SYSTEMS AND METHODS OF FASCILITATING ELECTRONIC PAYMENT TRANSACTIONS
Field of The Invention The field of the invention is electronic payment transactions.
Background of The Invention
It is common practice for wide area networks to contain restrictions that require users to perform some sort of identification and/or authentication. Many systems require such information to gain access to web pages and other resources, while other systems require such information only when users try to conduct certain types of transactions.
Web sites that allow on-line shopping via the Internet almost universally require both user identification and validation of funds. Many systems have been developed to accommodate these requirements, but problems arise because these systems are not standardized. One problem is that much of the same information needs to be reentered again and again at different sites. Not only is reentry of such information annoying, but duplicate copies of information leads to considerable difficulty in making system-wide changes. Thus, if a user changes a mailing address, the new address must typically be reentered many times to correct the many previously stored copies of the old address.
One of the early attempts at eliminating duplication of data involved storing customer information on the customer's own computer. Such "electronic wallet" systems are not completely satisfactory, however, because while they simplify data maintenance, they limit the customer to initiating purchases from a single machine. A customer cannot, for example, use the electronic wallet stored on a home computer to make a purchase from a computer at work. Electronic wallet systems are also problematic in that the stored information typically has very little firewall or other protection, and can be readily stolen using viruses or robots.
It is known to bolster the security of local storage information systems through the use of physical keys. Systems presently described at www.rainbow.com. for example, use a USB connection to interact with a local computer. These systems appear to be quite satisfactory.
US Patent no. 6029150 to Kraitz (Feb. 2000), incorporated herein by reference, discloses an identification system in which a customer maintains personal and financial information with an independent agent. When making a purchase, the customer obtains an authenticated quoted from merchant, forwards the quote to the agent, receives payment advice from the agent, and then transmits that payment advice to the merchant. The merchant then utilizes the payment advice to obtain payment through the agent. The Kraitz system has some advantages over electronic wallet systems, but is unnecessarily cumbersome. Moreover, as described in the '150 patent, contemplated embodiments of the Kraitz system are still insufficiently secure because they still rely entirely on passwords rather than physical devices such as cards or physical keys.
Surprisingly, it appears that no one has ever combined the concept of employing physical keys with the concept of using an independent agent to store personal information. Thus, there is still a need for systems and methods that would embody that combination.
Summary of The Invention
The present invention provides systems and methods of facilitating electronic payment transactions that combine electronic coupling of a physical security device to a local computer, and an independent agent that stores personal and financial information.
A preferred system and method uses a physical key coupled to a local computer through a port on the computer. A USB port can be employed advantageously for this purpose, as can a port coupled to a CD player. It is especially preferred that a key would be used in combination with a password or other authentication code. Other contemplated options include the use of a cell phone or two way pager as the physical security device.
In an especially preferred method software resident on the customer's computer transmits information from the physical key and an authentication code to the agent for verification.
Various objects, features, aspects and advantages of the present invention will become more apparent from the following detailed description of preferred embodiments of the invention, along with the accompanying drawings in which like numerals represent like components.
Brief Description of The Drawings
Fig. 1 is schematic of a prior art purchase facilitation system.
Fig. 2 is schematic of a purchase facilitation system according to the inventive subject matter.
Fig. 3 is a flow chart of a preferred method according to the inventive subject matter.
Detailed Description In prior art Fig. 1 an operational schematic 10 depicts relationships among three entities, a customer 12, a vendor 14, and a financial institution 16, in which each entity communicates directly with each of the other entities to effect a financial transaction. For example, the customer 12 may work with his financial institution 16 to establish funding recourses that can be utilized to make electronic purchases over the Internet. The resources may involve debit, credit, or any combination of the two. When the customer 12 orders an item from the vendor 14, the customer provides the vendor with account information that is then utilized by the vendor in obtaining payment from the financial institution 16. When the transaction is completed the financial institution 16 sends a confirmation to the customer 12. Authentication is such systems is accomplished entirely by passwords or similar information.
In Fig. 2 an operational schematic 20 generally depicts relationships among four entities, a customer 30, a vendor 40, a financial institution 50, and an independent agent 60.
Here, the agent 60 facilitates transactions between the customer 30 and the vendor 40, the vendor 40 and the financial institution 50, and possibly between the customer 30 and the financial institution 50.
The terms "customer", "vendor", "financial institution" and "agent" should all be interpreted herein as broadly as possible while remaining consistent with the overall inventive concept. Customers should therefore be interpreted not only as purchasers of clothes, books, or other hard "goods", but also as purchasers of services such as mortgages, or financial instruments such as stocks and bonds. Even the term "purchasers" should be interpreted broadly, to include individuals, corporations or other businesses and so forth. Contemplated transactions encompass all possible terms, including exchanging of product or service items for cash, credit, services, payment in kind, swaps, leases, rentals, and so on. It is particularly contemplated that customer, vendor, or both can make offers and acceptances, and such offers can be conducted as simple offer and acceptance, part of auctions, reverse auctions, and so on. In the same vein the term "vendor" is used herein to include traditional and non-traditional sellers of merchandise and services, as well as all manner of e-commerce sites. The term "financial institution" should likewise be interpreted broadly herein to include all manner of banks, credit and loans, stock brokerages, and so forth.
The vendor 40 preferably maintains product images, text, and other marketing information on an Internet web site 42. As is presently the custom, such information may be spread across many pages, with the pages being navigable by the user, or interactive in some other manner. Interfaces besides Internet web sites and web pages are also contemplated, including especially interfaces used in a company-wide intranet that sells products and services to its employees. It should also be appreciated that the web site 42 may or may not be hosted by the vendor 40. Even the term "maintains" should be interpreted broadly herein to signify only that the vendor 40 has at least some control over at least some of the data. Thus, a vendor should be considered as having maintained information on a web site even if that information is merely a text displayed on a web page hosted by an independent auction site such as e-bay™.
The customer 30 uses a computer 32 to interactively browse the web site 42 (see line 74), and place an order for a product or other item (not shown). The computer 32 may be any suitable computer device, including, for example, a desk top computer such as a PC, a portable computer such as laptop or hand-held computer, an Internet-enabled cell phone, Web-TV™ interface, or a PlayStation™ type game console. Either included in the computer housing (such as in a chip), or locally coupled to the computer is some sort of physical key 34. The connection may advantageously be accomplished using a USB port, an infra-red port, a CD device, microphone jack, or any other suitable interface. While not particularly preferred, the "local" nature of the coupling may including coupling of the key 34 to the computer 32 through a local area network (LAN) (not shown).
Particularly preferred keys are the i-Key 1000™ and the i-key 2000™ currently being sold by Rainbow Technologies™ at www.rainbow.com. Such keys are preferred because they are small enough to be earned in a pocket, purse, or on a key chain, are relatively inexpensive, and are relatively difficult to, fraudulently duplicate. Other types of keys, however, are also contemplated, including miniature CDs that look similar to business cards but are playable on CD drives, smart cards, and embedded computer chips.
Also coupled to the computer 32 is some mechanism of entering an authentication code 36. This feature is advantageously accomplished using a keypad or other type of keyboard, such as those typically included in a cell phone, laptop, or desk top computer. As is well known, the authentication code 36 may be strictly numeric, alphanumeric, alphabetic, or may include other characters as well, and may vary anywhere from one character to ten or more characters. The authentication code 36 may also be inputted in sound, as for example by using some sort of voice or at least sound recognition software. The authentication code 36 may even be characterless, as may occur if the volume buttons on a cell phone are used to input the authentication code 36.
Authentication of the authentication code 36 against the key 34 may be accomplished in any suitable manner. Typically, software inside the computer 32 would perform the
authentication, but authentication may also be accomplished in the key itself 34, or even using a distal link, such as at a website.
It is also contemplated to use a portable communicator, such as cell phone, two way pager, or a future equivalent, as both the physical security device, and the mechanism for entering the authentication code 36. In preferred embodiments employing this option, the local computer initiates a call or other authentication request to the portable communicator. Initiation of the call or other authentication request can also be handled by the agent. In any event, the user receives the request, and uses the communicator to return the authentication code 36. This can be done in any suitable manner, including using a keypad on the communicator (such as the buttons on a cell phone or two way pager), or voice input.
Once authentication is completed and the customer 30 has selected an item and ordered it through the website 42, the vendor 40 checks its database for the appropriate customer information. If the vendor does not keep its own customer information database, or chooses to have that information automatically updated, the vendor sends a first message to the agent 60 to provided updated information (see line 72). Alternatively, the customer's computer 30 could send the first request to the agent 60, informing the agent of the proposed transaction and information regarding the vendor 40 (see line 73). In any event, the agent 60 responds to the first message by providing the vendor 40 with updated customer information.
It is contemplated that many different types of information may be transmitted from the agent 60 to the vendor 40. Perhaps the most basic information is the customer's name, address, and phone number. Other contemplated information is bibliographic or demographic data such as age, gender, race, marriage status, income, and employment title. Still other information may be psychographic, such as preferences for particular colors, sports, and news. Still other information may be financial data, such as credit card numbers, bank balances and accounts, and so forth.
Having obtained, or at least verified, customer information provided by the agent 60, the vendor 40 proceeds with the transaction. This step can also be accomplished in numerous
ways. One possibility is for the vendor to communicate directly with the financial institution 50 (which is interpreted herein to include communicating with the financial institution's agent) to obtain a confirmation that funds are being credited to the vendor's benefit (see line 74). Alternatively, the agent 60 could inform the financial institution 50 of the sale (see line 75), and the financial institution could communicate funding confirmation to the vendor 40. Still another possibility is that the customer's computer 32 could inform the financial institution 50 of the sale (see line 76) to obtain funding confirmation, and then the financial institution could communicate that funding confirmation to the vendor 40.
Fig. 3 provides another perspective on the authentication process. This process 100 generally includes the steps of: a customer using a browser window to order an item 110; the customer's computer collecting information from a local, physical key, and a personal identification number (PIN) from the customer 120; transmitting the key information and PIN to the agent 130; the agent verifying identification credentials 140; and the agent transmitting verification to the vendor 150. Of course, appropriate portions of this process 100 would be effected using some sort of secure transmission. Thus, for example, ordering of an item and transmission of authentication information would likely be effected using HTTPS or a successor.
Thus, specific systems and methods for facilitating electronic payment transactions have been disclosed. It should be apparent, however, to those skilled in the art that many more modifications besides those already described are possible without departing from the inventive concepts herein. The inventive subject matter, therefore, is not to be restricted except in the spirit of the appended claims. Moreover, in interpreting both the specification and the claims, all terms should be interpreted in the broadest possible manner consistent with the context. In particular, the terms "comprises" and "comprising" should be interpreted as referring to elements, components, or steps in a non-exclusive manner, indicating that the referenced elements, components, or steps may be present, or utilized, or combined with other elements, components, or steps that are not expressly referenced.