Transactional security over a network

Abstract

A system and method facilitates purchase transactions over a computer network, including the purchase of electronically storable items. The embodiments herein encrypt “customer information” in an encryption stream and cause the encryption stream to be transferred from the customer to a merchant in the purchase transaction. A verification entity receives the encryption stream which is sent by the merchant for identity verification and payment authorization. Then, the verification entity verifies the identifiers contained in the encryption stream and transfers an identity verification and payment authorization from the verification entity to the merchant. The encryption stream or unique transaction identifier can be added, by the merchant, to a purchased electronic item to create a personalized electronic item.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS [0001] This application is a continuation-in-part of presently pending U.S. application Ser. No. 10 / 970,051, entitled “METHOD AND APPARATUS TO PROVIDE SECURE PURCHASE TRANSACTION OVER A COMPUTER NETWORK, filed on Oct. 21, 2004, which is a continuation of U.S. patent application Ser. No. 09 / 726,304 filed on Dec. 1, 2000, which has issued as U.S. Pat. No. 6,839,692, which are both fully incorporated herein. [0002] This application also claims the priority of presently pending provisional application 60 / 890,230 entitled “ENCRYPTED INDIVIDUAL AGREEMENT IDENTIFIERS TO ACQUIRED MEDIA OR MEDIA CONTENT, filed on Feb. 16, 2007, which is fully incorporated herein by reference.BACKGROUND AND SUMMARY Field of the Invention [0003] The embodiments of the invention generally relate to securing eCommerce and similar transactional relationships, including the sales of goods and services, between parties over computer networks such as the Internet and to tracki...

AI Technical Summary

Benefits of technology

[0015] Securing the customer's information before it is exposed to a network environment allows the customer to retain control and expand the use of his / her credit facility online. This is a paramount difference between the present invention and conventional e-commerce payment systems.

[0049] In another embodiment, as one process of further verifying that the merchant is dealing with no one else other than the customer, at the approximate time of transfer of the encryption stream to the merchant, but before the actual transfer of the encryption stream to the merchant (as part of the process of transferring the encryption stream) the method can incorporate, into the encryption stream, a second set of computer hardware identifiers and a time and date stamp from the computerized device making the actual transfer of the encryption stream. Thus, if an unscrupulous person were able to obtain an improper copy of the encryption stream, and was using the improper copy of the encryption stream on a computer (other than one of the customer's computers that are registered with the verification entity) possibly together with the necessary credit issuer supplied encryption stream creation and transfer software, the second hardware identifiers that are readjust prior to the transfer of the encryption stream would not match the hardware identifiers in the encryption stream and the transaction would not be approved by the verification entity. Similarly, the time and date stamp could be used to make the encryption stream that is supplied to the merchant only valid for a limited time period (e.g., minutes, hours, days, etc.). Such processes further enhance the “customer presence” verification process performed by the verification entity to provide additional assurances to the vendor that they are actually dealing with the customer and not someone other than the actual customer. In addition to verifying the customer's presence and agreement to terms whenever the customer uses the encryption steam / signature, the embodiments herein permit the credit issuer to disallow a specific vendor into the program, where vendor fraud is, or has been, an issue. This further serves to protect the customer, as well as reputable vendors.

Problems solved by technology

As the Internet continues to evolve, more and more of this media content is being downloaded and shared, creating another layer of complexity and another area of concern.

Similarly, content sensitive websites, such as those related to the adult industry and, until recently, the gaming industry, both gained in popularity and have become a bane to regulation because of the nature of the Internet and its lack of a single jurisdiction and enforceable standards.

Efforts have been launched—expensive and complex efforts—to impose self-regulation and prosecution; however, protecting minors and regulating commerce over what is arguably an international jurisdiction has proven difficult at best.

The compound problem is how to regulate a structure that does not have a conventional “place of business” without violating the rights of the individuals and of the groups who, depending upon the jurisdictions in which they reside, may have varying degrees of privacy rights and legal protections that must be balanced against any effort to regulate virtual-jurisdiction and commerce over the Internet.

All of these things represent a real problem for the eCommerce merchant who seeks compensation for what they offer because that merchant assumes the risk for a transaction, not the issuing bank, where there is no signed receipt—“no signature present.” The result from this is millions of dollars of fraud, repudiation, and chargebacks of transactions, which raise the costs and risks for all.

Further, the personalized electronic item could be made non-functional (so that the personalized electronic item cannot be opened, or cannot be played, etc.) if the encryption stream or transaction identifier, in part or in whole, is ever removed.

Thus, if an unscrupulous person were able to obtain an improper copy of the encryption stream, and was using the improper copy of the encryption stream on a computer (other than one of the customer's computers that are registered with the verification entity) possibly together with the necessary credit issuer supplied encryption stream creation and transfer software, the second hardware identifiers that are readjust prior to the transfer of the encryption stream would not match the hardware identifiers in the encryption stream and the transaction would not be approved by the verification entity.

Thus, if that identifier does not match the identifier in a hypothecated encryption stream, the transaction will not be approved.

Images