WO2002013092A1 - Method and apparatus for making secure purchases over the internet - Google Patents

Method and apparatus for making secure purchases over the internet Download PDF

Info

Publication number
WO2002013092A1
WO2002013092A1 PCT/US2001/023356 US0123356W WO0213092A1 WO 2002013092 A1 WO2002013092 A1 WO 2002013092A1 US 0123356 W US0123356 W US 0123356W WO 0213092 A1 WO0213092 A1 WO 0213092A1
Authority
WO
WIPO (PCT)
Prior art keywords
transaction code
time limited
limited transaction
customer
merchant
Prior art date
Application number
PCT/US2001/023356
Other languages
French (fr)
Inventor
Albert P. Gadbut
Paul J. Gadbut
Bryce T. Kristo
Original Assignee
Secureicash.Com, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Secureicash.Com, Inc. filed Critical Secureicash.Com, Inc.
Priority to AU2001277157A priority Critical patent/AU2001277157A1/en
Publication of WO2002013092A1 publication Critical patent/WO2002013092A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes

Definitions

  • the present invention relates generally to electronic commerce.
  • the present invention relates to secure transactions over the internet.
  • the merchant may use this information to send junk mail to the customer.
  • the merchant may also sell this address and the purchasing behavior of the customer to a third party, who in turn may create a profile on the customer.
  • a method for securely accessing data over the internet comprising establishing an internet connection between a user's computer and a secure web site, and selecting an item displayed on the secure web site using a time limited transaction code is disclosed.
  • Figure 1 illustrates an example of a system in which a user computer is connected to a remote computer through a network.
  • Figure 2 is an example of a block diagram of a representative networked computer, such as user computer illustrated in Figure 1.
  • Figure 3 shows an example of an embodiment of a system for a customer to establish a new account.
  • Figure 4A shows an example of an embodiment of a method for a customer to change his or her password.
  • Figure 4B shows an example of a screen shot for funding a secure account.
  • Figure 5 A shows an example of an embodiment of a method for requesting a time limited transaction code.
  • Figure 5B shows an example of a screen shot to establish a secure connection between the customer's computer and the server
  • Figure 5C shows an example of a screen shot for inserting time limited transaction code information.
  • Figure 5D shows an example of a screen shot of the time limited transaction code.
  • Figure 6A shows one embodiment of requesting and generating an instant time limited transaction code.
  • Figure 6B shows an example of a screen shot for generating an instant time limited transaction code.
  • Figure 6C is an example of a screen shot of the generated instant time limited transaction code.
  • Figure 7 shows an example of an embodiment of a method of completing the authorization process.
  • Figure 8A shows an example of a screen shot for entering private shopping information.
  • Figure 8B shows an example of an example of a method to shop privately.
  • Figure 9A shows an example of an embodiment of a method for shopping anonymously using a buyer's agent.
  • Figure 9B shows an example of a screen shot for selecting a shipping option.
  • Figure 10 shows an example of an embodiment for a buyer's agent to complete the anonymous purchasing process.
  • Figure 11 shows an example of an embodiment of a method for a buyer's agent to verify funds.
  • Figure 12 is an example of an embodiment of a shop anonymously shipping process.
  • Figures 13A, 13B, and 13C show an example of a method for using a time limited transaction code to access medical records.
  • a method for using a time limited feature of a time limited transaction code, which provides limited access to an individual's personal funds or information is disclosed.
  • a combination of the time limited transaction code and a personal code may be applied to other secure transactions such as transmission of or access to medical records, insurance claims, titles and trust documents, legal documents or any other documents and /or data that an individual wishes to keep secure and private.
  • a time limited transaction code is a security/privacy mechanism that uses time as it's primary element. Once an individual establishes the length of time that the code is good for, along with other customizable features, the code expires and may never be used again.
  • the time limited transaction code is used to facilitate electronic commerce transactions.
  • the time limited transaction code may be used to securely transfer any other type of information or documents.
  • a method for shopping over the internet comprising establishing an internet connection between a customer's computer and a merchant's web site, selecting an item of merchandise displayed on the merchant's web site, and purchasing the item using a time limited transaction code is disclosed.
  • a user's computer system transmits and receives data over a computer network, cell phone, cable or standard telephone line.
  • the steps of accessing, downloading, and manipulating the data, as well as other aspects of the present invention are implemented by a central processing unit (CPU) or such like devices used in the processing of information in the user computer, such as cellular phone or other micro chip enabled devices, including but not limited to handheld and/or palm top devices executing sequences of instructions stored in a memory.
  • the memory may be a random access memory (RAM), read-only memory (ROM), a persistent store, such as a mass storage device, or any combination of but not limited to these devices. Execution of the sequences of instructions causes the CPU, or such like devices used in the processing of information to perform steps according to the present invention.
  • the instructions may be loaded into the memory of the user computer from a storage device, or from one or more other computer systems or such like devices used in the processing of information over a network, cellular, satellite, or other wireless connection.
  • a server computer may transmit a sequence of instructions to the user computer in response to a message transmitted to the server over a network by the user.
  • the user receives the instructions over the network connection, it stores the instructions in memory.
  • T e user may store the instructions for later execution or execute the instructions as they arrive over the network connection.
  • the downloaded instructions may be directly supported by the CPU.
  • the instructions may not be directly executable by the CPU or such like devices used in the processing of information, and may instead be executed by an interpreter that interprets the instructions.
  • hardwired circuitry and /or Firm Ware may be used in place of, or in combination with, sof ware instructions to implement the present invention.
  • the present invention is not limited to any specific combination of hardware circuitry and software, nor to any particular source for the instructions executed by the user computer or such like devices used in the processing of information.
  • Figure 1 illustrates an example and is only one example, of a system 100 in which a user's computer 102 is connected to a remote computer server or web server 104 through a network 110.
  • the network interface between user computer 102 and remote 104 may also include one or more routers, such as routers 106 and 108, which serve to buffer and route the data transmitted between the user and client computers.
  • Network 110 may be the Internet, a Wide Area Network (WAN), a Local Area Network (LAN), or any combination thereof.
  • the remote computer 104 may be a World-Wide Web (WWW) server that stores data in the form of 'web pages' and transmits these pages as Hypertext Markup Language (HTML) or Active Server Pages and files over the Internet network 110 to user computer 102.
  • WWW World-Wide Web
  • user computer 102 runs a 'web browser', which is simply an application program for accessing and providing links to web pages available on various Internet sites.
  • User computer 102 is also configured to communicate to telephone system 112 through a telephone interface, typically a modem.
  • FIG. 2 is an example of a block diagram of a representative networked computer, such as user computer 102 illustrated in Figure 1.
  • the computer system 200 includes a processor 202 coupled through a bus 201 to a random access memory (RAM) 204, a read only memory (ROM) 206, and a mass storage device 207.
  • Mass storage device 207 could be a disk or tape drive for storing data and instructions.
  • a display device 220 for providing visual output is also coupled to processor 202 through bus 201.
  • Keyboard 221 is coupled to bus 201 for communicating information and command selections to processor 202.
  • cursor control unit 222 is Another type of user input device, which may be a device such as a mouse or trackball, for communicating direction commands that control cursor movement on display 220.
  • cursor control unit 222 is also coupled to processor 202 through bus 201.
  • an audio output port 224 for connection to speakers that output audio signals produced by computer 200.
  • I/O interface 225 Further coupled to processor 202 through bus 201 is an input/output (I/O) interface 225, and a network interface device 223 for providing a physical and logical connection between computer system 200 and a network.
  • Network interface device 223 is used by various communication applications running on computer 200 for communicating over a network medium and may represent devices such as an ethernet card, ISDN card, Tl card, DS3card or similar devices.
  • Modem 226 interfaces computer system 200 to a cable or telephone line and translates digital data produced by the computer into analog signals that can be transmitted over a cable or standard telephone lines, such as by telephone system 112 in Figure 1.
  • modem 226 provides a hardwired interface to a telephone wall jack, however modem 226 could also represent a wireless or satellite modem for communication over cellular telephone networks.
  • the architecture of Figure 2 is provided only for purposes of illustration, and that a user computer used in conjunction with the present invention is not limited to the specific architecture shown.
  • the computer and computer network of Figures 1 and 2 are used by the present invention to securely or anonymously purchase merchandise over the internet. These networks or computers are not limited to this example and may change as the internet continues to advance.
  • the interaction between a merchant and a secure server begins with initial enrollment of the merchant as a partner.
  • the partnership gives the merchants the ability to offer their customers a secure method of payment for the merchandise that customers order online.
  • the authorization process routes information through an established configuration, for example on the EDS, M&I or other financial backbone.
  • the transaction is authorized in two phases, which may occur simultaneously or in series.
  • the funds authorization routes the account information to the member bank.
  • the time limited transaction code authorization routes via the backbone to a secure server to validate that the time limited transaction code is active and the amount for the purchase does not exceed the amount for which the time limited transaction code was generated. A description of a sample time limited transaction code is explained below.
  • the information for the authorizations is routed back through the backbone and both authorizations are "married" to form one authorization code.
  • Conditional properties are present on the authorization. If the time limited transaction code authorization fails, then the purchase is declined. If the funds authorization is declined the transaction will be declined.
  • One way the interaction between a customer and a secure server begins with the opening of a secure account at the customer's Member Bank. Once the account is established, the customer receives his or her account information via encrypted e-mail from the secure server. The account information arrives at the secure sever via a database field replication from the Member Bank over a secure transmission line.
  • Figure 3 shows an example of an embodiment of a system for a customer to establish a new account.
  • the customer sets up the secure account at a bank, 310. During the set-up process, the customer may answer questions which may be used for verification if the customer's password is lost or forgotten. The customer also enters other necessary account information.
  • the bank then provides a user identification and temporary password for the customer to a secure server 320. This user identification and password are each a data string of 5 to 20 alphanumeric characters.
  • the customer's client computer receives the user identification and temporary password from the secure server. For example, the server 320 sends an encrypted electronic mail to the customer's computer 330.
  • the customer's account number is also sent from the bank's computer 310 to server 320, and forwarded to the customer's computer 330.
  • the customer has the account information (such as user password and temporary ID, for example), he or she is now able to proceed to the secure server by using a browser running on customer computer 330 to connect to a web site hosted by server 320. Then, the customer can log in to change his or her temporary user identification and password.
  • account information such as user password and temporary ID, for example
  • Figure 4A shows an example of an embodiment of a method for a customer to change his or her password.
  • the customer navigates to the secure web site.
  • the customer selects the transactions area.
  • a secure connection is established between the secure server and the customer's computer.
  • the customer enters his or her user identification and password 420.
  • the customer enters a new password which may be between 6 and 16 characters, along with the customer's user identification also between 6 and 16 alpha-numeric characters, 430 then submits this information to the server by clicking a "submit" button, for example.
  • This information is returned to the server through the active secure connection.
  • a pop-up window may appear periodically, for example, every 30 days, recommending a password change.
  • the next step to purchasing securely is to fund the customer's secure account.
  • the customer needs to fund his or her account to purchase securely on the Internet.
  • the account can be funded via a secure Internet connection at their Member Bank's Web site, or through other methods as the Secure Transaction Provider or the Member Bank allows.
  • the funding for the account is a process of transferring funds from the customer's primary account to the customer's secure account.
  • Figure 4B shows an example of one embodiment of a screen shot for funding the secure account.
  • the next step in purchasing securely is to generate a time limited transaction code.
  • the customer To purchase on the Internet, the customer must navigate to the secure server and select the transaction menu. The customer then selects the type of transaction he or she wants to execute.
  • the options available may include: generate a time limited transaction code, time limited transaction code shop privately, and shop anonymously. Other options that the customer may be able to choose from include: Security News, Security Frequently Asked Questions, Contact Customer Service, View a list of Participating Merchants, Change Password, Request a new password, View a list of corporate Partners, and Connect to a Participating Merchant Web Site.
  • time limited transaction code When the customer decides to generate a time limited transaction code, he or she may begin this process by selecting this option from the transaction list or by clicking a button on the web page. A secure connection is established from the customer's computer to the secure server. Once the customer has begun the process of generating a time limited transaction code, he or she then completes a form that is displayed on the customer's computer monitor. The form enables the customer to customize certain options including but not limited to the dollar amount, the time duration of the time limited transaction code, the number of transactions, and the specific merchant and for which the time limited transaction code is valid. After this information is inserted into the form, the user may click the submit button on the web page. The customer is then prompted to enter their user ID and password. After the user is authenticated, a screen will be returned to him or her with the time limited transaction code. This time limited transaction code is a variable data string of 1 to 1000 alpha-numeric characters.
  • Figure 5A shows an example of an embodiment of a method for requesting a time limited transaction code.
  • the customer navigates to a secure web page, 510.
  • the customer submits his or her user name and password, 520. If the user name and password are not valid after a predetermined number of tries, the customer account may be locked, 525.
  • Figure 5C shows an example of a screen shot of a form for inserting this time limited transaction code information.
  • the customer may now shop with the time limited transaction code, 540.
  • Figure 5D shows an example of a screen shot of the time limited transaction code displayed to the customer.
  • the customer will also have the opportunity to generate an Instant time limited transaction code when he or she is at the participating merchant check out page.
  • If the customer checks the box to generate an Instant time limited transaction code a secure connection is established with the secure server.
  • the customer is prompted to enter the user ID and password along with the type of time limited transaction code that the customer would like to generate.
  • the customer clicks a submit button the time limited transaction code is generated and the time limited transaction code number is returned to the customer in the customer's browser window. The customer can then copy and paste the time limited transaction code into the proper field on the merchant check out page.
  • Figure 6A shows an example of one embodiment of requesting and generating an instant time limited transaction code.
  • the customer navigates to a merchant's web site, 610.
  • the customer selects merchandise to purchase, and the customer selects a secure financial transaction as his or her payment method, 610. If the customer has not already generated a time limited transaction code, they have the option to generate an instant time limited transaction code, 620.
  • the purchase amount for the time limited transaction code generated is a calculated amount from the total amount displayed on the merchant's check out page.
  • a new browser window is opened, and a secure connection is established.
  • the customer inputs their user identification and password, and selects the dollar amount for the time limited transaction code, 630.
  • the customer submits this information.
  • An instant time limited transaction code is generated and can be copied to a proper field on the Merchant's web page, 640.
  • Figure 6B shows an example of a screen shot for enabling a customer to generate an instant time limited transaction code.
  • Figure 6C is an example of a screen shot of the generated instant time limited transaction code.
  • FIG. 7 shows an example of an embodiment of a method of completing the authorization process.
  • the authorization process is the same for both a purchase with an instant time limited transaction code and a purchase with a normal time limited transaction code.
  • the customer navigates to the participating merchant's home page, 710.
  • the customer selects merchandise to purchase with a secure financial transaction.
  • a third party processor such as Ariba or Commerce One 720 sends and receives authorization data.
  • the time limited transaction code authorization 730 and the Funds authorization 740 are two separate authorizations.
  • the time limited transaction code authorization determines if the time limited transaction code is valid at the secure server 750.
  • the funds authorization determines if the individual's account 760 has enough funds.
  • the two codes are merged into one single authorization code by processor 720.
  • the customer may then complete this standard purchase mechanism over the Internet.
  • a secure connection between the customer's computer and secure server is established.
  • the customer completes a form displayed on the customer's computer to provide the address that they want the merchandise shipped.
  • the default address that the customer registered may be used or an alternate address can be entered.
  • the option to generate a time limited transaction code may also be available on the same web page displayed by the browser on the customer's computer.
  • Figure 8A shows an example of a screen shot for entering private shopping information. When the customer enters his or her secure account information and clicks submit, a two-phased authorization process is completed, as discussed above.
  • Figure 8B shows an example of one embodiment of a method to shop privately. The customer navigates to the secure internet web site 810. The customer selects the private purchase option 810.
  • the customer selects his or her default address for shipping, or inputs shipping information for shipping to another address 820.
  • the customer is then routed through the secure server's Firewall, thus masking the customer's IP address, 830.
  • the customer selects merchandise to purchase using funds from the secure account, 840.
  • the authorization process proceeds as discussed with respect to Figure 7 above.
  • Figure 9A shows an example of an embodiment of a method for shopping anonymously using a buyer's agent.
  • the customer navigates to the secure server 910, and selects the Transaction icon. Then, the customer selects the buyer's agent icon.
  • the customer is prompted to enter and submit his or her user identification and password 920.
  • the customer is also prompted to submit information related to the merchandise that the customer wants to buy. This information is sent by e-mail to the buyer's agent, 930.
  • the three options for shipping are: Pick-up, Deliver to my address, and Drop Ship.
  • Figure 9B shows an example of a screen shot for selecting a shipping option.
  • the customer enters the address of a place where the customer will pick-up the package. This information is sent via encrypted e-mail to the buyer's agent, who then executes the transaction. Another screen appears informing the customer that he or she will be notified when the package arrives.
  • the customer selects the "Deliver to my address” option, the customer enters an address or uses a default address. This information is sent via encrypted e-mail to a buyer's agent who then executes the transaction.
  • the customer If the customer selects the "Drop ship” option, the customer enters an address. This information is sent via encrypted e-mail to a buyer's agent who then executes the transaction. A message appears informing the customer that he or she will be notified when their package arrives.
  • the secure agent When the secure agent receives the e-mail from the customer, the agent navigates to the merchant's web site and purchases the item(s) that the customer requested. A transaction code is generated for tracking purposes. During this process the funds authorization occurs.
  • Figure 10 shows an example of an embodiment for a buyer's agent to complete the anonymous purchasing process.
  • the agent receives the e- mail 1010 with the purchase information.
  • the agent purchases the merchandise at the merchant web site 1020 desired by the customer and calculates the price.
  • a transaction code is generated and used for tracking purposes.
  • the authorization 1030 occurs.
  • the funds verification process consists of two authorizations.
  • the agent first verifies that the customer has the required funds to complete the transaction in their secure account. If the funds are available in the customer's account, the merchant then verifies that the funds are sufficient for the purchase amount in the secure bank account. Both parts of the authorization must be approved for the transaction to be processed.
  • Figure 11 shows an example of an embodiment of a method for a buyer's agent to verify funds, 1120.
  • the agent verifies that sufficient customer funds are available 1130, and that sufficient secure funds are available, 1120.
  • the buyer's agent can create a customer alias account to avoid purchase history tracking by the merchant, 1160. Alternatively, the agent can use a secure Master Account to complete the purchase.
  • the merchandise is shipped to the customer.
  • the agent will send an encrypted e-mail to the customer.
  • the correspondence will include the transaction detail and the location where the customer can pick up their package.
  • Figure 12 is an example of an embodiment of a shop anonymously shipping process.
  • the agent sends an encrypted e-mail to the customer stating that the purchase has been made. Transaction details may be included in this correspondence, 1210.
  • the e-mail also states where the customer will pick-up the package.
  • the customer receives the encrypted e-mail with purchase details including pick-up location if drop ship has been selected, 1220.
  • the Member Bank interaction with the secure server includes three areas: Initial enrollment as a Member Bank, Replicate Account Information to the secure server, and Payment to secure server company for time limited transaction codes generated.
  • the individual's interaction with the secure server may include the following: Sending new customer information via secure e-mail, Enrolling Participating Merchants, Enrolling Member Banks, Generating time limited transaction codes, Providing time limited transaction code authorization, Responding to password change requests, Tracking time limited transaction code generation for billing purposes, Processing Purchase Anonymously transactions, Notifying customers via encrypted e-mail of arrival of the merchandise purchased anonymously at the receiving agent's location, and Maintaining customer accounts.
  • the time limited transaction code may be created to access medical records, as shown in Figure 13A. A customer, being the holder of the secure documents navigates to a secure server, and selects "transactions," step 1310. A secure connection between the customer and the server is invoked.
  • the customer selects "generate a time limited transaction code".
  • the customer may specify the length of time for which the time limited transaction code is valid, and the number of records that may be viewed using the time limited transaction code and authorizes the specific users to have access to the secure documents.
  • the new time limited transaction code is then forwarded on to the specific authorized user via encrypted e-mail.
  • the user then fills in his or her user name, password and time limited transaction code, and submits this information to the secure server, step 1320. If the name, password or time limited transaction code is invalid, the user will be asked to resubmit this information, step 1330. If the user name, password or time limited transaction code are not valid after a given number of tries, such as three, for example, the users account is locked. If the name, password and time limited transaction code are valid, the user is granted access to. the secure documents, step 1340.
  • Figure 13B shows an example of a method for authorization for a user's request to view medical records using the time limited transaction code generated in Figure 13A.
  • the user navigates to a medical records provider homepage, and selects "view records", step 1350.
  • the user requests permission to view the medical records using the time limited transaction code, step 1360.
  • the request is forwarded to the secure server that stores the time limited transaction code.
  • the server determines whether the time limited transaction code is valid, step 1370, and whether the user's rights to view the records are valid, step 1380.
  • the user's rights to view the records may be determined by accessing a medical records holder secure server that contains this information.
  • Figure 13C shows a method for a customer to view his or her medical records using the authorization generated in Figure 13B.
  • the customer navigates to the medical records provider homepage and selects specific records to view, step 1385. Because both the time limited transaction code authorization and the rights validation have occurred, the customer may view the medical records stored in the medical records holder secure server for the period granted by the time limited transaction code, step 1390.

Abstract

A method for securely accessing data over the internet (110) establishes an internet connection between a user's computer (102) and a secure web site, and selecting an item displayed on the secure web site using a time limited transaction code (Fig. 5c).

Description

METHOD AND APPARATUS FOR MAKING SECURE PURCHASES
OVER THE INTERNET
FIELD OF INVENΗON
The present invention relates generally to electronic commerce. In particular, the present invention relates to secure transactions over the internet.
BACKGROUND OF THE INVENTION
Currently, consumers may purchase merchandise over the internet by logging onto a merchant's web site. The web site displays goods, such as books or music albums, that the merchant is selling. Customers identify the specific items that they wish to purchase, then enter their mailing address and credit card number to complete the transaction.
Because the individuals enter private information including credit card numbers and identification numbers, and send it over the internet, this information may be obtained by third parties, such as hackers, and used by these third parties to steal items using the private authorization information. Furthermore, an individual's personal information is left on the merchant's system, which leaves the individual vulnerable to the merchant being hacked.
Also, because in some instances an individual enters his or her home address on the merchant's web site, the merchant may use this information to send junk mail to the customer. The merchant may also sell this address and the purchasing behavior of the customer to a third party, who in turn may create a profile on the customer. SUMMARY OF THE INVENTION
A method for securely accessing data over the internet comprising establishing an internet connection between a user's computer and a secure web site, and selecting an item displayed on the secure web site using a time limited transaction code is disclosed.
BRIEF DESCRIPTION OF THE DRAWINGS
The present invention is illustrated by way of example and not limitation in the figures of the accompanying drawings, in which like references indicate similar elements, and in which:
Figure 1 illustrates an example of a system in which a user computer is connected to a remote computer through a network.
Figure 2 is an example of a block diagram of a representative networked computer, such as user computer illustrated in Figure 1.
Figure 3 shows an example of an embodiment of a system for a customer to establish a new account.
Figure 4A shows an example of an embodiment of a method for a customer to change his or her password.
Figure 4B shows an example of a screen shot for funding a secure account.
Figure 5 A shows an example of an embodiment of a method for requesting a time limited transaction code.
Figure 5B shows an example of a screen shot to establish a secure connection between the customer's computer and the server
Figure 5C shows an example of a screen shot for inserting time limited transaction code information.
Figure 5D shows an example of a screen shot of the time limited transaction code. Figure 6A shows one embodiment of requesting and generating an instant time limited transaction code.
Figure 6B shows an example of a screen shot for generating an instant time limited transaction code.
Figure 6C is an example of a screen shot of the generated instant time limited transaction code.
Figure 7 shows an example of an embodiment of a method of completing the authorization process.
Figure 8A shows an example of a screen shot for entering private shopping information.
Figure 8B shows an example of an example of a method to shop privately.
Figure 9A shows an example of an embodiment of a method for shopping anonymously using a buyer's agent.
Figure 9B shows an example of a screen shot for selecting a shipping option.
Figure 10 shows an example of an embodiment for a buyer's agent to complete the anonymous purchasing process.
Figure 11 shows an example of an embodiment of a method for a buyer's agent to verify funds.
Figure 12 is an example of an embodiment of a shop anonymously shipping process.
Figures 13A, 13B, and 13C show an example of a method for using a time limited transaction code to access medical records.
DETAILED DESCRIPTION
A method for using a time limited feature of a time limited transaction code, which provides limited access to an individual's personal funds or information, is disclosed. A combination of the time limited transaction code and a personal code may be applied to other secure transactions such as transmission of or access to medical records, insurance claims, titles and trust documents, legal documents or any other documents and /or data that an individual wishes to keep secure and private.
A time limited transaction code is a security/privacy mechanism that uses time as it's primary element. Once an individual establishes the length of time that the code is good for, along with other customizable features, the code expires and may never be used again.
In one embodiment, the time limited transaction code is used to facilitate electronic commerce transactions. Although the examples and embodiments that follow describe this electronic commerce embodiment, the time limited transaction code may be used to securely transfer any other type of information or documents. A method for shopping over the internet comprising establishing an internet connection between a customer's computer and a merchant's web site, selecting an item of merchandise displayed on the merchant's web site, and purchasing the item using a time limited transaction code is disclosed.
This method and apparatus for shopping over the internet provides advantages over conventional methods of internet shopping. For example, the time limited transaction code that is used to purchase an item of merchandise enables a customer to keep his or her personal information confidential. Also, because the time limited transaction code expires after a predetermined time period, the danger of a hacker obtaining this code and use this code to improperly purchase merchandise is not present after the predetermined time expires. Hardware Overview
According to the present invention, a user's computer system transmits and receives data over a computer network, cell phone, cable or standard telephone line. According to one embodiment, the steps of accessing, downloading, and manipulating the data, as well as other aspects of the present invention are implemented by a central processing unit (CPU) or such like devices used in the processing of information in the user computer, such as cellular phone or other micro chip enabled devices, including but not limited to handheld and/or palm top devices executing sequences of instructions stored in a memory. The memory may be a random access memory (RAM), read-only memory (ROM), a persistent store, such as a mass storage device, or any combination of but not limited to these devices. Execution of the sequences of instructions causes the CPU, or such like devices used in the processing of information to perform steps according to the present invention.
The instructions may be loaded into the memory of the user computer from a storage device, or from one or more other computer systems or such like devices used in the processing of information over a network, cellular, satellite, or other wireless connection. For example, a server computer may transmit a sequence of instructions to the user computer in response to a message transmitted to the server over a network by the user. As the user receives the instructions over the network connection, it stores the instructions in memory. T e user may store the instructions for later execution or execute the instructions as they arrive over the network connection. In some cases, the downloaded instructions may be directly supported by the CPU. In other cases, the instructions may not be directly executable by the CPU or such like devices used in the processing of information, and may instead be executed by an interpreter that interprets the instructions. In other embodiments, hardwired circuitry and /or Firm Ware may be used in place of, or in combination with, sof ware instructions to implement the present invention. Thus, the present invention is not limited to any specific combination of hardware circuitry and software, nor to any particular source for the instructions executed by the user computer or such like devices used in the processing of information.
Figure 1 illustrates an example and is only one example, of a system 100 in which a user's computer 102 is connected to a remote computer server or web server 104 through a network 110. The network interface between user computer 102 and remote 104 may also include one or more routers, such as routers 106 and 108, which serve to buffer and route the data transmitted between the user and client computers. Network 110 may be the Internet, a Wide Area Network (WAN), a Local Area Network (LAN), or any combination thereof. The remote computer 104 may be a World-Wide Web (WWW) server that stores data in the form of 'web pages' and transmits these pages as Hypertext Markup Language (HTML) or Active Server Pages and files over the Internet network 110 to user computer 102. To access these files, user computer 102 runs a 'web browser', which is simply an application program for accessing and providing links to web pages available on various Internet sites. User computer 102 is also configured to communicate to telephone system 112 through a telephone interface, typically a modem.
Figure 2 is an example of a block diagram of a representative networked computer, such as user computer 102 illustrated in Figure 1. The computer system 200 includes a processor 202 coupled through a bus 201 to a random access memory (RAM) 204, a read only memory (ROM) 206, and a mass storage device 207. Mass storage device 207 could be a disk or tape drive for storing data and instructions. A display device 220 for providing visual output is also coupled to processor 202 through bus 201. Keyboard 221 is coupled to bus 201 for communicating information and command selections to processor 202. Another type of user input device is cursor control unit 222, which may be a device such as a mouse or trackball, for communicating direction commands that control cursor movement on display 220. Also coupled to processor 202 through bus 201 is an audio output port 224 for connection to speakers that output audio signals produced by computer 200.
Further coupled to processor 202 through bus 201 is an input/output (I/O) interface 225, and a network interface device 223 for providing a physical and logical connection between computer system 200 and a network. Network interface device 223 is used by various communication applications running on computer 200 for communicating over a network medium and may represent devices such as an ethernet card, ISDN card, Tl card, DS3card or similar devices.
Modem 226 interfaces computer system 200 to a cable or telephone line and translates digital data produced by the computer into analog signals that can be transmitted over a cable or standard telephone lines, such as by telephone system 112 in Figure 1. In an embodiment of the present invention, modem 226 provides a hardwired interface to a telephone wall jack, however modem 226 could also represent a wireless or satellite modem for communication over cellular telephone networks. It should be noted that the architecture of Figure 2 is provided only for purposes of illustration, and that a user computer used in conjunction with the present invention is not limited to the specific architecture shown. The computer and computer network of Figures 1 and 2 are used by the present invention to securely or anonymously purchase merchandise over the internet. These networks or computers are not limited to this example and may change as the internet continues to advance.
The interaction between a merchant and a secure server begins with initial enrollment of the merchant as a partner. The partnership gives the merchants the ability to offer their customers a secure method of payment for the merchandise that customers order online.
When a customer has selected an item of merchandise he or she intends to purchase and selects a secure payment method, the customer fills in the appropriate secure information on the merchant's checkout page. When the customer clicks the "submit order" button this starts the authorization process.
The authorization process routes information through an established configuration, for example on the EDS, M&I or other financial backbone. The transaction is authorized in two phases, which may occur simultaneously or in series. The funds authorization routes the account information to the member bank. The time limited transaction code authorization routes via the backbone to a secure server to validate that the time limited transaction code is active and the amount for the purchase does not exceed the amount for which the time limited transaction code was generated. A description of a sample time limited transaction code is explained below.
The information for the authorizations is routed back through the backbone and both authorizations are "married" to form one authorization code. Conditional properties are present on the authorization. If the time limited transaction code authorization fails, then the purchase is declined. If the funds authorization is declined the transaction will be declined. One way the interaction between a customer and a secure server begins with the opening of a secure account at the customer's Member Bank. Once the account is established, the customer receives his or her account information via encrypted e-mail from the secure server. The account information arrives at the secure sever via a database field replication from the Member Bank over a secure transmission line.
Figure 3 shows an example of an embodiment of a system for a customer to establish a new account. The customer sets up the secure account at a bank, 310. During the set-up process, the customer may answer questions which may be used for verification if the customer's password is lost or forgotten. The customer also enters other necessary account information. The bank then provides a user identification and temporary password for the customer to a secure server 320. This user identification and password are each a data string of 5 to 20 alphanumeric characters. The customer's client computer then receives the user identification and temporary password from the secure server. For example, the server 320 sends an encrypted electronic mail to the customer's computer 330. The customer's account number is also sent from the bank's computer 310 to server 320, and forwarded to the customer's computer 330.
Once the customer has the account information (such as user password and temporary ID, for example), he or she is now able to proceed to the secure server by using a browser running on customer computer 330 to connect to a web site hosted by server 320. Then, the customer can log in to change his or her temporary user identification and password.
Figure 4A shows an example of an embodiment of a method for a customer to change his or her password. The customer navigates to the secure web site. The customer then selects the transactions area. A secure connection is established between the secure server and the customer's computer.
The customer enters his or her user identification and password 420. The customer enters a new password which may be between 6 and 16 characters, along with the customer's user identification also between 6 and 16 alpha-numeric characters, 430 then submits this information to the server by clicking a "submit" button, for example. This information is returned to the server through the active secure connection. A pop-up window may appear periodically, for example, every 30 days, recommending a password change.
The next step to purchasing securely is to fund the customer's secure account. The customer needs to fund his or her account to purchase securely on the Internet. The account can be funded via a secure Internet connection at their Member Bank's Web site, or through other methods as the Secure Transaction Provider or the Member Bank allows. The funding for the account is a process of transferring funds from the customer's primary account to the customer's secure account. Figure 4B shows an example of one embodiment of a screen shot for funding the secure account.
The next step in purchasing securely is to generate a time limited transaction code. To purchase on the Internet, the customer must navigate to the secure server and select the transaction menu. The customer then selects the type of transaction he or she wants to execute. The options available may include: generate a time limited transaction code, time limited transaction code shop privately, and shop anonymously. Other options that the customer may be able to choose from include: Security News, Security Frequently Asked Questions, Contact Customer Service, View a list of Participating Merchants, Change Password, Request a new password, View a list of corporate Partners, and Connect to a Participating Merchant Web Site.
When the customer decides to generate a time limited transaction code, he or she may begin this process by selecting this option from the transaction list or by clicking a button on the web page. A secure connection is established from the customer's computer to the secure server. Once the customer has begun the process of generating a time limited transaction code, he or she then completes a form that is displayed on the customer's computer monitor. The form enables the customer to customize certain options including but not limited to the dollar amount, the time duration of the time limited transaction code, the number of transactions, and the specific merchant and for which the time limited transaction code is valid. After this information is inserted into the form, the user may click the submit button on the web page. The customer is then prompted to enter their user ID and password. After the user is authenticated, a screen will be returned to him or her with the time limited transaction code. This time limited transaction code is a variable data string of 1 to 1000 alpha-numeric characters.
Figure 5A shows an example of an embodiment of a method for requesting a time limited transaction code. The customer navigates to a secure web page, 510. The customer clicks "Transactions" to invoke a secure connection between the customer's computer and the server, as shown in the exemplary screen shot of Figure 5B. Then, the customer submits his or her user name and password, 520. If the user name and password are not valid after a predetermined number of tries, the customer account may be locked, 525. The customer then clicks "submit." The customer selects "generate time limited transaction code." The customer may accept a default time limited transaction code, or may specify the length of time the time limited transaction code is active, the dollar amount, and the number of transactions for which the time limited transaction code is valid, step 530. Figure 5C shows an example of a screen shot of a form for inserting this time limited transaction code information. The customer may now shop with the time limited transaction code, 540. Figure 5D shows an example of a screen shot of the time limited transaction code displayed to the customer.
The customer will also have the opportunity to generate an Instant time limited transaction code when he or she is at the participating merchant check out page. Once the customer has selected the merchandise to purchase and has chosen to use a secure financial transaction as their payment method, he or she will be presented with the option to generate an Instant time limited transaction code. If the customer checks the box to generate an Instant time limited transaction code, a secure connection is established with the secure server. The customer is prompted to enter the user ID and password along with the type of time limited transaction code that the customer would like to generate. When the customer clicks a submit button, the time limited transaction code is generated and the time limited transaction code number is returned to the customer in the customer's browser window. The customer can then copy and paste the time limited transaction code into the proper field on the merchant check out page.
Figure 6A shows an example of one embodiment of requesting and generating an instant time limited transaction code. The customer navigates to a merchant's web site, 610. The customer selects merchandise to purchase, and the customer selects a secure financial transaction as his or her payment method, 610. If the customer has not already generated a time limited transaction code, they have the option to generate an instant time limited transaction code, 620. The purchase amount for the time limited transaction code generated is a calculated amount from the total amount displayed on the merchant's check out page. When the customer selects generate an instant time limited transaction code, a new browser window is opened, and a secure connection is established. The customer inputs their user identification and password, and selects the dollar amount for the time limited transaction code, 630. The customer submits this information. An instant time limited transaction code is generated and can be copied to a proper field on the Merchant's web page, 640. Figure 6B shows an example of a screen shot for enabling a customer to generate an instant time limited transaction code. Figure 6C is an example of a screen shot of the generated instant time limited transaction code.
The transaction will then continue to the authorization process. Figure 7 shows an example of an embodiment of a method of completing the authorization process. The authorization process is the same for both a purchase with an instant time limited transaction code and a purchase with a normal time limited transaction code. The customer navigates to the participating merchant's home page, 710. The customer selects merchandise to purchase with a secure financial transaction. A third party processor such as Ariba or Commerce One 720 sends and receives authorization data. In one embodiment of the authorization process, the time limited transaction code authorization 730 and the Funds authorization 740 are two separate authorizations. The time limited transaction code authorization determines if the time limited transaction code is valid at the secure server 750. The funds authorization determines if the individual's account 760 has enough funds. After both authorizations are successful, the two codes are merged into one single authorization code by processor 720. The customer may then complete this standard purchase mechanism over the Internet.
If the customer chooses to shop privately, the customer will select that option from the secure web site. A secure connection between the customer's computer and secure server is established. The customer completes a form displayed on the customer's computer to provide the address that they want the merchandise shipped. The default address that the customer registered may be used or an alternate address can be entered. The option to generate a time limited transaction code may also be available on the same web page displayed by the browser on the customer's computer. Once the information is entered, the customer clicks on a submit button. After the customer is authenticated, the information is then routed through the secure server's firewall. The routing through the firewall masks the customer's originating internet protocol (IP) address, allowing the customer's activity on the Internet to be tracked to the secure server and not to the customer's personal Internet account. This ensures greater privacy for the customer.
The customer then navigates to a participating merchant's web site to select and purchase merchandise using a secure financial transaction. If the customer so desires, they may use a drop ship option to enhance his or her privacy. By using the drop ship option, customers will not reveal personal addresses to which unwanted publications can be sent. Also, customers will not reveal personal information, making it more difficult for merchants to build customer profiles. Figure 8A shows an example of a screen shot for entering private shopping information. When the customer enters his or her secure account information and clicks submit, a two-phased authorization process is completed, as discussed above. Figure 8B shows an example of one embodiment of a method to shop privately. The customer navigates to the secure internet web site 810. The customer selects the private purchase option 810. The customer selects his or her default address for shipping, or inputs shipping information for shipping to another address 820. The customer is then routed through the secure server's Firewall, thus masking the customer's IP address, 830. The customer selects merchandise to purchase using funds from the secure account, 840. The authorization process proceeds as discussed with respect to Figure 7 above.
Figure 9A shows an example of an embodiment of a method for shopping anonymously using a buyer's agent. The customer navigates to the secure server 910, and selects the Transaction icon. Then, the customer selects the buyer's agent icon. The customer is prompted to enter and submit his or her user identification and password 920. The customer is also prompted to submit information related to the merchandise that the customer wants to buy. This information is sent by e-mail to the buyer's agent, 930.
The customer then chooses from three shipping options. The three options for shipping are: Pick-up, Deliver to my address, and Drop Ship. Figure 9B shows an example of a screen shot for selecting a shipping option.
If the customer selects the "Pick up" option, the customer enters the address of a place where the customer will pick-up the package. This information is sent via encrypted e-mail to the buyer's agent, who then executes the transaction. Another screen appears informing the customer that he or she will be notified when the package arrives.
If the customer selects the "Deliver to my address" option, the customer enters an address or uses a default address. This information is sent via encrypted e-mail to a buyer's agent who then executes the transaction.
If the customer selects the "Drop ship" option, the customer enters an address. This information is sent via encrypted e-mail to a buyer's agent who then executes the transaction. A message appears informing the customer that he or she will be notified when their package arrives.
When the secure agent receives the e-mail from the customer, the agent navigates to the merchant's web site and purchases the item(s) that the customer requested. A transaction code is generated for tracking purposes. During this process the funds authorization occurs.
Figure 10 shows an example of an embodiment for a buyer's agent to complete the anonymous purchasing process. The agent receives the e- mail 1010 with the purchase information. The agent purchases the merchandise at the merchant web site 1020 desired by the customer and calculates the price. A transaction code is generated and used for tracking purposes. The authorization 1030 occurs.
In this Shop Anonymously purchase process, the funds verification process consists of two authorizations. The agent first verifies that the customer has the required funds to complete the transaction in their secure account. If the funds are available in the customer's account, the merchant then verifies that the funds are sufficient for the purchase amount in the secure bank account. Both parts of the authorization must be approved for the transaction to be processed.
Figure 11 shows an example of an embodiment of a method for a buyer's agent to verify funds, 1120. The agent verifies that sufficient customer funds are available 1130, and that sufficient secure funds are available, 1120. The buyer's agent can create a customer alias account to avoid purchase history tracking by the merchant, 1160. Alternatively, the agent can use a secure Master Account to complete the purchase.
After the purchase is completed, the merchandise is shipped to the customer. Once the transaction authorization is complete, and the order placed, the agent will send an encrypted e-mail to the customer. The correspondence will include the transaction detail and the location where the customer can pick up their package.
Figure 12 is an example of an embodiment of a shop anonymously shipping process. The agent sends an encrypted e-mail to the customer stating that the purchase has been made. Transaction details may be included in this correspondence, 1210. The e-mail also states where the customer will pick-up the package. The customer receives the encrypted e-mail with purchase details including pick-up location if drop ship has been selected, 1220.
In these embodiments, the Member Bank interaction with the secure server includes three areas: Initial enrollment as a Member Bank, Replicate Account Information to the secure server, and Payment to secure server company for time limited transaction codes generated.
In these embodiments, the individual's interaction with the secure server may include the following: Sending new customer information via secure e-mail, Enrolling Participating Merchants, Enrolling Member Banks, Generating time limited transaction codes, Providing time limited transaction code authorization, Responding to password change requests, Tracking time limited transaction code generation for billing purposes, Processing Purchase Anonymously transactions, Notifying customers via encrypted e-mail of arrival of the merchandise purchased anonymously at the receiving agent's location, and Maintaining customer accounts. In an alternative embodiment, the time limited transaction code may be created to access medical records, as shown in Figure 13A. A customer, being the holder of the secure documents navigates to a secure server, and selects "transactions," step 1310. A secure connection between the customer and the server is invoked. The customer selects "generate a time limited transaction code". The customer may specify the length of time for which the time limited transaction code is valid, and the number of records that may be viewed using the time limited transaction code and authorizes the specific users to have access to the secure documents. The new time limited transaction code is then forwarded on to the specific authorized user via encrypted e-mail. The user then fills in his or her user name, password and time limited transaction code, and submits this information to the secure server, step 1320. If the name, password or time limited transaction code is invalid, the user will be asked to resubmit this information, step 1330. If the user name, password or time limited transaction code are not valid after a given number of tries, such as three, for example, the users account is locked. If the name, password and time limited transaction code are valid, the user is granted access to. the secure documents, step 1340.
Figure 13B shows an example of a method for authorization for a user's request to view medical records using the time limited transaction code generated in Figure 13A. The user navigates to a medical records provider homepage, and selects "view records", step 1350. The user requests permission to view the medical records using the time limited transaction code, step 1360. The request is forwarded to the secure server that stores the time limited transaction code. The server determines whether the time limited transaction code is valid, step 1370, and whether the user's rights to view the records are valid, step 1380. The user's rights to view the records may be determined by accessing a medical records holder secure server that contains this information. If both the time limited transaction code, as well as the viewing rights, are valid, the two codes are merged into one authorization code, and an "approve" message is returned to the user. Otherwise, a "decline" message is returned, step 1382. While these embodiments teach a method for transmitting or viewing medical records the method is not restrictive to medical records. The embodiment can with minor modification be applied to transmission or viewing of other secure documents for example; including titles and insurance documents.
Figure 13C shows a method for a customer to view his or her medical records using the authorization generated in Figure 13B. The customer navigates to the medical records provider homepage and selects specific records to view, step 1385. Because both the time limited transaction code authorization and the rights validation have occurred, the customer may view the medical records stored in the medical records holder secure server for the period granted by the time limited transaction code, step 1390.
These and other embodiments of the present invention may be realized in accordance with these teachings and it should be evident that various modifications and changes may be made in these teachings without departing from the broader spirit and scope of the invention. The specification and drawings are, accordingly, to be regarded in an illustrative rather than restrictive sense and the invention measured only in terms of the claims.

Claims

CLAIMSWhat is claimed is:
1. A method for securely accessing data over the internet comprising: establishing an internet connection between a user's computer and a secure web site; and selecting an item displayed on the secure web site using a time limited transaction code.
2. The method of claim 1, wherein the item comprises merchandise, and selecting further comprises purchasing the merchandise using the time limited transaction code.
3. The method of claim 2, further comprising generating the time limited transaction code before establishing the internet connection, where the time limited transaction code can be composed of one or both of two elements, a first element having a static code composed of a data string containing 1 to 1000 alpha-numeric characters, and a second element having a variable data string containing 1 to 1000 alpha-numeric characters.
4. The method of claim 3, wherein generating further comprises identifying a duration of the time limited transaction code, where the duration lasts from seconds to 18 months.
5. The method of claim 3 wherein generating further comprises identifying the start time to the time limited transaction code to begin being active from immediately to start being active up three months into the future.
6. The method of claim 4, wherein generating further comprises identifying a number of transactions for the time limited transaction code, where the number of transactions can vary from 1 to 1000 transactions.
7. The method of claim 5, wherein generating further comprises identifying the purchase amount list from one penny to 1 billion dollars, or the data transmission amount from 1 kilo byte to 1,000,000 giga bytes of the time limited transaction code.
8. The method of claim 6, wherein generating further comprises identifying a merchant that can accept the time limited transaction code, where the user can specify the number of merchants or authorized receivers of the time limited transaction code from 1 to multiple receivers.
9. The method of claim 7, wherein generating further comprises identifying whether the time limited transaction code precedes an account number on a merchant's order form or whether an account number precedes the time limited transaction code.
10. An apparatus for securely accessing data over the internet comprising: means for establishing an internet connection between a user's computer and a secure web site; and means for selecting an item displayed on the secure web site using a time limited transaction code.
11. The apparatus of claim 10, wherein the item comprises means for merchandise, and selecting further comprises purchasing the merchandise using the time limited transaction code.
12. The apparatus of claim 11, further comprising means for generating the time limited transaction code before establishing the internet connection.
13. The method of claim 12, wherein generating further comprises means for identifying a duration of the time limited transaction code.
14. The apparatus of claim 13, wherein generating further comprises means for identifying a number of transactions for the time limited transaction code.
15. The apparatus of claim 14, wherein generating further comprises identifying the purchase amount list of the time limited transaction code.
16. The apparatus of claim 15, wherein generating further comprises means for identifying a merchant that can accept the time limited transaction code.
17. The apparatus of claim 16, wherein generating further comprises means for identifying whether the time limited transaction code precedes an account number on a merchant's over form.
18. A computer readable medium having instructions which, when executed by a processing system, cause the system to: establish an internet connection between a user's computer and a secure web site; and select an item displayed on the secure web site using a time limited transaction code.
19. The medium of claim 18, wherein the executed instructions further cause the system to select further comprises purchasing the merchandise using the time limited transaction code.
20. The medium of claim 19, wherein the executed instructions further cause the system to generate the time limited transaction code before establishing the internet connection.
21. The medium of claim 20, wherein the executed instructions further cause the system to identify a duration of the time limited transaction code.
22. The medium of claim 21, wherein the executed instructions further cause the system to identify a number of transactions for the time limited transaction code.
23. The medium of claim 22, wherein the executed instructions further cause the system to identify the purchase amount list of the time limited transaction code.
24. The medium of claim 22, wherein the executed instructions further cause the system to identify a merchant that can accept the time limited transaction code.
25. The medium of claim 23, wherein the executed instructions further cause the system to identify whether the time limited transaction code precedes an account number on a merchant's over form.
PCT/US2001/023356 2000-08-03 2001-07-24 Method and apparatus for making secure purchases over the internet WO2002013092A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001277157A AU2001277157A1 (en) 2000-08-03 2001-07-24 Method and apparatus for making secure purchases over the internet

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US63234200A 2000-08-03 2000-08-03
US09/632,342 2000-08-03

Publications (1)

Publication Number Publication Date
WO2002013092A1 true WO2002013092A1 (en) 2002-02-14

Family

ID=24535130

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/023356 WO2002013092A1 (en) 2000-08-03 2001-07-24 Method and apparatus for making secure purchases over the internet

Country Status (2)

Country Link
AU (1) AU2001277157A1 (en)
WO (1) WO2002013092A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070156692A1 (en) * 2004-02-25 2007-07-05 Richard Rosewarne Essential data communication system
WO2010132480A2 (en) * 2009-05-13 2010-11-18 Visa International Service Association Alterable security value
EP2390828A1 (en) * 2010-05-28 2011-11-30 Funai Electric Co., Ltd. Sales system

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5883810A (en) * 1997-09-24 1999-03-16 Microsoft Corporation Electronic online commerce card with transactionproxy number for online transactions

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5883810A (en) * 1997-09-24 1999-03-16 Microsoft Corporation Electronic online commerce card with transactionproxy number for online transactions

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070156692A1 (en) * 2004-02-25 2007-07-05 Richard Rosewarne Essential data communication system
WO2010132480A2 (en) * 2009-05-13 2010-11-18 Visa International Service Association Alterable security value
WO2010132480A3 (en) * 2009-05-13 2011-02-24 Visa International Service Association Alterable security value
GB2482825A (en) * 2009-05-13 2012-02-15 Visa Int Service Ass Alterable security valve
EP2390828A1 (en) * 2010-05-28 2011-11-30 Funai Electric Co., Ltd. Sales system

Also Published As

Publication number Publication date
AU2001277157A1 (en) 2002-02-18

Similar Documents

Publication Publication Date Title
US9779436B2 (en) Payment service capable of being integrated with merchant sites
US10102521B2 (en) Method, system and computer readable medium for web site account and e-commerce management from a central location
JP5439322B2 (en) Method and apparatus for conducting electronic transactions
JP5638046B2 (en) Method and system for authorizing purchases made on a computer network
AU2004250269B2 (en) A system and method for facilitating on-line payment
US7805336B2 (en) Anonymous delivery of digital products over a network via a link
US20020052853A1 (en) Transportation system for on-line transactions
US20010029485A1 (en) Systems and methods enabling anonymous credit transactions
US20020055909A1 (en) Method, system and computer readable medium for Web site account and e-commerce management from a central location
US20010044787A1 (en) Secure private agent for electronic transactions
US20060274896A1 (en) Methods and apparatus for providing user anonymity in online transactions
US20090300097A1 (en) Systems and methods for facilitating clientless form-filling over a network
US20050240490A1 (en) Secure e-commerce and browsing methods, systems and tools
AU2001251286A1 (en) System, method and apparatus for international financial transactions
WO2010071714A1 (en) Single page on-line check-out
WO2001077868A2 (en) System, method and apparatus for international financial transactions
JP2003534593A (en) Security transaction protocol
EP1170690A1 (en) Shared and collaborative on-line shopping cart
WO2000075843A1 (en) Internet payment system
US20080059380A1 (en) Method and apparatus for secure purchase and banking transactions
WO2002013092A1 (en) Method and apparatus for making secure purchases over the internet
WO2002013090A1 (en) Method and apparatus for making anonymous purchases over the internet
MXPA99008381A (en) Method and system for secure online transaction processing

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP