1. Technical Field
This invention relates to authenticating buyers in online commerce transactions and, more particularly, to having a separate authentication service authenticate the buyer.
2. Background Art
As a result of the increasing popularity and acceptance of the Internet and other forms of networked communications, online commerce is big business. For example, the volume of consumer purchases, business to business commerce, and stock trading and other forms of investing which occur over the Internet and/or wireless networks is steadily increasing, as are other forms of online commerce. In addition, significant effort is being spent to develop alternate business models (such as auctions and group purchasing) and alternate forms of payment (such as ecash and Internet-authorized transfer of funds) in an attempt to take advantage of the unique characteristics of online commerce.
However, one of the drawbacks of online commerce is the difficulty of buyer authentication. For example, consider a case in which a consumer wishes to purchase an item using a credit card. If the buyer were doing this in the real world, the buyer would be required to supply his physical credit card (perhaps with a photo on it) and would have to sign the credit card slip with a signature matching the one on the credit card. These acts accomplish two important objectives. First, they establish with some confidence that the buyer is authorized to use the credit card. Second, they generate a record that makes it difficult for the buyer to later deny that he authorized the purchase. Both of these factors significantly reduce the risk of a fraudulent transaction.
In the online version of this transaction, the acts which correspond to supplying a physical credit card and signing the credit card slip either do not exist or, if they exist, are not as effective in reducing risk. For example, in many cases, the buyer is simply required to type in his credit card number and then click on a Make Purchase button. These two acts are more prone to fraud than their real world counterparts because the seller does not know if the person taking these actions is actually authorized to use the credit card. In other words, it is difficult for the seller to authenticate the buyer. Furthermore, even if the true credit card owner did authorize the transaction, the increased risk of fraud means that the resulting record is not as strong since the credit card owner could allege that an impostor authorized the transaction. This extra risk of fraud in the “card not present” situation results in higher interchange rates and fees for transactions processed over the Internet and other online commerce systems, and is perhaps the biggest single contributor to the cost basis for Internet commerce.
One of the reasons Internet and other online fraud has grown is that personal payment instrument information such as credit card numbers, checking account numbers, and related data has essentially become “public information” in the sense that this data is readily available. For example, a consumer gives his credit card number, expiration date, etc. in an unprotected format to each online merchant in each transaction. In addition, information such as name, address, social security number, etc. is also available from sources other than the card-holder. For example, searchable, web accessible telephone directories and other types of directories can contain much of this type of information. The repeated, unprotected disclosure of payment instrument information, together with the fact that much of this information is also available from other sources, increases the risk of fraudulent transactions. For example, hackers often need only to capture databases of credit card numbers and their associated name and address information in order to masquerade as the actual card-holder in many online transaction environments.
Conventionally, the buyer authentication problem has been addressed through the use of passwords, an approach commonly taken in Internet (web) commerce environments, where the buyer authenticates himself typically using a simple user name and password. As described previously, passwords have inherent weaknesses when used for this purpose and current implementations further aggravate these weaknesses. For example, consumers typically must register individually with each merchant using an on-line process. As a result, the merchant has a limited opportunity to verify the consumer's registration since the timing of the on-line registration often does not permit significant verification and, even if it did, the cost would be prohibitive since each merchant would have to bear the cost of his own verification. In addition, consumers often will use the same user name and password for multiple accounts. This increases the chance that the user name and password will be compromised and, if it is compromised, increases the potential damage suffered. Furthermore, since the user name and password typically are transferred to the merchant in plaintext, unscrupulous merchants may also use this information to compromise the consumer's other accounts. As a final example, many current authentication systems target authentication of the consumer's identity (e.g., proving that the user is actually John Doe), but authenticating someone's identity is not necessarily the same as verifying that someone is authorized to use a specific payment instrument.
The Secure Electronic Transactions (or SET) protocol was one attempt to address the buyer authentication problem in order to facilitate secure payment card transactions over the Internet. In SET, digital certificates were used to create a trust chain throughout the transaction. For example, the consumer would have a digital certificate which he presented to the merchant. The merchant would have a digital certificate which he presented to the consumer. Each would verify the other's digital certificate and the underlying chain of digital certificates in order to establish trustworthiness. However, this approach imposed considerable administrative and operational complexity on consumers, merchants, and the corresponding transaction processing infrastructure. For example, both buyers and merchants required specialized technology in order to participate in the protocol and would have to upgrade the technology each time new digital certificate technology was adopted. As a result, SET was not widely adopted.
Thus, there is a need for substantial buyer authentication in online commerce transactions. There is further a need for an approach to buyer authentication which is also flexible enough to easily adapt to varying levels of security for different applications and also to the adoption of new technologies. The approach preferably also does not impose significant burdens on or require extensive modification of the existing transaction processing infrastructure.