1. Field of the Invention
This invention relates to a system and method of performing secure credit card purchases in connection with remote commercial transactions, wherein a credit card holder does not have to reveal their credit card number to a merchant or a mechanism controlled by the merchant in order to accomplish a purchase, and wherein the merchant is still assured of the necessary credit verifications and approvals prior to authorizing and/or completing a credit card transaction, thereby increasing overall security by minimizing any access to credit card numbers without having to substantially modify or deviate from existing, accepted credit card transaction practices.
2. Description of the Related Art
The utilization of credit and debit cards to conduct transactions is ever increasing. This is especially the case with remote or "mail-order" transactions wherein merchants desire to be assured of a payment prior to shipping a product. For example, recent years have seen a substantial increase in the popularity of televised shopping networks to further supplement the popularity of catalogue type sales. Moreover, the increasing use and popularity of distributed computer networks such as the internet has also contributed to the dramatic increase in the number of remote commercial transactions conducted every day.
One primary reason associated with the rapid growth of remote commercial transactions is the ability of a merchant to reach an almost limitless number of potential customers at a substantially insignificant cost and with little or no operating overhead since an actual store is not required. Additionally, such sales techniques permit customers to view the products and services in a greatly expanded marketplace, representing a great number of vendors, without extensive travel and without foregoing the privacy and convenience of their home or other predetermined computer site in some cases. Simply put, a telephone or like communication avenue is all that is needed to place the consumer in contact with the merchant and complete the transaction.
The vast increase in popularity of remote commercial transactions conducted over the telephone or internet is further facilitated by the relatively simple protocols and procedures necessary to conduct such transactions. In particular, in order to complete a valid transaction, a merchant need not physically see the customer or the credit card, but must merely accept and enter a customer's credit card account number and an expiration date thereof to obtain authorization. This same convenience, however, is the primary disadvantage and/or problem associated with conducting commerce in the manners set forth above. Specifically, there is a great reluctance on the part of the customer to transmit the credit card account information, including the credit card number, because of the proliferation of fraud, and a well recognized lack of security directed to the protection of such account information. Indeed, it has been established that security and privacy concerns are realistic due to the fact that credit card account data is easily readable or interceptable by unauthorized parties, and can be readily used for all types of remote transactions with minimal risk of being physically caught. In fact, unscrupulous individuals have many ways of gaining access to a consumer's legitimate remote transactions and thereby obtaining the credit card information. This information can be obtained from old credit card receipts or even from the unauthorized notation and use of the information by merchants or their employees after a legitimate transaction is made. Naturally, the latter is the most difficult to prevent utilizing known methods and systems unless a consumer is willing to completely forego the use of a credit card for purchases.
In the case of computerized remote transactions, as messages, including account data or other confidential information, move across the internet, they can easily pass through numerous computers, any one of which can be utilized to copy such confidential information or data, thereby leading to a further risk of potential fraud when conducting such transactions. Presently, some companies currently seek to address such security and privacy concerns by the employment of encryption programs and techniques. To this end there is an extensive facility associated with both public and private encryption schemes being deployed in order to guard the private or secured information being transmitted across the internet or like world wide networks. Unfortunately, however, even with such encryption techniques, the account information must usually still ultimately be transmitted to a third party who did not previously have access to that information previously. Even some more sophisticated systems which seek to interpose a separate computer or encryption entity between the consumer and the merchant so as to obtain authorization and forward it to the merchant, that information must still be made available to and/or transmitted to that third party, thereby leaving open an avenue for fraud or theft. Further, such encryption techniques, even if minimally effective for computerized remote transactions, are not truly useable for other conventional types of remote transactions, or even normal in person transactions.
Based on the above, there is an obvious need in the field of art associated with remote commercial transactions for a system and method of performing secure credit card purchases of goods and services which truly reduces the risk of potential fraud and theft by eliminating outside access to a consumer's private credit card information without requiring complex encryption equipment or significantly altering the ease and convenience of current transaction techniques. Further, such a system and method should also be effective for use in conventional, "in person" transactions as well, thereby providing an added measure of security and minimizing the hazards associated with the passing on of account information by unscrupulous merchants. Also, such a system should provide limits to potential loss or liability in a manner which does not impede the transaction.