1. Field of the Invention
This invention relates to a new type of financial entity referred to as a "cyber wallet." The cyber wallet consists of information and files which enable the holder to safely carry out transactions requiring electronic payment over an open communications network, as well as hardware necessary to carry out the transactions.
In describing the invention, the provider of services or goods will be referred to as a "merchant," and the provider of the wallet, which will typically be a credit card company, bank, or account servicer, will be referred to as the "servicer." In addition, it will be appreciated by those skilled in the art that the cyber wallet can be used for a variety of transactions, including both credit and debit type transactions, although for convenience the term "credit" will be used to describe all such transactions.
2. Description of Related Art
In a conventional point-of-sale credit transaction, the purchaser physically presents a credit card to a merchant who verifies the authentication information by comparing a signature on the card with the cardholder's signature, and reads the account number from the card so that it can be transmitted to the credit card servicer for authorization.
The level of security for the parties who have a stake in the transaction, i.e., the authorized owner of the card, the merchant, and the credit card company, depends on two factors: the ability of the merchant to authenticate the card by comparing signatures and recognizing a forgery, the ability and honesty of the merchant in protecting the account information necessary to carry out the transaction.
Much attention has recently been paid to the problem of card authentication. For example, secret codes or PIN numbers have been relatively widely implemented to prevent access to the information on the card unless the cardholder is an unauthorized user of the card. In addition, a variety of proposals have been made for further verifying the authenticity of the card to ensure that the card is not a forgery. For example, copending U.S. patent application Ser. No. 08/285,234, discloses a system which completely eliminates the risk of card forgery, and at the same time provides for verification of the identity of the cardholder using a PIN number system, virtually eliminating the risk that the card is a forgery and that the presenter of the card, disclosed as a chip card, is not an authorized user of the card. In this system, the card had stored thereon, together with the account information, a forgery proof digital signature generated using the private key of a private-public key cryptosystem, and which can be verified by anyone with a stake in the transaction using the public key of the cryptosystem.
On the other hand, much less attention has been paid to the problem of protecting the transaction facilitating information once the card has been authenticated, and in particular to the problem of misuse of the information by the merchant. Protection in this area has traditionally relied on the card owner's knowledge of the legitimacy of the merchant, which is reasonable when the card owner is at the point-of-sale and can rely on the merchant's investment and need to maintain a reputation. Protection is less likely when the card owner is not at the point-of-sale, however, and the transaction is being carried out by telephone, but at least the customer can rely on government regulation of telephone solicitors, and the investment necessary to maintain a phone bank and advertising. While fraud on the part of merchants, and of third party interceptors of the credit information has been a source of substantial losses to customers and credit card companies, the risk has generally been viewed as unavoidable and offset by the convenience of credit card transactions.
This balance between convenience and risk has now been substantially altered by the development of a new form of electronic communications, namely the Internet, in which the only investment necessary to set up as a merchant is a personal computer and an Internet account, in which the merchant and customers may be spread around the globe, and in which there is no effective regulation of the flow of information and who has access to the information.
Unless information access to the credit payment and verification is strictly controlled, and the user providing his credit card number in payment to a merchant can be reasonably certain that the merchant is legitimate and that no unauthorized users will have access to the payment information, remote purchases still carry unacceptably high risks from the point-of-view of the consumer and/or the company or bank which guarantees payments made using the card.
Despite these risks, there is a rapid trend towards increasing use carrying out transactions over the least controlled public network available, namely the Internet. In such transactions, the "merchant" is often nothing more than an electronic address, and it is impossible for anyone to ensure that whoever is receiving the payment information is legitimate. Thus, such remote electronic transactions carry significant risks for both the customer and the credit provider. The customer is faced with the problem of misuse of his or her account information, either by someone who has intercepted the information, or by a dishonest or compromised merchant, while the credit issuer is faced with the problem of verifying that a request for payment from a merchant is in response to a legitimate order.
The Internet was originally designed as a way of communicating research information, but recent advances in communications and computer technology has made access to the Internet available to a mass world-wide audience. To a merchant, the Internet is potentially not only a way of transmitting information, but also a way of bringing a global market to his or her doorstep. In practice, however, the lack of an effective way of securing transfers of funds has prevented optimal utilization of the Internet's potential as a global marketplace for goods and services as well as ideas.
In order to be useful, a system of electronic payments must provide not only protection of account information and authentication of all information having to do with the transaction, but also should be compatible with the existing infrastructure of credit card issuers, without the need for significant added hardware, and it should be exportable, i.e., in compliance with U.S. export restrictions on the export of mass encryption technology. Thus, conventional cryptographic systems alone cannot solve the problems of Internet commerce and unlikely ever to be implemented, because while key distribution systems are in theory possible in which only the purchaser and merchant have access to communications between them, such systems are complicated and relatively expensive due to the need for a secured third party key server at both ends of the transaction, because cryptographic technology cannot be freely distributed over the Internet due to export restrictions by the U.S. government, and because of the more fundamental problem that even if communications with a merchant are protected, there is no guarantee that the merchant will protect the information or even that the intended recipient of the information will not misuse it.
It is true that in any transaction, someone must be trusted. However, most consumers and merchants would agree that the party to be trusted is not the purported consumer or the merchant, but rather the credit card company (or bank), which can more easily be regulated by appropriate watchdog agencies, and which is the party that ultimately carries the risk of a fraudulent transaction.
The system disclosed herein builds upon the protection provided by the card authentication provisions disclosed in the above-cited copending application, which ensures that the token or card containing information on the purchaser's right to participate in the transaction, and provides a new way of protecting that conveying that information to the credit card servicer without significant risk of misuse by the merchant or any other party capable of intercepting the information after the card has been authenticated and the necessary information retrieved and it does so using well known public-private key cryptographic technology which fully protects the public interest in preventing the use of cryptography for criminal purposes.
Furthermore, the system described herein greatly expands upon the concept of the credit card itself, with the information provided to the customer by his credit card issuer or bank being contained in the form of a "cyber wallet," whose utility will become apparent to those skilled in the art based on the following description.