WO2001067408A1 - Client-centered secure e-commerce - Google Patents

Client-centered secure e-commerce Download PDF

Info

Publication number
WO2001067408A1
WO2001067408A1 PCT/CA2000/001072 CA0001072W WO0167408A1 WO 2001067408 A1 WO2001067408 A1 WO 2001067408A1 CA 0001072 W CA0001072 W CA 0001072W WO 0167408 A1 WO0167408 A1 WO 0167408A1
Authority
WO
WIPO (PCT)
Prior art keywords
merchant
intermediary
payment
authorization
financial institution
Prior art date
Application number
PCT/CA2000/001072
Other languages
French (fr)
Inventor
Maynard Dokken
Grenfell Featherstone
Don Gifford
Original Assignee
Milinx Business Group, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Milinx Business Group, Inc. filed Critical Milinx Business Group, Inc.
Priority to AU73970/00A priority Critical patent/AU7397000A/en
Publication of WO2001067408A1 publication Critical patent/WO2001067408A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits

Definitions

  • This invention relates to electronic commerce transactions.
  • this invention relates to the provision of a secure means of transacting purchases of goods and services without requiring disclosure of a purchaser's confidential personal financial information to merchants.
  • Such transactions generally require direct payment by the consumer to the merchant using a credit card or debit card payment method.
  • the transfer of confidential financial information to a variety of merchants through such transactions presents a risk of theft and fraudulent use of the information.
  • Such a risk is potentially financially harmful to the consumer whose information is mis-used, and the possibility of such theft or fraud discourages consumers from engaging in electronic transactions, thereby limiting the potential of e-commerce.
  • the client-centered secure E-commerce business model process of the present application is designed to enable a client to make a purchase from a merchant without having to transfer any personal banking information to the merchant.
  • the invention will assist in preventing commerce transaction fraud by placing transactions entirely in the hands of authenticated clients and their banks. By providing a higher standard of security for all parties involved in a transaction, the invention will benefit merchants, financial institutions and purchasers.
  • an intermediary is interposed between a merchant or payee and a purchaser or payor in a commercial transaction, particularly an electronic commerce transaction.
  • the intermediary retains personal banking or credit information of the purchaser or payor.
  • the intermediary acquires information regarding the transaction or payment to be executed, and the intermediary deals with securing the appropriate authorization from a financial institution on the purchaser/payor's behalf without the purchaser needing to disclose personal banking information to the merchant/payee.
  • the authorization received from the financial institution is provided to the merchant/payee.
  • the invention is a method of effecting payment between a payor and a payee in an electronic commerce transaction over a communication network, comprising the steps of an intermediary acquiring from the payor personal banking information regarding a financial institution through which payment is to be effected, the intermediary providing to the financial institution banking information regarding the payor and requesting and receiving from the financial institution a payment or credit authorization, and the intermediary informing the payee of said payment or credit authorization.
  • the invention is a method of effecting an electronic commerce transaction between a purchaser and a merchant over a communication network, comprising the steps of an intermediary acquiring from the purchaser personal banking information regarding a financial institution through which payment for the transaction is to be effected, the purchaser selecting a product or service from the merchant, the purchaser instructing the intermediary to complete the transaction according to a method of payment accepted by the selected merchant, the intermediary informing the merchant that a purchaser wishes to purchase the selected product or service.
  • the intermediary confirms the desired transaction with the purchaser, provides the information to the financial institution, requests and obtains authorization of payment or credit for the purchase price by the financial institution.
  • the intermediary then informs the merchant of the authorization.
  • the merchant confirms the purchase order with the financial institution and the financial institution sends payment to the merchant.
  • the invention is a method of facilitating payment in a payor-driven electronic commerce transaction on a communication network, comprising the steps of forwarding to a financial institution a request for authorization of payment or credit comprising personal banking information of the payor, payment amount information, a merchant identification number and a transaction number, receiving from said financial institution confirmation that an authorization number has been dispatched to said merchant, and dispatching to a merchant a transaction number and order information without providing said personal banking information.
  • Fig. 1A and Fig.l B are a flowchart describing the electronic commerce business model and method according to the invention.
  • Fig. 2A and Fig.2B are a flowchart describing a second embodiment of the invention.
  • a consumer conducts an online transaction by choosing a product or sen/ice from a selected merchant and instructing an intermediary to complete the transaction according to a method of payment accepted by the selected merchant.
  • the intermediary confirms the client status of the consumer.
  • the intermediary confirms the order with the client, provides credit information to a selected financial institution and requests authorization of payment of the purchase price by the financial institution to the merchant. If such payment is authorized by the financial institution, the intermediary informs the merchant, who confirms the purchase order with the financial institution.
  • the financial institution sends authorization of payment for the selected goods or services to the merchant. On receipt of authorization of payment, the merchant delivers the goods or services to the client.
  • the intermediary's role is performed by the intermediary's application server in the Internet environment, and suitable software is provided to implement the functionality described below.
  • the system according to the invention comprises a series of information exchanges.
  • a purchaser operating a computer, palm pilot, or any other device capable of handling an e- commerce transaction visits the web catalog site of a participating merchant, selects the products or services to be purchased, and clicks on a virtual button to select payment through the online intermediary.
  • a form is displayed on the purchaser's Internet access terminal or other device requesting the purchaser to enter a pin number, password, bio-encrypted information or other identifier to authenticate the purchaser as a client of the application service provider, and requiring the purchaser to select the form or method of payment.
  • the information is then forwarded to the intermediary's application server.
  • the application server will pull the client's name and address from the server database and will pull the order information (1 ) from the merchant site. The application will then assign a unique transaction number (2) to the transaction. The application server will then obtain from the participating merchant or from the application server's database the merchant number used for transactions with the financial institution. Such merchant numbers are typically encrypted for transmission and may be stored in encrypted form.
  • the application server will then ask the client if they wish to proceed with the transaction. If the reply is negative, the transaction will be aborted. If the reply is affirmative, the client's encrypted personal credit information (4) will be added to the transaction record, obeying the encryption protocols appropriate to the financial institution which the client has selected for the payment transaction.
  • the application will then configure a credit authorization request comprising at least the amount of credit to be authorized and the merchant number.
  • a credit authorization request comprising at least the amount of credit to be authorized and the merchant number.
  • the request also includes the application-generated transaction number.
  • the credit authorization request comprises one or more of a credit card number, an expiry date, a bank account number, a personal identification number, a password. It will be appreciated that the specific nature of the information to be included is a function of the requirements of the financial institution.
  • the application server will then forward the authorization request to the financial institution stipulated by the client for authorization. If not authorized, the transaction will be aborted and the client notified. If the transaction is authorized, the financial institution will generate an authorization number (5), the financial institution's unique transaction number and the application-generated transaction number and will forward them to the application server. Typically such information is encrypted for transmission. In such cases the financial institution will enable the recipients of the information to decrypt that information following Secure Multipurpose Messaging Extension (S/MIME) or other such standards or protocols.
  • S/MIME Secure Multipurpose Messaging Extension
  • the application server will forward to the merchant the information received from the financial institution as well as details of the product order and price, the application-generated transaction number, the authorization number, and the financial institution's unique transaction number.
  • the application server then provides the delivery information to the merchant from the database of client information in the intermediary's application server.
  • the financial institution will authorize payment to the merchant and the merchant will deliver the goods to the client.
  • Client status is obtained by provision of identification and financial information by the consumer to the intermediary.
  • Such information is retrievably stored in a secure database maintained by the intermediary.
  • the server stores their information in a secure encrypted environment.
  • a consumer seeking client status is required to access a dedicated server.
  • the consumer provides identification information and personal financial information for all methods of payment which they anticipate using on-line. For example, a consumer may enter account numbers and expiry dates for one or more credit cards issued by one or more financial institutions, or account information for one or more debit cards or lines of credit.
  • the securely stored credit information in the database will be encrypted with a self- destruct mechanism which is interspersed throughout the information and is part of the information itself such that any illegal copying of the database will render the information useless.
  • the intermediary application will have ⁇ read only access to the encrypted credit information of the client. That access will be so constructed that the client' s personal banking and credit information will also be rendered useless, unless and only if it is accessed using encryption protocols which have been stipulated by the client in selecting their method of payment. These protocols may but need not conform to the encryption protocols which different financial institutions may stipulate.
  • Any changes to a client's personal financial information and identification information can only be made upon reentry of client information by the duly authenticated client according to the invention.
  • the database managed by the intermediary also includes registration information pertaining to merchants. Merchants registering with the intermediary would be required to provide and keep current information in regard to merchant identification and methods of payment accepted by the merchant. The intermediary would issue each merchant an encryption protocol for its exclusive use during transactions. The process also involves the sen/ice provider having a relationship with merchants such that the merchants' banks are willing to provide their merchants' numbers in an encrypted form for the activity of order processing by the application.
  • Financial institutions would also be registered with the intermediary. Registered institutions would be willing to authorize a transaction in response to a client's request through the intermediary, where such request includes identification of the client, details of the goods or services ordered and their price, a unique transaction number, the identification and encrypted merchant number of the selected merchant and the clients relevant banking or credit information encrypted according to the selected financial institution's encryption protocols or as stipulated by the application.
  • a client To initiate a transaction, a client must enter an identifier such as a pin number, password, bio-encryption or other authentication.
  • an identifier such as a pin number, password, bio-encryption or other authentication.
  • One of the increased security systems is that a protocol will permit only three attempts at entering the correct identifier or identifiers.
  • the business model according to the invention would permit a client to request by cell phone or other transmitting device an authorization through the intermediary.
  • the intermediary would in turn seek authorization on the client's behalf from the selected financial institution and transmit a transaction identifying number to the client, who would provide it to the merchant at point of sale, for example in a retail outlet or restaurant.
  • the merchant would then enter the transaction number into their credit transaction modem or other such device to generate an authorization record for the merchant.
  • Another embodiment of the invention would release payment to the merchant once delivery had been encryptically confirmed and would include depositing the funds on hold pending confirmed satisfactory delivery of the order.
  • Order confirmation could be provided by, but not limited to any, none or all of the client, the merchant or the delivery service.
  • judgment concerning the satisfactory nature of the goods themselves could be provided by any, all or none of the client, the merchant or the delivery service.
  • the application makes provision for the fact that the financial institution may not wish to forward to an intermediary a transaction authorization and/or the financial institution's unique transaction number.
  • the financial institution dispatches such information (the application's uniquely generated transaction number, the bank's authorization number and the bank's transaction number) directly to the merchant in response to the authorization request from the application server.
  • the financial institution would return to the application server the application-generated transaction number along with an indication that an authorization number has been dispatched. The merchant would then be able to match the uniquely generated transaction number which it received from both the application and the bank so as to complete the transaction.
  • the financial institution was only willing to forward the bank's authorization number and the bank's transaction number to the merchant, then they would have to send the application's uniquely generated transaction number and the bank's transaction number to the application server.
  • the application then sends to the merchant the application-generated transaction number and the bank's transaction number along with the other information needed by the merchant to complete the purchase. This preferably includes details of the product order, price and delivery information.
  • the merchant would be able to match the bank's transaction numbers which it received from both the bank and the application to complete the transaction
  • the present invention does not preclude the inclusion of such keys, codes, merchant numbers and other such identifiers as may be mandated by financial institutions, government agencies or any other such regulatory bodies regarding protocols for E-commerce transactions in differing jurisdictions worldwide.
  • the preferred and alternative embodiments relate to obtain credit from a financial institution.
  • the principles of the invention also apply with suitable modification to other types of transactions involving the transfer of payment from a financial institution to a merchant at the request of a payor. Examples include arranging for the debit from a bank account or the transfer of funds from one financial institution to another (the second financial institution being substituted for the merchant).

Abstract

There is provided an e-commerce business model and method in which confidential financial and identification information is registered with and managed by an on-line intermediary which acts as an intermediary between a consumer, a merchant and a financial institution to quickly complete an electronic transaction without disclosing the consumer's personal financial information to the merchant.

Description

TITLE OF INVENTION
CLIENT-CENTERED SECURE E-COMMERCE
TECHNICAL FIELD OF THE INVENTION
This invention relates to electronic commerce transactions. In particular this invention relates to the provision of a secure means of transacting purchases of goods and services without requiring disclosure of a purchaser's confidential personal financial information to merchants.
BACKGROUND OF THE INVENTION
Retail transactions are increasingly conducted electronically over the
Internet. Such transactions generally require direct payment by the consumer to the merchant using a credit card or debit card payment method. The transfer of confidential financial information to a variety of merchants through such transactions presents a risk of theft and fraudulent use of the information. Such a risk is potentially financially harmful to the consumer whose information is mis-used, and the possibility of such theft or fraud discourages consumers from engaging in electronic transactions, thereby limiting the potential of e-commerce.
The client-centered secure E-commerce business model process of the present application is designed to enable a client to make a purchase from a merchant without having to transfer any personal banking information to the merchant. The invention will assist in preventing commerce transaction fraud by placing transactions entirely in the hands of authenticated clients and their banks. By providing a higher standard of security for all parties involved in a transaction, the invention will benefit merchants, financial institutions and purchasers.
It is therefore an object of the present invention to provide a business model and method which will enable secure e-commerce transactions.
It is a further object of this invention to provide such a business model and method in which confidential financial and identification information is registered with and managed by an on-line intermediary which acts as an intermediary between a consumer, merchants and financial institutions to quickly complete a transaction without disclosing the consumer's personal financial information to the merchant.
These and further objects of the invention will be appreciated by reference to the summary of the invention and to the detailed description of the preferred and alternative embodiments which follow.
SUMMARY OF THE INVENTION
According to the invention, an intermediary is interposed between a merchant or payee and a purchaser or payor in a commercial transaction, particularly an electronic commerce transaction. The intermediary retains personal banking or credit information of the purchaser or payor. Upon request of the purchaser or payor, the intermediary acquires information regarding the transaction or payment to be executed, and the intermediary deals with securing the appropriate authorization from a financial institution on the purchaser/payor's behalf without the purchaser needing to disclose personal banking information to the merchant/payee. The authorization received from the financial institution is provided to the merchant/payee. In one aspect, the invention is a method of effecting payment between a payor and a payee in an electronic commerce transaction over a communication network, comprising the steps of an intermediary acquiring from the payor personal banking information regarding a financial institution through which payment is to be effected, the intermediary providing to the financial institution banking information regarding the payor and requesting and receiving from the financial institution a payment or credit authorization, and the intermediary informing the payee of said payment or credit authorization.
In another aspect, the invention is a method of effecting an electronic commerce transaction between a purchaser and a merchant over a communication network, comprising the steps of an intermediary acquiring from the purchaser personal banking information regarding a financial institution through which payment for the transaction is to be effected, the purchaser selecting a product or service from the merchant, the purchaser instructing the intermediary to complete the transaction according to a method of payment accepted by the selected merchant, the intermediary informing the merchant that a purchaser wishes to purchase the selected product or service. The intermediary confirms the desired transaction with the purchaser, provides the information to the financial institution, requests and obtains authorization of payment or credit for the purchase price by the financial institution. The intermediary then informs the merchant of the authorization. The merchant confirms the purchase order with the financial institution and the financial institution sends payment to the merchant.
In yet another aspect, the invention is a method of facilitating payment in a payor-driven electronic commerce transaction on a communication network, comprising the steps of forwarding to a financial institution a request for authorization of payment or credit comprising personal banking information of the payor, payment amount information, a merchant identification number and a transaction number, receiving from said financial institution confirmation that an authorization number has been dispatched to said merchant, and dispatching to a merchant a transaction number and order information without providing said personal banking information.
Other aspects of the invention will be more fully appreciated by reference to the following detailed description of the preferred and alternative embodiments and to the claims by which the exclusive rights to the invention are defined.
BRIEF DESCRIPTION OF THE DRAWINGS
Fig. 1A and Fig.l B are a flowchart describing the electronic commerce business model and method according to the invention; and,
Fig. 2A and Fig.2B are a flowchart describing a second embodiment of the invention.
DETAILED DESCRIPTION OF THE PREFERRED AND ALTERNATIVE
EMBODIMENTS OF THE INVENTION
In the preferred embodiment of the invention, a consumer conducts an online transaction by choosing a product or sen/ice from a selected merchant and instructing an intermediary to complete the transaction according to a method of payment accepted by the selected merchant. The intermediary confirms the client status of the consumer. The intermediary confirms the order with the client, provides credit information to a selected financial institution and requests authorization of payment of the purchase price by the financial institution to the merchant. If such payment is authorized by the financial institution, the intermediary informs the merchant, who confirms the purchase order with the financial institution. The financial institution sends authorization of payment for the selected goods or services to the merchant. On receipt of authorization of payment, the merchant delivers the goods or services to the client.
In the preferred embodiment, the intermediary's role is performed by the intermediary's application server in the Internet environment, and suitable software is provided to implement the functionality described below.
In the preferred embodiment, the system according to the invention comprises a series of information exchanges. A purchaser operating a computer, palm pilot, or any other device capable of handling an e- commerce transaction, visits the web catalog site of a participating merchant, selects the products or services to be purchased, and clicks on a virtual button to select payment through the online intermediary. A form is displayed on the purchaser's Internet access terminal or other device requesting the purchaser to enter a pin number, password, bio-encrypted information or other identifier to authenticate the purchaser as a client of the application service provider, and requiring the purchaser to select the form or method of payment. The information is then forwarded to the intermediary's application server.
The application server will pull the client's name and address from the server database and will pull the order information (1 ) from the merchant site. The application will then assign a unique transaction number (2) to the transaction. The application server will then obtain from the participating merchant or from the application server's database the merchant number used for transactions with the financial institution. Such merchant numbers are typically encrypted for transmission and may be stored in encrypted form.
The application server will then ask the client if they wish to proceed with the transaction. If the reply is negative, the transaction will be aborted. If the reply is affirmative, the client's encrypted personal credit information (4) will be added to the transaction record, obeying the encryption protocols appropriate to the financial institution which the client has selected for the payment transaction.
The application will then configure a credit authorization request comprising at least the amount of credit to be authorized and the merchant number. Preferably such request also includes the application-generated transaction number. In addition, the credit authorization request comprises one or more of a credit card number, an expiry date, a bank account number, a personal identification number, a password. It will be appreciated that the specific nature of the information to be included is a function of the requirements of the financial institution.
The application server will then forward the authorization request to the financial institution stipulated by the client for authorization. If not authorized, the transaction will be aborted and the client notified. If the transaction is authorized, the financial institution will generate an authorization number (5), the financial institution's unique transaction number and the application-generated transaction number and will forward them to the application server. Typically such information is encrypted for transmission. In such cases the financial institution will enable the recipients of the information to decrypt that information following Secure Multipurpose Messaging Extension (S/MIME) or other such standards or protocols.
At this juncture the application server will forward to the merchant the information received from the financial institution as well as details of the product order and price, the application-generated transaction number, the authorization number, and the financial institution's unique transaction number.
The application server then provides the delivery information to the merchant from the database of client information in the intermediary's application server. The financial institution will authorize payment to the merchant and the merchant will deliver the goods to the client.
Where a non-client consumer requests the services of the intermediary, the purchase is not transacted but the consumer is invited to apply for client status. Client status is obtained by provision of identification and financial information by the consumer to the intermediary. Such information is retrievably stored in a secure database maintained by the intermediary. The server stores their information in a secure encrypted environment.
A consumer seeking client status is required to access a dedicated server. During a one time "write only" authority session, the consumer provides identification information and personal financial information for all methods of payment which they anticipate using on-line. For example, a consumer may enter account numbers and expiry dates for one or more credit cards issued by one or more financial institutions, or account information for one or more debit cards or lines of credit. The securely stored credit information in the database will be encrypted with a self- destruct mechanism which is interspersed throughout the information and is part of the information itself such that any illegal copying of the database will render the information useless.
Similarly the intermediary application will have λread only access to the encrypted credit information of the client. That access will be so constructed that the client' s personal banking and credit information will also be rendered useless, unless and only if it is accessed using encryption protocols which have been stipulated by the client in selecting their method of payment. These protocols may but need not conform to the encryption protocols which different financial institutions may stipulate.
Any changes to a client's personal financial information and identification information, such as a change of address, cancellation of a credit card or registration of a new credit card, can only be made upon reentry of client information by the duly authenticated client according to the invention.
The database managed by the intermediary also includes registration information pertaining to merchants. Merchants registering with the intermediary would be required to provide and keep current information in regard to merchant identification and methods of payment accepted by the merchant. The intermediary would issue each merchant an encryption protocol for its exclusive use during transactions. The process also involves the sen/ice provider having a relationship with merchants such that the merchants' banks are willing to provide their merchants' numbers in an encrypted form for the activity of order processing by the application.
Financial institutions would also be registered with the intermediary. Registered institutions would be willing to authorize a transaction in response to a client's request through the intermediary, where such request includes identification of the client, details of the goods or services ordered and their price, a unique transaction number, the identification and encrypted merchant number of the selected merchant and the clients relevant banking or credit information encrypted according to the selected financial institution's encryption protocols or as stipulated by the application.
To initiate a transaction, a client must enter an identifier such as a pin number, password, bio-encryption or other authentication. One of the increased security systems is that a protocol will permit only three attempts at entering the correct identifier or identifiers.
In another embodiment of the invention, the business model according to the invention would permit a client to request by cell phone or other transmitting device an authorization through the intermediary. The intermediary would in turn seek authorization on the client's behalf from the selected financial institution and transmit a transaction identifying number to the client, who would provide it to the merchant at point of sale, for example in a retail outlet or restaurant. The merchant would then enter the transaction number into their credit transaction modem or other such device to generate an authorization record for the merchant.
Another embodiment of the invention would release payment to the merchant once delivery had been encryptically confirmed and would include depositing the funds on hold pending confirmed satisfactory delivery of the order. Order confirmation could be provided by, but not limited to any, none or all of the client, the merchant or the delivery service. Similarly judgment concerning the satisfactory nature of the goods themselves could be provided by any, all or none of the client, the merchant or the delivery service.
In another embodiment of the invention (illustrated by the flowchart of Fig. 2), the application makes provision for the fact that the financial institution may not wish to forward to an intermediary a transaction authorization and/or the financial institution's unique transaction number. In this embodiment, the financial institution dispatches such information (the application's uniquely generated transaction number, the bank's authorization number and the bank's transaction number) directly to the merchant in response to the authorization request from the application server. At the same time, the financial institution would return to the application server the application-generated transaction number along with an indication that an authorization number has been dispatched. The merchant would then be able to match the uniquely generated transaction number which it received from both the application and the bank so as to complete the transaction. If the financial institution was only willing to forward the bank's authorization number and the bank's transaction number to the merchant, then they would have to send the application's uniquely generated transaction number and the bank's transaction number to the application server. The application then sends to the merchant the application-generated transaction number and the bank's transaction number along with the other information needed by the merchant to complete the purchase. This preferably includes details of the product order, price and delivery information. The merchant would be able to match the bank's transaction numbers which it received from both the bank and the application to complete the transaction
In stipulating various keys, merchant numbers, authentication and identification protocols, the present invention does not preclude the inclusion of such keys, codes, merchant numbers and other such identifiers as may be mandated by financial institutions, government agencies or any other such regulatory bodies regarding protocols for E-commerce transactions in differing jurisdictions worldwide.
For example, the preferred and alternative embodiments relate to obtain credit from a financial institution. However the principles of the invention also apply with suitable modification to other types of transactions involving the transfer of payment from a financial institution to a merchant at the request of a payor. Examples include arranging for the debit from a bank account or the transfer of funds from one financial institution to another (the second financial institution being substituted for the merchant).
It will be appreciated that the invention has been described in relation to the preferred embodiment but that certain variations thereto may be practised without departing from the spirit and principles of the invention.

Claims

1. A method of effecting payment between a payor and a payee in an electronic commerce transaction over a communication network, comprising the steps of:
an intermediary acquiring from the payor personal banking information regarding a financial institution through which payment is to be effected;
the intermediary providing to the financial institution banking information regarding the payor and requesting and receiving from the financial institution a payment or credit authorization; and,
the intermediary informing the payee of said payment or credit authorization.
A method as in claim 1 further comprising the step of the payor instructing the intermediary to arrange for payment to said payee.
3. A method as in claim 1 wherein said intermediary withholds from said merchant said personal banking information.
4. A method as in claim 1 wherein said payor is a purchaser and said payee is a merchant and said payment is payment of a purchase price for a product or service to be acquired from a merchant, and further comprising the step of said intermediary informing the merchant that a purchaser wishes to purchase said product or service.
5. A method of effecting an electronic commerce transaction between a purchaser and a merchant over a communication network, comprising:
an intermediary acquiring from the purchaser personal banking information regarding a financial institution through which payment for the transaction is to be effected;
the purchaser selecting a product or service from the merchant;
the purchaser instructing the intermediary to complete the transaction according to a method of payment accepted by the selected merchant;
the intermediary informing the merchant that a purchaser wishes to purchase the selected product or service;
the intermediary confirming the desired transaction with the purchaser;
the intermediary providing the information to the financial institution, requesting and obtaining authorization of payment or credit for the purchase price by the financial institution;
the intermediary informing the merchant of the authorization;
the merchant confirming the purchase order with the financial institution; and,
the financial institution sending payment to the merchant.
6. A method of effecting an electronic commerce transaction between a purchaser and a merchant over a communication network, comprising:
the intermediary acquiring from the purchaser personal banking information regarding a financial institution through payment for the transaction is to be effected;
the purchaser attending at a web site maintained by the merchant and selecting a product or service to be purchased;
the purchaser instructing an intermediary to complete the transaction;
the intermediary authenticating the identity of the purchaser;
the purchaser specifying a method of payment;
the intermediary obtaining order information from the merchant's web site;
the intermediary retrieving from a database said personal banking information;
the intermediary dispatching to said financial institution an authorization request comprising the merchant number, the personal banking information and the amount of the proposed payment;
the financial institution providing an authorization number;
the intermediary forwarding said authorization number, order information and delivery information to the merchant;
the merchant confirming receipt of the authorization number to the financial institution; and,
the financial institution providing payment to the merchant.
7. A method as in claim 4 further comprising the steps of:
encrypting said authorization request to said financial institution;
including in said authorization request a unique transaction number;
the step of said financial institution providing an authorization number comprises returning to said intermediary said authorization request and an authorization number, in encrypted form;
said intermediary removing from said authorization request said personal banking information; and,
said step of the intermediary forwarding said authorization number, order information and delivery information to the merchant comprises forwarding to said merchant the authorization request originally forwarded to the financial institution except for the personal banking information and said authorization number.
8. A method of facilitating payment in a payor-driven electronic commerce transaction on a communication network, comprising:
forwarding to a financial institution a request for authorization of payment or credit comprising personal banking information of the payor, payment amount information, and a merchant identification number;
receiving from said financial institution an authorization number; dispatching to a merchant said authorization number, payment amount information and order information without providing said personal banking information.
9. A method as in claim 8 further comprising the step of receiving from payor a request to facilitate the payment transaction.
10. A method as in claim 8 further comprising the step of retrieving a payor's personal banking information from a database prior to forwarding said request for authorization.
11. A method as in claim 8 further comprising the step of obtaining order information from said merchant.
12. A method as in claim 8 wherein said step of forwarding a request for authorization includes forwarding a transaction number.
13. A method as in claim 8 wherein said authorization number is encrypted.
14. A method as in claim 8, 9, 10, 11 , 12 or 13 wherein said personal banking information comprises at least one of the following: a credit card number, a credit card expiry date, a bank account number, a personal identification number, a password.
15. A method of facilitating payment in a payor-driven electronic commerce transaction on a communication network, comprising:
forwarding to a financial institution a request for authorization of payment or credit comprising personal banking information of the payor, payment amount information, a merchant identification number and a transaction number;
receiving from said financial institution confirmation that an authorization number has been dispatched to said merchant;
dispatching to a merchant a transaction number and order information without providing said personal banking information.
16. A method as in claim 15 further comprising the step of receiving from payor a request to facilitate the payment transaction.
17. A method as in claim 15 further comprising the step of retrieving a payor's personal banking information from a database prior to forwarding said request for authorization.
18. A method as in claim 15 further comprising the step of obtaining order information from said merchant.
19. A method as in claim 15, 16, 17 or 18 wherein said personal banking information comprises at least one of the following: a credit card number, a credit card expiry date, a bank account number, a personal identification number, a password.
20. A method of obtaining a credit or payment authorization for a merchant in relation to a commercial transaction comprising the steps of:
a payor providing to a remote intermediary a request for authorization of credit or payment;
said intermediary obtaining from a financial institution an authorization number;
said intermediary transmitting to said payor said authorization number; and,
said payor providing said authorization number to said merchant.
21. A method for a merchant to secure payment in an electronic commerce transaction over a communication network, comprising the steps of:
providing a portal for a purchaser to select items to be purchased;
providing to an intermediary information identifying the merchant to a financial institution;
receiving from said intermediary information identifying items to be purchased, price, a credit or payment authorization number generated by said financial institution, but not including personal banking information of said purchaser; and,
using said authorization number to secure credit or payment in relation to the items purchased.
22. A method for a merchant to secure payment in an electronic commerce transaction over a communication network, comprising the steps of:
providing a portal for a purchaser to select items to be purchased;
providing to an intermediary information identifying the merchant to a financial institution;
receiving from said financial institution a credit or payment authorization and a transaction identifier generated by said intermediary;
receiving from said intermediary information identifying items to be purchased, price and said transaction identifier, but not including personal banking information of said purchaser; and,
using said authorization number to secure credit or payment in relation to the items purchased.
PCT/CA2000/001072 2000-03-10 2000-09-18 Client-centered secure e-commerce WO2001067408A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU73970/00A AU7397000A (en) 2000-03-10 2000-09-18 Client-centered secure e-commerce

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CA2,300,347 2000-03-10
CA 2300347 CA2300347A1 (en) 2000-03-10 2000-03-10 Client-centered secure e-commerce

Publications (1)

Publication Number Publication Date
WO2001067408A1 true WO2001067408A1 (en) 2001-09-13

Family

ID=4165472

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CA2000/001072 WO2001067408A1 (en) 2000-03-10 2000-09-18 Client-centered secure e-commerce

Country Status (3)

Country Link
AU (1) AU7397000A (en)
CA (1) CA2300347A1 (en)
WO (1) WO2001067408A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003091959A1 (en) * 2002-04-25 2003-11-06 Ismail Adam Karolia Payment instrument and system
WO2004023412A1 (en) * 2002-09-05 2004-03-18 Pti Systems Inc. Method of electronic commerce transaction verification
WO2006004441A2 (en) * 2004-07-05 2006-01-12 Eftwire Limited Electronic banking

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0779587A2 (en) * 1995-12-15 1997-06-18 Kabushiki Kaisha N.K Kikaku On-line shopping system and the method of payment settlement
US5724424A (en) * 1993-12-16 1998-03-03 Open Market, Inc. Digital active advertising
EP0855687A2 (en) * 1997-01-15 1998-07-29 AT&T Corp. System and method for distributed content electronic commerce
US5909492A (en) * 1994-10-24 1999-06-01 Open Market, Incorporated Network sales system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5724424A (en) * 1993-12-16 1998-03-03 Open Market, Inc. Digital active advertising
US5909492A (en) * 1994-10-24 1999-06-01 Open Market, Incorporated Network sales system
EP0779587A2 (en) * 1995-12-15 1997-06-18 Kabushiki Kaisha N.K Kikaku On-line shopping system and the method of payment settlement
EP0855687A2 (en) * 1997-01-15 1998-07-29 AT&T Corp. System and method for distributed content electronic commerce

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003091959A1 (en) * 2002-04-25 2003-11-06 Ismail Adam Karolia Payment instrument and system
WO2004023412A1 (en) * 2002-09-05 2004-03-18 Pti Systems Inc. Method of electronic commerce transaction verification
WO2006004441A2 (en) * 2004-07-05 2006-01-12 Eftwire Limited Electronic banking
WO2006004441A3 (en) * 2004-07-05 2006-02-16 Eftwire Ltd Electronic banking

Also Published As

Publication number Publication date
AU7397000A (en) 2001-09-17
CA2300347A1 (en) 2001-09-10

Similar Documents

Publication Publication Date Title
JP4955894B2 (en) Method and system for executing secure electronic commerce by looping back authorization request data
US20010051902A1 (en) Method for performing secure internet transactions
US20070179865A1 (en) Method for anonymous purchase of goods by providing a pluarlity of non-activated account numbers
JP2002123779A (en) Method and system for processing settlement and recording medium with stored program
CA2398355A1 (en) Payment authorisation method and apparatus
JP2004507842A (en) Electronic receipt management system and method by electronic commerce
JP2007128192A (en) Settlement system, transaction management server, address conversion server, and settlement method and program used therefor
MXPA03011016A (en) A secure on-line payment system.
US20090228816A1 (en) Method and system for realising on-line electronic purchase transaction between a buyer and a merchant
AU775065B2 (en) Payment method and system for online commerce
EP1134707A1 (en) Payment authorisation method and apparatus
KR20000024036A (en) The certification of transactions for another on electronic commerce
US20050015304A1 (en) Secure purchasing over the internet
JP2002342688A (en) Method for electric commerce, settlement proxy method, information issuing method of disposable and post-paying system and settlement requesting method
JP2002197390A (en) Transaction intermediary system and transaction intermediary method
US20020133468A1 (en) Method of electronic commerce transaction verification
JP4714575B2 (en) Recipient identity authentication system and method in product delivery, computer program
AU2011100451B4 (en) Online transaction system
US20100017333A1 (en) Methods and systems for conducting electronic commerce
US20020123935A1 (en) Secure commerce system and method
WO2001067408A1 (en) Client-centered secure e-commerce
KR20060124375A (en) Transaction system and method of authenticating users using thereof
KR20020064473A (en) System and method for servicing electronic payment assurance integrated with electronic wallet
KR100766680B1 (en) Payment gateway using funds transfer between bank accounts, and on-line payment service method in its
KR20010070545A (en) Intermediate transaction method using payment guarantee check issued as collateral for deposit amount of buyer's real name verified financial account in e-commerce and reality

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP