WO2001078023A1 - Method of confirmation of order and payment in electronic commerce - Google Patents

Method of confirmation of order and payment in electronic commerce Download PDF

Info

Publication number
WO2001078023A1
WO2001078023A1 PCT/PL2000/000052 PL0000052W WO0178023A1 WO 2001078023 A1 WO2001078023 A1 WO 2001078023A1 PL 0000052 W PL0000052 W PL 0000052W WO 0178023 A1 WO0178023 A1 WO 0178023A1
Authority
WO
WIPO (PCT)
Prior art keywords
customer
agent
sends
merchant
transaction
Prior art date
Application number
PCT/PL2000/000052
Other languages
French (fr)
Inventor
Paweł SOŁTYSIŃSKI
Rafał ZMYSŁOWSKI
Original Assignee
Soltysinski Pawel
Zmyslowski Rafal
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Soltysinski Pawel, Zmyslowski Rafal filed Critical Soltysinski Pawel
Priority to AU60306/00A priority Critical patent/AU6030600A/en
Publication of WO2001078023A1 publication Critical patent/WO2001078023A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems

Definitions

  • This invention relates to safe method of order confirmation and payment in electronic commerce.
  • one of the biggest problems is to provide a secure method of payment done by a customer.
  • the customer In most Web-based transactions the customer needs to provide a merchant with his payment card identification numbers, which, when seized by third parties, can be used to fraud customer's money in non authorized transactions. Due to this fact, a research work is still in progress to eliminate this information leakage and to provide a better security to customers.
  • the above presented invention uses intensive work when sending, quoting and forwarding email, to be done by the customer.
  • This work can increase a human-related mistakes and can be difficult for individuals not skilled enough to use their computers in such a way.
  • Such a method can discourage potential customers.
  • the dynamically changed secret password is a good way of confirming authentication of the customer in the agent's system, but has some flaws - if someone seizes such the email, he can use the new secret password to confirm another transaction before the real customer will attempt to use it.
  • customer by accident, forgets the most recent password or is unable to recall it, the new transactions is impossible to get confirmed without personal contact with representatives of the agent.
  • the delivery address (customer ' s address) is not predefined, combining this fact with possible secret password leakage, it can lead to fraud.
  • the merchant needs to trust the agent about money transfers.
  • This system utilizes email as signle information transmission method, which opens another way to fraud customer ' s money, be ' cause it is common that there is more than one person using computer at home - all other person can have access to the customer ' s email account. For an example, children can order some goods just by acting the same way as the real customer would do.
  • the present invention meets following demands:
  • the method of confirming of an order and a payment request in electronic commerce comprising of setting an individual customer's account at agent's system, using a special password and a list of ordered good at the moment of order, which are sent to the agent together with a transaction confirmation.
  • This method is basing on principle that agent, when registering new customers, provides the customer with customer's unique code and an agreement for further cooperation; the customer, when issuing an order on merchant's Web site, provides only his customer's code and, some way, the list of ordered goods; the merchant sends the customer's code and total value for goods to the agent's system; the agent sends a transaction confirmation request to the customer, comprising of, among others, special one-time only generated password assigned to this particular transaction (all parts of confirmation request are being sent using at least two different information transmission method); the customer quotes that password in his reply mail to the agent, which builds the valid transaction confirmation.
  • the agents sends an order of money transfer to the bank; the bank sends money at provided merchant's account and confirms this payment to the agent.
  • the agent sends the payment confirmation together with customer's delivery address to the merchant which sends goods to the customer.
  • the information needed to confirm the transaction is divided to. at least, two parts. It is important to send every part of such information using different way of transmission (email. SMS. pager, fax. etc.).
  • the customer needs to send an reply information to the agent's system, quoting missing parts of the password from different media, for an example a phone SMS system.
  • the predefined delivery address customer's home address by default
  • Dynamically random generated password for single transaction by agent's system provides good security level when combined with dividing method of sending it to the customer. Different media to send parts of the password does not eliminate non authorized persons at all but seriously made the fraud task far more difficult to do.
  • the customer places an order on merchant's Web site by selecting goods and providing only his individual code as given by the agent's system when setting up customer's account.
  • the merchant sends the amount of money (as the expected payment for ordered goods) and the customer's code to the agent's system.
  • the agent sends by email a confirmation request to the customer with first part of the code and, by SMS - the second part of the code needed to confirm this transaction.
  • the customer confirms his will to do this transaction by sending back an reply email with quoted both part of secure code (as collected from the agent's email and SMS message).
  • the customer has some predefined time to do it - it depends on conditions set during setting up the customer's account in the agent ' s system.
  • the agent after the reception of valid transaction confirmation attempts to order money transfer from customer's bank to merchant's account, provided there is enough money on the customer ' s bank account and other predefined conditions (maximum payment per day etc.) are also met. If there is no possibility to do such money transfer, the transaction is canceled and both merchant and customer are informed about it. Otherwise, monev transfer is executed, the a ⁇ ent sends customer ' s delivery address to the merchant, the merchant sends goods to the customer after the reception of the payment.

Abstract

Disclosed is an Internet-based system of confirmation and payment in electronic transactions. The system includes a special, individual code, assigned to a customer and given by an agent. The customer, while placing an order on merchant's Web site, supplies only the list of ordered goods and his individual code. The merchant sends this code and the value of ordered goods to the agent. The Agent sends a request to the customer to confirm a transaction. The confirmation request consists of, at least, the customer's code and a password selected to confirm this transaction. All confirmation request parts are to be sent using different ways of information transmission. The customer confirms the transaction by returning a reply email, quoting the transaction's password, as sent by the agent in previous step. The agent asks a bank to do money transfer and confirms the validity of transaction to the merchant. The merchant sends goods at customer's address, as provided by the agent.

Description

The method of confirmation of order and payment in electronic commerce
With the increasing popularity of the Internet and World Wide Web, it has become common for merchants to set up their Web sites for marketing and selling goods.
One of the problems encountered by online merchants is the secure way of payment, accepted by their customers. Existing solutions are technically demanding or leaving easy way to fraud.
The presented invention addresses these problems. This invention relates to safe method of order confirmation and payment in electronic commerce. At the present time, one of the biggest problems is to provide a secure method of payment done by a customer. In most Web-based transactions the customer needs to provide a merchant with his payment card identification numbers, which, when seized by third parties, can be used to fraud customer's money in non authorized transactions. Due to this fact, a research work is still in progress to eliminate this information leakage and to provide a better security to customers.
There is known method of secure payment in electronic commerce, as described in USA patent no. 6029150. where individuals can have their accounts at an agent's system; the agent's system deals with both merchant's online shop and customers. In this method, a customer places an order in online shop, takes encoded information about ordered goods and amount of money to pay and sends these information to the agent's system together with demanded details about online shop and special, individual code, given to the customer when setting his account at the agent's system. The agent's system sends, by an email, single information in encoded way, containing a special secret password, as set with the customer at the moment of setting up of customer's account. This confirmation as sent by agent's system contains also new secret password to confirm next transaction. The customer forwards such encoded information to the merchant, confirming this way, that the payment will be done by the agent. Basing on this confirmation, the merchant sends goods to the customer.
The above presented invention uses intensive work when sending, quoting and forwarding email, to be done by the customer. This work can increase a human-related mistakes and can be difficult for individuals not skilled enough to use their computers in such a way. Such a method can discourage potential customers. The dynamically changed secret password is a good way of confirming authentication of the customer in the agent's system, but has some flaws - if someone seizes such the email, he can use the new secret password to confirm another transaction before the real customer will attempt to use it. On the other hand, when customer, by accident, forgets the most recent password or is unable to recall it, the new transactions is impossible to get confirmed without personal contact with representatives of the agent. Practically, when focusing on security details, a lot of work is to be done by the customer; he has to order goods, get the encoded soods' list and their value, forward it to the asent's system quoting also valid transaction password, wait for the asent's confirmation and forward it asain to the merchant.
Since the delivery address (customer's address) is not predefined, combining this fact with possible secret password leakage, it can lead to fraud. The merchant needs to trust the agent about money transfers. This system utilizes email as signle information transmission method, which opens another way to fraud customer's money, be'cause it is common that there is more than one person using computer at home - all other person can have access to the customer's email account. For an example, children can order some goods just by acting the same way as the real customer would do. The present invention meets following demands:
- there is no need to transfer personal information by the customer, especially - no need to use his card numbers over Internet
- there is a good way to authorize the customer when confirming transaction
- the payment is done by a bank itself right from the customer's account, as the new bank's service, where possible
According to this invention, the method of confirming of an order and a payment request in electronic commerce comprising of setting an individual customer's account at agent's system, using a special password and a list of ordered good at the moment of order, which are sent to the agent together with a transaction confirmation. This method is basing on principle that agent, when registering new customers, provides the customer with customer's unique code and an agreement for further cooperation; the customer, when issuing an order on merchant's Web site, provides only his customer's code and, some way, the list of ordered goods; the merchant sends the customer's code and total value for goods to the agent's system; the agent sends a transaction confirmation request to the customer, comprising of, among others, special one-time only generated password assigned to this particular transaction (all parts of confirmation request are being sent using at least two different information transmission method); the customer quotes that password in his reply mail to the agent, which builds the valid transaction confirmation. The agents sends an order of money transfer to the bank; the bank sends money at provided merchant's account and confirms this payment to the agent. The agent sends the payment confirmation together with customer's delivery address to the merchant which sends goods to the customer.
The information needed to confirm the transaction is divided to. at least, two parts. It is important to send every part of such information using different way of transmission (email. SMS. pager, fax. etc.). According to this invention, to confirm the transaction the customer needs to send an reply information to the agent's system, quoting missing parts of the password from different media, for an example a phone SMS system. There is no easy way to fraud the customer without having full access to his email box and, as in this example - mobile phone at the same time. The predefined delivery address (customer's home address by default) makes fraud even more difficult to carry out. Dynamically random generated password for single transaction by agent's system provides good security level when combined with dividing method of sending it to the customer. Different media to send parts of the password does not eliminate non authorized persons at all but seriously made the fraud task far more difficult to do.
Following is an example of transaction done using the method as described in this invention.
The customer places an order on merchant's Web site by selecting goods and providing only his individual code as given by the agent's system when setting up customer's account. The merchant sends the amount of money (as the expected payment for ordered goods) and the customer's code to the agent's system. The agent sends by email a confirmation request to the customer with first part of the code and, by SMS - the second part of the code needed to confirm this transaction. The customer confirms his will to do this transaction by sending back an reply email with quoted both part of secure code (as collected from the agent's email and SMS message). The customer has some predefined time to do it - it depends on conditions set during setting up the customer's account in the agent's system. The agent, after the reception of valid transaction confirmation attempts to order money transfer from customer's bank to merchant's account, provided there is enough money on the customer's bank account and other predefined conditions (maximum payment per day etc.) are also met. If there is no possibility to do such money transfer, the transaction is canceled and both merchant and customer are informed about it. Otherwise, monev transfer is executed, the aεent sends customer's delivery address to the merchant, the merchant sends goods to the customer after the reception of the payment.

Claims

Claims
1. The method of confirming of an order and a payment request in electronic commerce comprising of setting an individual customer's account at agent's system, using a special password and a list of ordered good at the moment of order, which are sent to the agent together with a transaction confirmation. This method is basing on principle that agent, when registering new customers, provides the customer with customer's unique code and an agreement for further cooperation; the customer, when issuing an order on merchant's Web site, provides only his customer's code and, same way, the list of ordered goods; the merchant sends the customer's code and total value for goods to the agent's system; the agent sends a transaction confirmation request to the customer, comprising of, among others, special one-time only generated password assigned to this particular transaction (all parts of confirmation request are being sent using at least two different information transmission method); the customer quotes that password in his reply mail to the agent which builds the valid transaction confirmation. The agents sends an order of money transfer to the bank; the bank sends money at provided merchant's account and confirms this payment to the agent. The agent sends the payment confirmation together with customer's delivery address to the merchant, which sends goods to the customer.
2. The method of claim 1 or/and 2 is based on principle, that the valid transaction password is divided up to at least two parts, and every part is to be sent using different way of information delivery to the customer.
PCT/PL2000/000052 2000-04-06 2000-07-26 Method of confirmation of order and payment in electronic commerce WO2001078023A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU60306/00A AU6030600A (en) 2000-04-06 2000-07-26 Method of confirmation of order and payment in electronic commerce

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
PL33947700A PL339477A1 (en) 2000-04-06 2000-04-06 Method of confirming an order and its associated payment in electronic commercial transactions
PLP.339477 2000-04-06

Publications (1)

Publication Number Publication Date
WO2001078023A1 true WO2001078023A1 (en) 2001-10-18

Family

ID=20076399

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/PL2000/000052 WO2001078023A1 (en) 2000-04-06 2000-07-26 Method of confirmation of order and payment in electronic commerce

Country Status (3)

Country Link
AU (1) AU6030600A (en)
PL (1) PL339477A1 (en)
WO (1) WO2001078023A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003107227A2 (en) * 2002-06-12 2003-12-24 Erik Stener Faerch Method and system for secure electronic purchase transactions
US10007939B2 (en) 2002-03-20 2018-06-26 Koninklijke Philips N.V. Computer systems and a related method for enabling a prospective buyer to browse a vendor's website to purchase goods or services

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1996029667A1 (en) * 1995-03-20 1996-09-26 Sandberg Diment Erik Providing verification information for a transaction
EP0813325A2 (en) * 1996-06-12 1997-12-17 AT&T Corp. A mechanism for enabling secure electronic transactions on the open internet
DE19718103A1 (en) * 1997-04-29 1998-06-04 Kim Schmitz Data transmission system authorise method e.g. for telebanking
US6000832A (en) * 1997-09-24 1999-12-14 Microsoft Corporation Electronic online commerce card with customer generated transaction proxy number for online transactions
US6029150A (en) 1996-10-04 2000-02-22 Certco, Llc Payment and transactions in electronic commerce system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1996029667A1 (en) * 1995-03-20 1996-09-26 Sandberg Diment Erik Providing verification information for a transaction
EP0813325A2 (en) * 1996-06-12 1997-12-17 AT&T Corp. A mechanism for enabling secure electronic transactions on the open internet
US6029150A (en) 1996-10-04 2000-02-22 Certco, Llc Payment and transactions in electronic commerce system
DE19718103A1 (en) * 1997-04-29 1998-06-04 Kim Schmitz Data transmission system authorise method e.g. for telebanking
US6000832A (en) * 1997-09-24 1999-12-14 Microsoft Corporation Electronic online commerce card with customer generated transaction proxy number for online transactions

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10007939B2 (en) 2002-03-20 2018-06-26 Koninklijke Philips N.V. Computer systems and a related method for enabling a prospective buyer to browse a vendor's website to purchase goods or services
US10026111B2 (en) 2002-03-20 2018-07-17 Koninklijke Philips N.V. Computer systems and a related method for enabling a prospective buyer to browse a vendor's website to purchase goods or services
WO2003107227A2 (en) * 2002-06-12 2003-12-24 Erik Stener Faerch Method and system for secure electronic purchase transactions
WO2003107227A3 (en) * 2002-06-12 2004-03-18 Erik Stener Faerch Method and system for secure electronic transactions using an agent

Also Published As

Publication number Publication date
AU6030600A (en) 2001-10-23
PL339477A1 (en) 2001-10-08

Similar Documents

Publication Publication Date Title
US9582802B2 (en) Identity theft and fraud protection system and method
US6078902A (en) System for transaction over communication network
US7213748B2 (en) Anonymous mailing and shipping transactions
US8719106B2 (en) Identity theft and fraud protection system and method
TW200306483A (en) System and method for secure credit and debit card transactions
US20070063017A1 (en) System and method for securely making payments and deposits
EP1026644A1 (en) Method and apparatus for performing electronic transactions
US20100179906A1 (en) Payment authorization method and apparatus
EP1065634A1 (en) System and method for performing secure electronic transactions over an open communication network
US20080308624A1 (en) Advance remote payment authority for real and virtual world transactions
US20020194080A1 (en) Internet cash card
JP2004509409A (en) Ways to secure transactions on computer networks
WO2007044596A2 (en) Identity theft and fraud protection system and method
GB2446179A (en) Obtaining credit card data using a mobile telephone
WO2000042486A2 (en) System and method for performing secure credit card purchases
HU227081B1 (en) Computer data processing method and system for on-line payment transactions, as well as payment processing system
EP1134707A1 (en) Payment authorisation method and apparatus
US7814018B1 (en) Charge number issuing and transaction system and method
WO2000065517A1 (en) Commercial transaction method
CA2347396A1 (en) Method and for secure, anonymous electronic financial transactions
WO2006023745A2 (en) Conducting secure financial transactions independent of physical location
JP4714575B2 (en) Recipient identity authentication system and method in product delivery, computer program
WO2001078023A1 (en) Method of confirmation of order and payment in electronic commerce
JP2002109397A (en) Electronic commerce method and electronic commerce system
US20040030642A1 (en) Method and arrangement for the transfer of an electronic sum of money from a credit store

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX NO NZ PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP