WO2002033363A2 - Method and apparatus for secure payment processing - Google Patents

Method and apparatus for secure payment processing Download PDF

Info

Publication number
WO2002033363A2
WO2002033363A2 PCT/US2001/032416 US0132416W WO0233363A2 WO 2002033363 A2 WO2002033363 A2 WO 2002033363A2 US 0132416 W US0132416 W US 0132416W WO 0233363 A2 WO0233363 A2 WO 0233363A2
Authority
WO
WIPO (PCT)
Prior art keywords
payment
processing
customer
information
merchant
Prior art date
Application number
PCT/US2001/032416
Other languages
French (fr)
Other versions
WO2002033363A3 (en
Inventor
Joshua Edwards Bixler
Juan Enrique Aguilar
Original Assignee
Joshua Edwards Bixler
Juan Enrique Aguilar
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Joshua Edwards Bixler, Juan Enrique Aguilar filed Critical Joshua Edwards Bixler
Priority to AU2002214606A priority Critical patent/AU2002214606A1/en
Publication of WO2002033363A2 publication Critical patent/WO2002033363A2/en
Publication of WO2002033363A3 publication Critical patent/WO2002033363A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation

Definitions

  • the present invention relates to a payment processing method and apparatus, and more particularly, to a network-based secured payment processing system and method that does not retain sensitive payment information on a merchant's web and/or database servers.
  • Network-based payment systems allow people to make payments for products and services, including government and commercial transactions and charitable donations, by submitting information related to their credit cards, debit cards, or bank accounts to a payment processing center via a data transmission network, such as the Internet or telephone lines. Charges are directly applied to the corresponding accounts.
  • a data transmission network such as the Internet or telephone lines.
  • merchants can secure the payments almost immediately and customers do not have to travel to the stores to make payments in person or send by mail.
  • Online merchants rely on such network-based payment systems to facilitate online transactions.
  • Customers usually make payments for online purchases with credit cards by submitting credit card numbers, expiration dates, names of cardholders, etc. to online merchants.
  • some on-line merchants set up their own credit card processing system to process credit card charges and maintain databases for customers' credit card information, and connect to network-based payment processing systems, such as those maintained by VISA, MasterCard, or American Express, which take over the settlement process with banks.
  • the merchants collect credit card information from customers and then pass the information to the network-based payment processing systems via the Internet or a telephone line in real time.
  • the payment processing system contacts the issuing bank based on the credit card information and obtains an authorization number for the charge. The processing result is then sent back to the merchant.
  • merchants do not have to maintain a database containing credit card information collected from customers.
  • Merchants simply obtain credit card information, such as names, credit card numbers, and expiration dates, from customers, and pass the credit card information as well as charge amount to the payment service via the Internet.
  • the payment service communicates with the network- based payment processing system to obtain a payment process result, such as an authorization number or decline code, for the charge.
  • the processing result is then sent back to the merchant.
  • the present invention provides a computer implemented method and apparatus whereby sensitive payment information is submitted to, and processed by, a payment service system, such as an Internet payment service system, other than a merchant's system, such as the merchant's web server and/or database server, using a data link that does not pass through the merchant system. Accordingly, the merchant's system does not receive, transmit or store any sensitive payment information and thus is relatively immune from the risk of leaking sensitive payment information submitted by its customers.
  • the payment service system processes the payments for the merchant so that the merchant does not have to pay for the large up-front cost of setting up hardware and software for processing payments. At the same time, the merchant enjoys the benefit of network-based payment processing without worrying about the problems associated with receiving, transmitting or storing sensitive customer or credit card information on the merchant's system.
  • the payment service system may provide a transparent user interface that is identical or substantially similar to that presented to customers by the merchant system so that customers are less likely to know that they have left the merchant's system.
  • a URL Universal Resource Locator
  • identifying the payment service system may indicate substantially the same domain as that of the merchant system. For example, https://www.merchant.com for the merchant system and https://payment.merchant.com for the payment service system. Consequently, customers may believe that the payment service system is part of a single, continuous process on the merchant system
  • the present invention is an apparatus (e.g., a data processing system) for processing a payment over a data transmission network, comprising: a processor for processing data; a memory; a data storage device for storing data; an input device for inputting data; a communication interface for coupling to the data transmission network; and a bus coupling to the input device, the memory, the data storage device, the communication interface, and the processor.
  • a processor for processing data
  • a memory for storing data
  • an input device for inputting data
  • a communication interface for coupling to the data transmission network
  • a bus coupling to the input device, the memory, the data storage device, the communication interface, and the processor e.g., a data processing system
  • the data storage device bears machine- readable instructions for controlling the processor, upon execution of the instructions, to perform the steps of: communicating with a customer system via the data transmission network; receiving payment information representative of the payment from the communication interface; soliciting verification information from the customer system; receiving the verification information sent from the customer system via the communication interface, wherein the verification information does not pass through a merchant system; initiating processing of the payment based on the payment information and the verification information.
  • a method according to the present invention for processing a payment comprises the steps of: establishing communication with a customer system via a data link; receiving payment information representative of the payment from a merchant system via the data link; soliciting verification information from the customer system; receiving the verification information from the customer system, wherein the verification information does not pass through a merchant system; and initiating processing of the payment based on the payment information and the verification information; and directing the customer system to establish communication with the merchant system.
  • the payment service system may reside on and is implemented by a server that is not under the merchant's control. This method may be implemented to process a payment between a merchant system and a customer system with assistance of a payment service system.
  • the payment service system receives a payment selection from a customer system via a first data link; the payment service system receives payment information representative of the payment from a merchant system via a second data link; the payment service system solicits verification information from the customer system; the payment service system receives the verification information from the customer system wherein the verification information does not pass through a merchant system; the payment service system initiates processing of the payment based on the payment and verification information; and the payment service system directs the customer system to establish communication with the merchant system.
  • the present invention is a method for processing a payment comprising the steps of: receiving a payment selection from a customer system via a first data link and directing the customer system to establish communication with a payment service system via a second data link without passing through a merchant system.
  • payment information such as payment amount, transaction type, merchant name and account information! etc, may be transmitted to the payment service system after the customer system is connected to the payment service system.
  • the method may be implemented to process a payment between a merchant system and a customer system with assistance of a payment service system. For example: the merchant system receives a payment selection from a customer system via a first data link; the merchant system directs the customer system to establish communication with the payment service system via a second data link;
  • customer system submits verification information to the payment service system without passing through the merchant system.
  • Another method for processing a payment comprises: communicating with a customer system via a first data link; and presenting a payment selection to the customer system.
  • the customer system is directed to establish communication with a payment service system via a second data link without passing through a merchant system.
  • the merchant system in response to the customer system selecting the payment selection, issues a control signal to direct the customer system to connect to the payment service system.
  • the control signal may be a Redirection Header, such as an HTTP server connection code 300, containing a URL corresponding to the payment service system.
  • the method further comprises a step of providing a redirection command to the customer system.
  • the customer system Upon selecting the payment selection, the customer system issues the redirection command, such as form post, that directs a web browser on the customer system to connect to the payment service system.
  • the redirection command such as form post
  • the customer After being connected to the payment service system, the customer submits verification information, such as charge amount, credit card numbers, cardholders' names, and expiration dates, to the payment service system. Since the verification information does not pass through the merchant system, the merchant system does not retain sensitive payment information.
  • the payment service system initiates a payment processing procedure based on the verification information submitted by the customer and/or the payment information submitted by the merchant system.
  • the payment service system may submit information selected form the verification information to a payment processing system, which may in turn connect to bank servers or servers in credit card processing centers, to obtain an authorization on the charges.
  • the payment service system presents to the customer a user interface that is identical or substantially similar to that presented to the customer by the merchant system so that the customers are not aware of leaving the merchant system.
  • Another method implemented according to the present invention for processing a payment includes the steps of: receiving payment information representative of the payment, directing a customer system to establish communication with a payment service system, soliciting input of verification information from the customer system, initiating processing of the payment based on the payment information and the verification information, and directing the customer system to establish communication with a merchant system.
  • the methods of the present invention may be implemented in any suitable conventional manner including, without limitation, via the use of an apparatus or computer communicating with a web server and another computer or web server.
  • FIG. 1 depicts a computer system that can be used to implement an embodiment of the present invention.
  • FIG. 2 shows a schematic block diagram illustrating the architecture of a network- based payment processing system in accordance with one embodiment of the present invention.
  • FIG. 3 is a flow chart showing a payment processing procedure implemented according to the present invention.
  • FIG. 4a illustrates a user interface used during a customer visiting the merchant's web site.
  • FIG. 4b shows a user interface used by the payment service system to solicit the customer to input credit card information.
  • the present invention solves the above-described and other technical problems by providing a method, apparatus, and software.
  • An exemplary network-based payment processing system is described.
  • numerous specific details are set forth in order to provide a thorough understanding of the present invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced without these specific details. In other instances, well-known structures and devices are shown in block diagram form in order to avoid unnecessarily obscuring the present invention.
  • FIG. 1 is a block diagram that illustrates a computer system 100 upon which an embodiment of the invention may be implemented.
  • Computer system 100 includes a bus 102 or other communication mechanism for communicating information, and a processor 104 coupled with bus 102 for processing information.
  • Computer system 100 also includes a main memory 106, such as a random access memory (RAM) or other dynamic storage device, coupled to bus 102 for storing information and instructions to be executed by processor 104.
  • Main memory 106 also may be used for storing temporary variables or other intermediate information during execution of instructions to be executed by processor 104.
  • Computer system 100 further includes a read only memory (ROM) 108 or other static storage device coupled to bus 102 for storing static information and instructions for processor 104.
  • ROM read only memory
  • a storage device 110 such as a magnetic disk or optical disk, is provided and coupled to bus 102 for storing information and instructions.
  • Computer system 100 may be coupled via bus 102 to a display 112, such as a cathode ray tube (CRT), for displaying information to a computer user.
  • a display 112 such as a cathode ray tube (CRT)
  • An input device 114 is coupled to bus 102 for communicating information and command selections to processor 104.
  • cursor control 116 is Another type of user input device
  • cursor control 116 such as a mouse, a trackball, or cursor direction keys for communicating direction information and command selections to processor 104 and for controlling cursor movement on display 112.
  • This input device typically has two degrees of freedom in two axes, a first axis (e.g., x) and a second axis (e.g., y), that allows the device to specify positions in a plane.
  • the invention is related to the use of computer system 100 for network- based secured payment processing.
  • access to a remote computer or server and communication therebetween is provided by computer system 100 in response to processor 104 executing one or more sequences of one or more instructions contained in main memory 106.
  • Such instructions may be read into main memory 106 from another machine-readable medium, such as storage device 110.
  • Execution of the sequences of instructions contained in main memory 106 causes processor 104 to perform the process steps described herein.
  • processors in a multiprocessing arrangement may also be employed to execute the sequences of instructions contained in main memory 106.
  • hard-wired circuitry may be used in place of or in combination with software instructions to implement the invention.
  • embodiments of the invention are not limited to any specific combination of hardware circuitry and software.
  • machine-readable medium refers to any medium that participates in providing instructions to processor 104 for execution. Such a medium may take many forms, including but not limited to, non-volatile media, volatile media, and transmission media.
  • Non-volatile media include, for example, optical or magnetic disks, such as storage device 110.
  • Volatile media include dynamic memory, such as main memory 106.
  • Transmission media include coaxial cables, copper wire and fiber optics, including the wires that comprise bus 102. Transmission media can also take the form of acoustic or light waves, such as those generated during radio frequency (RF) and infrared (IR) data communications.
  • RF radio frequency
  • IR infrared
  • Machine-readable media include, for example, a floppy disk, a flexible disk, hard disk, magnetic tape, any other magnetic medium, a CD-ROM, DVD, any other optical medium, punch cards, paper tape, any other physical medium with patterns of holes, a RAM, a PROM, and EPROM, a FLASH-EPROM, any other memory chip or cartridge, a carrier wave as described hereinafter, or any other medium from which a computer can read.
  • Various forms of machine readable media may be involved in carrying one or more sequences of one or more instructions to processor 104 for execution.
  • the instructions may initially be borne on a magnetic disk of a remote computer.
  • the remote computer can load the instructions into its dynamic memory and send the instructions over a telephone line using a modem.
  • a modem local to computer system 100 can receive the data on the telephone line and use an infrared transmitter to convert the data to an infrared signal.
  • An infrared detector coupled to bus 102 can receive the data carried in the infrared signal and place the data on bus 102.
  • Bus 102 carries the data to main memory 106, from which processor 104 retrieves and executes the instructions.
  • the instructions received by main memory 106 may optionally be stored on storage device 110 either before or after execution by processor 104.
  • Computer system 100 also includes a communication interface 118 coupled to bus 102.
  • Communication interface 118 provides a two-way data communication coupling to a network link 120 that is connected to a local network 122.
  • communication interface 118 may be an integrated services digital network (ISDN) card or a modem to provide a data communication connection to a corresponding type of telephone line.
  • ISDN integrated services digital network
  • communication interface 118 may be a local area network (LAN) card to provide a data communication connection to a compatible LAN.
  • LAN local area network
  • Wireless links may also be implemented.
  • communication interface 118 sends and receives electrical, electromagnetic or optical signals that carry digital data streams representing various types of information.
  • Network link 120 typically provides data communication through one or more networks to other data devices.
  • network link 120 may provide a connection through local network 122 to a host computer 124 or to data equipment operated by an Internet Service Provider (ISP) 126.
  • ISP 126 provides data communication services through the worldwide packet data communication network, now commonly referred to as the "Internet” 128.
  • Internet 128 uses electrical, electromagnetic or optical signals that carry digital data streams.
  • the signals through the various networks and the signals on network link 120 and through communication interface 118, which carry the digital data to and from computer system 100, are exemplary forms of carrier waves transporting the information.
  • Computer system 100 can send messages and receive data, including program code, through the network(s), network link 120, and communication interface 118.
  • a server 130 might transmit a requested code for an application program through Internet 128, ISP 126, local network 122 and communication interface 118.
  • the received code may be executed by processor 104 as it is received, and/or stored in storage device 110, or other non-volatile storage for later execution.
  • FIG. 2 shows a schematic block diagram illustrating the architecture of the payment processing system in accordance with an embodiment of the present invention.
  • a customer uses a customer system 202 to establish a data link 212 to communicate with other data processing systems, such as merchant system 204 on which the merchant's webpage is located.
  • Merchant system 204, customer system 202, payment service system 206, and payment processing system 208 may be computer systems as described in FIG. 1 and are capable of communicating with other data processing systems via data links 212, 214, 216 and 218, such as the Internet or wireless transmission.
  • the computer systems may communicate with other systems by using a lower level protocol called TCP/IP (Transmission Control Protocol/Internet Protocol).
  • TCP/IP Transmission Control Protocol/Internet Protocol
  • TCP/IP allows communication between interconnected networks or computers having diverse hardware architectures and various operating systems.
  • the computer systems may use Hypertext Transfer Protocol (HTTP) to conduct data transfer between systems on the World Wide Web (WWW).
  • HTTP data transfers are encrypted using the Secure Sockets Layer (SSL) mechanism present in the WWW system servers.
  • SSL Secure Sockets Layer
  • a server is a data processing system equipped with software capable of handling HTTP requests and decoding SSL Encrypted HTTP requests, such as a request from a Web browser.
  • the merchant's web site may be created by using Hypertext Markup
  • FIG. 3 is a flow chart showing a payment processing procedure using network-based architecture depicted in FIG. 2.
  • steps 301 and 303 the customer browses the merchant's website and makes transactions thereon. After the customer finishes her shopping, including collecting items for purchase, a "check out" button is clicked to initiate a checkout procedure. The customer is then presented with a user interface asking the customer to fill personal information, such as name, billing address, shipping address, telephone number, e-mail, and payment preference (Step 305).
  • customer system 202 After the customer indicates her preference to pay with a credit card, such as by clicking on a "pay by credit card” button on the merchant's web page, customer system 202 is directed to establish a data link 214 to communicate with payment service system 206 (Step 307).
  • a redirection command is embedded in the button.
  • the customer By clicking the "pay by credit card” button on the merchant's web page, the customer in effect submits the redirection command, such as a command including a URL (Universal Resource Locator) corresponding to the location of payment service system 206, to the customer's web browser, which controls the customer system to connect to the payment service system 206.
  • URL Universal Resource Locator
  • the customer system by clicking the "pay by credit card” button, sends an indication signal to the merchant system.
  • the merchant system issues a control signal to direct the customer system to connect to the payment service system.
  • the control signal may be a Redirection Header, such as an HTTP server connection code 300 containing a URL corresponding to the payment service system.
  • the control signal in effect controls the web browser to initiate connection to the web site having the URL.
  • customer system 202 establishes communication with payment service system 206.
  • the customer After connecting to the payment service system, the customer initiates submission of the transaction information related to the transaction, such as merchant identifier, transaction identifier, total amount, customer's name, transaction number, etc., to payment service system 206.
  • the merchant's web page may use a form containing hidden fields for submitting the information.
  • payment service system 206 may initiate communication with merchant system 204 via data link 216 to validate the transaction based on the received transaction information (Step 309). This validation occurs as a server-to-server query via an HTTP POST from payment service system 206 to merchant system 204.
  • Merchant system 204 may need to have a securely accessible script that can be accessed by payment service system 206, and that can receive a request and return an output used to validate the transaction.
  • payment service system 206 may post two variables, remittancejd and securityjd, to a script at merchant system 204.
  • Merchant system 204 should return a pre-determined output that would be read by payment service system 206 to determine whether the transaction information was sent by merchant system 204 or by a possible malicious user.
  • the payment service system 206 may issue a redirection command to direct the customer back to the merchant system 204.
  • a redirection command may be a Redirection Header, such as an HTTP server connection code 300 containing a URL corresponding to the payment service system.
  • the Redirection Header in effect controls the web browser to initiate connection to the web site having the URL.
  • customer system 202 again establishes communication with merchant system 204 after the payment processing is finished.
  • the credit card information is sent directly from the customer system to an independent payment service system without passing through the merchant system or other systems controlled by the merchant.
  • the merchant system does not retain any information related to customers' credit cards or debit cards. Therefore, the risk of sensitive information leakage from the merchant system is reduced to the lowest level.
  • payment service system 206 keeps records of payment processed for each merchant system. At the end of each day, payment service system 206 sends a list of all authorized payments to be settled to payment processing system 208, which forwards the information to the acquiring bank of the merchant. The acquiring bank sends the information to be settled to the credit card, such as Visa, MasterCard, or American Express, association network and system, which debit the corresponding bank accounts. The acquiring bank then transfers the money to the merchant's account in the acquiring bank.
  • the credit card such as Visa, MasterCard, or American Express
  • payment service system 206 uses a user interface that has consistent or substantially similar look and feel as the user interface presented to the customer when customer system 202 is in communication with merchant system 204.
  • Fig. 4a shows a user interface used during the customer visiting the merchant's web site.
  • Fig. 4b shows a user interface used by payment service system 206 to solicit the customer to input credit card information. Since the user interfaces look consistent, customers are not likely to know that they have left the merchant system and that the credit card information is being processed by another server.
  • Payment service system 206 maintains a database for each payment processed for merchant system 204.
  • the database may contain information including unique transaction numbers identifying each payment, transaction time, customer information, items purchased, etc.
  • Merchant system 204 may gain access to the database by establishing data link 216 to connect to payment service system 206.
  • payment service system 206 may initiate an encrypted server-to-server HTTPS
  • POST to a secured script at merchant system 204.
  • Merchant system 204 may need to have a securely accessible script that can be accessed by payment service system 206, and that can receive a request and return an output used to validate the transaction.
  • the operator from merchant system 204 may be required to provide personal information and password in order to access transaction information.
  • the merchant can access the database and perform data maintenance, issue account credits and generate reports.
  • the merchant system will not have full access to the credit card information used during the transactions so that no sensitive credit card information will enter merchant's system. Therefore, risk of legal liability is reduced.

Abstract

A computer-implemented system and method for secure payment processing. After a customer connects to a merchant system via a data network and makes transactions thereon, the customer is directed to a payment processing system other than the merchant system on which the transactions are made, to submit sensitive verification information, such as credit card numbers and expiration dates, via an independent data link without passing through the merchant system. Therefore, the merchant system does not retain information related to sensitive verification information during payment processing. In addition, during submitting the verification information, the customer is presented with a user interface having the exact same or substantially similar look and feel as that provided by the merchant system during the transaction.

Description

METHOD AND APPARATUS FOR SECURE PAYMENT PROCESSING
CROSS REFERENCE TO RELATED APPLICATION [0001] The present application claims the benefit of U.S. Provisional Patent Application Serial Number 60/241 ,325 filed October 18, 2000, entitled "Method and Apparatus for Seamlessly Conducting Secured Transactions," the entire disclosure of which is incorporated herein by reference.
FIELD OF THE INVENTION [0002] The present invention relates to a payment processing method and apparatus, and more particularly, to a network-based secured payment processing system and method that does not retain sensitive payment information on a merchant's web and/or database servers.
BACKGROUND OF THE INVENTION [0003] Network-based payment systems allow people to make payments for products and services, including government and commercial transactions and charitable donations, by submitting information related to their credit cards, debit cards, or bank accounts to a payment processing center via a data transmission network, such as the Internet or telephone lines. Charges are directly applied to the corresponding accounts. In the case of online transactions, merchants can secure the payments almost immediately and customers do not have to travel to the stores to make payments in person or send by mail. Online merchants rely on such network-based payment systems to facilitate online transactions. Customers usually make payments for online purchases with credit cards by submitting credit card numbers, expiration dates, names of cardholders, etc. to online merchants.
[0004] In order to connect their web sites to network-based payment systems to support online transactions, some on-line merchants set up their own credit card processing system to process credit card charges and maintain databases for customers' credit card information, and connect to network-based payment processing systems, such as those maintained by VISA, MasterCard, or American Express, which take over the settlement process with banks. The merchants collect credit card information from customers and then pass the information to the network-based payment processing systems via the Internet or a telephone line in real time. In response, the payment processing system contacts the issuing bank based on the credit card information and obtains an authorization number for the charge. The processing result is then sent back to the merchant.
[0005] There are, however, several drawbacks for merchants who set up their own credit card processing systems. First, the hardware and software for processing payments is complicated and, to be reliable, requires significant up-front investment including system design, integration, configuration, and testing. Second, merchants who deploy their own credit card processing systems are often not able to negotiate a favorable credit card processing rate. Third, merchants' databases containing customer credit card information are subject to hacker invasion and information misappropriation, which in turn exposes the merchants to potential legal liabilities. In order to reduce the risk of hacker invasion and information misappropriation, great expense is required to adequately protect customer databases. For these and other reasons, some merchants outsource the credit card processing to a payment service, such as an Internet payment service. By outsourcing credit card processing to the payment service, merchants do not have to maintain a database containing credit card information collected from customers. Merchants simply obtain credit card information, such as names, credit card numbers, and expiration dates, from customers, and pass the credit card information as well as charge amount to the payment service via the Internet. In response, the payment service communicates with the network- based payment processing system to obtain a payment process result, such as an authorization number or decline code, for the charge. The processing result is then sent back to the merchant.
[0006] The Internet payment service as described above, however, is not completely safe. Although merchants do not handle the credit card processing by itself, sensitive information, such as credit card numbers, still have to pass through the online merchant's system to the Internet payment service. The sensitive information is thus kept in the merchant's system and is subject to hacker's attack. Even if the information is only kept in the merchant's system temporarily, the merchant's system is still exposed to hacker invasion or information misappropriation. [0007] Therefore, there is a need for effective network-based payment systems that address the above-described and other problems. The present invention addresses at least the above needs.
SUMMARY OF THE INVENTION
[0008] These and other needs are addressed by the present invention. The present invention provides a computer implemented method and apparatus whereby sensitive payment information is submitted to, and processed by, a payment service system, such as an Internet payment service system, other than a merchant's system, such as the merchant's web server and/or database server, using a data link that does not pass through the merchant system. Accordingly, the merchant's system does not receive, transmit or store any sensitive payment information and thus is relatively immune from the risk of leaking sensitive payment information submitted by its customers. The payment service system processes the payments for the merchant so that the merchant does not have to pay for the large up-front cost of setting up hardware and software for processing payments. At the same time, the merchant enjoys the benefit of network-based payment processing without worrying about the problems associated with receiving, transmitting or storing sensitive customer or credit card information on the merchant's system.
[0009] The payment service system may provide a transparent user interface that is identical or substantially similar to that presented to customers by the merchant system so that customers are less likely to know that they have left the merchant's system. In one aspect, a URL (Universal Resource Locator) identifying the payment service system may indicate substantially the same domain as that of the merchant system. For example, https://www.merchant.com for the merchant system and https://payment.merchant.com for the payment service system. Consequently, customers may believe that the payment service system is part of a single, continuous process on the merchant system
[0010] In one embodiment, the present invention is an apparatus (e.g., a data processing system) for processing a payment over a data transmission network, comprising: a processor for processing data; a memory; a data storage device for storing data; an input device for inputting data; a communication interface for coupling to the data transmission network; and a bus coupling to the input device, the memory, the data storage device, the communication interface, and the processor. The data storage device bears machine- readable instructions for controlling the processor, upon execution of the instructions, to perform the steps of: communicating with a customer system via the data transmission network; receiving payment information representative of the payment from the communication interface; soliciting verification information from the customer system; receiving the verification information sent from the customer system via the communication interface, wherein the verification information does not pass through a merchant system; initiating processing of the payment based on the payment information and the verification information.
[0011] A method according to the present invention for processing a payment comprises the steps of: establishing communication with a customer system via a data link; receiving payment information representative of the payment from a merchant system via the data link; soliciting verification information from the customer system; receiving the verification information from the customer system, wherein the verification information does not pass through a merchant system; and initiating processing of the payment based on the payment information and the verification information; and directing the customer system to establish communication with the merchant system. The payment service system may reside on and is implemented by a server that is not under the merchant's control. This method may be implemented to process a payment between a merchant system and a customer system with assistance of a payment service system. For example: the payment service system receives a payment selection from a customer system via a first data link; the payment service system receives payment information representative of the payment from a merchant system via a second data link; the payment service system solicits verification information from the customer system; the payment service system receives the verification information from the customer system wherein the verification information does not pass through a merchant system; the payment service system initiates processing of the payment based on the payment and verification information; and the payment service system directs the customer system to establish communication with the merchant system. [0012] In one embodiment, the present invention is a method for processing a payment comprising the steps of: receiving a payment selection from a customer system via a first data link and directing the customer system to establish communication with a payment service system via a second data link without passing through a merchant system. In one aspect, payment information, such as payment amount, transaction type, merchant name and account information! etc, may be transmitted to the payment service system after the customer system is connected to the payment service system. The method may be implemented to process a payment between a merchant system and a customer system with assistance of a payment service system. For example: the merchant system receives a payment selection from a customer system via a first data link; the merchant system directs the customer system to establish communication with the payment service system via a second data link;
wherein the customer system submits verification information to the payment service system without passing through the merchant system.
[0013] Another method according to the present invention for processing a payment, comprises: communicating with a customer system via a first data link; and presenting a payment selection to the customer system. In response to selecting the payment selection, the customer system is directed to establish communication with a payment service system via a second data link without passing through a merchant system. In one aspect, the merchant system, in response to the customer system selecting the payment selection, issues a control signal to direct the customer system to connect to the payment service system. The control signal may be a Redirection Header, such as an HTTP server connection code 300, containing a URL corresponding to the payment service system. In another aspect, the method further comprises a step of providing a redirection command to the customer system. Upon selecting the payment selection, the customer system issues the redirection command, such as form post, that directs a web browser on the customer system to connect to the payment service system. [0014] After being connected to the payment service system, the customer submits verification information, such as charge amount, credit card numbers, cardholders' names, and expiration dates, to the payment service system. Since the verification information does not pass through the merchant system, the merchant system does not retain sensitive payment information.
[0015] In another aspect, the payment service system initiates a payment processing procedure based on the verification information submitted by the customer and/or the payment information submitted by the merchant system. The payment service system may submit information selected form the verification information to a payment processing system, which may in turn connect to bank servers or servers in credit card processing centers, to obtain an authorization on the charges.
[00 6] According to still another aspect, the payment service system presents to the customer a user interface that is identical or substantially similar to that presented to the customer by the merchant system so that the customers are not aware of leaving the merchant system.
[0017] Another method implemented according to the present invention for processing a payment, includes the steps of: receiving payment information representative of the payment, directing a customer system to establish communication with a payment service system, soliciting input of verification information from the customer system, initiating processing of the payment based on the payment information and the verification information, and directing the customer system to establish communication with a merchant system. The methods of the present invention may be implemented in any suitable conventional manner including, without limitation, via the use of an apparatus or computer communicating with a web server and another computer or web server.
[0018] Additional aspects, technical effects, embodiments and advantages of the present invention will be set forth, in part, in the description that follows, or may be learned from practicing or using the present invention. The advantages or technical effects may be realized and attained by computer-implemented means as exemplified by the features and combinations particularly pointed out throughout this description and the appended claims.
It is to be understood that the foregoing general description and the following detailed description and drawings are exemplary and explanatory only and are not to be viewed as being restrictive of the invention as claimed.
BRIEF DESCRIPTION OF THE DRAWINGS [0019] The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate embodiments of the present invention and, together with the description, serve to exemplify the principles of the present invention.
FIG. 1 depicts a computer system that can be used to implement an embodiment of the present invention.
FIG. 2 shows a schematic block diagram illustrating the architecture of a network- based payment processing system in accordance with one embodiment of the present invention.
FIG. 3 is a flow chart showing a payment processing procedure implemented according to the present invention.
FIG. 4a illustrates a user interface used during a customer visiting the merchant's web site.
FIG. 4b shows a user interface used by the payment service system to solicit the customer to input credit card information.
DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS [0020] The present invention solves the above-described and other technical problems by providing a method, apparatus, and software. An exemplary network-based payment processing system is described. In the following description, for the purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the present invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced without these specific details. In other instances, well-known structures and devices are shown in block diagram form in order to avoid unnecessarily obscuring the present invention.
HARDWARE OVERVIEW
[0021] FIG. 1 is a block diagram that illustrates a computer system 100 upon which an embodiment of the invention may be implemented. Computer system 100 includes a bus 102 or other communication mechanism for communicating information, and a processor 104 coupled with bus 102 for processing information. Computer system 100 also includes a main memory 106, such as a random access memory (RAM) or other dynamic storage device, coupled to bus 102 for storing information and instructions to be executed by processor 104. Main memory 106 also may be used for storing temporary variables or other intermediate information during execution of instructions to be executed by processor 104. Computer system 100 further includes a read only memory (ROM) 108 or other static storage device coupled to bus 102 for storing static information and instructions for processor 104. A storage device 110, such as a magnetic disk or optical disk, is provided and coupled to bus 102 for storing information and instructions.
[0022] Computer system 100 may be coupled via bus 102 to a display 112, such as a cathode ray tube (CRT), for displaying information to a computer user. An input device 114, including alphanumeric and other keys, is coupled to bus 102 for communicating information and command selections to processor 104. Another type of user input device is cursor control 116, such as a mouse, a trackball, or cursor direction keys for communicating direction information and command selections to processor 104 and for controlling cursor movement on display 112. This input device typically has two degrees of freedom in two axes, a first axis (e.g., x) and a second axis (e.g., y), that allows the device to specify positions in a plane.
[0023] The invention is related to the use of computer system 100 for network- based secured payment processing. According to one embodiment of the invention, access to a remote computer or server and communication therebetween is provided by computer system 100 in response to processor 104 executing one or more sequences of one or more instructions contained in main memory 106. Such instructions may be read into main memory 106 from another machine-readable medium, such as storage device 110. Execution of the sequences of instructions contained in main memory 106 causes processor 104 to perform the process steps described herein. One or more processors in a multiprocessing arrangement may also be employed to execute the sequences of instructions contained in main memory 106. In alternative embodiments, hard-wired circuitry may be used in place of or in combination with software instructions to implement the invention. Thus, embodiments of the invention are not limited to any specific combination of hardware circuitry and software.
[0024] The term "machine-readable medium" as used herein refers to any medium that participates in providing instructions to processor 104 for execution. Such a medium may take many forms, including but not limited to, non-volatile media, volatile media, and transmission media. Non-volatile media include, for example, optical or magnetic disks, such as storage device 110. Volatile media include dynamic memory, such as main memory 106. Transmission media include coaxial cables, copper wire and fiber optics, including the wires that comprise bus 102. Transmission media can also take the form of acoustic or light waves, such as those generated during radio frequency (RF) and infrared (IR) data communications. Common forms of machine-readable media include, for example, a floppy disk, a flexible disk, hard disk, magnetic tape, any other magnetic medium, a CD-ROM, DVD, any other optical medium, punch cards, paper tape, any other physical medium with patterns of holes, a RAM, a PROM, and EPROM, a FLASH-EPROM, any other memory chip or cartridge, a carrier wave as described hereinafter, or any other medium from which a computer can read.
[0025] Various forms of machine readable media may be involved in carrying one or more sequences of one or more instructions to processor 104 for execution. For example, the instructions may initially be borne on a magnetic disk of a remote computer. The remote computer can load the instructions into its dynamic memory and send the instructions over a telephone line using a modem. A modem local to computer system 100 can receive the data on the telephone line and use an infrared transmitter to convert the data to an infrared signal. An infrared detector coupled to bus 102 can receive the data carried in the infrared signal and place the data on bus 102. Bus 102 carries the data to main memory 106, from which processor 104 retrieves and executes the instructions. The instructions received by main memory 106 may optionally be stored on storage device 110 either before or after execution by processor 104.
[0026] Computer system 100 also includes a communication interface 118 coupled to bus 102. Communication interface 118 provides a two-way data communication coupling to a network link 120 that is connected to a local network 122. For example, communication interface 118 may be an integrated services digital network (ISDN) card or a modem to provide a data communication connection to a corresponding type of telephone line. As another example, communication interface 118 may be a local area network (LAN) card to provide a data communication connection to a compatible LAN. Wireless links may also be implemented. In any such implementation, communication interface 118 sends and receives electrical, electromagnetic or optical signals that carry digital data streams representing various types of information. [0027] Network link 120 typically provides data communication through one or more networks to other data devices. For example, network link 120 may provide a connection through local network 122 to a host computer 124 or to data equipment operated by an Internet Service Provider (ISP) 126. ISP 126 in turn provides data communication services through the worldwide packet data communication network, now commonly referred to as the "Internet" 128. Local network 122 and Internet 128 both use electrical, electromagnetic or optical signals that carry digital data streams. The signals through the various networks and the signals on network link 120 and through communication interface 118, which carry the digital data to and from computer system 100, are exemplary forms of carrier waves transporting the information.
[0028] Computer system 100 can send messages and receive data, including program code, through the network(s), network link 120, and communication interface 118. In the Internet example, a server 130 might transmit a requested code for an application program through Internet 128, ISP 126, local network 122 and communication interface 118. The received code may be executed by processor 104 as it is received, and/or stored in storage device 110, or other non-volatile storage for later execution.
PAYMENT PROCESSING
[0029] Fig. 2 shows a schematic block diagram illustrating the architecture of the payment processing system in accordance with an embodiment of the present invention. A customer uses a customer system 202 to establish a data link 212 to communicate with other data processing systems, such as merchant system 204 on which the merchant's webpage is located. Merchant system 204, customer system 202, payment service system 206, and payment processing system 208 may be computer systems as described in FIG. 1 and are capable of communicating with other data processing systems via data links 212, 214, 216 and 218, such as the Internet or wireless transmission.
[0030] The computer systems may communicate with other systems by using a lower level protocol called TCP/IP (Transmission Control Protocol/Internet Protocol). TCP/IP allows communication between interconnected networks or computers having diverse hardware architectures and various operating systems. On an application level, the computer systems may use Hypertext Transfer Protocol (HTTP) to conduct data transfer between systems on the World Wide Web (WWW). HTTP data transfers are encrypted using the Secure Sockets Layer (SSL) mechanism present in the WWW system servers. A server is a data processing system equipped with software capable of handling HTTP requests and decoding SSL Encrypted HTTP requests, such as a request from a Web browser. [0031] The merchant's web site may be created by using Hypertext Markup
Language (HTML). HTML is a formatting language used for documents on the WWW. The customer may use a Web browser, such as Internet Explorer or Netscape, to retrieve documents from a Web server, interpret HTML commands, and display documents. [0032] FIG. 3 is a flow chart showing a payment processing procedure using network-based architecture depicted in FIG. 2. In steps 301 and 303, the customer browses the merchant's website and makes transactions thereon. After the customer finishes her shopping, including collecting items for purchase, a "check out" button is clicked to initiate a checkout procedure. The customer is then presented with a user interface asking the customer to fill personal information, such as name, billing address, shipping address, telephone number, e-mail, and payment preference (Step 305).
[0033] After the customer indicates her preference to pay with a credit card, such as by clicking on a "pay by credit card" button on the merchant's web page, customer system 202 is directed to establish a data link 214 to communicate with payment service system 206 (Step 307). A redirection command is embedded in the button. By clicking the "pay by credit card" button on the merchant's web page, the customer in effect submits the redirection command, such as a command including a URL (Universal Resource Locator) corresponding to the location of payment service system 206, to the customer's web browser, which controls the customer system to connect to the payment service system 206. In another embodiment for redirection, the customer system, by clicking the "pay by credit card" button, sends an indication signal to the merchant system. In response to the indication signal, the merchant system issues a control signal to direct the customer system to connect to the payment service system. The control signal may be a Redirection Header, such as an HTTP server connection code 300 containing a URL corresponding to the payment service system. The control signal in effect controls the web browser to initiate connection to the web site having the URL. In response, customer system 202 establishes communication with payment service system 206. [0034] After connecting to the payment service system, the customer initiates submission of the transaction information related to the transaction, such as merchant identifier, transaction identifier, total amount, customer's name, transaction number, etc., to payment service system 206. According to one embodiment, the merchant's web page may use a form containing hidden fields for submitting the information. For purpose of security, payment service system 206 may initiate communication with merchant system 204 via data link 216 to validate the transaction based on the received transaction information (Step 309). This validation occurs as a server-to-server query via an HTTP POST from payment service system 206 to merchant system 204. Merchant system 204 may need to have a securely accessible script that can be accessed by payment service system 206, and that can receive a request and return an output used to validate the transaction. For example, payment service system 206 may post two variables, remittancejd and securityjd, to a script at merchant system 204. Merchant system 204 should return a pre-determined output that would be read by payment service system 206 to determine whether the transaction information was sent by merchant system 204 or by a possible malicious user.
[0035] In Step 311 , customer system 202 has established communication with payment service system 206 and is presented with a user interface to solicit input of verification information necessary for authorizing the payment, such as credit card numbers, expiration dates, cardholders' names, or other information required by banks or credit card associations. After payment service system 206 obtains the verification information from the customer, payment service system 206 initiates a payment processing procedure with a payment processing system 208. Payment service system 206 communicates with payment processing system 208 and submits information related to the transaction to payment processing system 208. [0036] Payment processing system 208 is capable of communicating with bank servers via bank or credit card association networks based on the information provided by payment service system 206. If the payment is made by credit card, payment processing system 208 establishes a communication link with the bank or card association networks, which in turn typically communicate with the server of the bank that issues the credit card, and initiates a payment authorization procedure. Payment processing system 208 sends payment information related to the payments, such as credit card numbers, payment amount, transaction date, merchant account, etc. After the issuing bank validates the information of the credit card and authorizes or rejects the payment amount, the issuing bank and/or credit card association network issues a processing result including an authorization number or a rejection code to payment processing system 208. The processing result is in turn passed to payment service system 206 (Step 315). According to one embodiment, the functions performed by payment processing system 208 may be included into payment service system 206.
[0037] Upon receipt of the processing result, payment service system 206 initiates an encrypted server-to-server HTTPS POST to a secured script at merchant system 204 with regard to the processing result (Step 317). The POST may contain the transaction information, such as unique record identifier, status code, AVS response code and the authorization number or rejection code number. In one embodiment, merchant system 204, however, is not provided with full credit card information used by the customer so that no sensitive credit card information is retained on merchant system 204. Thereby, the risk of credit card information leakage from the merchant's system is reduced. [0038] After the payment has been processed, customer system 202 may be directed back to merchant system 204. The payment service system 206 may issue a redirection command to direct the customer back to the merchant system 204. A redirection command may be a Redirection Header, such as an HTTP server connection code 300 containing a URL corresponding to the payment service system. The Redirection Header in effect controls the web browser to initiate connection to the web site having the URL. In response, customer system 202 again establishes communication with merchant system 204 after the payment processing is finished.
[0039] During the payment processing procedure, the credit card information is sent directly from the customer system to an independent payment service system without passing through the merchant system or other systems controlled by the merchant. Hence, the merchant system does not retain any information related to customers' credit cards or debit cards. Therefore, the risk of sensitive information leakage from the merchant system is reduced to the lowest level.
PAYMENT SETTLEMENT
[0040] According to one embodiment of the present invention, payment service system 206 keeps records of payment processed for each merchant system. At the end of each day, payment service system 206 sends a list of all authorized payments to be settled to payment processing system 208, which forwards the information to the acquiring bank of the merchant. The acquiring bank sends the information to be settled to the credit card, such as Visa, MasterCard, or American Express, association network and system, which debit the corresponding bank accounts. The acquiring bank then transfers the money to the merchant's account in the acquiring bank.
USER INTERFACE
[0041] When customer system establishes communication with payment service system 206, payment service system 206 uses a user interface that has consistent or substantially similar look and feel as the user interface presented to the customer when customer system 202 is in communication with merchant system 204. Fig. 4a shows a user interface used during the customer visiting the merchant's web site. Fig. 4b shows a user interface used by payment service system 206 to solicit the customer to input credit card information. Since the user interfaces look consistent, customers are not likely to know that they have left the merchant system and that the credit card information is being processed by another server.
DATA ACCESS [0042] Payment service system 206 maintains a database for each payment processed for merchant system 204. The database may contain information including unique transaction numbers identifying each payment, transaction time, customer information, items purchased, etc. Merchant system 204 may gain access to the database by establishing data link 216 to connect to payment service system 206. For security purpose, payment service system 206 may initiate an encrypted server-to-server HTTPS
POST to a secured script at merchant system 204. Merchant system 204 may need to have a securely accessible script that can be accessed by payment service system 206, and that can receive a request and return an output used to validate the transaction. The operator from merchant system 204 may be required to provide personal information and password in order to access transaction information.
[0043] The merchant can access the database and perform data maintenance, issue account credits and generate reports. The merchant system, however, will not have full access to the credit card information used during the transactions so that no sensitive credit card information will enter merchant's system. Therefore, risk of legal liability is reduced.
[0044] Those skilled in the art will recognize, or be able to ascertain using no more than routine experimentation, many equivalents to the specific embodiments of the invention specifically described herein. Such equivalents are intended to be encompassed in the scope of the following claims.

Claims

WHAT IS CLAIMED IS
1. A method for processing a payment, comprising: communicating with a customer system via a data link ; receiving payment information representative of the payment; soliciting verification information from the customer system; receiving the verification information from the customer system, wherein the verification information does not pass through a merchant system; and initiating processing of the payment based on the payment information and the verification information.
2. The method of claim 1 , further comprising a step of presenting a user interface to the customer system that is substantially similar to a user interface presented by the merchant system to the customer system.
3. The method of claim 1 , further comprising a step of sending processing information representative of a processing result to the merchant system.
4. The method of claim 3, wherein the processing information includes an authorization number and/or a response code representing a payment processing status, and/or a unique identifier for the payment.
5. The method of claim 1 , wherein the verification information includes information for a credit card.
6. The method of claim 5, further comprising a step of sending processing information representative of a processing result to the merchant system.
7. The method of claim 6, the processing information includes an authorization number and part of the credit card number and/or a unique identifier.
8. The method of claim 1 , further comprising a step of exchanging information between the merchant system and the payment service system, whereby the payment information is validated.
9. The method of claim 5, wherein the step of initiating processing of the payment includes the steps of: initiating a credit card charge authorization process with a payment processing server; transmitting information selected from the payment information and the verification information to the payment processing server; and obtaining a payment processing result from the payment processing server.
10. A machine-readable medium bearing instructions for processing a payment, the instructions being arranged to cause a data processing system upon execution thereby to perform a method comprising the steps of: communicating with a customer system via a data link ; receiving payment information representative of the payment; soliciting verification information from the customer system, receiving verification information from the customer system, wherein the verification information does not pass through a merchant system; and initiating processing of the payment based on the payment information and the verification information.
11. The machine-readable medium of claim 10, wherein the instructions further causes the payment service system to perform a step of presenting a user interface to the customer system that is substantially similar to a user interface presented by the merchant system to the customer system.
12. An apparatus for processing a payment over a data transmission network, comprising: a processor for processing data; a memory; a data storage device for storing data; an input device for inputting data; a communication interface for coupling to the data transmission network and transmitting data therefrom; and a bus coupling to the input device, the memory, the data storage device, the communication interface, and the processor; the data storage device bearing instructions to cause the apparatus upon execution of the instructions by the processor to perform the steps of: communicating with a customer system via the data transmission network; receiving payment information representative of the payment from the communication interface; soliciting verification information from the customer system; receiving the verification information sent from the customer system via the communication interface, wherein the verification information does not pass through a merchant system; and initiating processing of the payment based on the payment information and the verification information.
13. The system of claim 12, wherein the data storage device further bears instructions for controlling the processor to perform the step of presenting a user interface to the customer system that is substantially similar to a user interface presented by the merchant system to the customer system.
14. A method for processing a payment, comprising: communicating with a customer system via a first data link; presenting a payment selection to the customer system; and providing a redirection command to the customer system; wherein the customer system, in response to selecting the payment selection, establishes communication with a payment service system based on the redirection command via a second data link and submits verification information to the payment service system without passing through a merchant system.
15. The method of claim 14, wherein a customer submits verification information to the payment service system from the customer system via the second data link.
16. The method of claim 15, wherein the payment service system initiates processing of the payment based on the verification information submitted by the customer.
17. The method of claim 16, further comprising a step of directing the customer system to communicate with a merchant system after the customer has submitted the verification information to the payment service system.
18. The method of claim 16, wherein the payment service system initiates processing of the payment by performing the steps of: initiating a payment authorization process with a payment processing system; transmitting information selected from the verification information to the payment processing system; and obtaining a payment processing result from the payment processing system.
19. The method of claim 18, wherein the verification information includes a credit card number.
20. The method of claim 19, further comprising a step of receiving processing information representative of a processing result from the payment service system.
21. The method of claim 20, wherein the processing information comprises an authorization number and/or a response code representing a payment processing status, and/or a unique identifier for the payment.
22. The method of claim 14, wherein the payment service system presents to the customer system a user interface substantially similar to a user interface presented to the customer system by the merchant system.
23. A method for processing a payment, comprising: communicating with a customer system via a first data link without passing through a merchant system; receiving payment information representative of the payment from the customer system; establishing communication with a merchant system via a second data link; verifying the payment based on the payment information with the merchant system via the second data link; soliciting verification information from the customer system; receiving the verification information from the customer system without passing through the merchant system; and initiating processing of the payment based on the verification information.
24. A machine-readable medium bearing instructions for processing a payment, the instructions being arranged to cause a data processing system upon execution thereby to perform the steps of: communicating with a customer system via a first data link; presenting a payment selection to the customer system; and providing a redirection command to the customer system; wherein in response to selecting the payment selection, the customer system establishes communication with a payment service system based on the redirection command via a second data link without, passing through the data processing system.
25, An apparatus for processing a payment over a data transmission network, comprising: a processor for processing data; a memory; a data storage device for storing data; an input device for inputting data; a communication interface for coupling to the data transmission network and transmitting data therefrom; and a bus coupling to the input device, the memory, the data storage device, the communication interface, and the processor; the data storage device bearing instructions to cause the apparatus upon execution of the instructions by the processor tp perform the steps of: communicating with a customer system via a data link; presenting a payment selection to the customer system; and providing a redirection command to the customer system; wherein in response to selecting the payment selection, the customer system establishes communication with a payment service system based on the redirection command via a second data link without passing through the apparatus.
26. A method for processing a payment, comprising: communicating with a customer system via a first data link; presenting a payment selection to the customer system; and directing the customer system to establish communication with a payment service system via a second data link without passing through a merchant system; wherein the customer system submits verification information to the payment service system without passing through a merchant system.
PCT/US2001/032416 2000-10-18 2001-10-18 Method and apparatus for secure payment processing WO2002033363A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2002214606A AU2002214606A1 (en) 2000-10-18 2001-10-18 Method and apparatus for secure payment processing

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US24132500P 2000-10-18 2000-10-18
US60/241,325 2000-10-18

Publications (2)

Publication Number Publication Date
WO2002033363A2 true WO2002033363A2 (en) 2002-04-25
WO2002033363A3 WO2002033363A3 (en) 2003-10-30

Family

ID=22910237

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/032416 WO2002033363A2 (en) 2000-10-18 2001-10-18 Method and apparatus for secure payment processing

Country Status (2)

Country Link
AU (1) AU2002214606A1 (en)
WO (1) WO2002033363A2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6748367B1 (en) 1999-09-24 2004-06-08 Joonho John Lee Method and system for effecting financial transactions over a public network without submission of sensitive information
EP3404601A1 (en) * 2010-01-19 2018-11-21 Visa International Service Association Token based transaction authentication

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0801479A1 (en) * 1995-12-29 1997-10-15 AT&T Corp. Data network security system and method
EP0813325A2 (en) * 1996-06-12 1997-12-17 AT&T Corp. A mechanism for enabling secure electronic transactions on the open internet
WO1998040809A2 (en) * 1997-03-13 1998-09-17 Cha! Technologies, Inc. Method and system for secure online transaction processing
EP0889620A2 (en) * 1997-07-03 1999-01-07 Oki Electric Industry Co., Ltd. Secure data communication method and system
FR2795265A1 (en) * 1999-06-18 2000-12-22 Jean Pierre Frouin Processing of a transaction between a merchant Internet site and a customer.
EP1107197A2 (en) * 1999-12-03 2001-06-13 Nec Corporation Electronic settlement system using separate communication channels for settlement between sales and payee terminals

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0801479A1 (en) * 1995-12-29 1997-10-15 AT&T Corp. Data network security system and method
EP0813325A2 (en) * 1996-06-12 1997-12-17 AT&T Corp. A mechanism for enabling secure electronic transactions on the open internet
WO1998040809A2 (en) * 1997-03-13 1998-09-17 Cha! Technologies, Inc. Method and system for secure online transaction processing
EP0889620A2 (en) * 1997-07-03 1999-01-07 Oki Electric Industry Co., Ltd. Secure data communication method and system
FR2795265A1 (en) * 1999-06-18 2000-12-22 Jean Pierre Frouin Processing of a transaction between a merchant Internet site and a customer.
EP1107197A2 (en) * 1999-12-03 2001-06-13 Nec Corporation Electronic settlement system using separate communication channels for settlement between sales and payee terminals

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6748367B1 (en) 1999-09-24 2004-06-08 Joonho John Lee Method and system for effecting financial transactions over a public network without submission of sensitive information
EP3404601A1 (en) * 2010-01-19 2018-11-21 Visa International Service Association Token based transaction authentication

Also Published As

Publication number Publication date
AU2002214606A1 (en) 2002-04-29
WO2002033363A3 (en) 2003-10-30

Similar Documents

Publication Publication Date Title
JP5455269B2 (en) Third-party payment processing system and method
US7194437B1 (en) Computer-based funds transfer system
KR101658684B1 (en) Payment system
JP5638046B2 (en) Method and system for authorizing purchases made on a computer network
US7689487B1 (en) Computer-assisted funds transfer system
US7877299B2 (en) Payment service capable of being invoked from merchant sites
US7664701B2 (en) Masking private billing data by assigning other billing data to use in commerce with businesses
CA2462398C (en) A secure on-line payment system
US20020016749A1 (en) Methods and systems for network based electronic purchasing system
EP1020824A2 (en) Technique for conducting secure transactions over a network
AU2002309199A1 (en) A secure on-line payment system
US20170243178A1 (en) Authentication data-enabled transfers
KR20010077123A (en) A package payment and delivery method using a common shopping cart in a computer network shopping
WO2002033363A2 (en) Method and apparatus for secure payment processing
KR20040091909A (en) Method of settling accounts using virtual ATM on internet
JP2002109419A (en) Means of settlement of electronic commerce on internet
IES83313Y1 (en) A secure on-line payment system
IE20020450U1 (en) A secure on-line payment system

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase in:

Ref country code: JP