WO2002054315A1 - Systeme de traitement de transactions securisees - Google Patents

Systeme de traitement de transactions securisees Download PDF

Info

Publication number
WO2002054315A1
WO2002054315A1 PCT/US2001/000295 US0100295W WO02054315A1 WO 2002054315 A1 WO2002054315 A1 WO 2002054315A1 US 0100295 W US0100295 W US 0100295W WO 02054315 A1 WO02054315 A1 WO 02054315A1
Authority
WO
WIPO (PCT)
Prior art keywords
purchaser
identifier
processing system
account information
merchant
Prior art date
Application number
PCT/US2001/000295
Other languages
English (en)
Inventor
Andrew Casper
Original Assignee
Casper Construction Company, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Casper Construction Company, Inc. filed Critical Casper Construction Company, Inc.
Priority to PCT/US2001/000295 priority Critical patent/WO2002054315A1/fr
Publication of WO2002054315A1 publication Critical patent/WO2002054315A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions

Definitions

  • the present invention relates to an improved system and method for providing secure
  • PDA personal data assistant
  • wireless phone the wireless phone
  • IP Address Internet Protocol Address
  • TCP/IP IP Security
  • data carried in packets can be re-routed and misappropriated.
  • SSL Secure Sockets Layer
  • TCP/IP Transmission Control Protocol/IP
  • the SSL arrangement cannot confirm the integrity of the certified merchant or ensure that the merchant is equipped to prevent leakage of valuable financial
  • a payment system receives and sends messages to and from the seller and the buyer regarding a transaction.
  • the messages contain information including the parties' identities, which are represented by a "card number" specific to the party but unrelated to financial information.
  • the payment system then contacts a bank card processor
  • the Internet is not the only means by which merchants can reach the consumer.
  • advertisement may desire to make purchases electronically while away from 'home or when
  • the present invention is directed to a system and method for providing added security
  • a central transaction processing system acts as both a
  • the purchaser's purchasing information such as payment, billing, and delivery information.
  • processing system may use presently known technologies, including encryption techniques and
  • the purchaser's information for all electronic purchases is held in a central processing system, the purchaser's information is not spread to individual merchants who may or may not be sufficiently capable of securely storing the purchaser's financial information. Thus, costly information leaks due to merchant error are avoided.
  • a unique purchaser identifier is assigned to each purchaser and linked to that purchase!
  • the identifier or personal
  • identifier and the corresponding delivery information is communicated when purchases are made.
  • one or more types of delivery addresses may be associated
  • Such types may include a physical address, electronic address, e- mail address, or any other type of address to which goods/services can be delivered.
  • the physical address may be a residential address, commercial or business address, a Post Office Box address, a private mail address (such as a MailBox, Etc. Address), or the like.
  • only one specific address for each particular type of address can be associated with the purchaser identifier.
  • the present invention therefore, prevents unauthorized use of a purchaser's purchasing
  • the purchaser can make electronic purchases using the purchaser identifier.
  • the PIN is communicated to a merchant having a merchant account with the processing system.
  • the merchant in turn communicates the PIN and a summary of the proposes transaction (including at least a payment amount) to the processing system for approval.
  • the processing system generally comprises a purchaser account database, a disabler, and
  • the PIN along with a purchase order is received by the processing system, which in a preferred embodiment further includes a securitizer to filter the data and to permit only
  • the processor uses the PIN to locate the appropriate purchaser account to begin the processing procedure. .
  • the processor determines that the necessary credit terms are met, the processor communicates only the delivery address associated with the submitted PIN to the merchant.
  • the merchant confirms the transaction with the purchaser and delivers the product to the purchaser's delivery address, completing the transaction. If, however, the credit terms are not met or if the PIN has been disabled, the merchant is notified to cancel the sale and to provide notice to the
  • the disabler operates to disable the purchaser account and invalidate the purchaser
  • the parties may agree on a return
  • the specific length of the return periods depends on the nature of the goods purchased, i.e. physical
  • FIG. 1 is a schematic diagram of a processing system according to a preferred embodiment of the present invention in use with a public network and a purchaser and a merchant;
  • FIG. 2 is a schematic diagram of the processing system of FIG. 1;
  • FIG. 3 is an illustration of a merchant system for use with the present invention
  • FIG. 4 is a flow diagram of an illustration of the steps of a preferred embodiment of the
  • FIG. 5 is a flow diagram continuing the steps of FIG. 4.
  • FIG. 6 is a flow diagram continuing the steps of FIG. 4 and 5.
  • the present invention provides a method and system for completing secure commercial
  • the present invention reduces the likelihood of theft or misuse of the
  • the present invention generally comprises a processing
  • Processing system 100 is connected to a public network 200 through which it is connected to a purchaser 10 and a merchant 50.
  • Merchant 50 has a merchant server 52 through which it is connected to network 200.
  • Purchaser 10 is connected to public network 200 by purchaser device 12.
  • public network 200 is used by the present invention to receive and transmit data according to a process for completing secure transactions.
  • Processing system 100 generally includes a securitizer 120, a processor 140, and a disabler 160.
  • Securitizer 120 permits processing system 100 to communicate with public network 200 whereby processing system 100 receives purchase orders for processing.
  • Securitizer 120 permits processing system 100 to communicate with public network 200 whereby processing system 100 receives purchase orders for processing.
  • Processor 140 securely stores purchaser account information 32 for a
  • Purchaser account information 32 is stored behind the firewall provided by securitizer 120.
  • Processor 140 processes purchase orders and,
  • Disabler 160 disables the processing of purchaser account information 32 in response to any attempt to tamper with the information stored in purchaser account 32, as described further
  • Processing system 100 receives data relating to purchase orders transmitted by either
  • processing system 100 transmits delivery data 34 and provides payment to merchant 50 via public network 200.
  • processing system 100 transmits delivery data 34 and provides payment to merchant 50 via public network 200.
  • public network 200 may be used by merchant 50 to communicate product information to purchaser 10, although product information may be used.
  • any other medium known in the art such as television, the Internet, WebTV, radio, wireless communications, through PDAs or any other remote communications network.
  • public network 200 can consist of one communication medium, such as the Internet, or a combination of mediums in use at one time.
  • processing system 100 comprises three components securitizer 120, processor 140, and disabler 160, each of which in a preferred embodiment are programs stored on either storage device 102 or 103 and run by a data
  • processor such as data processors 104 and 106, for performing a particular task or series of steps.
  • securitizer 120 is run by a separate processor 104, which is the only part of processing
  • Data processor 104 which runs securitizer 120, therefore, is the only part of processing system 100 accessible from an external source
  • Securitizer 120 prevents unauthorized hackers from tampering with the information stored on secure network 180.
  • Securitizer 120 as run by data processor 104 may, for example, perform the function of an Application Level Gateway device (firewall) for preventing hackers
  • securitizer 120 may be coded in any way * in which the function of
  • Processor 140 and disabler 160 are stored on storage device 103 which reside
  • Processor 140 as run by data processor 106, processes purchase orders received
  • Disabler 160 monitors purchaser account information 32 and, in response to tampering, disables purchaser account information 32 and invalidates the associated purchaser identifier 38, discussed further below.
  • processor 140 resides behind securitizer 120 on secure network 180.
  • Processor 140 includes purchaser account information 32 and software 40 stored on storage
  • Data processors 104, 106 may be any data processor known in the art, including a personal computer, a network workstation, or server, capable of accessing and running software programs stored on storage devices 102, 103.
  • Storage devices 102, 103 may be any hard disc or optical disc device capable of storing data for use with the present invention and compatible with data processors 104, 106.
  • one or more data processors 104, 106 and storage may be any data processor known in the art, including a personal computer, a network workstation, or server, capable of accessing and running software programs stored on storage devices 102, 103.
  • Storage devices 102, 103 may be any hard disc or optical disc device capable of storing data for use with the present invention and compatible with data processors 104, 106.
  • devices 102, 103 may be used in tandem or separately as may be needed as a matter of design
  • Purchaser account information 32 associated with a respective
  • Payment data 36 is any data utilized for transferring money from one party to another, such as by
  • Delivery data 34 is either an electronic address, such as for example an email address or IP address, or a physical address, such as for example the work or home address of purchaser 10.
  • Purchaser identifier 38 is a
  • controlling processing system 100 for identifying purchaser 10 and the associated purchaser
  • Purchaser identifier 38 is mapped, within processing system 100 to the purchaser's delivery data 34 and payment data 36. When a new purchaser account is opened, purchaser identifier 38 is assigned to purchaser 10 and stored in purchaser account information 32 on storage device 103. Because purchaser identifier 38 is independent of payment data 36 or any other financial information, use of purchaser identifier 38 by purchaser 10 in no way jeopardizes the integrity of any sensitive information stored on storage device 103. According to the present invention, if any person including purchaser 10, alters or
  • Disabler 160 is triggered upon such an attempt to alter or
  • delivery data 34 of purchaser account information 32 for example, by either requesting a change
  • disabler disables purchaser account information 32 by invalidating
  • atti ⁇ time during or after the ordering process is purchaser 10 or any other third party given the option to either select or
  • This feature is advantageous because even if purchaser identifier 38 is misappropriated,
  • This feature has a further advantage of permitting purchaser 10 to disable the purchaser account information 32 without disabling (or canceling) payment data 36, such as a credit or debit card numbers. Because only purchaser identifier 38 is used in making purchases, payment data 36 is securely and safely stored in processing system 100. If, however, purchaser account information 32 and purchaser identifier 38, do become disabled, a new purchaser identifier 38
  • one or more types of addresses may comprise delivery data 34
  • Such types may include a physical
  • the physical address may be a
  • purchaser identifier 38 and the corresponding purchaser account information 32 cannot be changed at any time or by any party, including purchaser 10, without that particular
  • the purchaser identifier 38 and account information 32 being disabled. Once disabled, the purchaser identifier 38 is void and a new identifier must be issued.
  • Purchase 10 may join and/or register with the processing system 100, which may be controlled and operated by an independent company, a credit service, an electronic cash or wallet service, or a financial institution.
  • purchaser 10 can open an account in any number of ways, including without limitation registering online, by telephone, or by written application.
  • processing system 100 Once an account is opened, purchaser 10 provides processing system 100 with the delivery data 34 and payment data 36 and any other necessary information.
  • Purchaser 10 may then choose a purchaser identifier 38 (PIN) or one may be assigned by processing system 100 and mapped to the delivery data 34 and payment data 36.
  • PIN purchaser identifier 38
  • Use of the purchaser account information 32 is described further below.
  • FIG. 3 there is shown a more detailed view of the system
  • Public network 200 is any global network s such as, by way of non-
  • the Internet the Internet, satellite or wireless communication, or any other personal personal area network (WLAN), personal area network (WLAN), or any other personal area network (WLAN), or any other personal area network (WLAN), or any other personal area network (WLAN), or any other personal area network (WLAN), or any other personal area network (WLAN), or any other personal area network (WLAN), or any other personal area network (WLAN), or any other personal area network (WLAN), or any other personal area network, or any other personal area network.
  • satellite or wireless communication any other personal area network
  • PCS communication system
  • any personal computer, network workstation, PDA, wireless telephone, or other device any personal computer, network workstation, PDA, wireless telephone, or other device
  • purchaser 10 has the ability to
  • merchant server 52 for product information 56 stored on merchant database 54.
  • product information 56 stored on merchant database 54.
  • the products for sale may be information products, such as a PC games or other software
  • Merchant 50 is any entity, persons, or person offering goods or services for sale and having the ability to deliver goods or services to either a physical or electronic address, as may be
  • merchant 50 maintains and operates database 54 on
  • Merchant server 52 is set-up to transmit product information 56 (i.e. through display on a website, PDA, or other equivalent electronic device). Merchant server 52 is also capable of transmitting purchase orders
  • merchant identifier 72 is associated with a merchant account 70, which may be maintained by processing system 100 (not depicted in FIG. 2), or any combination thereof.
  • processing system 100 credits merchant account 70 electronically.
  • FIG. 4 illustrates the exemplary steps of a first
  • step 300 purchaser 10, using purchaser
  • Product information 56 is displayed on purchaser device 12 via public network 200. If purchaser 10 desires to purchase the product, purchaser 10 commences a
  • the purchasing procedure is any e-commerce shopping solution known in the art and provided by merchant 50, such as, by
  • purchaser 10 can communicate purchaser identifier 38 to merchant 50 through a touch-tone telephone (hardline or wireless) or PDA by pressing the corresponding keys and transmitting the data.
  • a touch-tone telephone hardline or wireless
  • PDA personal area network
  • step 302 Upon receiving purchaser identifier 38, in step 302, merchant 50 groups purchaser
  • the purchase order includes
  • processing system 100 receives the purchase order, securitizer 120, which acts as an Application
  • Level Gateway analyzes the purchase order according to its programming.
  • securitizer 120 communicates the purchase order to processor 140 through secure network 180 (step 307).
  • processor 106 searches for purchaser account information 32 associated with the transmitted purchaser identifier 38. With further reference to FIG. 6, once purchaser account information 32 is located and retrieved, as in step 308, into the memory of data processor 106, data processor
  • payment data 36 may refer to a credit card, debit card, check card, checking or savings account, or any other equivalent means for transferring money from one party to another. If data processor 106 determines that sufficient funds or credit are present, data processor 106 completes the transaction (step 310) by debiting purchaser's account or processing
  • processing system 100 maintains accounts for purchaser 10, i.e., acts as a bank or credit card fulfillment center, processor 140 deducts the purchase cost from purchaser's
  • processor 106 then communicates only delivery data 34 through securitizer 120 to merchant 50 (step 311). Using delivery data 34, merchant 50 may begin a shipping process necessary to
  • processor 140 determines that purchaser 10 has insufficient funds as
  • the parties may agree on a return
  • a Credit Card Company may utilize the present invention as a service to its card holders. Payment data 36, therefore, would simply be associated with purchaser 10's credit card number held by the Credit Card Company. In use, the Credit Card Company would only communicate delivery data 34 to merchants 50 in response receipt of a purchase order drawn on purchaser 10's payment data 36. Such use of the present invention has the added advantage of permitting Credit Card
  • Purchaser 10 can place purchaser identifier 38 on file with utilities (i.e., gas and electric).
  • utilities i.e., gas and electric
  • Purchaser 10 may be a corporation having a purchaser account 32 with processing system
  • corporate purchaser 10 can allow employees to use purchaser identifier 38
  • merchant 50 may

Abstract

L'invention concerne un système et un procédé de traitement d'ordres d'achat entre un acquéreur (10) et un commerçant (50) par l'intermédiaire d'un réseau public (200). Ce système de traitement est doté d'une base de données (103) relative au compte acquéreur permettant de stocker les informations correspondantes pour chaque acquéreur et comprenant aussi au moins un identificateur d'acquéreur et des données de livraison associées à l'identificateur d'acquéreur, un neutraliseur (160) afin de surveiller l'état du compte de l'acquéreur et de neutraliser la base de données du compte en réaction à une modification notée des informations relatives au compte de l'acquéreur et enfin, un processeur (100) pour recevoir les ordres d'achat et traiter ces derniers.
PCT/US2001/000295 2001-01-04 2001-01-04 Systeme de traitement de transactions securisees WO2002054315A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/US2001/000295 WO2002054315A1 (fr) 2001-01-04 2001-01-04 Systeme de traitement de transactions securisees

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2001/000295 WO2002054315A1 (fr) 2001-01-04 2001-01-04 Systeme de traitement de transactions securisees

Publications (1)

Publication Number Publication Date
WO2002054315A1 true WO2002054315A1 (fr) 2002-07-11

Family

ID=21742231

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/000295 WO2002054315A1 (fr) 2001-01-04 2001-01-04 Systeme de traitement de transactions securisees

Country Status (1)

Country Link
WO (1) WO2002054315A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3373227A1 (fr) * 2017-03-09 2018-09-12 Deutsche Telekom AG Procédé et système de vérification anonyme d'un utilisateur dans une transaction commerciale de vente à distance anonyme

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5898838A (en) * 1995-06-22 1999-04-27 Datascape, Inc. Editor for developing statements to support i/o operation on open network using segregator for segregating protocol statements from application statements upon verification of correspondence
US5910896A (en) * 1996-11-12 1999-06-08 Hahn-Carlson; Dean W. Shipment transaction system and an arrangement thereof
US5987429A (en) * 1997-12-16 1999-11-16 Sun Microsystems, Inc. Computer-based fee processing for electronic commerce
US6029150A (en) * 1996-10-04 2000-02-22 Certco, Llc Payment and transactions in electronic commerce system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5898838A (en) * 1995-06-22 1999-04-27 Datascape, Inc. Editor for developing statements to support i/o operation on open network using segregator for segregating protocol statements from application statements upon verification of correspondence
US6029150A (en) * 1996-10-04 2000-02-22 Certco, Llc Payment and transactions in electronic commerce system
US5910896A (en) * 1996-11-12 1999-06-08 Hahn-Carlson; Dean W. Shipment transaction system and an arrangement thereof
US5987429A (en) * 1997-12-16 1999-11-16 Sun Microsystems, Inc. Computer-based fee processing for electronic commerce

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3373227A1 (fr) * 2017-03-09 2018-09-12 Deutsche Telekom AG Procédé et système de vérification anonyme d'un utilisateur dans une transaction commerciale de vente à distance anonyme

Similar Documents

Publication Publication Date Title
US7536353B2 (en) Secure transaction processing system and method
US8719106B2 (en) Identity theft and fraud protection system and method
US8036988B2 (en) System and method for performing secure credit card transactions
US9582802B2 (en) Identity theft and fraud protection system and method
KR101413773B1 (ko) 인터넷 구매에 대한 안전한 결제 방법
US8396747B2 (en) Identity theft and fraud protection system and method
US6910023B1 (en) Method of conducting secure transactions containing confidential, financial, payment, credit, or other information over a network
US20010051902A1 (en) Method for performing secure internet transactions
US20090106123A1 (en) Network-based system
CA2398355A1 (fr) Procede et dispositif d'autorisation de paiement
KR20040003042A (ko) 안전한 캐시-프리 지불 거래 수행 방법 및 캐시-프리 지불시스템
CA2320514A1 (fr) Systeme et methode de paiement en ligne et hors ligne
WO2000075843A1 (fr) Systeme de paiement sur l'internet
AU775065B2 (en) Payment method and system for online commerce
US20070078751A1 (en) System and method for providing secure financial transactions for open network commerce
US20050015304A1 (en) Secure purchasing over the internet
WO2000075749A2 (fr) Systeme de paiement sur internet
KR20010000805A (ko) 인터넷 전자 상거래에서의 개선된 신용카드 결제 시스템및 결재 방법
US20020123935A1 (en) Secure commerce system and method
WO2002054315A1 (fr) Systeme de traitement de transactions securisees
AU2012202358A1 (en) Fraud-free payment for internet purchases
WO2000067170A1 (fr) Paiement par carte pour le commerce electronique

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP