1. Field of the Invention
The present invention relates to a system and method of processing payment authorization requests for payment transactions to be conducted via a data communications network on behalf of online merchants, and is particularly, but not exclusively, suited to the processing of orders placed by financial instrument holders.
2. Description of the Related Technology
Users are increasingly encouraged to purchase goods online, i.e. via the Internet and associated technologies. Generally speaking, existing online payment systems fall into one of three types of arrangements: in a first type of arrangement, an online merchant system collects payment details from a financial instrument holder, otherwise known as a buyer or cardholder, without the buyer dealing directly with any other entity that may be involved in the transaction, and the online merchant system sends the transaction details directly to their acquiring bank system. In a second type of arrangement, the online merchant system collects payment details from a buyer without the buyer dealing directly with any other entity that may be involved in the transaction, and the online merchant system sends the transaction details to an online merchant Internet Payment Service Provider (IPSP) which processes payment authorizations on behalf of the merchant. The merchant IPSP system subsequently transmits the details to the online merchant's acquiring bank system; the details may be transmitted directly to the acquiring bank or to a payment processor which acts on behalf of the acquiring bank. Examples of IPSP systems which provide support for this second type of arrangement include the Protx™ Veri-Secure Payment system (VSP).
In an arrangement of the first and second type, the online merchant system typically obtains payment card data, bank account information and/or other financial data from the buyer. The online merchant system then passes this information either directly, or via a merchant IPSP system, to an acquiring bank processing system. Each online merchant system is assigned an online merchant account identifier by an acquiring bank, and this account identifier is used to identify the online merchant to the acquiring bank when requesting authorization of a transaction.
FIG. 1 shows an example of conventional online payment systems according to arrangements of the second type, comprising a plurality of online merchant systems 1a, 1b, 1c. In this arrangement each of the online merchants is in operative association with an online merchant Internet Payment Service Provider (IPSP) system 3, which is a payment gateway selected and subscribed to by the online merchant for the purposes of conducting secure business on the Internet. While the figure shows each of the online merchant systems 1a . . . 1c being associated with the same merchant IPSP system 3, alternatively, and in fact often in practice, online merchant systems are linked to different merchant IPSP systems 3. Each merchant IPSP system 3 provides a system that passes payment card data, authorization requests, and authorization responses over the Internet using encryption technology. The transaction information is sent by the merchant IPSP system 3, via a data communications link, to the acquiring bank 5, and thence to the card scheme system 7 which intermediates with an issuing bank where the validity of the card is checked and the availability of funds on that account is verified. An authorization code is returned to the merchant IPSP system 3; the authorization is encrypted by the merchant IPSP system 3 and transmitted in encrypted form to the online merchant system 1a, which triggers fulfillment of the order.
A conventional end-to-end online transaction using an arrangement of the second type and involving the entities shown in FIG. 1 comprises the following steps:
An online merchant's system 1a website collects from a buyer one or more order selections. The buyer checks out, enters their payment details and places an order on the online merchant's system 1a website by pressing the ‘Submit Order’ or equivalent button on the merchant website's order transmission webpage. The buyer's web browser encrypts the information to be sent between the browser and the online merchant's web server. The online merchant then forwards the transaction details to their merchant IPSP system 3, typically via another encrypted connection to the payment server hosted by the merchant IPSP system 3. The merchant IPSP system 3 forwards the transaction information, including the online merchant's internet account identifier, to the processor used by the online merchant's acquiring bank system 5. The processor 5 forwards the transaction information to the payment scheme system 7 (e.g. Visa/MasterCard). The payment scheme system 7 routes the transaction to the correct card issuing bank system 9.
The payment card issuing bank system 9 receives the authorization request and sends a response back to the processor of the online merchant's acquiring bank system 5 with a response code. The processor of the online merchant's acquiring bank system 5 forwards the response to the merchant IPSP system 3. The merchant IPSP system 3 receives the response, and forwards it on to the online merchant's system where it is interpreted and a relevant response then relayed back, via the merchant to the buyer confirming that the transaction has been authorized. The merchant IPSP system 3, on behalf of the online merchant, submits all their approved authorizations to the online merchant's acquiring bank system 5 for settlement. The acquiring bank system 5 deposits the total of the approved funds minus any fees and charges in to the online merchant's nominated account. This could be an account with the acquiring bank if the online merchant does their banking with the same bank, or an account with another bank.
An advantage of using a payment gateway such as the merchant IPSP system shown in FIG. 1 is that the merchant IPSP system can provide one or more additional various transaction processing functions, for example settlement, handling of chargebacks, handling of refunds, and transaction reporting, on behalf of the online merchant. In the settlement procedure, the merchant IPSP system 3 submits all the online merchant's approved authorizations collected over a given period, in a “batch”, to the online merchant's acquiring bank system 5 for settlement. A chargeback is a reversal of a payment card transaction initiated by the buyer or the bank that issued the card used in the purchase. This differs from a refund, which is agreed to and initiated by the online merchant, via the merchant IPSP system 3. Transaction reporting involves providing an overview reporting function for accumulated transactions which have been authorized and optionally settled via the merchant IPSP system 3, so that a merchant can for example select a date range and see an overview relating to all transactions conducted within the selected date range. A merchant IPSP system 3 may provide an online merchant with a secure online website whereby to approve chargebacks, initiate refunds and/or view transaction reports as described.
However, in each of the first and second types of payment systems described above, a buyer is required to provide his or her payment information separately for transactions initiated with each different online merchant. Thus, for each new online merchant that a buyer interacts with, the risk of exposure, misappropriation and/or fraudulent use of the buyer's financial data increases.
In a third type of arrangement (not shown) the online merchant system redirects the buyer to an alternative payment system website with which the buyer interacts in order to complete the transaction. The alternative payment system interacts directly with the user who provides payment to the alternative payment system either directly from their bank account or via a mechanism such as a payment card. Where a payment card from a conventional payment scheme is used the alternative payment system performs the role of the merchant in the conventional payment system, submitting a payment demand through an acquiring system. Payment from the user is made to the alternative payment system. The alternative payment system is then responsible for any reimbursement of the merchant. In a second case, the alternative payment system can, in effect, behave as a conventional clearing house, funding a user's account within the alternative payment system from the user's actual issuing bank account by directly debiting their account. The alternative payment system subsequently ensures payment is sent to the merchant's issuing bank account, usually through a conventional clearing house. This merchant bank account may or may not be the same as their account held with their conventional acquiring system. Thus most of the time payment systems of the third type act as the intermediary to take actual funds from the user and pass them to the merchant, most usually via the consumer's and merchant's individual bank accounts, potentially holding on to those funds as they pass through accounts held by the payment system; an example of this third type of payment system includes the well known PayPal™ payment system. Such a payment system may also have the capability to operate as a conventional IPSP, for example by providing associated online payment handling services.
While this type of payment system relieves the need for the user to set up individual payment accounts on a per online merchant basis, the user has a relationship with the alternative payment system and not with the online merchant system; this gives rise to several notable disadvantages: firstly the online merchant neither receives payment directly from an acquiring bank nor can avail itself of a payment-scheme based guarantee of payment, because for these transactions there is no direct relationship between the merchant and a card payment scheme. Secondly, for transactions effected via card payment the buyer does not have visibility of the individual online merchant from whom the product was bought (instead the card statement identifies the alternative payment system entity). Thirdly, the buyer is not protected by the card scheme's rules and may not be protected by any applicable consumer protection, because the transaction is with the payment system, and not with the online merchant system.