WO2001090971A2 - Secure payment process for on-line transactions - Google Patents
Secure payment process for on-line transactions Download PDFInfo
- Publication number
- WO2001090971A2 WO2001090971A2 PCT/IB2001/001095 IB0101095W WO0190971A2 WO 2001090971 A2 WO2001090971 A2 WO 2001090971A2 IB 0101095 W IB0101095 W IB 0101095W WO 0190971 A2 WO0190971 A2 WO 0190971A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- credit card
- customer
- retailer
- card company
- line
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/02—Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/385—Payment protocols; Details thereof using an alias or single-use codes
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
Definitions
- the present invention provides a linking process to provide a customer of goods or services on-line a secure payment process without relying upon the security of payment information residing at the retailer.
- the present invention provides an on-line transaction wherein a customer purchases goods from an on-line retailer without providing credit card information to the retailer.
- a credit card facilitates making purchases via telephone or over a network (i.e., the Internet).
- potential customers are justifiably concerned about placing orders for merchandise on networks such as the Internet, for example via E-mail, because of the lack of secure communications.
- Confidential data i.e., credit card numbers and associated information
- Several on-line retailers have even been "hacked" and had database files containing customer information, including credit card numbers, accessed by hackers.
- a similar approach for placing an order in current use is initiated when a customer sends an order, without credit card information, to a merchant over a non-secure network.
- the merchant's clerk or an automated system sends an E-mail message to the customer containing an order number that uniquely identifies the order.
- the customer dials a telephone number that connects to the merchant's facilities.
- the customer enters the unique order number and correct credit card number for billing the order on a touch-tone telephone (assuming that the customer has placed the call on this type of phone).
- the order number is used to match the correct order with the customer's credit card number.
- a new method for ordering goods over a network is needed that enables a customer to place an order without concern that others may illicitly gain access to the customer's credit card information.
- the order entry should be automated for optimum efficiency and to mimmize the time required for the customer to complete an order.
- the present invention represents a workable solution to this problem that is relatively efficient and foolproof.
- the present invention provides a process for completing an on-line transaction wherein a customer purchases goods from an on-line retailer, comprising:
- step (e) providing the authorization code to the retailer to complete the sale of the goods.
- the link to the credit card company with the customer is over a secure socket or an encrypted communication.
- the identity of the customer or other customer data is not provided to the retailer.
- the customer chooses a link to the credit card company wherein the customer owns an account and identified the credit card account only to the credit card company.
- the process further comprises (f) having the retailer provide the authorization code and a retailer code to the credit card company; and (g) having the credit card company authorize the purchase and bill the customer. If the customer does not identify himself or herself in step (c), then the credit card company cancels the credit card provided.
- Figure 1 is a screen-print from a hypothetical on-line retailer (Super CD) showing a purchase of three items for a total of US$71.00.
- Super CD hypothetical on-line retailer
- Figure 2 shows a screen-print of a form for obtaining customer information to be directed to a credit card company, wherein there are credit card logos for linking available at the bottom of the page.
- Figure 3 is a hypothetical first page of a screen showing the first step for an authorization procedure with a customer giving credit card information only to a credit card company (American Express in the Figure).
- Figures 4 and 5 show hypothetical screen-prints of an authorization process wherein the customer is given a period of time (30 seconds) to answer a question that the customer should know and provide a password.
- Figure 6 shows a screen print of a completed authorization with a credit card company and providing an authorization code "26077" to the customer by the credit card company (American Express).
- Figure 7 shows a screen-print of the customer being directed back to the retailer site to enter the authorization code (26077) supplied by the credit card company. It should be noted that the retailer does not have the credit card number of the customer.
- Figure 8 shows a hypothetical screen-print of a completed transaction wherein the customer is supplied with an order number (81404) by the retailer.
- Figure 9 shows a screen print of a hypothetical situation when a customer does not properly answer questions from the credit card company and the credit card is temporarily canceled.
- the present invention addresses the need for greater credit card security so as to allow on-line retailers and on-line customers to more freely conduct business on the internet without fear or with reduced fear that credit card information will fall into the wrong hands.
- the present inventive process takes the position that the on-line retailed does not need to know a customer's credit card information in order to conduct (business-to-consumer) business on-line. Definitions
- “Credit card” is intended to encompass debit cards and any other form of credit or debit used to make a purchase by providing a reference number that uniquely identifies a purchaser's account from which funds used to pay a seller for goods or services will be transferred.
- “Credit card transactions” encompass credit cards, debit cards, purchase cards, store cards or any card issued by an “issuing agent.”
- a "credit card company” is a business that provides credit cards, such as VISA or a bank.
- a "customer” is an individual or business that purchases goods or services.
- Goods include items than can be purchased (e.g., a computer, automobile, or bicycle) or services (e.g., writing a patent application).
- Issuing Agent is a business that issues credit cards. The most common issuing agents are VISA, Mastercard, American Express and Discover.
- On-line retailer or “retailer” is a business that offers for sale goods or services oil an Internet Web site.
- On-line transaction or “transaction” refers to any exchange of goods or services in the normal course of commerce wherein the primary means of communication between a customer and a retailer is via the Internet.
- the present invention provides a process for completing an on-line transaction wherein a customer purchases goods from an on-line retailer, comprising: (a) determining the goods to be purchased and the total cost of the goods in an on-line connection between a customer and an on-line retailer;
- FIGs 1-8 A hypothetical transaction is provided in Figures 1-8.
- the customer Raul Lessa, of Sao Paulo (Figure 2) desires to purchase three items for a total purchase price of US$71.00 ( Figure 1).
- the hypothetical retailer "Super CD” directs the customer to a credit card company with a choice of credit card companies identified by their logos ( Figure 2).
- This procedure further provides a reduction of risk of fraud to the credit card company, who has the ability to avoid fraud by canceling any credit card that may have been stolen.
- Selection of a credit card company will automatically link the customer to the secure site of the credit card company without having the retailer have any access to the information.
- the link will send the "store code" of the retailer to the credit card company, along with transaction information including the order number and the purchase price amount.
- the customer will provide his or her credit card number only to the credit card company (not to the retailer) and there will be no need to include additional information, such as expiration date or the card holder's name ( Figure 3).
- the credit card company will then begin a verification process to identify the credit card holder and not necessarily the person holding the credit card (in case it was physically stolen).
- the credit card company provides a series of questions that the credit card company knows the credit card holder can answer ( Figures 4 and 5). If the credit card company receives the correct answers (within a preset time period), the credit card company provides to the customer an authorization code (Figure 6). Preferably, this code is valid for a period of time and only for the retailer identified to the credit card company.
- the authorization code provided by the credit card company is 26077.
- the credit card company links the customer back to the retailer and the customer needed to have copied down the authorization code.
- the retailer asks for the authorization code and this code is typed in by the customer (Figure 7).
- the credit card company can cancel, temporarily or permanently, the credit card whose number was provided.
- the credit card company also provides to the customer (assuming the customer was the valid card holder) a means for reinstating his or her credit card.
- the inventive process provides a safe and secure means for facilitating on-line transactions and does not let retailers have credit card information stored in vulnerable databases. There is security provided to the retailer to insure that valid credit hard holders are properly using credit cards to insure payment. There is security to the customer to avoid having his or her credit card numbers stored on a retailer database, having varying levels of security from hackers. Moreover, the foregoing process shifts the verification burden from the retailer to the credit card company, with whom the contract with the customer exists. Therefore, no new infrastructure is needed to implement this process.
Abstract
Description
Claims
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU2001264179A AU2001264179A1 (en) | 2000-05-26 | 2001-05-24 | Secure payment process for on-line transactions |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US57944900A | 2000-05-26 | 2000-05-26 | |
US09/579,449 | 2000-05-26 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2001090971A2 true WO2001090971A2 (en) | 2001-11-29 |
WO2001090971A3 WO2001090971A3 (en) | 2002-06-20 |
Family
ID=24316949
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IB2001/001095 WO2001090971A2 (en) | 2000-05-26 | 2001-05-24 | Secure payment process for on-line transactions |
Country Status (2)
Country | Link |
---|---|
AU (1) | AU2001264179A1 (en) |
WO (1) | WO2001090971A2 (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5485510A (en) * | 1992-09-29 | 1996-01-16 | At&T Corp. | Secure credit/debit card authorization |
EP0779587A2 (en) * | 1995-12-15 | 1997-06-18 | Kabushiki Kaisha N.K Kikaku | On-line shopping system and the method of payment settlement |
EP0813325A2 (en) * | 1996-06-12 | 1997-12-17 | AT&T Corp. | A mechanism for enabling secure electronic transactions on the open internet |
WO1998030985A2 (en) * | 1997-01-06 | 1998-07-16 | Aerotel Ltd. | Computerized money transfer system |
US5822737A (en) * | 1996-02-05 | 1998-10-13 | Ogram; Mark E. | Financial transaction system |
WO1999007121A2 (en) * | 1997-07-29 | 1999-02-11 | Netadvantage Corporation | Method and system for conducting electronic commerce transactions |
-
2001
- 2001-05-24 WO PCT/IB2001/001095 patent/WO2001090971A2/en active Application Filing
- 2001-05-24 AU AU2001264179A patent/AU2001264179A1/en not_active Abandoned
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5485510A (en) * | 1992-09-29 | 1996-01-16 | At&T Corp. | Secure credit/debit card authorization |
EP0779587A2 (en) * | 1995-12-15 | 1997-06-18 | Kabushiki Kaisha N.K Kikaku | On-line shopping system and the method of payment settlement |
US5822737A (en) * | 1996-02-05 | 1998-10-13 | Ogram; Mark E. | Financial transaction system |
EP0813325A2 (en) * | 1996-06-12 | 1997-12-17 | AT&T Corp. | A mechanism for enabling secure electronic transactions on the open internet |
WO1998030985A2 (en) * | 1997-01-06 | 1998-07-16 | Aerotel Ltd. | Computerized money transfer system |
WO1999007121A2 (en) * | 1997-07-29 | 1999-02-11 | Netadvantage Corporation | Method and system for conducting electronic commerce transactions |
Also Published As
Publication number | Publication date |
---|---|
WO2001090971A3 (en) | 2002-06-20 |
AU2001264179A1 (en) | 2001-12-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4955894B2 (en) | Method and system for executing secure electronic commerce by looping back authorization request data | |
AU720433B2 (en) | Computerized payment system for purchasing goods and services on the internet | |
US7127427B1 (en) | Secure transaction processing system and method | |
CA2223079C (en) | Trusted agents for open distribution of electronic money | |
US6748367B1 (en) | Method and system for effecting financial transactions over a public network without submission of sensitive information | |
US20030130955A1 (en) | Secure transaction systems | |
US20020046092A1 (en) | Method for preventing fraudulent use of credit cards and credit card information, and for preventing unauthorized access to restricted physical and virtual sites | |
US7865446B2 (en) | Method for secure electronic commercial transaction on-line processing | |
JPH07234904A (en) | Method for execution of noncash transaction | |
JP2004511028A (en) | Method and system for securely collecting, storing and transmitting information | |
PT1029311E (en) | CREDIT CARD SYSTEM AND PROCESS | |
EP1234223A2 (en) | System and method for secure electronic transactions | |
JP2002342688A (en) | Method for electric commerce, settlement proxy method, information issuing method of disposable and post-paying system and settlement requesting method | |
JPH09297789A (en) | System and method for electronic transaction settlement management | |
WO2003107227A2 (en) | Method and system for secure electronic purchase transactions | |
WO2001011515A2 (en) | Method and system for making anonymous electronic payments on the world wide web | |
US20020123935A1 (en) | Secure commerce system and method | |
JPH09114904A (en) | Method and system for vending information | |
KR20010073982A (en) | Method and System for Approving One Time Virtual Credit Card Transaction for e-Commerce | |
KR20000037129A (en) | Electronic commerce security system and method thereof on internet | |
WO2001090971A2 (en) | Secure payment process for on-line transactions | |
KR20020003084A (en) | Checking service providing method on the electronic commerce through the Internet | |
Klur | What an organization should know about using electronic cash | |
WO2002058018A2 (en) | Payment method, and payment system with pay card used therewith | |
JP2003044775A (en) | Electronic commerce method and apparatus, and program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AU BR JP |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
AK | Designated states |
Kind code of ref document: A3 Designated state(s): AU BR JP |
|
AL | Designated countries for regional patents |
Kind code of ref document: A3 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: COMMUNICATION UNDER RULE 69 EPC ( EPO FORM 1205A DATED 14/04/03 ) |
|
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase in: |
Ref country code: JP |