With reference to FIG. 1, when making a payment to a merchant with the help of a bankcard 1000, the bankcard is swiped through a card reader 1002, which is connected to the merchant computer system 1004. The card reader reads the information from the card such as card number, expiration date, and customer name. The data read from the bankcard 1000 is copied into the merchant system 1004 and is combined with the items being purchased. A third party merchant processor 1010 is used to approve the total purchase amount by contacting an automated clearinghouse (ACH) 1014. The ACH receives authorization from the customer bank 1016 and returns an authorization code. After an authorization is obtained by the merchant system 1004 from the merchant processor 1010, it prints a customer receipt 1008 requiring customer signature. A paper or an electronic copy of the customer signature 1006 is retained by the merchant system while a copy is given to the customer 1008.
This system of payment presents many privacy and security risks to the customer 1020. To the customer, there is privacy risk because the merchant retains detailed data on the customer and the items being bought and when they were bought. These data may be shared with or sold to other parties. To the customer there is a security risk as the printed receipt 1008 contains some or all of the personal sensitive data, which the customer has to safeguard and to properly dispose of when not needed.
The merchant retains the customer sensitive data of name, card number and signature. This presents an additional security risk in that; computer hackers and thieves may steal it. Multiplicity of data records is kept with many merchants as a record is created with each merchant each time a payment transaction is conducted. Thus the customer sensitive data is stored with many merchants in many paper and database records. This significantly raises the probability of theft and hacking from the merchant paper and computer records. In FIG. 1, these privacy and security risks are shown as Privacy and Security Risk A
To the customer there is privacy risk as the customer bank 1016 is notified which merchant a customer of the bank purchased from and when and how much was spent on each purchase. A bank statement 1018 listing each purchase from a merchant is created and sent to the customer 1020. The bank 1016 may sell or use the information in statement 1018 for its own purpose. FIG. 2, an advertisement from, Wall Street Journal, Dec. 19, 2001, is an illustration of how the banks and merchants may be using the payment information. For example it shows that a bank customer bought ski lift tickets last week 1022, in addition to many other personal and private details 1024. In FIG. 1, these privacy and security risks are shown as Privacy and Security Risk B.
While some customers may not care that such data is kept in bank and merchant-owned computer systems, many people, based on published studies and stories, do care about the privacy and security of their personal data and the details of their purchasing habits.
There is yet another security risk to the customer, as he/she has to carry his/her bank card with him/her all the time and this is subject to theft and loss.
There are other forms of payment transactions that present similar privacy and security risks to the customer such as, between two parties via a check, as the checks are imprinted with customer name, address, bank account number and other information.
In light of the above, it is an objective of the present invention to have a payment system for the customer between a merchant and between private parties that has none of the privacy and security risks, as outlined above.