There are many emerging trends in the communications world, including the increase in network technology and the proliferation of data networks. These trends have advanced the proliferation of e-commerce, i.e., commerce that occurs over an electronic network such as the Internet. E-commerce enables certain customers to purchase goods and services using an account number by contacting a merchant directly over the network. Common e-commerce scenarios include a person at home using a credit card to purchase a product from an on-line store over the Internet, and an employee of a corporation acting as a buyer/authorizer for acquiring resources using a company issued account number.
One difficulty commonly addressed in e-commerce transactions is that, because of potential theft or fraud, customers are reluctant to provide personal and/or confidential information over the network. One common response is to utilize secure network transmissions by using technologies such as Secure Sockets Layer (SSL) or Secure HyperText Transmission Protocol (HTTPS). However, this response is only a partial solution because many customers, although willing to provide some confidential information such as an account number, may still not be willing to provide other confidential information such as a Personal Identification Number (PIN) or other account code. One reason for such reluctance is because the customer would be extremely vulnerable if both the account number and PIN were stolen. As a result, PINs have not heretofore been successfully adopted and used in e-commerce transactions.
PIN and other account code authorization systems are used, however, in many face-to-face transactions, such as at a grocery store. Face-to-face transactions are inherently less susceptible to theft or fraud, making these account code authorization systems less necessary. E-commerce remains more susceptible to theft or fraud than most face-to-face transactions.
The reluctance of the customer to provide a PIN or other type of account code over a network also differentiates e-commerce from other non-face-to-face transactions, such as automated teller machines. With automated teller machines, PINs are typically required, along with a physical credit card, to access a specific account, thereby providing an additional element of security. Automated teller machines, in general, provide customers with sufficient security (actual or perceived) to overcome their reluctance to provide their PIN.
Another difference between e-commerce and face-to-face transactions is that a customer cannot physically “sign” a completed sales event. For example, in face-to-face transactions, a customer is typically given an authorization form such as a paper charge slip, with a final charge amount printed thereon. The customer then physically signs a name on the slip, thereby authorizing the transaction. However, equivalent “signing” procedures for e-commerce transactions are not currently generally available.
For these and other reasons, it is common that account issuers and/or conventional authorization and fraud detection systems will not guarantee payment for e-commerce transactions. As a result, the merchant is often left with the financial loss that occurs when an account number has been fraudulently used in the transaction. Furthermore, some customers are less likely to utilize e-commerce because of a perceived security inadequacy.
What is needed is a system and method that helps to prevent, reduce, and/or eliminate fraudulent acquisition of customer account information used for e-commerce transactions.
Furthermore, what is needed is a system and method that helps to authorize customer account information and prevent fraudulent use of customer account information.
Further still, what is needed is a system and method that allows the merchant to authorize an e-commerce transaction in a relatively simple manner.
Further, what is needed is a system and method that is relatively easy to implement by both the customer and the merchant, and that does not require an excessive amount of keystrokes or actions for any single transaction.