The use of telematics for the exchanges of goods and services between economic people tends to become widespread, and becomes the basis of a new economy because of the information backbone networks, and especially of the “Internet” network.
It is easy for anyone to reach, according to a shared protocol (HTTP), the information stored on all the servers spread over the world, designed according to a same standard (WWW), and linked together by a standard network (TCP/IP), with a client workstation equipped with an appropriate software (Internet browser).
With the Internet, any commercial company has the means to open a virtual shop that an Internet buyer can visit from anywhere on earth.
The easy access, and the “open” network, in the sense that the connections are not limited either by the number or by the characteristics of the connected client workstations, have been the key to the success of the “Internet”.
But this is a disadvantage when the confidentiality of data exchanged in the network or archived on the servers must be kept.
This is the case when the Internet buyer, after having ordered, has to pay his purchases.
The main solution suggested is to pay by credit card: the buyer has to enter online, in a form, the type and the number of the credit card, its expiry date, and the name of the holder.
If it is sent without precautions, this information could be intercepted by a third party and used to make other purchases. So the financial transaction is usually made with a secured protocol (HTTPS) which substitutes itself for the current standard (HTTP) and uses data encryption processes.
However, even if these processes require very complex mathematical techniques, insofar as the encrypted data can be intercepted, they risk to be decoded, in particular by malicious people acting in simultaneous and concerted manners.
The American patent U.S. Pat. No. 6,012,144 in the name of T. Pickett, published on Jan. 4, 2000, describes a solution to the problem of the confidentiality of the credit card numbers that circulate on the Internet and are stored on servers connected to this network, by transmitting the first part of the coded number on the TCP/IP network, the second part on the telephone network, and by archiving both parts in two different data bases. The SGBD is connected to the HTTP server with a dedicated data link which is not an IP link, and which therefore acts like a firewall.
In addition to the problem created by the possible interception of sensitive data, it is important that the proof of the buyer agreement should be given during the procedure of the payment with a credit card, and by that make sure of the holder's identity.
The system described in the patent U.S. Pat. No. 6,012,144 uses the telephone network to call, with a vocal server, the person who makes the transaction, in order to verify his identity automatically. The buyer has to dial a personal identification number (PIN), then he is guided by the vocal server to confirm or cancel his order by pressing the appropriate keys.
The method and the system described in the patent U.S. Pat. No. 6,012,144 solve the problem of the security of the transactions on the Internet in an original way, but the practical and economical advantages of the payment by credit card are very limited by the complexity of the system.
Another system of secured payments on the Internet is based on the existence of an intermediary who secures the payments by holding the sensitive data of the buyers and sellers so that they should not circulate on the Internet.
Such a system is described in the international patent WO99/66436, in the name of the company Protx, published on Dec. 23, 1999.
The sellers, the buyers, the financial establishments and an intermediary operator are all connected to the Internet. The data bases which store separately the information dedicated to the buyers and to the sellers are linked together by a private network. The sellers and buyers accede to the operator's private network with gates connected to the Internet, and give their transaction orders separately. The exchange and the gathering of confidential information are achieved with a private network, and therefore in a secured way, without any party to know all the details concerning the other. A gate as well links the banks directly to the operator's network for the financial transaction processing.
This kind of organization enables a secured relationship between sellers and buyers, but a closed one, and introduces an opposite logic to the Internet one which is fundamentally an open network: any web buyer can make purchases on any commercial website without any pre-established constraint.
The process to make secured transactions on the Internet, which is described in the American patent U.S. Pat. No. 6,088,683, in the name of R. Jalili, published on Jul. 11, 2000, avoids the problem of the obligation of the registering of the seller as well as the buyers by an operator using a system close to the one described in the patent U.S. Pat. No. 6,012,144, while simplifying it to make it more attractive.
The information about the buyer's credit card never circulates on the Internet and, therefore, are safe from a fraudulent misappropriation. As in the system explained in the patent U.S. Pat. No. 6,012,144, a process of call back of a pre-recorded number enables to authenticate the buyer.
If some sensitive financial information is not transmitted on the open network, it still needs to be archived on the service operator's website. This can be a risk, in spite of the firewall and the other security systems which could be installed by the operator.
It emerges from the state of the technology such as described above that payment systems by secured telematics are known, but that today no simple and economical system with all the secured guaranties exists yet.