As used herein, the term computer includes any device or machine capable of accepting data, applying prescribed processes to the data, and supplying the results of the processes. By way of example, but not limitation, the term “computer” includes mainframe computers, servers, personal computers, laptops, personal digital assistants, portable phones, cell phones and calculators. The term “communications network” is also meant in a broad sense, and may include any suitable technology for information transmission, including electrical, electromagnetic and optical technologies. Such a communications network may link computers, e.g., a LAN or WAN. Although the invention is described with particular reference to an open network, such as the Internet, it may also be used in other networks, internets and intranets.
The Internet continues to increase in importance as a place for business, offering a wide variety of information and services to potential customers. However, as an open network, the Internet provides opportunities to legally and illegally collect and use vast amounts of information which people consider both private and personal; and increasing concerns about privacy, fraud and security online could inhibit the continued growth of business to consumer “electronic commerce.”
Currently, shopping, browsing and other information-sharing activities on the Internet expose users to unwanted collection of their private and personal information, from which their identities, activities, behaviors and preferences can be ascertained. Perhaps most alarming is the fact that a user's financial information (e.g., credit card numbers, debit account numbers, etc.) may be stolen from merchant databases. The specter of this type of thievery is perceived as a fundamental threat to personal freedoms and a potential impediment to the growth of e-commerce.
The present inventor's U.S. patent application Ser. No. 09/360,812, which is hereby incorporated by reference, discloses a system and method for anonymous Internet transactions. This private e-commerce system provides for private surfing, private payments, and private shipping. Users can shop at online web sites anonymously, select products for purchase, pay privately and securely, and ship the selected products to a location of their choice, without disclosing their personal and private information. In other cases, users may disclose their identity using a secure transaction system that prevents the disclosure of their real financial information (i.e., credit card account numbers). The means by which private payment mechanisms are provided may include a fraud reduction feature so that the financial information provided by a user for one purchase or transaction with one particular merchant cannot be reused for any other purchase or transaction even with the same merchant. This feature prevents the theft of the user's financial information and subsequent fraudulent use of that information by unauthorized third parties or thieves. For example, in the current state of e-commerce on the web, users who provide their real name, address, and credit card information when making a purchase at a web retailer site risk the loss of this private information due to theft from the web retailer databases. This problem can be solved by providing “single-use proxy financial information” from the user's bank or credit card company (that may be linked to a proxy identity in the case of a totally private transaction). Any attempt to reuse this “single-use proxy financial information” is foiled by the bank or credit card authorization process which rejects any such transaction.
Such single-use systems rely on the generation and use of unique transaction information provided to the user by his bank or credit card company, and the storage for future reference by the bank or credit card company of this information to ensure the information is used exactly once, for a single transaction executed by the user. This unique transaction information can be provided by a number of alternative means, and “communicated” to and by standard transacting and payment systems. For illustrative purposes the present invention is discussed in the context of credit card payment systems, but the principles discussed herein are equally applicable to other payment means (e.g., debit card payments, e-cash payments, etc.).
Single-use transaction information typically is a unique “proxy credit card number” generated when a user makes a transaction. In such an embodiment, a distinct number, linked to a real user account, is provided to the user for each transaction initiated. Such transactions are authorized by the issuing bank or credit card company, or the processor or acquirer who processes transactions on behalf of the bank or credit card issuer, when the transaction is submitted for authorization. In this case, the billing information associated with the financial transaction need not include the user's true billing address in order for the transaction to be properly authorized, as discussed below.
Alternatively, the proxy credit card number assigned to a user may be a fixed or static number (as if it were a typical credit card account with plastic and magnetic strips) that does not vary from transaction to transaction, but the bank or credit card issuer provides a distinct “single-use proxy billing address” for each transaction. A “proxy Address Verification String”, used for Address Verification System (AVS) processing in the normal course of authorizing credit card transactions may also be used. Indeed, other fields of information used in the normal course of payment authorization schemes can be used to provide one-time use information to prevent fraud, and/or provide a fully private payment mechanism.
Although these schemes are useful in providing secure, safe, convenient and private payment mechanisms for users of e-commerce systems over computer and communications networks, they create a difficult problem for a particular class of transactions. Some transactions between users and merchants, retailers or service providers (hereinafter collectively referred to as merchants) are executed directly once by the user, but are then “automatically resubmitted” at later times by the merchant. These recurrent consumer transactions or payments (collectively “recurrent transactions”) are performed on a routine basis by merchants and normally involve the submission of financial and personal information previously provided once by a user. This information is typically stored in merchant databases for future use. Examples of such transactions include monthly-billed service contracts and “split billing” among multiple fulfillment orders (in which a portion of the full transaction amount is billed piecemeal while portions of an order are available in inventory and are separately shipped). Since the very nature of a private payment scheme based upon “single-use proxy financial information” is to disallow the reuse of the proxy financial information first provided by the user's bank or credit card company, the second time a bank or credit card issuer receives and processes the single-use proxy financial information the transaction will be denied, payment will fail, and the service will be discontinued.
Therefore, it is desirable to provide both privacy and security in processing recurrent consumer transactions and to reduce or eliminate fraud stemming from the unauthorized use and re-use of proxy financial information.