1. Field of the Invention
The invention relates to the field of electronic commerce. More particularly, the invention relates to providing electronic wallets with graded levels of service and security according to wallet type.
2. Description of Related Art
A fundamental feature of current network technologies is the provision of network services to individual users by furnishing each user an account. Users then request services through their accounts by logging into a server using a client. In order to guarantee that the party attempting to gain access to an account is actually the rightful accountholder, access is controlled through an authentication process, in which the account holder is required to provide one or more pieces of information, known only to the account holder, before he or she is granted access to network services. Typically, authentication requires provision of a user ID and a password. While such a single level authentication scheme may be suitable for some purposes, for example, a low-risk transaction such as a relatively small purchase in an e-commerce environment, the ease with which passwords are compromised renders single-level authentication schemes unsuitable for more sensitive or higher-risk transactions such as large purchases or access to sensitive data. Increasingly, single-level authentication schemes are being supplemented or replaced by multi-level schemes that provide a hierarchy of authentications according to the level of security desired. D. Kanvesky, M. Yung, W. Zadrozny, Method and apparatus utilizing dynamic questioning to provide secure access control, U.S. Pat. No. 5,774,525 (Jun. 30, 1998) describe an apparatus having an authentication mechanism that uses questioning to provide secure access control. The number and/or type of questions generated may correspond to the security level of the system. Experian E-series online authentication white paper (Jul. 18, 2001) describes an authentication scheme based on a PIN (personal identification number) or password that includes a supporting authentication system using a single challenge-response prompt based on unique account information. The object of the challenge-response prompt is to expose unauthorized users and to provide greater security for transactions such as requesting a new PIN number or password.
As network technology evolves, it is becoming increasingly common for entities such as Internet service providers, online communities and portals to provide e-commerce networks to users and members wherein the entity provides centralized access to a large number of affiliated online merchants. Such e-commerce networks are advantageous to users, providing an enhanced online experience, and often allowing them to purchase goods and services at a significant discount. Affiliating with the e-commerce network provides the merchants with valuable marketing support, the user communities providing large pools of motivated, pre-qualified prospects. Finally, the e-commerce networks are beneficial to their sponsoring entities, allowing them to add value to their basic service and generating additional revenue streams. Frequently, such networks provide digital wallets, in which a user stores his or her billing information, such as billing address and credit card information. P. Hartmann, J. Bezos, S. Kaplan, J. Spiegel, Method and system for placing a purchase order via a communications network, U.S. Pat. No. 5,960,411 (Sep. 28, 1999) describe such a wallet, wherein billing information is automatically supplied from the wallet, eliminating the need for the user to enter billing information every time he or she makes a purchase from one of the affiliated merchants, a significant obstacle to purchasing. Conventionally, digital wallets have required two levels of authentication, for example a normal password plus a supplemental password, sometimes called a shopping password. The requirement of two passwords has posed an obstacle to widespread adoption of digital wallets. It has been difficult to get users to create both passwords, and it is also difficult for users to remember the two passwords.
J. French, J. Wilder, System and method for authentication of network users, U.S. Pat. No. 6,263,447 (Jul. 17, 2001) describes a network authentication system that presents a user with a hierarchy of queries that can be configured to require differing levels of input or award differing levels of authentication. When the authentication process has been satisfied, a digital certificate can be generated that records authentication levels and other information related to the user. The certificate can then be presented in future transactions to avoid the need to re-authenticate the user for each new transaction event. While the digital certificate eliminates the necessity of a user remembering a supplemental password, one of the major obstacles to wallet implementation remains—the necessity of creating more than one password in the first place. The system involves a lengthy preprocessing step wherein the user is asked to provide detailed personal information, a process that many users will avoid because they find it time-consuming and invasive. Furthermore, repeated transmission of a document, even an encrypted one such as a digital certificate, containing detailed personal information about the user poses a significant risk that certificate will be intercepted and the information will fall into the wrong hands.
It would therefore be a great advance to provide electronic wallets that offered greater ease of use, while providing graduated degrees of security appropriate to the user's needs, according to wallet type.