The present invention relates generally systems and methods for conducting commercial transactions and, more particularly, to systems and methods for conducting commercial transactions of small monetary value without using cash.
The usage of hard physical currency remains the pervasive means for facilitating high volume transactions of small monetary value (i.e. microbilling). A secure cashless commercial transaction system enabled for widespread use in microbilling has been the goal of numerous developments in the prior art. The requirement that persons must carry change or small bills of currency in order to conduct day-to-day transactions (e.g. paying for the services provided by a vending machine) has been seen as a burdensome antiquated inconvenience that should be dispensed with through the use of modem technology. The reality has been that the shortcomings of the prior art, both technical and practical (as well as sociological), have rendered prior art microbilling schemes less than popular in the United States and elsewhere.
Current microbilling systems rely in essence on either (a) a strong identification of the party; (b) trustworthy tamper-resistant hardware; and/or (c) secure network facilities for on-line transactions.
For example, perhaps the most-commonly used alternative cashless transaction system used today is the traditional debit card system, which utilizes plastic cards contains cardholder and certifier information digitally encoded on a magnetic strip. The user must memorize and be able to key-in a personal identification number (PIN) at the time of the transaction for security purposes. The PIN is supposed to be a secret known only by the cardholder enabling the cardreader to presume the identity of the cardholder based on the ability of the person to demonstrate, through some relevant protocol, knowledge of the PIN or password. The current use of passwords and PINs for credentials is notoriously insecure, user-unfriendly, and generally inadequate for electronic commercial transactions. For example, PINs and passwords lack the persistence and auditable nature of a hand-written documentary signature and can only be verified at the time of use.
Modern cryptographic techniques have offered alternative systems based on the notion of digital signatures and certificates. An electronic document is xe2x80x9csignedxe2x80x9d by applying a cryptographic private key controlled by the signer to obtain a hash value called a digital signature: the signature can be verified using public information, i.e. a public key which is used to verify that the signerxe2x80x9ds secret key was utilized to sign the document. Digital certificates are electronic credentials signed byxe2x80x94and thereby authenticated byxe2x80x94a trusted certificate-issuing authority. Legislation has been proposed in numerous jurisdictions to give some form of legal effect to digital signatures, and digital signatures and certificates are used in various recent electronic-commerce schemesxe2x80x94each with its own disadvantages.
For example, Mastercard has proposed what is known as the Secure Electronic Transaction (or xe2x80x9cSETxe2x80x9d) standard specification which describes a relatively complex structure for making payments using digitally signed certificates within the current credit card payment support infrastructure. See xe2x80x9cSET Secure Electronic Transaction Specification,xe2x80x9d Version 1.0, May 31, 1997, setco.org. SET has an elaborate structure of signed certificates: the cardholder receives a certificate that functions as an electronic representation of a traditional credit card; the merchant receives a certificate that functions as an electronic substitute for the payment brand decal that traditionally appears in a store window; the issuer of the cardholder""s certificate is a financial institution that maintains the cardholder""s account and must have its own certificate; the merchant""s bank has its own certificate; payment gateway certificates are used for the systems that process authorization and capture messages; etc. The various certificates are used to support cryptographic keys that are used to provide credit card transaction messages with security properties such as privacy and authenticity. The SET scheme implicates a complex hierarchy of trust involved in the issuance and revocation of these certificatesxe2x80x94which in turn necessitates a complex certificate revocation infrastructure, on-line verification procedures, as well as a significant amount of computation on the parts of multiple parties to complete a single transaction.
Other proposals include systems that function as electronic analogues to paper checks and cash itself. The use of such systems requires complicated risk management techniques. Electronic checks are digitally signed by a payer and certified by the payer""s bank, like a written paper check. They use the same relatively expensive clearing system and clearing network used by paper checks, as well as incur the additional cost of administering certificate revocation lists which must be consulted by the payee. Electronic cash systems, on the other hand, represent cash as digital bearer certificates or by value registers in smart cards, and, accordingly, have multiple risks associated with their usage. Encapsulating information in a tamper-resistant smart card, e.g. mondex.com, or other secure container invites attempts to compromise the container. In the case of digital bearer certificates, e.g. digicash.com, measures must be employed in a network to ensure that each certificate, which can normally be copied freely, is spent precisely once.
The present invention provides a microbilling system that integrates with existing billing systems and existing devices, such as cellular telephones and personal digital assistants. In a preferred embodiment of the invention, the devices store digital certificates with short-lived expiration dates and specifying transaction limits, preferably using a trust management system. A provisioning agent periodically (e.g., once a day) issues the certificates over an advantageously secure channel to the devices. When conducting a purchase transaction, the devices exchange certificates via a communication channel (that need not be secure) and the purchasing device issues a digitally signed go electronic check which is periodically deposited over a secure channel with a clearing service. The invention permits a user to simply point an enhanced portable electronic device, such as a cell phone, at a vending machine and have purchases billed automatically to the user.
The present invention enables microbilling transactions by embedding liability in the certificates. Unlike prior art microbilling systems, the present invention advantageously can be conducted off-line without special tamper-resistant hardware or special personal identification protocols such as memorizing a PIN. These and other advantages of the invention will be apparent to those of ordinary skill in the art by reference to the following detailed description and the accompanying drawings.