The approaches described in this section could be pursued, but are not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated herein, the approaches described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section.
Electronic and online transactions are a popular means of commerce. For example, in retail and business-to-business transactions, the use of credit, debit and bank cards to facilitate the exchange of value for goods and/or services is quite common. All uses of credit, debit and bank cards can be considered electronic transactions, for they almost always entail the electronic transmission of information from one place to another.
For example, in the context of a “brick and mortar” point of purchase, a magnetic strip on a card is swiped through an electronic card reader to read information about the customer, or card holder. This information, along with transaction-specific and merchant information, is transmitted electronically to a destination, such as an electronic transaction service provider or payment clearinghouse. In the context of online or Internet transactions, various information is submitted by a customer through a computer, which is then transmitted electronically to the merchant and/or to a third party service provider. In the context of business-to-business transactions, similar electronic exchanges of value for goods or services occur, albeit typically through means other than credit, debit and bank cards.
There are organizations that are in the business of providing third party services to facilitate electronic transactions. In this context, a third party means a party other than the merchant or customer. For example, some organizations provide various services in support of electronic transactions between merchants and customers, such as transaction authorization, payment crediting and billing services. Further, a more comprehensive electronic transaction service provider might provide numerous other services in support of and in processing of electronic transactions, such as fraud screening, tax calculation, export compliance checks, delivery address verification, Internet and/or electronic mail address verification, and the like.
One protocol used to exchange commercial transaction related information between a merchant and an electronic transaction service provider is the Simple Object Access Protocol (SOAP), an emerging standard message protocol. SOAP provides a mechanism for a program running in one operating system to communicate with a program running in the same or another operating system, by using the Hypertext Transfer Protocol (HTTP) and Extensible Markup Language (XML) as the mechanisms for information exchange. SOAP specifies how to encode an HTTP header and an XML file so that a program in one computer can call a program in another computer and pass it information, and how the called program can return a response.
In addition to containing transaction related information, a SOAP message from a merchant to a service provider may contain service related information. That is, a given SOAP message associated with a given transaction may specify services that are to be applied to the transaction. For example, a SOAP message might contain an identifier of a product or service, a credit card number, a delivery address, and identifiers of one or more services to be applied to the transaction associated with the message.
A merchant may purchase a software application or system that is installed on merchant-owned computer equipment, such as a server, and that provides electronic transaction services, or at least an interface to third party transaction services. In this context, the application is maintained and managed by the merchant, as are any interactions with service providers that provide the services used by the merchant and interfaced by the application. However, the cost of ownership, maintenance and management of such a system may be undesirable to some merchants.
Management of an application installed on a merchant-owned computer may include implementation of business rules, referred to primarily herein as strategies, for applying to the merchant's electronic transactions. For example, a merchant may create business rules or a workflow regarding the evaluation of risk or the screening for fraud with respect to its transactions, through creation of custom strategies. The custom strategies can be applied to an automated review and decision-making process with respect to the merchant's transactions. Comprehensive modifications to a service strategy may require a significant programming effort and are, therefore, undesirable or unfeasible to many merchants.
For example, CyberSource Risk Manager, a software solution offered by CyberSource Corporation, provides the ability to create custom business strategies in the context of an order decision and risk management application. Furthermore, the application provides for constructing and representing business rules graphically through an HTML-based interface. FIG. 7 is an illustration of a simple example of a graphical representation 700 of a business strategy, wherein an order is rejected if originating from a specific country, is reviewed if for over $500 or requested same-day shipping, and is otherwise accepted. Each decision block has an underlying condition or logic that can be evaluated to “True” or “False” by a decision server to arrive at a decision as to whether to accept, review or reject a given transaction according to the business rule embodied in the strategy.
In contrast to a merchant-owned application or system, a transaction service provider may offer, and a merchant may use, hosted electronic transaction services. In this context, the services are provided using computers or other equipment and software that are generally maintained and managed by the transaction service provider, with little or no cost of ownership, maintenance or management to the merchant. Therefore, and significantly, the merchant has little or no control over the manner in which the services are applied to the merchant's transactions. Thus, services are provided by the service provider to the merchant in the form of a fixed service strategy pursuant to an agreement. The service strategy includes a fixed, specified order in which services are provided. Any changes to the predetermined order in which services are performed, that is, to a service strategy, is pursuant to an additional or revised agreement.
Merchants can specify, in a SOAP message for example, the behavior of one or more services from a set of default services when processing a given transaction associated with the message. For example, merchants can affect behavioral “switches” or commands associated with transaction processing services, such as modifying a service output action based on results of a given service. However, merchants are limited to customization of service behavior and have no control over the flow or order of performance of the services offered by the host.
Based on the foregoing, there is a clear need for an improved mechanism for merchant-driven management of electronic transaction service suites based on merchant business rules. Further, there is a need for a mechanism to simply and remotely control or customize service strategies associated with a hosted electronic transaction service system.