ELECTRONIC COMMERCE TRANSACTIONS
THIS INVENTION relates to electronic commerce transactions. In particular, it relates to a method of effecting a transaction, to a method of issuing a negotiable instrument, and to a wireless communications device.
In the conventional non-electronic business environment, parties trading with each other usually accept a transaction by physically signing conventional source documents with a pen. These source documents are typically in the form of a quotation or tender, a pro forma invoice, a purchase order, a negotiable instrument such as a cheque, a payment receipt, a demand letter or a delivery note. These source documents reflect the business intention of the parties and establish their commitment. However, when using such physical source documents, it often takes a long time to reach agreement and effect a transaction. It would thus be desirable to provide a method of effecting a transaction which allows the participants to establish an agreement in a non-repudiatable way without the conventional delays and red tape, thereby ensuring efficient delivery of goods and services and immediate payment therefor.
According to one aspect of the invention, there is provided a method of effecting a transaction, the method including receiving an electronic negotiable instrument over a communications network from a buyer, the negotiable instrument being authenticated online and in real time by a certification authority as to its origin; submitting the negotiable instrument online to a financial institution holding funds of the buyer to obtain confirmation that the buyer has sufficient funds for the transaction available and that the funds are being reserved by the financial institution; performing delivery in accordance with the transaction if the funds are available and reserved; and
obtaining payment from the financial institution holding the reserved funds.
In this specification, by "authenticate" is meant that the party or parties or device or devices has/have been identified as to their true identify and that the electronic document in question is current and originates from the party claiming to have sent it in real time.
The method may include, in response to a request from the buyer for the provision of goods or services or the like, sending an invoice over a communications network to the buyer so that the buyer can convert the invoice into an electronic negotiable instrument by approving and returning the invoice. The invoice may be authenticated online and in real time by a certification authority as to its origin.
The invention thus provides a method of purchasing goods and services from a wireless communications device, such as a mobile telephone, in a transaction which is processed in a straight-through way and which is executed and validated in real time.
The invoice is thus delivered and presented to a buyer's handheld or terminal communications device through a wireless communication medium, as a digitally signed certified data message and encrypted with a public key allocated to the buyer by a certification authority managing a private key infrastructure (PKI). The buyer then decrypts the invoice at his own discretion, inspects the contents thereof, accepts it by signing it with an identification code or digital signature or other identification feature, and submitting it online to his bank to allow payment to take place.
Due to communication limitations and restricted processing capabilities of wireless handheld or terminal communication devices, a buyer will typically need to use a micro-encryption key and micro-digital certificate in order to use the method of the invention. Where Internet browsers and servers are being used, commercially available standard encryption keys and digital certificates can be used. As will be appreciated, all parties participating in the transaction should be enrolled, under a Commissioner of Oaths at a recognised certification authority, preferably one that complies with the International X.509 standard.
Performing delivery in accordance with the transaction may include sending a delivery note over a communications network to the buyer to obtain acknowledgment of delivery of the goods or services or the like, the delivery note being authenticated online and in real time by a certification authority as to its origin; delivering to the buyer goods or services or the like in accordance with the. transaction; and receiving from the buyer over a communications network an acknowledged delivery note, the acknowledged delivery note being authenticated online and in real time by a certification authority as to its origin.
Obtaining payment from the financial institution holding the reserved funds may include submitting the authenticated acknowledged delivery note over a communications network to the financial institution holding the reserved funds; and receiving the required payment from the financial institution holding the reserved funds.
The invoice may be sent in response to a request for goods or services or the like submitted in electronic digital format from a mobile telephone, the electronic request being encrypted with a public key of the buyer. Instead, the invoice may be submitted in response to a request for goods or services or the like submitted verbally or in writing.
A transaction in accordance with the invention may thus be initiated by a buyer placing an order in a conventional manner, for example by phoning in a verbal order, by sending a letter, fax or e-mail, or the like. A transaction may also be initiated by the buyer selecting an item (goods or services) available for selection on the buyer's wireless telecommunications device. These goods or services will typically be listed in menu format and by selecting one of the listed items, the transaction is automatically initiated.
The authenticated invoice may be sent in digital SMS message format over a wireless telecommunications network to the buyer. The authenticated invoice, and other data sent over a wireless telecommunications network may however be in the form of Subscriber Identity Module Browser. Data messages or SS7 Protocol
(Unstructured Supplementary Services Data) messages or other WAP or non-WAP messages.
Preferably, the authenticated invoice is sent to the buyer encrypted with a public key of the buyer.
Approving the invoice may include entering a pass-phrase or other identification feature into a communications device, thereby to obtain a public key of the buyer from the certification authority, the electronic negotiable instrument thus being encrypted with the public key of the buyer.
The term "pass-phrase" includes concepts such as a biometric template, user name password, challenge and response system, token, smartcard or microchip device or other physical key device.
The telecommunications network over which the electronic negotiable instrument is received from the buyer typically includes a wireless telecommunications network.
Obtaining confirmation from a financial institution holding funds of the buyer that sufficient funds for the transaction are being reserved by the financial institution, may include providing the financial institution holding funds of the buyer with a transaction amount and the identity of the buyer. The identity of the buyer may be established from the certification authority by using a public key of the buyer.
The transaction amount and the identity of the buyer may be submitted to an acquiring financial institution acting for a provider of the goods or services or the like to enable the acquiring financial institution to obtain proof from the financial institution holding funds of the buyer that sufficient funds are available and being reserved for the transaction, the provider thus receiving confirmation from the financial institution holding funds of the buyer if sufficient funds are available and reserved, via the acquiring financial institution.
Preferably, the authenticated delivery note is encrypted with a public key of
the buyer.
Typically, the communications network over which the authenticated delivery note is sent includes a wireless telecommunications network. The communications network over which the acknowledged delivery note is received from the buyer also typically includes a wireless telecommunications network. The delivery note may be acknowledged by a pass-phrase or other identification feature entered into a communications device, thereby to acknowledge the delivery note and to encrypt the delivery note with a public key of the buyer.
The authenticated acknowledged delivery note may be submitted to an acquiring financial institution acting for a provider of the goods or services or the like, the acquiring financial institution in turn submitting the authenticated acknowledged delivery note to the financial institution holding the reserved funds in order to receive the required payment from the financial institution holding the reserved funds.
Performing delivery in accordance with the transaction may include providing a delivery party, over a communications network, with a dispatch note, the dispatch note being encrypted with a public key of the delivery party and being authenticated online and in real time by a certification authority as to its origin; and receiving the dispatch note over a communications network from the delivery party once delivery has taken place, the dispatch note being encrypted with a public key of the delivery party and authenticated by a certification authority as to its origin.
Typically, the communications network over which the dispatch note is provided and received includes a wireless telecommunications network.
The method of the invention is thus particularly suitable for use in cases where a buyer wishes to make use of a wireless telecommunications device, such as a mobile telephone, to effect a transaction. Messages to and from the mobile telephone will thus be sent using a wireless telecommunications network, such as a GSM network. This will also apply to a delivery party which has the use of a wireless telecommunications device, such as a mobile telephone.
Preferably, the certification authority involved in each authentication action is the same certification authority.
According to another aspect of the invention, there is provided a method of issuing a negotiable instrument, the method including receiving a request for the negotiable instrument over a wireless communications network, the request being authenticated by a certification authority as to its origin; obtaining details of the party requesting the negotiable instrument from the certification authority; confirming whether or not the party requesting the negotiable instrument has sufficient funds to cover the negotiable instrument, and, if the party does have sufficient funds; reserving the funds and sending an electronic negotiable instrument in encrypted format to a wireless communications device for storing in the wireless communications device.
The method of issuing a negotiable instrument is of great convenience to a person in possession of a mobile telecommunications device, such as a mobile telephone, provided the person is registered with a certification authority. When the person receives the electronic negotiable instrument or message, the message is in effect an electronic bank guaranteed cheque that can be signed electronically by the person to whom it was issued and then forwarded to a beneficiary as an interacting straight-through processed digitally signed certificate data message.
The received request for the negotiable instrument may be encrypted with the public key of the party requesting the negotiable instrument. Typically, the electronic negotiable instrument being sent to the wireless communications device is encrypted with the public key of the party requesting the negotiable instrument.
Preferably, the certification authority authenticates the electronic negotiable instrument being sent to the wireless communications device as to origin. Even more preferably, the certification authority authenticates the origin of the electronic negotiable instrument online and in real time.
The certification authority preferably authenticates the request online and in real time.
The request for the negotiable instrument may be generated from a mobile telecommunications device by selecting menu options provided on the mobile telecommunications device.
The stored electronic negotiable instrument may make provision for entering the name of a beneficiary.
The received request for the negotiable instrument may originate as a digital SMS message.
According to a further aspect of the invention, there is provided a wireless communications device which includes a processor or processing means programmed to provide menu options to a user from which can be selected a request for the issuance of a negotiable instrument in electronic format and/or from which can be selected the option to enter a user identification code or other feature in order to convert an electronic document present on the device into a negotiable instrument in electronic format; an input device or input means with which data can be fed to the processor or processing means; and a transmitter and receiver for transmitting a request for the issuance of a negotiable instrument in electronic format and for receiving a negotiable instrument in electronic format.
The processor or processing means may be programmed to enable transmission of a received negotiable instrument in electronic format to a receiving party over a wireless telecommunications network.
The wireless telecommunications device may include an encryption engine or encryption means to encrypt the request for the issuance of a negotiable instrument in electronic format. The menu options may allow entering of a user identification code or feature or the like to obtain an encryption key to encrypt the request for the issuance of
a negotiable instrument in electronic format. Preferably, the wireless telecommunications device includes an encryption engine or encryption means to encrypt the received negotiable instrument prior to the received negotiable instrument being transmitted to a receiving party over a wireless telecommunications network. Thus, typically, as soon as a request is initiated, the wireless communications device requests the user to enter a user identification code or secret pass-phrase. The encryption engine then creates a private encryption key, allocated to the user by a certification authority administering a PKI, in order to transmit the data securely and to identify the user at the certification authority. A public key can then be retrieved from the certification authority. The public key is returned to the wireless communications device and is used to encrypt a negotiable instrument sent to the wireless telecommunications device.
The invention will now be described, by way of example only, with reference to the accompanying drawings in which
Figure 1 shows a schematic diagram of a communications environment within which a transaction in accordance with the method of the invention can be effected; and Figures 2 to 14 show various displays on a mobile telephone being used to effect a transaction in accordance with the method of the invention.
Referring to Figure 1 of the drawings, reference numeral 10 generally indicates a communications environment within which a transaction in accordance with the method of the invention can be effected. The communications environment 10 broadly includes a wireless telecommunications environment 12, a regional information technology (IT) infrastructure 14, a continental IT infrastructure 16 and a bank funds switch 19 servicing an acquiring bank 18 and an issuing bank 20.
Within the wireless telecommunications environment 12, are located a mobile telephone 22 and an SMSC server 24. The wireless telecommunications environment 12 can in principle be any one of a number of conventional wireless telecommunications environments, such as GSM, 3G, CdmaOne, TDMA, PDC Network, X25 Radio, Satellite Data, Digital Satellite Television, and wireless wide, local and municipality area networks. However, in the communications environment 10, the wireless telecommunications environment 12 is a GSM network.
The mobile telephone 22, in accordance with the invention, has a Subscriber Identity Module card (SIM card) which includes an encryption engine to encrypt and decrypt SMS messages. The telephone 22 is also programmed to provide a user with the option to request the issuance of a negotiable instrument in an electronic format. Instead of a mobile telephone, a terminal or point of sale device communicating in wireless fashion can also be used. Typically, these devices include a security access module which includes an encryption engine.
The regional IT infrastructure 14 includes an application server front-end 26, an SMS gateway 28, a payment gateway 30, a supplier wireless application server 32, an administration server 34 and a database server 35.
The application server front-end 26 is a GSM device which exchanges a proxy ID ISM between the payment gateway 30 and the mobile telephone 22.
The SMS gateway 28 converts SMPP data messages (short text messages) into HTTP language, to allow the supplier wireless application server 32 to interpret the data messages. SMPP stands for Short Message Peer to Peer protocol. HTTP is the well-known computer handshaking protocol (using TCP) used between a web browser and a web server to transfer hypertext requests.
The payment gateway server 30 includes security software and acts as a secure postman system. It provides several connectors to widely used commerce applications. In other words, the payment gateway server 30 provides back office integration.
The administration server 32 is available to a supplier of goods and services or the like to analyse transactions involving the supplier and to submit transaction modifications via the payment gateway 30, such as manual discounts, order cancellations or reversals, faxed orders, call centre orders, and the like.
Typically, the regional IT infrastructure 14 is configured to provide application level security solutions, such as a set of software services that integrates multiple, disparate hardware and software components and security mechanisms into a robust,
easily managed and secure environment where each transaction is secured to the appropriate level, strong authentication, integration, data integrity, digital signing, encryption and load-balancing abilities, extensive logging, audit and automated backup capabilities to facilitate control and management and allows an administrator to define exact parameters for authentication, non-repudiation, integrity, auditability, confidentiality and web access control. The regional IT infrastructure 14 is established using a secure telecommunications vendor and is a secure hosting infrastructure.
A secured area is provided between this hosting infrastructure and the Internet, which forms part of the communications environment 10. The secured area is protected with well implemented, managed and policy-based firewalls. This includes a web relay server (not shown) providing a load-balancing public access point for applications that stamps incoming requests to an internal firewall content filter, and an application level security server (not shown). The web relay server also initiates the establishment of a secure channel (IPsec) between an Internet browser and the application level security server. This in effect removes any direct path between an end user and the hosting infrastructure, thus effectively shielding the hosting infrastructure from hostile access. The secured area typically also employs network intrusion detection systems.
The continental IT infrastructure 16 includes a certification authority 36, a registrar authority 38, a negotiable instrument server or generator 40, a credential server 42, a payment router 44 and a database server 45. The continental IT infrastructure 16 is a secure hosting infrastructure.
The payment router 44 switches transactions in an end-to-end secured fashion between the payment gateway servers 30 of each supplier making use of the communications environment 10 to effect transactions in accordance with the method of the invention. The payment router 44 is parameter driven to communicate with any bank switch, such as the switch 19, in a totally secure manner.
The credential server 42 functions as a depository for banking details and delivery credentials that can only be accessed using a buyer's public key for the purposes of a specific transaction.
The certification authority 36 allocates private and public keys to parties wishing to use the communications environment 10 to effect a transaction in accordance with the invention. It thus provides a private key infrastructure (PKI) so that transactions can be validated online and in real time, obviating the use of certificate revocation database lists. The workings and use of a PKI is known to those skilled in the art and will not be described in any detail herein. The certification authority 36 has the ability to provide route certificate roll-over functionalities to protect the investment in the public key infrastructure in the event of a route certificate expiration or compromise. The reason for this is that the micro-browsers inside mobile telecommunications devices are generally not easy to update after manufacture. The certification authority 36 also provides a hybrid certificate signing ability, which contains a subject public key for an encryption system that is different from the one that the certification authority uses to sign the certificate. For the present invention, it is envisaged that a certification authority be used which has proprietary technology which includes a small certificate format to improve processing speed and reduce storage requirements, and an anonymous ID system to protect client identity.
The purpose of the registrar authority 38 is to capture the information or details relating to parties using the communications environment 10 for purposes of effecting a transaction in accordance with the method of the invention. The information is stored at the registrar authority 38 for verification and for the checking of the information provided by the requestors of a digital certificate.
The acquiring bank 18 is the financial institution used by a supplier of goods or services. The acquiring bank 18 is linked at source code level in the electronic payment solution provided by the invention. The issuing bank 20 is the financial institution holding funds of the buyer. As will be appreciated, a single bank can be the acquiring bank as well as the issuing bank in the same transaction. The buyer's bank account or bank accounts is/are linked with the buyer's public key in the credential server 42. The financial banking switch 19 typically resides with the acquiring bank 18 and is integrated into the payment router 44 on a source code level. This IS08583 compliant capability enables the payment router 44 to execute transactions in real time. The financial banking switch 19 includes a transaction manager (not shown) which is responsible for authorisation of the issuance of an electronic negotiable instrument and
reservation of the buyer's funds at the issuing bank, transaction settlement, including reconciliation of transactions by the various parties involved in each transaction, transaction integrity management to prevent transactions from becoming lost or duplicated, transaction routing to ensure that transactions following different paths through the financial institution's network end up at correct destinations, and currency conversion to ensure that transactions can be carried out on a foreign currency account.
The use of the communications environment 10 to effect a transaction in accordance with the invention, will now be described for the case where a buyer (a male person) telephonically contacts a supplier of goods or services or the like, and places a purchase order verbally. The buyer in this case makes the call from the mobile telephone 22 and is registered with the certification authority 36, so that he has a private key and a public key, and a pass-phrase which, on entering into his mobile telephone 22, generates the private key.
A sales or administration person at the supplier enters the purchase order manually into the supplier wireless application server 32 which automatically creates a pro forma invoice which is forwarded back to the buyer through the wireless telecommunications environment 12. The pro forma invoice is sent to the buyer in SMS message format and is digitally signed by the supplier.
Before sending the pro forma invoice to the buyer, the pro forma invoice is authenticated online and in real time by the certification authority 36. The certification authority 36 thus certifies that the pro forma invoice has originated from the supplier, by authenticating the digital signature (a digitally signed certificate) of the supplier.
The pro forma invoice is encrypted with the buyer's public key, which was obtained from the certification authority by the supplier. In order to achieve this, the supplier submits its own private key to the certification authority.
The SMS gateway 28 converts the pro forma invoice from HTTP format to SMPP format and also forwards the pro forma invoice to the application server front-end 26. The application server front-end 26 allocates an identification number to the transaction session and sends the pro forma invoice to the buyer, via the GSM network.
When the supplier's pro forma invoice reaches the buyer's mobile telephone 22, the pro forma invoice is still encrypted. In order to read the pro forma invoice, the buyer enters his pass-phrase into his mobile telephone 22, whereafter the pro forma invoice is automatically decrypted by the encryption engine on the SIM card present in the mobile telephone 22, by using the private key of the buyer accessed by the entering of the pass-phrase.
A message displayed on the screen of the mobile telephone 22 requests the buyer to accept the transaction, i.e. to accept the invoice, by entering his pass-phrase. Once the buyer signs the pro forma invoice, which is an electronic source document, by entering his pass-phrase, the pro forma invoice is effectively converted into an electronic negotiable instrument which is returned to the supplier wireless application server 32. This comprises the application server front-end 26 allocating an identification number to the transaction session and sending the electronic negotiable instrument to the SMS gateway 28. The SMS gateway 28 converts the electronic negotiable instrument from SMPP format to HTTP format and forwards the electronic negotiable instrument to the payment gateway 30. At the same time, the electronic negotiable instrument is validated online and in real time by the certification authority 36. The payment gateway 30 establishes a secure channel (IPsec pipe or channel) to the payment router 44. The payment gateway 30 inserts the electronic negotiable instrument in an encryption applet and generates a unique session key. This session key is encrypted using a public key of the payment gateway 30. The payment gateway 30 then forwards the applet to the payment router 44, as a transaction authorisation request directed at the acquiring bank 18.
The payment router 44 inspects the applet, and collects the identity and credentials of the buyer from the credential server 42 and the registrar authority 38, by means of the buyer's public key. On the strength of the buyer's public key, the registrar authority 38 provides the identity of the buyer to the credential server 42. The credential server 42 adds the banking and delivery details of the buyer to the information and forwards it to the payment router 44. The payment router 44 adds the credentials of the buyer to the applet and forwards the request for authorisation to the acquiring bank 18.
The acquiring bank 18 receives the electronic negotiable instrument and banking details of the buyer and requests the issuing bank 20, which is the bank holding funds of the buyer, to authorise the amount indicated in the electronic negotiable instrument, in real time, for the buyer's purchase.
If the buyer has sufficient funds available in his account at the issuing bank 20, the issuing bank 20 authorises the amount and reserves the funds until proof of performance by the supplier in accordance with the transaction has been provided and notifies the acquiring bank 18 accordingly. The acquiring bank 18 sends the authorisation on to the payment router 44 which adds the positive transaction authorisation result from the acquiring bank 18 to the applet and returns the applet securely to the payment gateway 30.
The payment gateway 30 adds the transaction result, received from the acquiring bank 18, to an auditing report and forwards the data to the supplier wireless application server 32. The wireless application server 32 creates a delivery note, in advance of actual delivery of the goods or services or the like.
The negotiable instrument server or generator 40 issues the supplier wireless application server 32 with a digital signature for the delivery note, whereafter the supplier wireless application server 32 requests the buyer's public key from the certification authority 36. The certification authority 36 provides the buyer's public key to the supplier wireless application server 32, which then encrypts the delivery note with the public key of the buyer and forwards the encrypted delivery note to the SMS gateway 28.
The SMS gateway 28 converts the delivery note from HTTP format to SMPP format and also forwards the delivery note to the application server front-end 26. The application server front-end 26 allocates and identification number to the transaction session and sends the'delivery note to the buyer.
When the buyer receives the delivery note on his mobile telephone 22, the delivery note is in encrypted format. In order to view the delivery note, the buyer enters his pass-phrase into the mobile telephone 22 and waits for delivery of goods or services
purchased. When the goods or services are delivered, the buyer accepts the goods or services if acceptable. This is accomplished by the buyer again entering his pass- phrase into the mobile telephone 22, thereby signing the delivery note and confirming acceptance of the delivery. The signed delivery note is then returned to the supplier wireless application server 32, encrypted with the buyer's public key.
The application server front-end 26 again allocates an identification number to the transaction session and sends the signed delivery note to the supplier wireless application server 32, through the SMS gateway 28. The SMS gateway 28 converts the delivery note from SMPP format to HTTP format and forwards the delivery note to the application server front-end 26. The supplier wireless application server 32 thus receives the signed delivery note.
The signed delivery note is validated online and in real time by the certification authority 36, whereafter the "payment gateway 30 sends the authenticated signed delivery note to the acquiring bank 18, via the payment router 44 in order for the buyer's reserved funds at the issuing bank 20 to be released.
The payment router 44 thus forwards the delivery note to the acquiring bank 18, thereby confirming that the transaction has been completed to the extent that payment is now required. The acquiring bank 18 forwards the delivery note to the issuing bank 20 which then transfers the required amount to the bank account of the supplier, via the financial banking switch 19.
The supplier wireless application server 32 archives the delivery note in a database.
In the case where physical delivery of the goods or services is required, as in the present case, the supplier wireless application server 32 creates a dispatch note in advance of the physical delivery. The negotiable instrument server or generator 40 issues the supplier wireless application server 32 with a digitally signed certificate for the dispatch note, whereafter the supplier wireless application server 32 requests the public key of the party delivering the goods or services, from the certification authority
36. The supplier wireless application server 32 encrypts the dispatch note with the public key of the delivering party, which is then forwarded to the SMS gateway 30.
The SMS gateway 30 converts the dispatch note from HTTP format to SMPP format and also forwards the dispatch note to the application server front-end 26. The application server front-end 26 again allocates an identification number to the transaction session and sends the dispatch note to a GSM device in a delivery vehicle intended to deliver the goods or services. The application server front-end 26 again allocates an identification number to the transaction session and sends the dispatch note also to the supplier wireless application server 32.
When delivery has taken place, the driver of the vehicle signs the dispatch note by entering his pass-phrase into the GSM device in the vehicle, thereby confirming that delivery has been completed. The signed dispatch note is transmitted to the supplier wireless application server 32, encrypted with the public key of the delivering party. This involves the SMS gateway 28 converting the signed dispatch note from SMPP format to HTTP format and forwarding the signed dispatch note to the application server front-end 26.
The signed dispatch note is validated online and in real time by the certification authority 36, whereafter the supplier wireless application server 32 archives the dispatch note in its database.
Referring to Figures 2 to 14 of the drawings, various displays on a mobile telephone being used to effect a transaction in accordance with the method of the invention, are shown.
In Figure 2, the display shows that a pro forma invoice has reached the mobile telephone. The pro forma invoice is in the form of a digitally signed electronic document, which is encrypted with the buyer's public key obtained from a certification authority, such as AfriCA, and sent to the telephone as an SMS message.
If the buyer elects to approve the pro forma invoice, by entering "show" into the mobile telephone, the mobile telephone requests the buyer to enter his pass-phrase,
as shown in Figure 3 of the drawings. Once the buyer has entered his pass-phrase, the pro forma invoice is decrypted with the buyer's private key and shown on the display of the mobile telephone, as shown in Figure 4 of the drawings. At the same time, the pro forma invoice is automatically saved in the mobile telephone in a directory for electronic source documents. By scrolling downwards, the buyer can also view the digital certificate which accompanied the pro forma invoice, as shown in Figure 5.
If the buyer is satisfied with the details reflected in the pro forma invoice, the buyer calls up an options menu, as shown in Figure 6 of the drawings and then selects to pay the invoice. On selecting to pay the invoice, the mobile telephone prompts the buyer to enter his pass-phrase, as shown in Figure 7 of the drawings. By entering his pass-phrase, the buyer elects to pay for the goods or services and the mobile telephone automatically converts the pro forma invoice into an electronic negotiable instrument which, carries the buyer's signature, in the form of a digital certificate encrypted with the buyer's public key. The signed negotiable instrument is then automatically returned through the wireless telecommunications environment 12 to the supplier wireless application server 32, whereafter the process as hereinbefore described, proceeds. During this time, the mobile telephone requests the buyer to wait, as shown in Figure 8 of the drawings.
Once the acquiring bank 18 has obtained transaction authorisation from the issuing bank 20, the delivery note is sent to the mobile telephone, in advance of physical delivery of the goods or services, in encrypted format. The buyer is then provided with an opportunity to approve the delivery note, as shown in Figure 9.
In order to decrypt the encrypted delivery note, the buyer has to enter his pass-phrase, for which he is prompted when the buyer elects to see the delivery note. This situation is shown in Figure 10 of the drawings.
After the buyer has entered his pass-phrase, the delivery note and its accompanying digital certificate are decrypted with the buyer's private key and shown on the display of the mobile telephone, as shown in Figures 11 and 12 of the drawings. In order to approve the delivery note, the buyer is then prompted to again enter his pass-phrase, as shown in Figure 13 of the drawings. On entering the pass-phrase, the
signed delivery note is returned through the wireless telecommunications environment 12, encrypted with the buyer's public key, eventually to reach the issuing bank 20 to release the reserved funds to the supplier. The mobile telephone then reverts to a display screen (see Figure 14) through which access can be obtained to a menu (not shown) providing purchase options on the mobile telephone.
On this menu screen, goods and services already available to a buyer are presented on the buyer's mobile telephone. The buyer selects at his or her own discretion, from the displayed options, a required service or product. Typically, these include options to play a lotto, to take part in sports betting, to take part in number games, or to purchase prepaid mobile telephone airtime or prepaid electricity. The buyer executes the selected transaction by simply following the procedure displayed on the mobile telephone, which uses micro public key infrastructure technology, in the form of interacting straight-through processed, digitally signed certificate data messages as hereinbefore described. The procedure is thus virtually the same as described hereinbefore in relation to the situation where the buyer places a verbal purchasing order, except that the procedure effectively starts with a pro forma invoice already being present on the mobile telephone and selected by the buyer for converting into a negotiable instrument or payment instruction to a financial institution.
The invention also provides the possibility of obtaining a negotiable instrument in electronic format, using the communications environment 10 as hereinbefore described. In such a case, data messages will flow mostly between the mobile telephone of the person wishing to obtain the negotiable instrument, an issuing bank holding funds of that person, and the certification authority. This procedure also relies on the public key infrastructure managed by the certification authority. Advantageously, the request for the issuance of a negotiable instrument can be generated from a mobile telecommunications device such as a mobile telephone and the issued electronic negotiable instrument can be received by and stored in the mobile telecommunications device. As a result, the electronic negotiable instrument can easily be forwarded from the mobile telecommunications device to another device, e.g. another mobile telephone.