[go: up one dir, main page]

GB2350982A - Electronic commerce system where credit card details are not transmitted over insecure networks - Google Patents

Electronic commerce system where credit card details are not transmitted over insecure networks Download PDF

Info

Publication number
GB2350982A
GB2350982A GB9913530A GB9913530A GB2350982A GB 2350982 A GB2350982 A GB 2350982A GB 9913530 A GB9913530 A GB 9913530A GB 9913530 A GB9913530 A GB 9913530A GB 2350982 A GB2350982 A GB 2350982A
Authority
GB
United Kingdom
Prior art keywords
transaction
site
user terminal
internet
vendor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB9913530A
Other versions
GB2350982B (en
GB9913530D0 (en
Inventor
John Quentin Phillipps
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to GB9913530A priority Critical patent/GB2350982B/en
Publication of GB9913530D0 publication Critical patent/GB9913530D0/en
Priority to AU52328/00A priority patent/AU762413B2/en
Priority to PCT/GB2000/002138 priority patent/WO2000077733A2/en
Priority to CA002376802A priority patent/CA2376802A1/en
Priority to CN00808546A priority patent/CN1354861A/en
Priority to BR0011729-3A priority patent/BR0011729A/en
Priority to MXPA01012714A priority patent/MXPA01012714A/en
Priority to JP2001503133A priority patent/JP2003502743A/en
Priority to EP00937032A priority patent/EP1190263A2/en
Priority to KR1020017015918A priority patent/KR20020035004A/en
Publication of GB2350982A publication Critical patent/GB2350982A/en
Application granted granted Critical
Publication of GB2350982B publication Critical patent/GB2350982B/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/24Credit schemes, i.e. "pay after"
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/347Passive cards
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1075PIN is checked remotely

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Finance (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Computer And Data Communications (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

Users 101-103 access vendors 107,108 via the PSTN 104, internet service provider (ISP) 109 and the internet 106. The vendors are registered with the ISP so that when a user makes a purchase the ISP recognises and intercepts the Action URL of the vendors credit card details submission form. The ISP sends the form to the transaction computer 112 of a financial services provider over a leased line 115. The transaction computer checks the form and replies with a 'not approved' message or an 'approved' message including a transaction ID. The ISP then either forwards the 'not approved' message or replaces the credit card details in the credit card details submission form with the transaction ID and forwards the modified form to the vendor. The transaction ID is then submitted to the financial service provider along with the request for payment, and validated against the financial service providers records before payment is authorised. Thus the credit or debit card details are only transmitted over the relatively secure PSTN links 4 and the leased line 115. The financial services and internet service providers may alternatively constitute a single entity (see Fig. 1).

Description

Electronic Commerce System
Description
The present invention relates to an electronic commerce system.
Internet commerce is a rapidly expanding area. Many goods and services can be ordered via the Internet. To do this, a user typically uses a web browser, such as Netscape Navigator or Microsoft Internet Explorer, to visit a web site of a vendor. The web site will include pages enabling the user to select the goods or services required and a page containing a form by means of which the user can enter their credit or debit card details so that the vendor can receive payment for the ordered goods or services.
A disadvantage of this arrangement is that the user must send their credit or debit card details to the vendor via the Internet. The Internet is not a fully secure network and there is the possibility that the credit or debit card details may be intercepted and used in the perpetration of a fraud.
It is an aim of the present invention to provide for Internet commerce whilst avoiding the transmission of credit or debit card details via the Internet itself.
According to the present invention, there is provided an electronic commerce system comprising an Internet connectivity provider site, a financial service provider site for producing transaction IDs, a user terminal programmed with a web browser program and connectable to the Internet connectivity provider site for accessing the Internet, and a 'World Wide Web vendor site configured for sending a payment card information entry form, e.g. an HTML form, having an action definition, e.g. an action URI, having at least one parameter, associated therewith, wherein the Internet connectivity provider site is configured to intercept messages from the user terminal which include said action definition and substitute at least a payment card number (e.g. credit card or debit card number) within the parameter or parameters of said action definition with a transaction ID produced by the financial service provider site. It should be noted that since the Internet connectivity provider site is providing connectivity to the Internet for the user terminal, the user terminal will not therefore be communicating with the Internet connectivity provider site via the Internet.
Thus in a system according to the present invention, payment card numbers are stripped from messages before the messages enter the Internet. Furthermore, the vendor site can still be used by customers, accessing the World Wide Web by means other than the Internet connectivitly provider site, and requires minimal modification from a typical vendor site configuration.
A user tem-iinal for a system according to the present invention preferably comprises a computer including user input means, modem means and modem control data for controlling the modem for establishing communication with the Internet connectivity provider site, wherein the modem control data is not modifiable by means of data input using the user input means alone. More preferably, the user terminal includes read-only storage means storing an machine-specific ID. This ID can be used to confirm the identity of a person sending payment card details from the user terminal.
A World Wide Web vendor site for a system according to the present invention is preferably configured to run a process for processing said action definition, said process being capable of:
recognising unsubstituted parameters and recording a transaction in a first manner in response thereto; and recognising substituted parameters, which identify a transaction, and recording the transaction in a second manner m response thereto.
More preferably, said process is capable of recognising substituted parameters which indicate a reason (e.g. insufficient credit or incorrectly entered payment card related data) for non-completion of the transaction and sending a page to the user terminal in dependence thereon.
An Internet connectivity provider site for a system according to the present invention preferably includes: - a database of vendor site IP addresses and associated action definitions; search means for searching the database for the destination IP address in a message from the user terminal; identification means responsive to the search means finding an IP address in the database to identify said action defiriition in the message; and signalling means for signalling action definition parameters to the financial service provider site in dependence on identification of an action definition by the identification means and receiving a transaction IID or other data not comprising a payment card number therefrom; means for substituting at least a payment card number within the parameter or parameters of said action definition with the transaction ID or other data; and transmission means for sending the modified message to the vendor site.
Preferably, the transmission means is configured to mimic the user terminal when sending said modified message.
The Internet connecting provider site may be integrated with the financial ser-vice provider site.
Embodiments of the present invention will now be described, by way of example, with reference to the accompanying drawings, in which.
Figure 1 shows the hardware of first, second and third embodiment of the present invention; Figure 2 shows an exemplary credit card details entry ITME form; and Figure 3 shows the hardware of a fourth embodiment of the present invention; Referring to Figure 1, first, second and third user terrninals 1, 2, 3 are connectable via the pstn (public switched telephone network) 4 to a financial service provider site 5. The financial service provider site 5 is connectable via the Internet 6 to first and second Internet vendor sites 7, 8. The number of user terminals 1, 2, 3 is not restricted to three. Similarly, there may be many more Internet vendor sites than the two Internet vendor sites 6, 7 shown.
The first user terminal 1 comprises a pad-type computer, such as the Cynxe WebPAD', which includes a modem. Windo-wsCE is used as the operating system for the first user terminal 1. However, the dial-up networking Configuration user interface is disabled so that a user cannot alter the Internet connectivity provider used for Internet access. A web browser program is provided on the first user terminal 1 so that the user can access the World Wide Web using the terrrunal's modem.
The second and third user terminals 2, 3 are of the same construction as the first user terminal 1.
The vendor sites 7, 8 comprise web servers. The vendor sites 7, 8 provide HTML forms (Figure 2) that enable a user to enter their credit card number and expiry date and their address.
The financial service provider site 5 comprises a modem bank 10 connected between the pstn 4 and a communication computer 11. The communication computer 11 is also connected to the Internet 6 and to a transaction processor comprising a transaction computer 12 and a database 13. The financial service provider site 5 also comprises a domain name server (DNS) 14. The financial service provider site 5 is thus configured for the financial service provider to provide Internet connectivity to the user terminals 1, 2, 3.
All datagrams to be sent via the Internet 6 from user terminals 1, 2, 3 pass through the communication computer 11. The communication computer 11 contains a database of registered vendor sites 7, 8 including their IP addresses and the "action" URL of the vendor's credit card details form.
The making of a purchase by the user of user terminal 1 from the first Internet vendor site 7 will now be described. it will be appreciated that the method is effected by a conventional web browser running on the first user terminal 1 and custom programs running on the communication computer 11, the transaction computer 12 and the web server at the first vendor site 7.
The user of the first user terminal 1 switches on the first user teminal 1 and runs the web browser program. This causes the first user terminal 1 to dial up the financial service provider site 5 and log on as with any Internet connectivity provider providing dial-up Internet access. The web browser will submit an initial URL, e.g. for a search engine such as Yahoo or Alta Vista, or the home page of the financial service provider.
A name resolver process running on the first user terminal sends the server part of the URL to the DNS 14 and receives back the IP address of that server. The URL is then sent from the first user terminal 1 in a message to the returned IP address.
The datagrams from the first user terminal are received by the communication machine 11. The communication machine 11 reads the destination IP address in the header of the first datagram or a message and looks it up in its database of registered vendor sites. Since, in this case, the IP address is not for a registered vendor site, the first datagram is forwarded immediately to the Internet 6 and the subsequent datagrams of the message are forwarded as soon as possible to the Internet 6. In this case the communication computer 111 now operates merely as a router for subsequent datagrams of the message.
The destination server responds to the URL in the message from the first user terminal 1 by replying with a message containing ITIML code for a page. The datagrams of this message are routed by the Internet 6 to the communication computer 11 which then routes then via the modem bank 10 along the pstn connection to the first user terminal 1. The web browser, running on the first user terminal 1, then displays the page defined by the HTML in the reply message.
The system operates in this manner until, the first user terminal 1 sends a URL addressed to, for example, the first vendor site 7 which, for example, identifies the vendor's home page. In this case, the communication computer 11 finds the destintion IP address in the first datagram of the message containing the URL in its database. Thus, rather than immediately forwarding the datagrams of the message, the communication computer caches the datagrams until the whole message has been received. When the whole message has been received, the communication machine 11 analyses the message to deternune whether it contains the "action" URL of the destination vendor's credit card details form as contained in its database.
Since, the LJRL is for the vendor's home page, the datagrams are now forwarded unmodified to the first vendor site 7 via the Internet 7.
At the TCP level, once the communication computer 11 has identified that a datagrarn from the first user terminal 1 is addressed to the first vendor site 7, it must respond to the first user terminal 1 as if it were the first vendor site 7 for connection set up, data transfer and connection termination. Also, when the communication computer 11 forwards the cached message to the first vendor site 7, it must mimic the first user terminal I so that the response to the sent URL is correctly addressed to the first user terminal 1 and lost or corrupted datagrams are retransmitted.
It will now be assumed that the user of the first user terminal 1 has decided to make a purchase and has received the first vendor's credit card details form. The user fills in the form and clicks on the SUBMIT button (see Figure 2). This causes the form's action URL to be submitted. The message containing the action URL is intercepted by the communication machine 11 as described above. However, the communication computer 11 now determines that the action URL is present.
On determining that the action URL is present, the communication computer 11 sends the action LJRL to the transaction computer 12. The transaction computer 12 compares the data in the action U-RL with card holder details in the database 13. If the data is incorrect, e.g. the address is not that of the card holder, the transaction computer 12 sends back the message "invalid" to the communication computer 11. The communication computer 11 then strips the data from the action URL and replaced it with the name-value pair "details- invalid". The reconstucted action URL is then sent to the first vendor site 7 with the communication computer 11 mirMcking the first user terrrunal It will be appreciated that a standard action URL used by all vendors would simplify the extraction of the card and user details from the action URL.
The process at the first vendor site 7, which handles the action URL, identifies the "details- invalid" narne-value pair and sends an error warning HTML page to the first user terminal 1. This page is then displayed by the web browser running on the first user terminal 1.
If the data in the action URI, is correct, the transaction computer 12 generates a unique transaction ID, which it stores in the database 13 against the card holder's account, and sends the transaction ID to the communication computer 11. The communication computer 11 then strips the data from the action URL and replaced it with the name-value pair "ID-nnnnnnnn" where n is a character of the transaction ID. The reconstucted action URL is then sent to the first vendor site 7 with the communication computer 11 mimicking the first user terminal 1.
On receiving the modified action URL, the action URL-handling process of the first vendor site 7 validates and logs the transaction ID for later confirmation of the transaction with the credit card company and sends a confirmation HTML page to the first user terminal 1.
Logged transaction IDs are send by a secure means, e.g. a direct pstn connection, to the credit card company together with the amount to be charged. The credit card company then compares the transaction ID with the records in the database 13 before authorising the transfer of funds to the first vendor.
In a second embodiment having the hardware configuration shown in Figure 1, the action URL produced by the credit card form (Figure 2) includes the value of the transaction. This information is sent by the communication computer 11 to the transaction computer 12 with the credit card number and card holder details. The transaction computer 12 then determines by reference to the database 13 whether the user has sufficient credit for the transaction. If the user does not have sufficient credit for the transaction, the transaction computer 12 sends the message insufficient crediC to the communication computer 11. The communication computer 11 then strips the data from the action URL and replaced it with the name-value pair "details -insufficient credit". The reconstucted action URL is then sent to the first vendor site 7 with the communication computer 11 mimicking the first user terminal 1.
The process at the first vendor site 7, which handles the action URL, identifies the "details= insufficient crediC name-value pair and sends an error warning HTML page to the first user terminal 1. This page is then displayed by the web browser running on the first user terminal 1.
In a third embodiment having the hardware configuration shown in Figure 1, the user terminals 1, 2, 3 are provided with unique IDs, e.g. chipspecific IDs for their processors. In this case, the operation of the communication computer 11 is modified so that on receipt of an action LRL for a registerer vendor site 6, 7, it sends a message to the user terminal 1, 2, 3 requesting the ID. A process running on the user terminal 1, 2, 3 responds to this message by sending the ID back to the communication computer 11. If the ID is not received by the communication machine within a predetermined time the connection to the user terminal 1, 2, 3 is dropped as it is assumed that the user terminal 1, 2, 3 is not an authorised terminal.
If an ID is received, it is passed to the transaction computer 12 with the data from the action URL. The transaction computer 12 tries to match the ID with the credit card number. If there is a match, the process proceeds as in the first embodiment.
However, if there is not a match, the transaction computer 12 sends the message "imposter" to the communication computer 11 which responds by dropping the connection to the user terminal 1, 2, 3.
In either exception condition, caller line identification (CLI) can be used to identify the telephone line used to dial into the financial service provider site 5. This number can then be passed to a law-enforcement agency with a report of an attempted credit card fraud.
Referring to Figure 3, first, second and third user terminals 101, 102, 103 are connectable via the pstn (public switched telephone network) 104 to an Internet connectivity provider site 109. A financial service provider site 105 is connected to the Internet connectivity provider site 109 by a leased line 115. Internet connectivity provider site 109 is connectable via the Internet 106 to first and second Internet vendor sites 107, 108. The number of user terminals 101, 102, 103 is not restricted to three. Similarly, there may be many more Internet vendor sites than the two Internet vendor sites 106, 107 shown.
The first user terminal 101 comprises a pad-type computer, such as the Cyrix@ WebPAD', which includes a modem. WindowsCE is used as the operating system for the first user terminal 101, However, the dial-up networking configuration user interface is disabled so that a user cannot alter the Internet connectivity provider used for Internet access. A web browser program is provided on the first user terminal 101 so that the user can access the World Wide Web using the terminal's modem.
The second and third user terminals 102, 103 are of the same construction as the first user terminal 101.
The vendor sites 107, 108 comprise web servers. The vendor sites 107, 108 provide HTML forms (Figure 2) that enable a user to enter their credit card number and expiry date and their address.
The Internet connectivity provider site 109 comprises a modem bank 110 connected between the pstn 104 and a communication computer 111. The communication computer 111 is also connected to the Internet 106. The Internet connectivity provider site 109 also comprises a domain name server (DNS) 114.
The financial service provider site 105 comprises a transaction computer 112 and a database 113. The transaction computer 112 is connected to the communication computer 111 by the leased line 115.
All datagrams to be sent via the Internet 106 from user terminals 101, 102, 103 pass through the communication computer 111 - The communication computer 111 contains a database of registered vendor sites 107, 108 including their IP addresses and the "action" URL of the vendor's credit card detads form.
The making of a purchase by the user of user terminal 101 from the first Internet vendor site 107 will now be described. It will be appreciated that the method is effected by a conventional web browser running on the first user terminal 101 and custom programs running on the communication computer 111, the transaction computer 112 and the web server at the first vendor site 107.
The user of the first user terminal 10 1 switches on the first user teminal 10 1 and runs the web browser program. This causes the first user terminal 101 to dial up the Internet connectivity provider site 109 and log on as with any Internet connectivity provider providing dial-up Internet access. The web browser will submit an initial URL, e.g. for a search engine such as Yahoo or Alta Vista, or the home page of the Internet connectivity service provider.
A name resolver process running on the first user terminal sends the server part of the URL to the DNS 114 and receives back the IP address of that server. The LJRL is then sent from the first user terminal 101 in a message to the returned IP address.
The datagrams from the first user terminal 101 are received by the communication machine 111. The communication machine 111 reads the destination IP address in the header of the first clatagram. and looks it up in its database of registered vendor sites. Since, in this case, the IP address is not for a registered vendor site 107, 108, the first datagram. is forwarded immediately to the Internet 106 and the subsequent datagrams of the message are also immediately forwarded to the Internet 106. In this case the communication computer 111 now operates merely as a router for subsequent datagrams of the message.
The destination server responds to the URL in the message from the first user terminal 101 by replying with a message containing FrIML code for a page. The datagrams of this message are routed by the Internet 106 to the communication computer 111 which then routes then via the modem bank 110 along the pstn connection to the first user terminal 101. The web browser, running on the first user terminal 101, then displays the page defined by the HTML in the reply message.
The system operates in this manner until, the first user terminal 101 sends a URL addressed to the first vendor site 107 which, for example, identifies the vendor's home page. In this case, the communication computer 11 finds the destintion IP address in the first datagram. of the message containing the URL in its database.
Thus rather than immediately forwarding the datagrams of the message, the communication computer 111 caches the datagrams until the whole message has been received. When the whole message has been received, the communication machine 111 analyses the message to determine whether it contains the "action" URL of the destination vendor's credit card details form as contained in its database. Since, the URL is for the vendor's home page, the datagrams are now forwarded unmodified to the first vendor site 107 via the Internet 106.
At the TCP level, once the communication computer 111 has identified that a datagrarn from the first user terminal 101 is addressed to the first vendor site 107, it must respond to the first user terminal 101 as if it were the first vendor site 107 for connection set up, data transfer and connection termination. Also, when the communication computer 111 forwards the cached message to the first vendor site 107, it must mimic the first user terminal 101 so that the response to the sent URL is correctly addressed to the first user terminal 101 and lost or corrupted datagrams are retransmitted.
It will now be assumed that the user of the first user terminal 101 has decided to make a purchase and has received the first vendor's credit card details form (Figure 2). The user fills in the form and clicks on the SUBMIT button (Figure 2). This causes the form's action LTRL to be submitted. The message containing the action LJRL is intercepted by the communication machine 111 as described above.
12- However, the communication computer 111 now determines that the action URL is present.
On determining that the action URL is present, the communication computer 111 sends the action URL to the transaction computer 112. The transaction computer 112 compares the data in the action LTRL with card holder details in the database 113. If the data is incorrect, e.g. the address is not that of the card holder, the transaction computer 112 sends back the message "invalid" to the communication computer 111. The communication computer 111 then strips the data from the action URL and replaced it with the name-value pair "details- invalid". The reconstucted action URL is then sent to the first vendor site 107 with the communication computer 111 mimicking the first user terminal 10 1.
The process at the first vendor site 107, which handles the action URL, identifies the "details= Invalid" name-value pair and sends an error warning HTML page to the first user terminal 101. This page is then displayed by the web browser running on the first user terminal 101.
If the data in the action URL is correct, the transaction computer 112 generates a unique transaction ID, which it stores in the database 113 against the card holder's account, and sends the transaction ID to the communication computer 111. The communication computer 111 then strips the data from the action URL and replaced it with the name-value pair "ID-nnnnnnnn" where n is a character of the transaction ID. The reconstucted action URL is then sent to the first vendor site 107 with the communication computer 111 mimicking the first user terminal 10 1.
On receiving the modified action URL, the action URL-handling process of the first vendor site 107 validates and logs the transaction ID for later confirmation of the transaction with the credit card company and sends a confirmation FITMI- page to the first user terminal 101.
Logged transaction IDs are send by a secure means, e.g. a direct pstn connection, to the credit card company together with the amount to be charged. The credit card company then compares the transaction ID with the records in the database 113 before authorising the transfer of funds to the first vendor.
In each of the foregoing embodiments, a user cannot change the dial-up networking setup of their user terminal 1, 2, 3. However, changing circumstances may make a change necessary, e.g. changes in the telephone number to be dialled. These changes can be made by means of a JAVArm or ActiveX applet associated with a web page provided by the Internet connectivity providing entity.
The operation of the communication computer 11, 111 in any of the foregoing embodiments may be modified so that all messages from the user terminals 1, 2, 3, 10 1, 102, 103 are cached. The communication computer 11, 111 can then analyse the content of the messages to determine whether is comprises an action LJRL of a credit card details form of an unregistered "vendor". These messages can then be blocked to avoid credit card details being sent to bogus vendors.
The connection between the user terminals 1, 2, 3, 101, 102, 103 and the communication computer 11, 111 may be, but not exclusively so, via a telephone circuit, on ISDN connection or a]eased line.
It will be appreciated that may modifications can be made to the abovedescribed embodiments to provide security beyond that obtained by avoiding the transmssion of credit card details over the Internet.
The present invention has been explained with reference to a system employing HTML. However, it will be appreciated that with the development of XML, other mark up languages may be developed that are useable in embodiments of the present invention.

Claims (10)

Claims
1. An electronic commerce system comprising:an Internet connectivity provider site; 5 a financial service provider site for producing transaction IDs; a user terminal programmed with a web browser program and connectable to the Internet connectivity provider site for accessing the Internet; and a World Wide Web vendor site configured for sending a payment card information entry form having an action definition, having at least one parameter, associated therewith, wherein the Internet connectivity provider site is configured to intercept messages from the user tenninal which include said action definition and substitute at least a payment card number within the parameter or parameters of said action definition with a transaction ID produced by the financial service provider site.
2. A system according to claim 1, wherein said entry form is an HTNIL form and said action definition comprises an action URL defined in the HTML code for said form.
3. A user tern-iinal for a system according to claim 1 or 2, comprising a computer including user input means, modem means and modem control data for controlling the modem for establishing communication with the Internet connectivity provider site, wherein the modem control data is not modifiable by means of data 'input using the user input means alone.
4. A user terminal according to claim 3, including read-only storage means storing an machine-specific ID.
5. A World Wide Web vendor site for a system according to claim 1 or 2, configured to run a process for processing said action definition, said process being capable ofrecognising unsubstituted parameters and recording a transaction in a first manner in response thereto; and recognising substituted parameters, which identify a transaction, and recording the transaction in a second manner in response thereto.
6. A World Wide Web vendor site according to claim 5, wherein said process is capable of recogrUsing substituted parameters which indicate a reason for non-completion of the transaction and sending an page to the user terminal in dependence thereon.
7. A World Wide Web vendor site according to claun 5, wherein said reason is insufficient credit or incorrectly entered payment card related data.
8. An Internet connectivity provider site for a system according to claim 1 or 2, including:- a database of vendor site IP addresses and associated action definitions; search means for searching the database for the destination IP address in a message from the user terrninal; identification means responsive to the search means finding an IP address in the database to identify said action definition in the message; and signalling means for signalling action definition parameters to the financial service provider site in dependence on identification of an action definition by the identification means and receiving a transaction ID or other data not comprising a payment card number therefrom; means for substituting at least a payment card number within the parameter or parameters of said action definition with the transaction ID or other data; and transmission means for sending the modified message to the vendor site.
9. An Internet connectivity provider site according to claun 8, wherein the transmassion means is configured to mimic the user terminal when sending said modified message.
10. An electronic commerce system substantially as hereinbefore described with reference to Figures 1 or 3.
GB9913530A 1999-06-10 1999-06-10 Electronic commerce system Expired - Fee Related GB2350982B (en)

Priority Applications (10)

Application Number Priority Date Filing Date Title
GB9913530A GB2350982B (en) 1999-06-10 1999-06-10 Electronic commerce system
EP00937032A EP1190263A2 (en) 1999-06-10 2000-06-02 Electronic commerce system
AU52328/00A AU762413B2 (en) 1999-06-10 2000-06-02 Electronic commerce system
CA002376802A CA2376802A1 (en) 1999-06-10 2000-06-02 Electronic commerce system
CN00808546A CN1354861A (en) 1999-06-10 2000-06-02 Electronic commerce system
BR0011729-3A BR0011729A (en) 1999-06-10 2000-06-02 Ecommerce System
MXPA01012714A MXPA01012714A (en) 1999-06-10 2000-06-02 Electronic commerce system.
JP2001503133A JP2003502743A (en) 1999-06-10 2000-06-02 E-commerce system
PCT/GB2000/002138 WO2000077733A2 (en) 1999-06-10 2000-06-02 Electronic commerce system
KR1020017015918A KR20020035004A (en) 1999-06-10 2000-06-02 Electronic commerce system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB9913530A GB2350982B (en) 1999-06-10 1999-06-10 Electronic commerce system

Publications (3)

Publication Number Publication Date
GB9913530D0 GB9913530D0 (en) 1999-08-11
GB2350982A true GB2350982A (en) 2000-12-13
GB2350982B GB2350982B (en) 2003-06-25

Family

ID=10855109

Family Applications (1)

Application Number Title Priority Date Filing Date
GB9913530A Expired - Fee Related GB2350982B (en) 1999-06-10 1999-06-10 Electronic commerce system

Country Status (10)

Country Link
EP (1) EP1190263A2 (en)
JP (1) JP2003502743A (en)
KR (1) KR20020035004A (en)
CN (1) CN1354861A (en)
AU (1) AU762413B2 (en)
BR (1) BR0011729A (en)
CA (1) CA2376802A1 (en)
GB (1) GB2350982B (en)
MX (1) MXPA01012714A (en)
WO (1) WO2000077733A2 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001090987A1 (en) * 2000-05-25 2001-11-29 Wilson How Kiap Gueh Transaction system and method
GB2370475A (en) * 2000-12-22 2002-06-26 Hewlett Packard Co Secure online transaction where a buyer sends some information direct to a bank and some via a vendor
WO2002058017A1 (en) * 2001-01-19 2002-07-25 Haissam Malas Global payment method, and payment system and payment card used therewith
EP1387329A1 (en) * 2002-07-30 2004-02-04 France Telecom Telepayment method, system and gateway for implementing this method, use of the method
US7113930B2 (en) 2001-02-23 2006-09-26 Hewlett-Packard Development Company, L.P. Conducting transactions

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FI20011134A7 (en) * 2001-05-31 2002-12-01 Portalify Oy Methods and systems for providing and charging for services in a telecommunications network
FI20012044A7 (en) * 2001-10-22 2003-04-23 Portalify Oy Method and telecommunications network for providing and billing services
FR2862170A1 (en) * 2003-11-06 2005-05-13 France Telecom METHOD OF TRANSFERRING CONFIDENTIAL DATA TO THE HEART OF NETWORKS
US20060047662A1 (en) * 2004-08-31 2006-03-02 Rajkishore Barik Capability support for web transactions
KR101923611B1 (en) * 2011-04-11 2018-11-29 삼성전자주식회사 Service server, user terminal, service providing method and control method thereof

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0501697A2 (en) * 1991-02-27 1992-09-02 AT&T Corp. Mediation of transactions by a communications system
EP0590861A2 (en) * 1992-09-29 1994-04-06 AT&T Corp. Secure credit/debit card authorization
EP0813325A2 (en) * 1996-06-12 1997-12-17 AT&T Corp. A mechanism for enabling secure electronic transactions on the open internet

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ATE159484T1 (en) 1993-08-06 1997-11-15 Kaysersberg Packaging Sa BOX IN THE SHAPE OF A DISPLAY PACKAGING
US5826241A (en) * 1994-09-16 1998-10-20 First Virtual Holdings Incorporated Computerized system for making payments and authenticating transactions over the internet
US6252869B1 (en) * 1995-12-29 2001-06-26 At&T Corp. Data network security system and method
US5815665A (en) * 1996-04-03 1998-09-29 Microsoft Corporation System and method for providing trusted brokering services over a distributed network
EP0887776A1 (en) * 1997-06-23 1998-12-30 Rainer Grunert Transaction unit / method for payment administration on Internet and/or similar public client-server systems
AU5729200A (en) * 1999-06-09 2000-12-28 Intelishield.Com, Inc. Internet payment system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0501697A2 (en) * 1991-02-27 1992-09-02 AT&T Corp. Mediation of transactions by a communications system
EP0590861A2 (en) * 1992-09-29 1994-04-06 AT&T Corp. Secure credit/debit card authorization
EP0813325A2 (en) * 1996-06-12 1997-12-17 AT&T Corp. A mechanism for enabling secure electronic transactions on the open internet

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001090987A1 (en) * 2000-05-25 2001-11-29 Wilson How Kiap Gueh Transaction system and method
GB2370475A (en) * 2000-12-22 2002-06-26 Hewlett Packard Co Secure online transaction where a buyer sends some information direct to a bank and some via a vendor
WO2002058017A1 (en) * 2001-01-19 2002-07-25 Haissam Malas Global payment method, and payment system and payment card used therewith
WO2002058018A3 (en) * 2001-01-19 2003-02-13 Haissam Malas Payment method, and payment system with pay card used therewith
US7113930B2 (en) 2001-02-23 2006-09-26 Hewlett-Packard Development Company, L.P. Conducting transactions
EP1387329A1 (en) * 2002-07-30 2004-02-04 France Telecom Telepayment method, system and gateway for implementing this method, use of the method
FR2843216A1 (en) * 2002-07-30 2004-02-06 France Telecom REMOTE PAYMENT METHOD, SYSTEM AND GATEWAY FOR IMPLEMENTING THE SAME, USE OF THE SAME

Also Published As

Publication number Publication date
KR20020035004A (en) 2002-05-09
CA2376802A1 (en) 2000-12-21
AU5232800A (en) 2001-01-02
JP2003502743A (en) 2003-01-21
EP1190263A2 (en) 2002-03-27
GB2350982B (en) 2003-06-25
AU762413B2 (en) 2003-06-26
WO2000077733A3 (en) 2001-11-15
CN1354861A (en) 2002-06-19
GB9913530D0 (en) 1999-08-11
MXPA01012714A (en) 2003-09-04
WO2000077733A2 (en) 2000-12-21
BR0011729A (en) 2003-07-08

Similar Documents

Publication Publication Date Title
US6755342B1 (en) Credit card validation for an interactive wireless network
EP2302523B1 (en) Enhanced service platform with secure system and method for subscriber profile customization
US9805090B1 (en) System and method for processing database queries
EP1314078B1 (en) Automatic network user identification
US6173407B1 (en) Method of authenticating and charging a client using a web infoshop service system
EP0855659B1 (en) System and method for providing anonymous personalized browsing in a network
US6959860B2 (en) System for automatic connection to a network
US6023698A (en) System and method for transparently registering and updating information over the internet
US5905736A (en) Method for the billing of transactions over the internet
US20060059161A1 (en) Signaling apparatus and method
US8725605B1 (en) Method and system for managing service accounts
KR20000076224A (en) Method and system for secure online transaction processing
WO2007058732A2 (en) B2c authentication system and methods
RU2507579C2 (en) Ordering method for mobile radio network users
AU762413B2 (en) Electronic commerce system
RU2427893C2 (en) Method of service server authentication (versions) and method of services payment (versions) in wireless internet
WO2000049505A1 (en) System for automatic connection to a network
US20070250916A1 (en) B2C Authentication
JP2002063524A (en) Credit guarantee method in electronic commerce, transaction authentication server, store server and member management server to which this method is applied
WO2001031536A2 (en) A direct stock purchase system and method for implementing the same
KR100381860B1 (en) System and method of providing the independent management of identification and payment with billing
JP2005115588A (en) Server system
KR20010035055A (en) System and Method of Processing Payment Assurance using Messenger
AU4385300A (en) Signalling apparatus and method

Legal Events

Date Code Title Description
PCNP Patent ceased through non-payment of renewal fee

Effective date: 20040610