
::MessageBox(NULL,sDebug,"Debug",MB OK) ;
*%
int m_iTimeout=10000;
J8583 msg = new J8583Q;
public int init(String input) l /NAR DECLARATIONS
int port=O,ok=0;//CONNECTION PORT,CHECKSUM
String hosmame="localhost";//DEFAULT
DataOutputStream the0utputStream;
int parnurrr-8;
Sling strlnput="' , String cardNumber-"",amount="",expirydate="",trannurr~"",tid="",mid="",unique--"",goAway="";
~s ///////////////////////////////////READ INI PARS
StringTokenizer tkToken = new StringTokenizer(input);
hostname = tkToken.nextToken();
port = Integer.parseInt(tkToken.nextToken());
m iTimeout = Integer.parseInt(tkToken.nextToken());
///////////////////////////////////
//CARD NEEDS TO BE SENT TO OKTOPUS
/BUILD MSG
msg.addField(2,cardNumber);
msg.addField(4,amount);
msg.addField( 14,expirydate);
msg.addField(37," 1 ");
msg.addField(4l,tid);
msg.addField(42,mid);
msg.addField(6l,unique);
//CREATE SOCKET
ttY
socSocket = new Socket(hostname,port);
socSocket.setSoTimeout(m iTimeout);
socSocket.setTcpNoDelay(true);
catch (UnknownHostException e) t return(-4); //HOST NOT FOUND
catch(IOException sockErr) return(-3);
catch(Exception all) return(-2);
msg.sendData(socSocket);
catch(Exception er) return(-I ); //SEND ERROR
f return(-1 );
public int listenfordataQ
msg.receive(socSocket);
try if(msg.decide(socSocket)==0) //APPROVAL
h'Y {
retum(0); //ITS GOOD
catch(Exception any) return(-2); //ERROR
]
else return( 1 ); //DENIED
catch(Exception e) return(-3); //ERRROR
import java.io.*;
import java.net.*;
public class J8583 private byte m_ba0ut[] = new byte[ 1024]; //OUTGOING BUFFER
private int m_baOutIndex=0; //0 BASED INDEX OF FILLED BYTES
private DataOutputStream m dosData;
private BufferedlnputStream m_bislnput;
private int m field[] = new int[30J;
private String m value[] = new String[30];
public J8583Q
[
//CONSTRUCTOR
public void readFieldsQ
i int x~;
for(x=O;x<30;x++) System.out.print(m_field[xJ+"="+m value[xJ+"art");
public void addField(int field,String value) [
im x,];
j = value.length();
m_ba0ut[m ba0utlndex] _ (byte)field;
m baOutIndex++;
for(x=O;x < j ;x++) //THE INDEX IS ONE HIGH TO LEAVE A NULL BETWEEN FIELDS
m ba0ut[x+m-ba0utlndex] _ (byte)value.charAt(x);
m ba0utlndex += j+1;//RESET THE INDEX
public void sendData(Socket socLocal) t NY
//SEND
m_dosData = new DataOutputStream(socL.ocal.getOutputStream());
m-dosData.write(m ba0ut,0,m baOutIndex);
catch (UnknownHostException e) System.out.print(e);
System.exit(0);
catch(IOException sockErr) i System.out.print("Socket Connection: "+sockErr);
System.exit(0);
catch(Exception all) System.out.print("Socket Error: "+all);
System.exit(0);
public String resolveFieldValue(int fieldNumber) int x~;
for(x=O;x<30;x++) if(m field[x]=fieldNumber) retum(m value[x]);
return("");
public void receive(Socket socL.ocal) {
NY
{
m bislnput=newBufferedInputStream(socL.ocal.getlnputStreamQ);
int k=l ,index=0;
byte buff ] = new byte[1024];
m bisInput.read(buf,0,1024);
fork=O;k<30;k++)//INITIALIZE THE NULL STRINGS
m value[k]="', k=I;
m_field[index] = buf[index]; //FIRST FIELD MARKED BY FIRST BYTE
while(k<1024) {
if(buf]k]!=0) {
m value[index]+=(char)buf(k++];
else i if(buf]k+I ])//END OF STREAM
break;
else {
index++;
m_field[index] = buf]k+1 ];
// System.out.print("~"+buf]k+I]+"~");
k+=2;
catch(IOException err) //TIMEOUT
//System.out.print((nTimeout)/1000+" Second Timeout");
ttY
{ socl.ocal.closeQ; }
catch(IOException Error){System.out.print("p"+Error);}
catch(Exception all) {
//MOST LIKELY A CLOSE ON IQ
System.out.print("Network Connection Closed " + all);
//redirect(urlTimeout);
}
public int decide(Socket socLocal) {
int k=O,index=0;
byte pResult=0;
fork=O;k<30;k++) if(m field[k]=39)//GRAB PIN FIELD
pResult=(byte)m value[k].charAt(0);
try {socLocal.closeQ; }
catch(IOException e){}
if(pResult=48/0 IS APPROVED
{
//System.out.print("Thank You For Shopping At Electronic Paycheck");
retum(0);
else {
//System.out.print("Denied");
retum(1 );
}
APPENDIX B
// webhostDlg.cpp : implementation file //
#include "stdafx.h"
#include "webhost.h"
#include "webhostDlg.h"
#include <afxtempl.h> // list #ifndef TimeOut #define TimeOut 200 #endif #define TimerID 0x4000 #ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS FILE[] = FILE ;
#endif /////////////////////////////////////////////////////////////////////////////
// CAboutDlg dialog used for App About class CAboutDlg : public CDialog {
public:
CAboutDlgQ;
// Dialog Data //{ {AFX DATA(CAboutDlg) enum { IDD=IDD_ABOUTBOX };
//} }AFX DATA
// ClassWizard generated virtual function overrides // { { AFX_V IRTUAL(CAboutDlg) protected:
virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV support //} }AFX-VIRTUAL
// Implementation protected:
//{ {AFX MSG(CAboutDlg) // } } AFX_M SG
DECLARE-MESSAGE MAP() };
CAboutDlg::CAboutDlg() : CDialog(CAboutDlg::IDD) {
//{ {AFX DATA INIT(CAboutDlg) //} }AFX DATA-INIT
void CAboutDlg::DoDataExchange(CDataExchange* pDX) {
CDialog::DoDataExchange(pDX);
//{{AFX DATA MAP(CAboutDlg) //} }AFX DATA MAP
BEGIN MESSAGE MAP(CAboutDlg, CDialog) //{ {AFX MSG_MAP(CAboutDlg) %/ No message handlers //}}AFX MSG MAP
END MESSAGE MAP() ///////////////////////////////////////////////////////////l/////////////////
// CWebhostDlg dialog CWebhostDIg::CWebhostDlg(CWnd* pParent /*=NULL*n CDialog(CWebhostDlg::IDD, pParent) {
//{{AFX DATA INIT(CWebhostDlg) m_in = 0;
m out = 0;
m=q = T(".,);
//}}AFX DATA_INIT
// Note that- LoadIcon does not require a subsequent DestroyIcon in Win32 m hlcon = AfxGetAppQ->LoadIcon(IDR MAINFRAME);
void CWebhostDlg::DoDataExchange(CDataExchange* pDX) CDialog::DoDataExchange(pDX);
//{ {AFX DATA MAP(CWebhostDlg) DDX_Control(pDX, IDC_LST, m 1st);
DDX_Text(pDX, IDC_IN, m in);
DDX_Text(pDX, IDC_OUT, m out);
DDX_Text(pDX, IDC-Q, m_q);
//}}AFX-DATA MAP
BEGIN MESSAGE MAP(CWebhostDlg, CDialog) //{{AFX MSG MAP(CWebhostDlg) ON_WM_SYSCOMMAND() ON_WM_PAINT() ON_WM-QUERYDRAGICONQ
ON_WM_TIMER() // } } AFX_M SG_MAP
END MESSAGE MAP() extern CWebhostApp theApp ;
CWebhostDlg* pDlg ;
char dbParam[256] ;
#include <ep init.h>
#include <format.h>
#define _STDC_ #include <d3des.h>
EPsql sql ;
Listener listener ;
CList<Auth*,Auth*> Qa ;
CList<EndPoint*,EndPoint*> Qe ;
int matchF[]={ 2,14,41,42,61,0 } ; // f61=uniqueID, f44="SA315405018B44C4"
unsigned char key[]={ 0x29, Oxda, 0x91, OxOb, 0x80, Ox9b, Oxfe, Oxd3 } ;
CString sDebug ;
void Listener::OnAccept(int nErrorCode) {
EndPoint* tmp=new EndPoint() ;
if (Accept(*tmp)) tmp->init() ; else delete tmp ;
}
int EndPoint::respond() {
const char *p ;
char pkt[1024],*s~kt ;
int i,d[]={ 35,43,47,48,52,62,102,103,0 } ;
if (getType()=0) return 0 ;
i=0 ; while (d(iJ) { set(d[iJ,NULL) ; i++ ; }
for (i=2; i<128; i++) { if (P=get(~)) { *s=~ ; strcpY(s+1,P) ; s+=strlen(P?~2 ; ) return Send(pkt,s-pkt) ;
int EndPoint::aging(int t) {
if (t) { if (t=-1 ) sec- ; else sec=t ; }
return sec ;
int EndPoint::match(M8583* m) {
int f,i=0 ;
while (f--matchF[i++]) if (strcmp(m->get(f),get(f))) return 0 ;
return I
void EndPoint::init() {
char buf]32] ;
CString ip0 ;
UINT port ;
BOOL nodelay=TRUE ;
SetSockOpt(TCP_NODELAY,&nodelay,sizeof(BOOL),IPPROTO TCP) ;
sec=TimeOut ; Qe.AddTail(this) ; pDlg->m in++ ;
GetPeerName(ip0,port) ; ip=inet addr(ip0) ;;
sprintf(buf,"Connect %08x",ip) ; pDlg->note(buf) ;
void EndPoint::reject(int code) {
char bufJ32] ;
sprintf(buf,"Reject %08x, code=%d",ip,code) ; pDlg->note(buf) ; sect ;
set(39,"100") ; set(44,buf+16) ; respond() ;
void EndPoint::OnReceive(int nErrorCode) {
Auth* a ;
EndPoint* e=NULL ;
POSITION posl,pos2 ;
BOOL fullTrans=TRUE ;
short len,l,i,f ;
const char* pp ;
char *p,pin[24J,pan[20],bufJ1024],scode[]--"1200", offset[J="0000" ;
if (nErrorCode) { sec=0 ; return ; }
len=Receive(buf,1020) ; bufJlenJ~ ; p=buf ; setType(1200) ; *pin=1 ;
while (*p) {
1=strlen(p) ; if ((*p=61 )&&(1=2)&&(p[ 1 ]='A')) fullTrans=FALSE ;
if (set(*p,p+1,8)<1 ) { reject(*p) ; return ; }
if ((*p=52)&&(1<14)) // clear PIN
{ *pin=0 ; pin[1]=1-I ; strcpy(pin+2,p+1) ; memset(pin+1+1,15,10) ; }
p+=(1+1 ) ; /l build PIN block if ((pp=get(52))&&(strncmp(pp;'FO1",3~0)) { reject(52) ; return ; }
i=0 ; while (f=matchF[i++]) if (get(fr-NULL) { reject(f) ; return ; }
if (*pin=0) { // got clear PIN, build PAN block, update PIN block strcpy(pan,offset) ; stmcpy(pan+4,get(2~+strlen(get(2))-13,12) ;
Pam ; for (i=0; i<16; i++) { *p=(*P~Pan(~J)8c1 S ; p++ ; ) for (i=0; i<8; i++) P~n[~]=(Pm(~*2J«4}+pin[i*2+1] ;
deskey(key,0) ; des((unsigned char*)pin,(unsigned char*)pan) ;
for (i=0; i<8; i++) bin2hex(pin+i*2,pan[i]) ; pin[16]=0 ; set(52,pin) ;
strcpy(buf,get(2)) ; strcat(buf,"=") ; strcat(buf,get(14)) ;
strcat(buf,scode) ; strcat(buf,offset) ; set(35,buf) ;
} // service code and offset hardcoded if (fullTrans) {
post=Qe.GetHeadPosition() ;
while (post) j posl=post ; e=Qe.GetNext(pos2) ;
if (!match(e)~~(e-this)) e=NULL ; else { Qe.RemoveAt(posl ) ; break ; }
}
if (!fullTrans~~fullTrans&&e) { a=new Auth(this,e) ; Qa.AddTail(a) ; Qe.RemoveAt(Qe.Find(this)) ; }
sprintf(buf,"Recv %08x %d, card=%s",ip,len,get(2)) ; pDlg->note(buf) ;
Auth::Auth(EndPoint* e1, EndPoint* e2) {
int i ;
const char* p ;
char f[16],dest[4]--"N?" ;
a[0]=el ; a[I ]=e2 ; cp(*el ) ;
if (e2) {
if (e2->getType(r-1200) setType(1200) ; set(3,"000000") ;
for (i=2; i<128; i++) if (p=e2->get(i)) set(i,p) ;
} else { set(3;'300000") ; set(4,"000000000000") ; }
if (fillMsg(*this,sql,dbParam,3)) // 1: BIN, 2: mid/tid { el->reject(1) ; if (e2) e2->reject(1 ) ; setType(0) ; return ; }
id=-~-+pDlg->m out ; pDlg->UpdateData(FALSE) ;
set(37,itoa(id,f,l0),8) ; pDlg->m-ep.cp(*this) ;
dest[1 ]=*(get(47}+1 ) ; pDlg->m-ep.send(dest) ;
BOOL Auth::isActive() {
if ((e[I ]=NULL)~~(e[0]->aging(0)>0)&&(e[ 1 ]->aging(Oy0)) return TRUE ;
setType(0) ; return FALSE ;
Auth::-AuthQ {
for (int i=0; i<2; i++) if (e[i]) { a[i]->cp(*this) ; a[i]->respond() ; delete a[i]
setType(0) ;
/////////////////////////////////////////////////////////////////////////////
// CWebhostDlg message handlers BOOL CWebhostDlg::OnInitDialogQ
{
CDialog::OnInitDialogQ;
// Add "About..." menu item to system menu.
// IDM_ABOUTBOX must be in the system command range.
ASSERT((IDM_ABOUTBOX & OxFFFO) = IDM_ABOUTBOX);
ASSERT(IDM-ABOUTBOX < OxF000);
CMenu* pSysMenu = GetSystemMenu(FALSE);
if (pSysMenu != NULL) CString strAboutMenu;
strAboutMenu.LoadString(IDS ABOUTBOX);
if (!strAboutMenu.IsEmpty()) pSysMenu->AppendMenu(MF SEPARATOR);
pSysMenu->AppendMenu(MF-STRING, IDM ABOUTBOX, strAboutMenu);
// Set the icon for this dialog. The framework does this automatically // when the application's main window is not a dialog Setlcon(m hlcon, TRUE); // Set big icon Setlcon(m hlcon, FALSE); // Set small icon /l TODD: Add extra initialization here char IP[256],name[4],title[16] ;
short TCPort,port ;
const char fmt[)="%s %hd %2s %s %hd %s" ;
const char usage[]="Usage: webhost IP port name DBparam listenPort" ;
if (sscanf(theApp.m lpCmdLine,fmt,IP,&TCPort,name,dbParam,&port~5) { ::MessageBox(NULL,usage,"Error",MB OK) ; EndDialog(0) ; return FALSE ; }
sprintf(title,"WebHost %s %d",name,port) ; SetWindowText(title) ;
if (!listener.Create(port)) {
::MessageBox(NULL,"Unable to create TCP/IP sockets.","Error",MB OK) ;
EndDialog(0) ; return FALSE ;
if(!listener.ListenQ) {
::MessageBox(NULL,"Network error.","Error",MB OK) ;
EndDialog(0) ; return FALSE ;
if (m ep.connect(IP,TCPort,name)) {
::MessageBox(NULL,"Error connecting to EProute.","Error",MB OK) ;
EndDialog(0) ; return FALSE ;
pDlg=this ; SetTimer(TimerID,l000,NULL) ;
return TRUE; // return TRUE unless you set the focus to a control void CWebhostDlg::OnSysCommand(UINT nID, LPARAM lParam) if ((nID & OxFFFO) = IDM-ABOUTBOX) {
CAboutDlg dlgAbout;
dlgAbout.DoModal();
else {
CDialog::OnSysCommand(nID, lParam);
// If you add a minimize button to your dialog, you will need the code below // to draw the icon. For MFC applications using the document/view model, // this is automatically done for you by the framework.
void CWebhostDlg::OnPaint() {
if (IslconicQ) j CPaintDC dc(this); // device context for painting SendMessage(WM-ICONERASEBKGND, (WPARAM) dc.GetSafeHdcQ, 0);
// Center icon in client rectangle int cxlcon = GetSystemMetrics(SM CXICON);
int cyIcon = GetSystemMefics(SM CYICON);
CRect rect;
GetClientRect(&rect);
int x = (rect. Width() - cxIcon + 1 ) / 2;
int y = (rect.HeightQ - cyIcon + 1 ) / 2;
// Draw the icon dc.DrawIcon(x, y, m hlcon);
else {
CDialog::OnPaint();
// The system calls this to obtain the cursor to display while the user drags // the minimized window.
HCURSOR CWebhostDlg::OnQueryDraglcon() j return (HCURSOR) m hIcon;
void CWebhostDlg::OnTimer(UINT nIDEvent) // TODD: Add your message handler code here and/or call default Auth* a ;
EndPoint* a ;
POSITION posl,pos2 ;
BOOL del=FALSE ;
if (nIDEvent==TimerID) j post=Qe.GetHeadPosition() ;
while (post) {
posl~os2 ; e=Qe.GetNext(pos2) ;
if (e->aging()<1 ) j Qe.RemoveAt(pos 1 ) ; del=TRUE ; delete a ; }
}
post=Qa.GetHeadPositionQ ;
while (post) j posl~os2 ; a=Qa.GetNext(pos2) ;
if (!a->isActive()) { Qa.RemoveAt(posl ) ; del=TRUE ; delete a ; }
if (del) note(NULL) ;
CDialog::OnTimer(nIDEvent);
void CWebhostDlg::note(const char* s) {
if (s) { m_Ist.AddString(s) ; if (m lst.GetCountQ>14) m lst.DeleteString(0) ; }
m-q.Format("%d %d",Qe.GetCountQ,Qa.GetCountQ) ; UpdateData(FALSE) ;
void On8583(short mType, EPacket* ep) int n,i ;
char s[64] ;
const char* p ;
POSITION posl,pos2 ;
Auth* a ;
if ((mType=-1 )~~ep->mustExitQ) { pDlg->EndDialog(0) ; return ; }
if (mType) return ; // ignore other administrative messages ep->receiveQ ; if (ep->getType(}=1430) return ;
if (p=ep->get(37)) n=atoi(p) ; else return ;
post=Qa.GetHeadPositionQ ;
while (post) {
posl=post ; a=Qa.GetNext(pos2) ;
if (a->match(n)) {
ep->set(37,NULL) ; for (i=2; i<128; i++) if (p=ep->get(i)) a->set(i,p) ;
Qa.RemoveAt(posl ) ; delete a ; pDlg->note(NULL) ; return ;
pDlg->note("reversal") ; ep->getType(s) ; memset(s+4,'0',18) ; s[22]=0 if (p=ep->get( 11 )) stmcpy(s+4,p,6) ;
if (p=ep->get(12)) strncpy(s+10,p,12) ;
if (p=ep->get(32)) strcpy(s+22,p) ;
ep->set(56,s) ; ep->setType(1420) ; ep->send(ep->getSenderQ) ;
/*
sDebug.Format("") ;
::MessageBox(NULL,sDebug,"Debug",MB OK) ;
*%
Claims (26)
1. A method of making purchases over a computer network using a first number that identifies a consumer's account from which funds will be withdrawn to pay a purchase price and a second number associated with said first number which, when used with said first number, enables withdrawal of funds from said account, said method comprising the steps:
transmitting said first number electronically over said network from a consumer location to an on-line merchant location;
forwarding said first number electronically over said network from said on-line merchant location to a third party contractor location;
transmitting said second number electronically over said network from said consumer location to said third party contractor location; and determining at said third party contractor location the validity of said first and second numbers.
transmitting said first number electronically over said network from a consumer location to an on-line merchant location;
forwarding said first number electronically over said network from said on-line merchant location to a third party contractor location;
transmitting said second number electronically over said network from said consumer location to said third party contractor location; and determining at said third party contractor location the validity of said first and second numbers.
2. The method according to claim 1 wherein said on-line merchant location is bypassed when said second number is transmitted from said consumer location to said third party contractor location.
3. The method according to claim 1 wherein said first and second numbers are transmitted over said network via encrypted connections.
4. The method according to claim 1 wherein said network is the Internet.
5. The method according to claim 1 including the additional step of determining at said third party contractor location whether said account has sufficient funds to cover said purchase price.
6. The method according to claim 1 including the additional step of electronically transmitting a signal from said third party contractor location to said on-line merchant location over said network indicating whether said first and second numbers are valid.
7. The method according to claim 5 including the additional step of electronically transmitting a signal from said third party contractor location to said on-line merchant location over said network indicating whether there are sufficient funds in said account to cover said purchase price.
The method according to claim 1 including the additional step of electronically transmitting a signal from said on-line merchant location to said consumer location over said network indicating whether said purchase has been authorized.
9. A system for making purchases over a computer network using a first number that identifies a consumer's account from which funds will be withdrawn to pay a purchase price and a second number associated with said first number which, when used with said first number, enables withdrawal of funds from said account, said system comprising:
a first computer at a consumer location, said first computer being connected to said network;
a second computer at an on-line merchant location, said second computer being connected to said network; and a third computer at a third party contractor location, said third computer being connected to said network;
wherein said first number is transmitted from said first computer to said second computer over said network;
wherein said first number is forwarded from said second computer to said third computer over said network;
wherein said second number is transmitted from said first computer to said third computer over said network;
and wherein said third computer determines whether said first and second numbers are valid.
a first computer at a consumer location, said first computer being connected to said network;
a second computer at an on-line merchant location, said second computer being connected to said network; and a third computer at a third party contractor location, said third computer being connected to said network;
wherein said first number is transmitted from said first computer to said second computer over said network;
wherein said first number is forwarded from said second computer to said third computer over said network;
wherein said second number is transmitted from said first computer to said third computer over said network;
and wherein said third computer determines whether said first and second numbers are valid.
10. The system according to claim 9 wherein said first computer bypasses said second computer when transmitting said second number to said third computer.
11. The system according to claim 9 wherein said first and second numbers are transmitted over said network via encrypted connections.
12. The system according to claim 9 wherein said network is the Internet.
13. The system according to claim 9 wherein said third computer checks whether said account has sufficient funds to cover said purchase price.
14. The system according to claim 9 wherein said third computer notifies said second computer whether said first and second numbers are valid.
15. The system according to claim 13 wherein said third computer notifies said second computer whether there are sufficient funds in said account to cover said purchase price.
16. The system according to claim 9 wherein said second computer notifies said first computer whether said purchase is authorized.
17. A method of authorizing a purchase to be made over a computer network using a first number that identifies a consumer's account from which funds will be withdrawn to pay a purchase price and a second number associated with said first number which, when used with said first number, enables withdrawal of funds from said account, said method comprising the steps:
receiving at a third party contractor location said first number electronically transmitted over said network from an on-line merchant location;
receiving at said third party contractor location said second number electronically transmitted over said network from a consumer location; and determining the validity of said first and second numbers at said third party contractor location.
receiving at a third party contractor location said first number electronically transmitted over said network from an on-line merchant location;
receiving at said third party contractor location said second number electronically transmitted over said network from a consumer location; and determining the validity of said first and second numbers at said third party contractor location.
18. The method according to claim 17 wherein said network is the Internet.
19. The method according to claim 17 including the additional step of determining at said third party contractor location whether said account has sufficient funds to cover said purchase price.
20. The method according to claim 17 including the additional step of electronically transmitting a signal from said third party contractor location to said on-line merchant location over said network indicating whether said first and second numbers are valid.
21. The method according to claim 19 including the additional step of electronically transmitting a signal from said third party contractor location to said on-line merchant location over said network indicating whether there are sufficient funds in said account to cover said purchase price.
22. A system for authorizing a purchase to be made over a computer network using a first number that identifies a consumer's account from which funds will be withdrawn to pay a purchase price and a second number associated with said first number which, when used with said first number, enables withdrawal of funds from said account, said system comprising:
a computer connected to said network;
said computer being configured to receive said first number transmitted over said network from an on-line merchant's computer, receive said second number transmitted over said network from a consumer's computer, and verify the validity of said first and second numbers.
a computer connected to said network;
said computer being configured to receive said first number transmitted over said network from an on-line merchant's computer, receive said second number transmitted over said network from a consumer's computer, and verify the validity of said first and second numbers.
23. The system according to claim 22 wherein said network is the Internet.
24. The system according to claim 22 wherein said computer is configured to determine whether said account has sufficient funds to cover said purchase price.
25. The system according to claim 22 wherein said computer is configured to notify said on-line merchant's computer whether said first and second numbers are valid.
26. The system according to claim 24 wherein said computer is configured to notify said on-line merchant's computer whether there are sufficient funds in said account to cover said purchase price.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US09/391,285 US7249093B1 (en) | 1999-09-07 | 1999-09-07 | Method of and system for making purchases over a computer network |
US09/391,285 | 1999-09-07 | ||
PCT/US2000/024625 WO2001018719A1 (en) | 1999-09-07 | 2000-09-07 | Method of and system for making purchases over a computer network |
Publications (1)
Publication Number | Publication Date |
---|---|
CA2384250A1 true CA2384250A1 (en) | 2001-03-15 |
Family
ID=23546020
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA2383632A Expired - Fee Related CA2383632C (en) | 1999-09-07 | 2000-09-07 | Method of and system for authorizing purchases made over a computer network |
CA002384250A Abandoned CA2384250A1 (en) | 1999-09-07 | 2000-09-07 | Method of and system for making purchases over a computer network |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA2383632A Expired - Fee Related CA2383632C (en) | 1999-09-07 | 2000-09-07 | Method of and system for authorizing purchases made over a computer network |
Country Status (8)
Country | Link |
---|---|
US (4) | US7249093B1 (en) |
EP (3) | EP1218837A4 (en) |
JP (6) | JP2003509744A (en) |
CN (2) | CN1378675A (en) |
AU (2) | AU7124600A (en) |
CA (2) | CA2383632C (en) |
MX (2) | MXPA02002374A (en) |
WO (2) | WO2001018720A1 (en) |
Families Citing this family (143)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030217005A1 (en) * | 1996-11-27 | 2003-11-20 | Diebold Self Service Systems, Division Of Diebold, Incorporated | Automated banking machine system and method |
US6941274B1 (en) * | 1997-11-28 | 2005-09-06 | Diebold, Incorporated | Automated transaction machine |
US7451114B1 (en) | 1999-02-19 | 2008-11-11 | Visa International Service Association | Conducting commerce between individuals |
US7729986B1 (en) | 1999-07-30 | 2010-06-01 | Visa International Service Association | Smart card transactions using wireless telecommunications network |
US7249093B1 (en) * | 1999-09-07 | 2007-07-24 | Rysix Holdings, Llc | Method of and system for making purchases over a computer network |
EP2278538A1 (en) * | 2000-04-24 | 2011-01-26 | Visa International Service Association | Online payer authentication service |
US20100223146A1 (en) * | 2000-10-02 | 2010-09-02 | Sybase 365, Inc. | Method of Effecting Cashless Payments and a System for Implementing the Method |
AU2002239481A1 (en) * | 2000-10-30 | 2002-05-27 | Raf Technology, Inc. | Verification engine for user authentication |
US8429067B1 (en) * | 2001-04-17 | 2013-04-23 | Paymentech, Llc | System and method for detecting changes in business stability |
AU2002250316B2 (en) | 2001-04-23 | 2007-12-20 | Oracle International Corporation | Methods and systems for carrying out contingency-dependent payments via secure electronic bank drafts supported by online letters of credit and/or online performance bonds |
US7269737B2 (en) * | 2001-09-21 | 2007-09-11 | Pay By Touch Checking Resources, Inc. | System and method for biometric authorization for financial transactions |
US7992007B2 (en) | 2002-02-05 | 2011-08-02 | Cardinalcommerce Corporation | Dynamic pin pad for credit/debit/ other electronic transactions |
US8909557B2 (en) * | 2002-02-28 | 2014-12-09 | Mastercard International Incorporated | Authentication arrangement and method for use with financial transaction |
GB0204620D0 (en) * | 2002-02-28 | 2002-04-10 | Europay Internat N V | Chip authentication programme |
US7707120B2 (en) | 2002-04-17 | 2010-04-27 | Visa International Service Association | Mobile account authentication service |
US7343623B2 (en) * | 2002-05-29 | 2008-03-11 | Raf Technology, Inc. | Authentication query strategizer and results compiler |
US8645266B2 (en) | 2002-06-12 | 2014-02-04 | Cardinalcommerce Corporation | Universal merchant platform for payment authentication |
US7693783B2 (en) | 2002-06-12 | 2010-04-06 | Cardinalcommerce Corporation | Universal merchant platform for payment authentication |
AU2003243523B2 (en) * | 2002-06-12 | 2008-04-10 | Cardinalcommerce Corporation | Universal merchant platform for payment authentication |
US7353382B2 (en) * | 2002-08-08 | 2008-04-01 | Fujitsu Limited | Security framework and protocol for universal pervasive transactions |
US8171567B1 (en) | 2002-09-04 | 2012-05-01 | Tracer Detection Technology Corp. | Authentication method and system |
SG152061A1 (en) * | 2002-09-10 | 2009-05-29 | Visa Int Service Ass | Data authentication and provisioning method and system |
AU2003901043A0 (en) * | 2003-03-07 | 2003-03-20 | Torto, Anthony | Transaction system |
US9412123B2 (en) | 2003-07-01 | 2016-08-09 | The 41St Parameter, Inc. | Keystroke analysis |
CN100427163C (en) * | 2003-10-31 | 2008-10-22 | 阿鲁策株式会社 | Special award treatment system, check device and treatment method for said system |
CN1635525A (en) * | 2003-12-31 | 2005-07-06 | 中国银联股份有限公司 | Security Internet payment system and security Internet payment authentication method |
US10999298B2 (en) | 2004-03-02 | 2021-05-04 | The 41St Parameter, Inc. | Method and system for identifying users and detecting fraud by use of the internet |
US20050203843A1 (en) * | 2004-03-12 | 2005-09-15 | Wood George L. | Internet debit system |
WO2005088517A1 (en) | 2004-03-12 | 2005-09-22 | Ingenia Technology Limited | Methods and apparatuses for creating authenticatable printed articles and subsequently verifying them |
BRPI0508631A (en) | 2004-03-12 | 2007-08-07 | Ingenia Technology Ltd | apparatus for determining a signature of an article arranged in a reading volume, use of the apparatus, methods for identifying an article made of paper or cardboard, an article made of plastic, a product by its packaging, a document, a garment or footwear, and a disc, method for tagging an article, and, tagged article |
US8175938B2 (en) | 2004-04-13 | 2012-05-08 | Ebay Inc. | Method and system for facilitating merchant-initiated online payments |
US8762283B2 (en) * | 2004-05-03 | 2014-06-24 | Visa International Service Association | Multiple party benefit from an online authentication service |
US8682784B2 (en) * | 2004-07-16 | 2014-03-25 | Ebay, Inc. | Method and system to process credit card payment transactions initiated by a merchant |
US7324976B2 (en) * | 2004-07-19 | 2008-01-29 | Amazon Technologies, Inc. | Automatic authorization of programmatic transactions |
GB2438424B (en) * | 2004-08-13 | 2008-02-13 | Ingenia Technology Ltd | Article manufacturing screen |
US7676433B1 (en) * | 2005-03-24 | 2010-03-09 | Raf Technology, Inc. | Secure, confidential authentication with private data |
US20060230447A1 (en) * | 2005-04-12 | 2006-10-12 | Cristina Buchholz | User interface component identifying authorization check |
US8015118B1 (en) | 2005-05-06 | 2011-09-06 | Open Invention Network, Llc | System and method for biometric signature authorization |
US7848977B2 (en) * | 2005-05-09 | 2010-12-07 | First Data Corporation | Private label purchase card acceptance systems and methods |
RU2008107328A (en) * | 2005-07-27 | 2009-09-10 | Инджениа Текнолоджи Лимитед (Gb) | AUTHENTICITY CERTIFICATION |
WO2007012816A1 (en) * | 2005-07-27 | 2007-02-01 | Ingenia Technology Limited | Verification of authenticity |
US7899749B1 (en) * | 2005-08-09 | 2011-03-01 | Chicago Mercantile Exchange, Inc. | System and method for providing intelligent market data snapshots |
US8938671B2 (en) | 2005-12-16 | 2015-01-20 | The 41St Parameter, Inc. | Methods and apparatus for securely displaying digital images |
US11301585B2 (en) | 2005-12-16 | 2022-04-12 | The 41St Parameter, Inc. | Methods and apparatus for securely displaying digital images |
EP1969525A1 (en) | 2005-12-23 | 2008-09-17 | Ingenia Holdings (UK)Limited | Optical authentication |
US8151327B2 (en) * | 2006-03-31 | 2012-04-03 | The 41St Parameter, Inc. | Systems and methods for detection of session tampering and fraud prevention |
US7818264B2 (en) | 2006-06-19 | 2010-10-19 | Visa U.S.A. Inc. | Track data encryption |
US10019708B2 (en) * | 2006-08-25 | 2018-07-10 | Amazon Technologies, Inc. | Utilizing phrase tokens in transactions |
DE112007002763T5 (en) * | 2006-11-16 | 2009-09-24 | Net1 Ueps Technologies, Inc. | Identification verification of the buyer |
GB0625851D0 (en) | 2006-12-22 | 2007-02-07 | Isis Innovation | Improvements in communications security |
GB2447059B (en) * | 2007-02-28 | 2009-09-30 | Secoren Ltd | Authorisation system |
US7739169B2 (en) * | 2007-06-25 | 2010-06-15 | Visa U.S.A. Inc. | Restricting access to compromised account information |
US8121942B2 (en) | 2007-06-25 | 2012-02-21 | Visa U.S.A. Inc. | Systems and methods for secure and transparent cardless transactions |
JP5038807B2 (en) * | 2007-08-01 | 2012-10-03 | 株式会社東芝 | Verification apparatus and program |
WO2009050583A2 (en) * | 2007-08-29 | 2009-04-23 | Youtility Software, Inc. | Secure network interactions using desktop agent |
US9015074B2 (en) | 2008-02-01 | 2015-04-21 | Mazooma Technical Services, Inc. | Device and method for facilitating financial transactions |
US7720764B2 (en) | 2008-02-01 | 2010-05-18 | Kenneth James Emerson | Method, device, and system for completing on-line financial transaction |
US9208485B2 (en) | 2008-03-24 | 2015-12-08 | American Express Travel Related Services Company, Inc. | System and method for facilitating online transactions |
US20090265270A1 (en) * | 2008-04-18 | 2009-10-22 | Ncr Corporation | Token activation |
EP2128781A1 (en) | 2008-05-27 | 2009-12-02 | Benny Kalbratt | Method for authentication |
US10157375B2 (en) | 2008-06-03 | 2018-12-18 | Cardinalcommerce Corporation | Alternative payment implementation for electronic retailers |
US8762210B2 (en) | 2008-06-03 | 2014-06-24 | Cardinalcommerce Corporation | Alternative payment implementation for electronic retailers |
US20090327114A1 (en) * | 2008-06-30 | 2009-12-31 | Sheth Nandan S | Systems and Methods For Secure Pin-Based Transactions Via a Host Based Pin Pad |
CN101339677B (en) * | 2008-08-28 | 2010-06-23 | 北京飞天诚信科技有限公司 | Safe authorization method and system |
US8612305B2 (en) | 2008-10-31 | 2013-12-17 | Visa International Service Association | User enhanced authentication system for online purchases |
BRPI0921124A2 (en) | 2008-11-06 | 2016-09-13 | Visa Int Service Ass | system for authenticating a consumer, computer implemented method, computer readable medium, and server computer. |
GB2466311B (en) | 2008-12-19 | 2010-11-03 | Ingenia Holdings | Self-calibration of a matching algorithm for determining authenticity |
GB2466465B (en) | 2008-12-19 | 2011-02-16 | Ingenia Holdings | Authentication |
US9112850B1 (en) | 2009-03-25 | 2015-08-18 | The 41St Parameter, Inc. | Systems and methods of sharing information through a tag-based consortium |
US9715681B2 (en) | 2009-04-28 | 2017-07-25 | Visa International Service Association | Verification of portable consumer devices |
US9038886B2 (en) | 2009-05-15 | 2015-05-26 | Visa International Service Association | Verification of portable consumer devices |
US10846683B2 (en) | 2009-05-15 | 2020-11-24 | Visa International Service Association | Integration of verification tokens with mobile communication devices |
US9105027B2 (en) | 2009-05-15 | 2015-08-11 | Visa International Service Association | Verification of portable consumer device for secure services |
US8602293B2 (en) | 2009-05-15 | 2013-12-10 | Visa International Service Association | Integration of verification tokens with portable computing devices |
US8534564B2 (en) | 2009-05-15 | 2013-09-17 | Ayman Hammad | Integration of verification tokens with mobile communication devices |
US8893967B2 (en) * | 2009-05-15 | 2014-11-25 | Visa International Service Association | Secure Communication of payment information to merchants using a verification token |
US20100312703A1 (en) * | 2009-06-03 | 2010-12-09 | Ashish Kulpati | System and method for providing authentication for card not present transactions using mobile device |
US8103553B2 (en) | 2009-06-06 | 2012-01-24 | Bullock Roddy Mckee | Method for making money on internet news sites and blogs |
US20100312702A1 (en) * | 2009-06-06 | 2010-12-09 | Bullock Roddy M | System and method for making money by facilitating easy online payment |
US8065193B2 (en) | 2009-06-06 | 2011-11-22 | Bullock Roddy Mckee | Method for making money on the internet |
US20100332337A1 (en) * | 2009-06-25 | 2010-12-30 | Bullock Roddy Mckee | Universal one-click online payment method and system |
SE534631C2 (en) * | 2009-10-26 | 2011-11-01 | Invented In Sweden Ab | Method and apparatus for carrying out electronic activity involving a plurality of electronic devices |
GB2476226B (en) | 2009-11-10 | 2012-03-28 | Ingenia Holdings Ltd | Optimisation |
CA2795167C (en) | 2010-04-05 | 2018-09-04 | Cardinal Commerce Corporation | Method and system for processing pin debit transactions |
US9846872B2 (en) | 2010-04-06 | 2017-12-19 | American Express Travel Related Services Company, Inc. | Secure exchange of indicia of value and associated information |
EP2455903A1 (en) * | 2010-11-05 | 2012-05-23 | Deutsche Telekom AG | Method and payment service center |
WO2012082795A1 (en) * | 2010-12-13 | 2012-06-21 | Magtek, Inc. | Systems and methods for conducting contactless payments using a mobile and a magstripe payment card |
CN102096872B (en) * | 2011-02-12 | 2015-07-29 | 中国工商银行股份有限公司 | A kind of Web bank's payment information safety detection method and device |
KR101895243B1 (en) * | 2011-03-04 | 2018-10-24 | 비자 인터네셔널 서비스 어소시에이션 | Integration of payment capability into secure elements of computers |
US8352370B1 (en) * | 2011-03-28 | 2013-01-08 | Jpmorgan Chase Bank, N.A. | System and method for universal instant credit |
WO2012142045A2 (en) | 2011-04-11 | 2012-10-18 | Visa International Service Association | Multiple tokenization for authentication |
US8346672B1 (en) * | 2012-04-10 | 2013-01-01 | Accells Technologies (2009), Ltd. | System and method for secure transaction process via mobile device |
US8874912B2 (en) | 2011-10-04 | 2014-10-28 | Accullink, Inc. | Systems and methods for securely transferring personal identifiers |
GB201117293D0 (en) * | 2011-10-07 | 2011-11-16 | Mgt Plc | Secure payment system |
US10754913B2 (en) | 2011-11-15 | 2020-08-25 | Tapad, Inc. | System and method for analyzing user device information |
US9633201B1 (en) | 2012-03-01 | 2017-04-25 | The 41St Parameter, Inc. | Methods and systems for fraud containment |
US10282724B2 (en) | 2012-03-06 | 2019-05-07 | Visa International Service Association | Security system incorporating mobile device |
CN102663631A (en) * | 2012-03-22 | 2012-09-12 | 瑞达信息安全产业股份有限公司 | An electronic bill generating method for mobile payment |
US9521551B2 (en) | 2012-03-22 | 2016-12-13 | The 41St Parameter, Inc. | Methods and systems for persistent cross-application mobile device identification |
US9959539B2 (en) | 2012-06-29 | 2018-05-01 | Apple Inc. | Continual authorization for secured functions |
US9832189B2 (en) | 2012-06-29 | 2017-11-28 | Apple Inc. | Automatic association of authentication credentials with biometrics |
US10212158B2 (en) | 2012-06-29 | 2019-02-19 | Apple Inc. | Automatic association of authentication credentials with biometrics |
US9819676B2 (en) | 2012-06-29 | 2017-11-14 | Apple Inc. | Biometric capture for unauthorized user identification |
WO2014022813A1 (en) | 2012-08-02 | 2014-02-06 | The 41St Parameter, Inc. | Systems and methods for accessing records via derivative locators |
US20140061290A1 (en) * | 2012-08-29 | 2014-03-06 | Xerox Corporation | Method and apparatus for storing a customer identifying information in a consumable to be used in an image production device |
WO2014078569A1 (en) | 2012-11-14 | 2014-05-22 | The 41St Parameter, Inc. | Systems and methods of global identification |
SG2012085619A (en) * | 2012-11-20 | 2014-06-27 | Fortnum Pte Ltd | A method and apparatus for carrying out an electronic transaction |
FR3006792B1 (en) * | 2013-06-10 | 2017-07-14 | Vectocarte | DEVICE FOR STORING, PROCESSING AND TRANSMITTING DIGITAL DATA OF A COMMERCIAL TRANSACTION |
US10902327B1 (en) | 2013-08-30 | 2021-01-26 | The 41St Parameter, Inc. | System and method for device identification and uniqueness |
US10331866B2 (en) | 2013-09-06 | 2019-06-25 | Apple Inc. | User verification for changing a setting of an electronic device |
US20150073998A1 (en) | 2013-09-09 | 2015-03-12 | Apple Inc. | Use of a Biometric Image in Online Commerce |
US9576280B2 (en) * | 2013-10-13 | 2017-02-21 | Seleucid, Llc | Method and system for making electronic payments |
CA2932346C (en) * | 2013-12-02 | 2018-09-04 | Mastercard International Incorporated | Method and system for secure authentication of user and mobile device without secure elements |
BR112016012359A2 (en) | 2013-12-02 | 2017-08-08 | Mastercard International Inc | METHOD AND SYSTEM FOR SECURE TRANSMISSION OF REMOTE NOTIFICATION SERVICE MESSAGES TO MOBILE DEVICES WITHOUT SECURE ELEMENTS |
US10380564B1 (en) | 2013-12-05 | 2019-08-13 | Square, Inc. | Merchant performed banking-type transactions |
US11823190B2 (en) * | 2013-12-09 | 2023-11-21 | Mastercard International Incorporated | Systems, apparatus and methods for improved authentication |
US20150220931A1 (en) | 2014-01-31 | 2015-08-06 | Apple Inc. | Use of a Biometric Image for Authorization |
US10037527B2 (en) * | 2014-02-28 | 2018-07-31 | Ncr Corporation | End-to end device authentication |
US9721248B2 (en) * | 2014-03-04 | 2017-08-01 | Bank Of America Corporation | ATM token cash withdrawal |
US20220374893A1 (en) * | 2014-04-15 | 2022-11-24 | Rare Corporation | Novel data exchange system and method for facilitating a network transaction |
US10091312B1 (en) | 2014-10-14 | 2018-10-02 | The 41St Parameter, Inc. | Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups |
CA2978461C (en) * | 2015-03-06 | 2020-10-27 | Mastercard International Incorporated | Secure mobile remote payments |
US10410208B2 (en) | 2015-04-24 | 2019-09-10 | Capital One Services, Llc | Token identity devices |
US9781105B2 (en) | 2015-05-04 | 2017-10-03 | Ping Identity Corporation | Fallback identity authentication techniques |
CN106302560A (en) * | 2015-05-12 | 2017-01-04 | 广州杰赛科技股份有限公司 | A kind of Information Sharing and Verification System |
CN106302627B (en) * | 2015-06-29 | 2020-01-03 | 阿里巴巴集团控股有限公司 | Service change method and device |
KR101790204B1 (en) * | 2015-07-14 | 2017-11-20 | 삼성전자주식회사 | Card registration method for pament service and mobile electronic device implementing the same |
US20170032371A1 (en) * | 2015-07-29 | 2017-02-02 | Mastercard International Incorporated | Method and system for next generation fleet network |
KR102530888B1 (en) * | 2015-09-01 | 2023-05-11 | 삼성전자주식회사 | Electronic device and method for payment transaction |
US11636465B1 (en) | 2015-10-21 | 2023-04-25 | Marqeta, Inc. | System, method, and computer program for funding a payment card account from an external source just-in-time for a purchase |
WO2018013961A1 (en) | 2016-07-15 | 2018-01-18 | Cardinalcommerce Corporation | Authentication to authorization bridge using enriched messages |
US20180047018A1 (en) * | 2016-08-15 | 2018-02-15 | Capital One Services, Llc | Browser extension for field detection and automatic population and submission |
US20190266581A1 (en) * | 2016-10-27 | 2019-08-29 | Diebold Nixdorf Incorporated | On-boarding of Mobile-Wallet Datasets |
US11023873B1 (en) | 2017-03-31 | 2021-06-01 | Square, Inc. | Resources for peer-to-peer messaging |
US10453056B2 (en) | 2017-06-29 | 2019-10-22 | Square, Inc. | Secure account creation |
US11023885B2 (en) * | 2017-06-30 | 2021-06-01 | Marqeta, Inc. | System, method, and computer program for securely transmitting and presenting payment card data in a web client |
US10848321B2 (en) | 2017-11-03 | 2020-11-24 | Mastercard International Incorporated | Systems and methods for authenticating a user based on biometric and device data |
US20220172179A1 (en) * | 2018-03-30 | 2022-06-02 | Block, Inc. | Itemized digital receipts |
SE1830356A1 (en) * | 2018-12-07 | 2020-06-08 | Omnicorn Ab | Purchase Management System And Method |
US11475446B2 (en) | 2018-12-28 | 2022-10-18 | Mastercard International Incorporated | System, methods and computer program products for identity authentication for electronic payment transactions |
US11494769B2 (en) * | 2019-01-10 | 2022-11-08 | Mastercard International Incorporated | System, methods and computer program products for identity authentication for electronic payment transactions |
US11887102B1 (en) | 2019-07-31 | 2024-01-30 | Block, Inc. | Temporary virtual payment card |
US11677731B2 (en) * | 2020-04-29 | 2023-06-13 | Wells Fargo Bank, N.A. | Adaptive authentication |
Family Cites Families (65)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4943707A (en) | 1987-01-06 | 1990-07-24 | Visa International Service Association | Transaction approval system |
US4870259A (en) | 1987-01-06 | 1989-09-26 | Visa International Service Association | Transaction approval system |
US4908521A (en) | 1987-01-06 | 1990-03-13 | Visa International Service Association | Transaction approval system |
US4822985A (en) | 1987-01-06 | 1989-04-18 | Visa International Service Association | Transaction approval system |
US5220501A (en) * | 1989-12-08 | 1993-06-15 | Online Resources, Ltd. | Method and system for remote delivery of retail banking services |
USRE36788E (en) | 1990-09-06 | 2000-07-25 | Visa International Service Association | Funds transfer system |
US5177342A (en) | 1990-11-09 | 1993-01-05 | Visa International Service Association | Transaction approval system |
US6076068A (en) * | 1992-09-17 | 2000-06-13 | Ad Response Micromarketing Corporation | Coupon delivery system |
US5371797A (en) * | 1993-01-19 | 1994-12-06 | Bellsouth Corporation | Secure electronic funds transfer from telephone or unsecured terminal |
US5351296A (en) * | 1993-03-29 | 1994-09-27 | Niobrara Research & Development Corporation | Financial transmission system |
US6694300B1 (en) * | 1997-03-21 | 2004-02-17 | Walker Digital, Llc | Method and apparatus for providing supplementary product sales to a customer at a customer terminal |
USRE36365E (en) | 1993-10-25 | 1999-11-02 | Visa International Service Association | Method and apparatus for distributing currency |
US5920847A (en) | 1993-11-01 | 1999-07-06 | Visa International Service Association | Electronic bill pay system |
US5465206B1 (en) | 1993-11-01 | 1998-04-21 | Visa Int Service Ass | Electronic bill pay system |
DE69431306T2 (en) * | 1993-12-16 | 2003-05-15 | Open Market Inc | NETWORK-BASED PAYMENT SYSTEM AND METHOD FOR USING SUCH A SYSTEM |
US5815577A (en) * | 1994-03-18 | 1998-09-29 | Innovonics, Inc. | Methods and apparatus for securely encrypting data in conjunction with a personal computer |
US5590038A (en) * | 1994-06-20 | 1996-12-31 | Pitroda; Satyan G. | Universal electronic transaction card including receipt storage and system and methods of conducting electronic transactions |
EP0690399A3 (en) * | 1994-06-30 | 1997-05-02 | Tandem Computers Inc | Remote financial transaction system |
US5826245A (en) * | 1995-03-20 | 1998-10-20 | Sandberg-Diment; Erik | Providing verification information for a transaction |
US5677955A (en) * | 1995-04-07 | 1997-10-14 | Financial Services Technology Consortium | Electronic funds transfer instruments |
US5708422A (en) * | 1995-05-31 | 1998-01-13 | At&T | Transaction authorization and alert system |
US5790677A (en) * | 1995-06-29 | 1998-08-04 | Microsoft Corporation | System and method for secure electronic commerce transactions |
US5703344A (en) | 1995-06-30 | 1997-12-30 | Visa International Service Association | Electronic funds confirmation at point of transaction |
US5671279A (en) * | 1995-11-13 | 1997-09-23 | Netscape Communications Corporation | Electronic commerce using a secure courier system |
US5809143A (en) * | 1995-12-12 | 1998-09-15 | Hughes; Thomas S. | Secure keyboard |
US5943423A (en) * | 1995-12-15 | 1999-08-24 | Entegrity Solutions Corporation | Smart token system for secure electronic transactions and identification |
JP3133243B2 (en) * | 1995-12-15 | 2001-02-05 | 株式会社エヌケーインベストメント | Online shopping system |
US5822737A (en) * | 1996-02-05 | 1998-10-13 | Ogram; Mark E. | Financial transaction system |
US5815665A (en) | 1996-04-03 | 1998-09-29 | Microsoft Corporation | System and method for providing trusted brokering services over a distributed network |
US5770843A (en) | 1996-07-02 | 1998-06-23 | Ncr Corporation | Access card for multiple accounts |
JPH10105603A (en) * | 1996-09-25 | 1998-04-24 | Computer Consulting:Kk | Method and device for information communication |
DE69603971T2 (en) * | 1996-12-13 | 2000-03-30 | Ericsson Telefon Ab L M | Method and system for carrying out monetary transactions |
US6285991B1 (en) | 1996-12-13 | 2001-09-04 | Visa International Service Association | Secure interactive electronic account statement delivery system |
JPH10207946A (en) | 1997-01-16 | 1998-08-07 | Computer Consulting:Kk | Prepaid media and settllement system using the same |
US5963647A (en) * | 1997-02-14 | 1999-10-05 | Citicorp Development Center, Inc. | Method and system for transferring funds from an account to an individual |
US6247129B1 (en) * | 1997-03-12 | 2001-06-12 | Visa International Service Association | Secure electronic commerce employing integrated circuit cards |
US5903721A (en) * | 1997-03-13 | 1999-05-11 | cha|Technologies Services, Inc. | Method and system for secure online transaction processing |
US5930777A (en) * | 1997-04-15 | 1999-07-27 | Barber; Timothy P. | Method of charging for pay-per-access information over a network |
US6282522B1 (en) | 1997-04-30 | 2001-08-28 | Visa International Service Association | Internet payment system using smart card |
US6014636A (en) * | 1997-05-06 | 2000-01-11 | Lucent Technologies Inc. | Point of sale method and system |
US6829595B2 (en) * | 1997-06-27 | 2004-12-07 | Valista, Inc. | MicroTrac internet billing solutions |
US6016476A (en) * | 1997-08-11 | 2000-01-18 | International Business Machines Corporation | Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security |
US5903878A (en) * | 1997-08-20 | 1999-05-11 | Talati; Kirit K. | Method and apparatus for electronic commerce |
WO1999014711A2 (en) * | 1997-09-17 | 1999-03-25 | Andrasev Akos | Method for checking rightful use of a debit card or similar means giving right of disposing of a bank account |
US6000832A (en) * | 1997-09-24 | 1999-12-14 | Microsoft Corporation | Electronic online commerce card with customer generated transaction proxy number for online transactions |
US5883810A (en) | 1997-09-24 | 1999-03-16 | Microsoft Corporation | Electronic online commerce card with transactionproxy number for online transactions |
JP3137052B2 (en) | 1997-09-25 | 2001-02-19 | 日本電気株式会社 | Internet payment method |
US6105008A (en) * | 1997-10-16 | 2000-08-15 | Visa International Service Association | Internet loading system using smart card |
EP0921487A3 (en) * | 1997-12-08 | 2000-07-26 | Nippon Telegraph and Telephone Corporation | Method and system for billing on the internet |
GB2332833A (en) * | 1997-12-24 | 1999-06-30 | Interactive Magazines Limited | Secure credit card transactions over the internet |
US6098053A (en) * | 1998-01-28 | 2000-08-01 | Citibank, N.A. | System and method for performing an electronic financial transaction |
JPH11224236A (en) | 1998-02-05 | 1999-08-17 | Mitsubishi Electric Corp | Remote authentication system |
US6052675A (en) * | 1998-04-21 | 2000-04-18 | At&T Corp. | Method and apparatus for preauthorizing credit card type transactions |
US6270011B1 (en) * | 1998-05-28 | 2001-08-07 | Benenson Tal | Remote credit card authentication system |
US6338050B1 (en) * | 1998-11-16 | 2002-01-08 | Trade Access, Inc. | System and method for providing and updating user supplied context for a negotiations system |
US6260024B1 (en) * | 1998-12-02 | 2001-07-10 | Gary Shkedy | Method and apparatus for facilitating buyer-driven purchase orders on a commercial network system |
US6327578B1 (en) * | 1998-12-29 | 2001-12-04 | International Business Machines Corporation | Four-party credit/debit payment protocol |
US6903721B2 (en) * | 1999-05-11 | 2005-06-07 | Immersion Corporation | Method and apparatus for compensating for position slip in interface devices |
AU5729200A (en) * | 1999-06-09 | 2000-12-28 | Intelishield.Com, Inc. | Internet payment system |
EP1065634A1 (en) * | 1999-07-02 | 2001-01-03 | Mic Systems | System and method for performing secure electronic transactions over an open communication network |
KR20000063676A (en) * | 1999-08-10 | 2000-11-06 | 박철 | Internet trade enhancing purchaser's security |
US7249093B1 (en) * | 1999-09-07 | 2007-07-24 | Rysix Holdings, Llc | Method of and system for making purchases over a computer network |
JP3910352B2 (en) * | 2000-04-11 | 2007-04-25 | 三菱電機株式会社 | Pretilt angle detection method and detection apparatus |
US6760841B1 (en) * | 2000-05-01 | 2004-07-06 | Xtec, Incorporated | Methods and apparatus for securely conducting and authenticating transactions over unsecured communication channels |
US6826245B1 (en) * | 2000-05-12 | 2004-11-30 | Oak Technology, Inc. | Optimal location of a digital sync pattern |
-
1999
- 1999-09-07 US US09/391,285 patent/US7249093B1/en not_active Expired - Lifetime
-
2000
- 2000-09-07 JP JP2001522461A patent/JP2003509744A/en not_active Withdrawn
- 2000-09-07 CN CN00813905A patent/CN1378675A/en active Pending
- 2000-09-07 JP JP2001522462A patent/JP2003509745A/en not_active Withdrawn
- 2000-09-07 MX MXPA02002374A patent/MXPA02002374A/en not_active Application Discontinuation
- 2000-09-07 MX MXPA02002375A patent/MXPA02002375A/en active IP Right Grant
- 2000-09-07 CA CA2383632A patent/CA2383632C/en not_active Expired - Fee Related
- 2000-09-07 EP EP00960021A patent/EP1218837A4/en not_active Ceased
- 2000-09-07 US US09/657,285 patent/US7318048B1/en not_active Expired - Lifetime
- 2000-09-07 WO PCT/US2000/024631 patent/WO2001018720A1/en active Application Filing
- 2000-09-07 WO PCT/US2000/024625 patent/WO2001018719A1/en active Application Filing
- 2000-09-07 EP EP00960027.1A patent/EP1218838B1/en not_active Expired - Lifetime
- 2000-09-07 AU AU71246/00A patent/AU7124600A/en not_active Abandoned
- 2000-09-07 CN CN00813904A patent/CN1399753A/en active Pending
- 2000-09-07 AU AU71252/00A patent/AU7125200A/en not_active Abandoned
- 2000-09-07 CA CA002384250A patent/CA2384250A1/en not_active Abandoned
- 2000-09-07 EP EP14192763.2A patent/EP2851854A1/en not_active Ceased
-
2007
- 2007-05-22 US US11/802,326 patent/US8775302B2/en not_active Expired - Fee Related
- 2007-12-13 US US11/955,752 patent/US10127535B2/en not_active Expired - Fee Related
-
2010
- 2010-12-24 JP JP2010287017A patent/JP2011123902A/en not_active Withdrawn
- 2010-12-24 JP JP2010286979A patent/JP2011129134A/en not_active Withdrawn
-
2012
- 2012-09-24 JP JP2012209516A patent/JP5638046B2/en not_active Expired - Lifetime
- 2012-09-25 JP JP2012210633A patent/JP5437460B2/en not_active Expired - Lifetime
Also Published As
Publication number | Publication date |
---|---|
CA2383632A1 (en) | 2001-03-15 |
EP1218838A1 (en) | 2002-07-03 |
JP2011123902A (en) | 2011-06-23 |
US10127535B2 (en) | 2018-11-13 |
JP2013030181A (en) | 2013-02-07 |
US20080097925A1 (en) | 2008-04-24 |
CN1399753A (en) | 2003-02-26 |
EP1218837A4 (en) | 2006-01-18 |
US20070226137A1 (en) | 2007-09-27 |
CN1378675A (en) | 2002-11-06 |
WO2001018720A1 (en) | 2001-03-15 |
JP5437460B2 (en) | 2014-03-12 |
JP2011129134A (en) | 2011-06-30 |
EP1218838A4 (en) | 2006-01-25 |
EP1218838B1 (en) | 2017-05-03 |
MXPA02002375A (en) | 2004-09-10 |
AU7124600A (en) | 2001-04-10 |
US8775302B2 (en) | 2014-07-08 |
EP1218837A1 (en) | 2002-07-03 |
AU7125200A (en) | 2001-04-10 |
CA2383632C (en) | 2017-11-07 |
EP2851854A1 (en) | 2015-03-25 |
WO2001018719A1 (en) | 2001-03-15 |
JP2013037711A (en) | 2013-02-21 |
JP2003509745A (en) | 2003-03-11 |
JP2003509744A (en) | 2003-03-11 |
MXPA02002374A (en) | 2004-09-10 |
US7249093B1 (en) | 2007-07-24 |
JP5638046B2 (en) | 2014-12-10 |
US7318048B1 (en) | 2008-01-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2384250A1 (en) | Method of and system for making purchases over a computer network | |
US6947908B1 (en) | System and use for correspondent banking | |
US7698217B1 (en) | Masking private billing data by assigning other billing data to use in commerce with businesses | |
US6324525B1 (en) | Settlement of aggregated electronic transactions over a network | |
WO2000022559A1 (en) | System and use for correspondent banking | |
CA2402353A1 (en) | Method and apparatus for sending money via an electronic greeting card over the internet | |
EA005835B1 (en) | A secure on-line payment system | |
KR20000012391A (en) | Method and system for electronic payment via internet | |
JP2003006548A (en) | Network settlement processing system, network settlement processor, network settlement processing method and network settlement processing program | |
KR20050111653A (en) | System and method for payment by using picture information of face, information storing medium | |
KR100831542B1 (en) | Method of one-stop money service using internet | |
JP2003016361A (en) | Method and system for settlement processing | |
JP2002024737A (en) | Payment processing system | |
Zheng et al. | Payment Technologies for E-commerce | |
KR20090001953A (en) | System and method for managing deposit account by using providing real goods for pre-interst and program recording medium | |
JP2002203192A (en) | Commodity charge collecting method, its system, and management server | |
KR20090032069A (en) | System for managing deposit account by using providing real goods for pre-interst | |
WO2002039226A2 (en) | System and method for pos financial transactions based on secure communications over a public network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
FZDE | Discontinued |
Effective date: 20190808 |
|
FZDE | Discontinued |
Effective date: 20190808 |