Online commerce is experiencing dramatic growth in recent years. More merchants are developing sites on the World Wide Web (or simply "WWW" or "Web") that consumers can access and order goods and/or services. It is fairly common for a consumer to browse a merchant's catalog, select a product, place an order for the product, and pay for the product all electronically over the Internet.
Typically, the consumer pays for the goods and/or services ordered over the Internet with a credit card. During the online transaction, the merchant sends an order form and requests the consumer to enter personal data (e.g., name, address, and telephone number) and credit card information (e.g., account number and expiration date). The consumer returns the completed order form containing the credit card information to the merchant over the Internet. The merchant verifies that the credit card number is valid and can be charged the payment amount. The card verification is usually conducted on a well-established card network, such as the VisaNet.RTM. network or the Veriphone.RTM. network.
One problem with this traditional online commerce model concerns the security of the credit card data as it travels over the Internet. The credit card information can be intercepted in route, copied into a database, and used to make unauthorized purchases. In an automated environment, an imposter can repeatedly use the stolen credit card data to conduct many online transactions before the consumer ever becomes aware that the credit card data has been stolen.
Another concern is that dishonest merchants may re-use or re-distribute an individual's credit card information.
It would be desirable to develop a new online commerce model that reduces or eliminates the incentive for stealing credit card data. Ideally, a secure online commerce model would render the credit card data hard to steal, and if stolen, worthless to the thief.
A further concern is that any new online commerce model should integrate well with existing proprietary card network systems. There are well-established systems that verify credit card purchases and subsequently settle accounts. These systems and associated protocols are entrenched in the merchant and banking communities and experience a high level of acceptance and trust. A new online commerce model should not usurp these systems, nor require merchants to change their existing practices to implement completely different systems and protocols.
The inventors have developed a card-based online commerce system that improves security and integrates with existing card verification and settlement systems.