US20100235279A1 - Online transaction validation using a location object - Google Patents
Online transaction validation using a location object Download PDFInfo
- Publication number
- US20100235279A1 US20100235279A1 US12/162,297 US16229707A US2010235279A1 US 20100235279 A1 US20100235279 A1 US 20100235279A1 US 16229707 A US16229707 A US 16229707A US 2010235279 A1 US2010235279 A1 US 2010235279A1
- Authority
- US
- United States
- Prior art keywords
- transaction
- location
- user equipment
- end user
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/953—Querying, e.g. by the use of web search engines
- G06F16/9535—Search customisation based on user profiles and personalisation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/02—Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
- G06Q30/0241—Advertisements
- G06Q30/0251—Targeted advertisements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
- G06Q30/0241—Advertisements
- G06Q30/0251—Targeted advertisements
- G06Q30/0253—During e-commerce, i.e. online transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
- G06Q30/0241—Advertisements
- G06Q30/0251—Targeted advertisements
- G06Q30/0254—Targeted advertisements based on statistics
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
- G06Q30/0241—Advertisements
- G06Q30/0251—Targeted advertisements
- G06Q30/0255—Targeted advertisements based on user history
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
- G06Q30/0241—Advertisements
- G06Q30/0251—Targeted advertisements
- G06Q30/0264—Targeted advertisements based upon schedule
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
- G06Q30/0241—Advertisements
- G06Q30/0251—Targeted advertisements
- G06Q30/0269—Targeted advertisements based on user profile or attribute
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
- G06Q30/0241—Advertisements
- G06Q30/0277—Online advertisement
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/12—Accounting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0892—Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/30—Profiles
- H04L67/306—User profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/023—Services making use of location information using mutual or relative location information between multiple location based services [LBS] targets or of distance thresholds
Definitions
- the present invention relates generally to online transactions and, more particularly, to methods, apparatuses and computer-readable media for validating online transactions using an element of information referred to as a location object.
- Online transactions are now widely used to effect electronic commerce (e-commerce).
- One common type of online transaction involves an electronic payment by a first party to a second party, for example, to purchase goods or services.
- This electronic payment is typically effected by the first party entering payment card information at his/her computer.
- Information pertaining to the online transaction attempted to be made, including the entered payment card information is transmitted over a computer network (e.g., the Internet) and a financial network to different computers which process this information in order to approve or deny the online transaction.
- Approval or denial of the online transaction is communicated to the first party via his/her computer and, if approved, settlement of the online transaction takes place between the first party's card issuing bank and the second party's acquiring bank.
- Example security measures include data encryption, card security code (CSC) verification (where an individual attempting to make an online transaction using a payment card is asked to enter the payment card's CSC), and address verification systems (AVS—where an address entered by an individual attempting to make an online transaction using a payment card is compared to a billing address known to the payment card's issuing bank).
- CSC card security code
- AVS address verification systems
- the present invention seeks to provide a method, comprising: obtaining from end user equipment a location object caused to be stored on the end user equipment by a service provider; and validating an online transaction attempted using the end user equipment, based at least in part on the location object.
- the present invention seeks to provide a computer-readable medium storing a program element for execution by a computer.
- the program element comprises first program code for causing the computer to obtain from end user equipment a location object caused to be stored on the end user equipment by a service provider; and second program code for causing the computer to validate an online transaction attempted using the end user equipment, based at least in part on the location object.
- the present invention seeks to provide an apparatus, comprising: an interface for communication with end user equipment over a network; and a processing unit coupled to the interface.
- the processing unit is configured to: obtain from the end user equipment via the interface a location object caused to be stored on the end user equipment by a service provider; and validate an online transaction attempted using the end user equipment, based at least in part on the location object.
- the present invention seeks to provide an apparatus, which comprises means for obtaining from end user equipment a location object caused to be stored on the end user equipment by a service provider; and means for validating an online transaction attempted using the end user equipment based on the location object.
- the present invention seeks to provide a method for execution by end user equipment connected to a network.
- the method comprises storing in a memory a location object provided by a service provider; and sending the location object to a server over the network for validation of an online transaction attempted using the end user equipment.
- FIG. 1 shows an architecture allowing a user of end user equipment connected to a packet-switched network to access and interact with network sites of that network, for example, to make online transactions, in accordance with an embodiment of the present invention.
- FIG. 2 shows an example of potential contents of a database accessible to a transaction validation server of the architecture shown in FIG. 1 .
- FIG. 3A shows an example of message flow in the architecture of FIG. 1 , in the context of a transaction where a location object stored on end user equipment is provided to a server when specifically requested.
- FIG. 3B shows an example of message flow in the architecture of FIG. 1 , in the context of a transaction where a location object stored on end user equipment is provided at or prior to the time when the transaction is attempted.
- FIG. 4 shows an example of message flow that continues from FIGS. 3A and 3B , in the context of validation of the transaction based on the location object.
- FIG. 5 shows an example of message flow that continues from FIG. 4 , in the context of post-validation processing.
- FIG. 1 depicts an architecture allowing a user 10 of end user equipment 12 connected to a packet-switched network 14 (e.g., the Internet or a private network) to access and interact with network sites (e.g., web sites) of that network, in accordance with a non-limiting embodiment of the present invention.
- a packet-switched network 14 e.g., the Internet or a private network
- network sites e.g., web sites
- the end user equipment 12 comprises a computing device 16 and a network interface unit 18 .
- the computing device 16 may be implemented as a personal computer (PC) such as a desktop computer, a laptop computer, or a tablet PC.
- the computing device 16 is provided with at least one input device such as a keyboard, a mouse, a touchscreen, a stylus, a microphone, etc., as well as a display and possibly one or more other output devices (e.g., speakers) that enable interaction between the user 10 and the computing device 16 .
- the computing device 16 is operative to run a software application implementing a network browser (e.g., a web browser) with which the user 10 can interact via the display (and possibly one or more other output devices) and the at least one input device in order to access and interact with network sites of the packet-switched network 14 .
- a network browser e.g., a web browser
- the network interface unit 18 enables the end user equipment 12 to exchange data with the packet-switched network 14 via a communication link 20 .
- the network interface unit 18 may be implemented as a modem such as a broadband modem (e.g., a digital subscriber line (DSL) modem or a cable modem) or a narrowband modem (e.g., a dial-up modem).
- the network interface 18 may be implemented as an optical network termination (ONT)-based Ethernet connection.
- ONT optical network termination
- the network interface unit 18 may be integrated into the computing device 16 (e.g., it may be a card internal to the computing device 16 ).
- the communication link 20 may traverse one or more network elements and may comprise one or more physical links and one or more logical links.
- the communication link 20 may comprise a physical link 17 between the network interface unit 18 and a network element 21 .
- the physical link 17 may comprise a copper twisted pair, a coax cable, an Ethernet link, a fiber optic link (e.g., in the case of FTTP), a fixed wireless link, a satellite link, or a combination thereof.
- the network element 21 may be a DSL access multiplexer (DSLAM), a cable modem termination system (CMTS), or another type of network element.
- DSL access multiplexer DSL access multiplexer
- CMTS cable modem termination system
- the communication link 20 may also comprise a dedicated logical link 19 between the network element 21 and another network element 23 that provides access to the packet-switched network 14 .
- the network element 23 may be a network access server (NAS), a router, etc. It will be appreciated that the communication link 20 may take on many forms in various embodiments.
- end user equipment 12 comprises the computing device 16 and the network interface unit 18 , it will be appreciated that the end user equipment 12 may comprise other components in other embodiments.
- the end user equipment 12 may be assigned a logical identifier.
- the logical identifier which may in fact be assigned to the computing device 16 or the network interface unit 18 (both forming part of the end user equipment 12 in this embodiment), may be an Internet Protocol (IP) address (e.g., in compliance with IPv4 or IPv6) or a proprietary address, label, or tag.
- IP Internet Protocol
- the logical identifier may be statically assigned to the end user equipment 12 in which case it does not change over time (e.g., a static IP address).
- the logical identifier may be dynamically assigned to the end user equipment 12 in which case it may change over time (e.g., a dynamic IP address).
- the logical identifier may be assigned to the end user equipment 12 by a network element that is part of the communication link 20 (e.g., the network element 23 in embodiments where it is a network access server).
- This network element may assign the logical identifier to the end user equipment 12 when the end user equipment 12 is activated (e.g., when the network interface unit 18 and/or the computing device 16 is/are powered-up) or otherwise regains network connectivity and/or at certain time intervals which may range from an hour or less to several months or more.
- the network element assigning the dynamic IP address to the end user equipment 12 may do so in accordance with the Dynamic Host Configuration Protocol (DHCP) using a pool of IP addresses accessible to that network element.
- DHCP Dynamic Host Configuration Protocol
- assignment of the logical identifier to the end user equipment 12 may be effected in various ways in various embodiments.
- the computing device 16 has a memory 22 that stores a location object 24 .
- the location object 24 is an element of information which specifies a physical location.
- the location specified by the location object 24 corresponds to a location of a service point (hereinafter “service point location”) where the end user equipment 12 is located.
- a “service point” refers to a point where a network access service is provided to the user 10 by a service provider, such as an Access Service Provider (ASP), a Regional Access Network Provider (RANP) or an Internet Service Provider (ISP).
- ASP Access Service Provider
- RTP Regional Access Network Provider
- ISP Internet Service Provider
- a service point may be a house or other building, or an area thereof.
- the location specified by the location object 24 can specify the current position of the end user equipment 12 , as detected or measured by other means (e.g., triangulation).
- the current position can be specified to any desired resolution.
- the current position can be specified to the level of which network access point is being used by the end user equipment 12 .
- Such an approach may be used by cable companies and various online search engines and online advertisement providers. Still other levels of precision/accuracy/resolution are within the scope of the present invention.
- the location specified by the location object 24 may be expressed as a geo location (latitude, longitude, elevation, and the datum which identifies the coordinate system used, such as, without limitation, the World Geodetic System 1984 (WGS841) datum).
- the location specified by the location object 24 may be expressed as a civic location (a set of elements that describe detailed street address information). Still other possibilities exist and are within the scope of the invention.
- the location object 24 may be formatted as a Presence Information Document Format—Location Object (PIDF-LO) as defined by the Internet Engineering Task Force (IETF) in a variety of documents hereby incorporated by reference herein, including RFC 4119, “draft-ietf-geopriv-pidf-lo-profile-10” and “draft-ietf-geopriv-revised-civic-lo-06” available from http://tools.ietf.org/wg/geopriv/ and incorporated by reference herein.
- PIDF-LO Presence Information Document Format—Location Object
- IETF Internet Engineering Task Force
- location object 24 Another possible format for the location object 24 is an XML format, a description of which can be found in “Geographic Markup Language”, available from http://www.opengeospatial.org/standards/gml, hereby incorporated by reference herein. Still other possibilities exist and are within the scope of the invention.
- the service provider determines the service point location where the end user equipment 12 is located, or determines the current position of the end user equipment 12 , and then generates the location object 24 .
- the service provider subsequently causes storage of the location object 24 in the memory 22 of the computing device 16 .
- the network element 23 may receive a request for network access by the end user equipment 12 .
- the network element 23 may then consult a location information server (LIS—not shown) that stores the location object 24 to be stored on the end user equipment 12 .
- the network element 23 may then send the location object 24 to the end user equipment 12 over the communication link 20 .
- the end user equipment 12 may then store the location object 24 in the memory 22 .
- the above procedure may be repeated, so that the location object 24 is kept up to date.
- the user 10 can use the end user equipment 12 to access and interact with network sites of the packet-switched network 14 .
- These network sites are implemented by servers 30 1 . . . 30 N connected to the packet-switched network 14 .
- the servers 30 1 . . . 30 N and the network sites that they implement are operated, managed or otherwise associated with various entities, including, for example, companies, governmental organizations, non-profit organizations, and individuals.
- Each of the servers 30 1 . . . 30 N comprises suitable hardware, firmware, software, control logic, or a combination thereof for implementing a plurality of functional components, including an interface and a processing unit.
- the interface of each of the servers 30 1 . . . 30 N is adapted to receive messages from and send messages to communication equipment (such as the end user equipment 12 ) connected to the packet-switched network 14 , as well as to receive data from or send data to other elements (e.g., computers or databases) communicatively coupled to that server but not necessarily connected to the packet-switched network 14 .
- the processing unit of each of the servers 30 1 . . . 30 N is adapted to effect various processing operations to implement that server's functionality.
- Interaction of the user 10 with a network site implemented by a server 30 n (1 ⁇ n ⁇ N) typically involves the network browser implemented by the computing device 16 interacting with the server 30 n in order to allow the user 10 to view, hear or otherwise be exposed to content (e.g., web pages) of the network site via the display and/or one or more other output devices of the computing device 16 , and to input information (e.g., by entering text, selecting an option, etc.) and/or one or more commands (e.g., by clicking on a graphical button or a hyperlink) via the at least one input device of the computing device 16 .
- content e.g., web pages
- input information e.g., by entering text, selecting an option, etc.
- one or more commands e.g., by clicking on a graphical button or a hyperlink
- the user 10 may desire or need to effect an online transaction.
- the user 10 may desire or need to: purchase or otherwise obtain a product and/or a service and/or content offered on the network site; pay a bill for a previously obtained product/service/content via the network site; transfer funds from one account to another via the network site; trade securities (e.g., stocks, bonds, etc.) via the network site; make a donation to a charity or other institution through the network site; access secure online content via the network site; access a virtual private network via the network site; etc.
- trade securities e.g., stocks, bonds, etc.
- transaction object information information regarding a transaction object
- a “transaction object” refers to any physical or virtual object designed to be used in an attempt to make a transaction.
- a transaction object may constitute a payment card (e.g., a credit card, a debit card, etc.), an account (e.g., a bank account, an online wallet account, login credentials for accessing secure content or a VPN, etc.), an electronic check, a set of one or more digital cash (electronic money) certificates, or any other physical or virtual object designed to be used in an attempt to make a transaction.
- a payment card e.g., a credit card, a debit card, etc.
- an account e.g., a bank account, an online wallet account, login credentials for accessing secure content or a VPN, etc.
- an electronic check e.g., a set of one or more digital cash (electronic money) certificates, or any other physical or virtual object designed to be used in an attempt to make a transaction.
- the transaction object information can therefore take on various forms.
- the transaction object information may include payment card information regarding a payment card in situations where, for instance, the user 10 desires to purchase or otherwise obtain a product/service/content offered on the network site implemented by the server 30 n , pay a bill for a previously obtained product/service/content via the network site, or make a donation to a charity or other institution through the network site using the payment card.
- payment card information may be, for instance, credit card information regarding a credit card (e.g., a number, expiry date, and/or holder's name) or debit card information regarding a debit card (e.g., a number and/or holder's name).
- the payment card may comprise one or more card elements adapted to convey part or all of the payment card information, such as one or more sets of characters (e.g., printed and/or embossed characters), a magnetic stripe, and/or a chip (e.g., an EMV chip).
- a card element adapted to convey part or all of the payment card information, such as one or more sets of characters (e.g., printed and/or embossed characters), a magnetic stripe, and/or a chip (e.g., an EMV chip).
- the transaction object information may include electronic check information regarding an electronic check (e.g., a check number and/or a checking account number) in situations where, for instance, the user 10 desires to effect a payment via the network site implemented by the server 30 n using the electronic check.
- an entity e.g., a bank or other financial institution, or the service provider
- a computer-readable medium e.g., as part of a database
- the transaction object information may include digital cash information regarding a set of one or more digital cash certificates (e.g., digital cash certificate identifiers) in situations where, for instance, the user 10 desires to effect a payment via the network site implemented by the server 30 n using the set of one or more digital cash certificates.
- an entity e.g., a bank or other financial institution
- an entity e.g., a bank or other financial institution
- an entity e.g., a bank or other financial institution
- an entity that allows the user 10 to use the set of one or more digital cash certificates may store on a computer-readable medium (e.g., as part of a database) information regarding the set of one or more digital cash certificates, including the digital cash information provided by the user 10 .
- the transaction object information may include account information regarding an account (e.g., an account number and/or holder's name and/or login credentials) in situations where, for instance, the user 10 desires to effect a transfer of funds to or from the account via the network site implemented by the server 30 n , or where the user 10 desires to access secure online content or a VPN via the network site implemented by the server 30 n .
- an entity e.g., a bank or other financial institution, a corporate extranet server
- a computer-readable medium e.g., as part of a database
- the user 10 may use one or more of the at least one input device of the computing device 16 to enter the transaction object information and cause this information to be sent by the end user equipment 12 to the server 30 n (or another computer associated with the server 30 n ) over the packet-switched network 14 .
- the transaction object information may have been previously stored in the memory 22 of the computing device 16 , in which case the user 10 may use one or more of the at least one input device of the computing device 16 to cause the end user equipment 12 to send the previously stored transaction object information to the server 30 n (or another computer associated with the server 30 n ) over the packet-switched network 14 .
- the ability to successfully effect an online transaction with the network site implemented by the server 30 n involves the location object 24 being retrieved from the memory 22 of the computing device 16 and transmitted from the end user equipment 12 to the server 30 n (or another computer associated with the server 300 .
- the computing device 16 can be configured to effect this transmission according to various schemes, such as (i) autonomously once per online transaction; (ii) regularly without regard to any attempt to effect an online transaction; or (iii) upon request from the server 30 n when an online transaction is attempted or susceptible of being attempted. Still other schemes are possible and are within the scope of the present invention.
- the online transaction attempted to be effected by the user 10 may be subjected to various conventional security measures intended to protect information exchanged between the end user equipment 12 and the packet-switched network 14 and to counter fraudulent online transactions.
- the transaction object information provided by the user 10 via the end user equipment 12 may be encrypted (e.g., using the Secure Socket Layer (SSL) protocol) prior to being sent over the packet-switched network 14 .
- SSL Secure Socket Layer
- card security code (CSC) verification may be employed whereby the user 10 is asked to enter the payment card's CSC, and/or address verification systems (AVS) may be employed whereby an address entered by the user 10 is compared to a billing address known to the payment card's issuing bank.
- CSC card security code
- AVS address verification systems
- Various other security measures may be employed in different cases.
- a network element 51 hereinafter referred to as a transaction validation server.
- the transaction validation server 51 is operated, managed or otherwise associated with an entity responsible for validating online transactions.
- this entity may be a bank or other financial institution that provides the transaction object to the user 10 (e.g., a card issuing bank in cases where the transaction object is a credit card or a debit card).
- This entity could also be the service provider if the transaction object is an account number of an account being held by the service provider for the user 10 .
- the transaction validation server 51 comprises suitable hardware, firmware, software, control logic, or a combination thereof for implementing a plurality of functional components, including an interface and a processing unit.
- the interface of the transaction validation server 51 is adapted to receive messages from and send messages to other servers and/or other computers, and to exchange data with other elements (e.g., databases).
- the transaction validation server 51 may be connected to the server 30 n (or another computer associated with the server 30 n ) via a communication path 55 , over which the transaction validation server 51 receives transaction object information transmitted by the end user equipment 12 in relation to an online transaction attempted to be effected by the user 10 .
- the communication path 55 may be established over the packet-switched network 14 and/or another network 59 (e.g., a financial network) and may traverse one or more network elements (e.g., gateways, other servers).
- the communication path 55 may take on various forms depending on the nature of the online transaction attempted to be effected by the user 10 . An example of the communication path 55 will be described later on.
- the processing unit of the transaction validation server 51 is adapted to effect various processing operations to implement that server's functionality.
- the transaction validation server 51 is operative to use information included in a database 53 to validate the online transaction attempted to be made using the transaction object information provided by the user 10 via the end user equipment 12 .
- the transaction validation server 51 and the database 53 may be part of separate network elements and communicatively coupled to one another via a communication link, which may traverse one or more network elements and comprise one or more physical links and one or more logical links.
- the transaction validation server 51 and the database 53 may be part of a common network element.
- the database 53 may be distributed amongst a plurality of network elements and/or physical locations.
- the database 53 stores a plurality of records 57 1 . . . 57 P .
- Each of the records 57 1 . . . 57 P is associated with a respective transaction object and contains (i) transaction object information pertaining to the respective transaction object and (ii) information to assist in validating an online transaction attempted using the transaction object information pertaining to the respective transaction object.
- the information to assist in validating an online transaction attempted using the transaction object information pertaining to the transaction object associated with a given one of the records 57 1 . . . 57 P may comprise one or more of:
- Each of the records 57 i . . . 57 P may also include ancillary information that may be required to process an online transaction attempted to be made using the transaction object information included in that record.
- ancillary information depends on the nature of the transaction object associated with that record and can thus take on many forms.
- the ancillary information included in that record may include a credit limit, a balance due, a billing address (i.e., an address where credit card bills are to be sent), a shipping address, a list of recent transactions, and possibly other information regarding the credit card (e.g., other card holders' names).
- the transaction validation server 51 is assumed to be a server associated with a card issuing bank, i.e., a financial institution that issued the particular credit card.
- each of the records 57 1 . . . 57 P is associated with a transaction object which is a credit card, and includes transaction object information which is credit card information regarding that credit card.
- the transaction validation server 51 may be within the realm of the service provider, and can in fact be the same entity that caused storage of the location object 24 in the memory 22 of the end user equipment 12 .
- the user 10 interacts with the network site implemented by the server 30 n using the computing device 16 of the end user equipment 12 in order to select the product/service/content that he/she desires to purchase. This may involve the user 10 using an online shopping cart implemented by the server 30 n . Upon selecting the desired product/service/content, the user 10 indicates that he/she desires to purchase that product/service/content, for instance, by selecting a “check-out” option on the network site.
- the network site then prompts the user 10 to provide payment information to pay for the selected product/service/content.
- the user 10 thus proceeds to enter credit card information regarding the particular credit card.
- the user 10 indicates his/her intent to submit an order to purchase the selected product/service/content using the entered credit card information, for instance, by selecting a “submit order” option on the network site.
- the computing device 16 of the end user equipment 12 transmits to the server 30 n a message 102 *.
- the message 102 * conveys: (i) order information indicative of the selected product/service/content; (ii) purchase amount information indicative of an amount to be paid to purchase the selected product/service/content; and (iii) the credit card information entered by the user 10 to purchase the selected product/service/content.
- the order information, the purchase amount information and possibly even the credit card information may already be known to the server 30 n due to prior interaction between the computing device 16 and the server 30 n .
- the message 102 * may simply convey an indication or confirmation of a desire of the user 10 to purchase the selected product/service/content.
- the message 102 * may also convey the logical identifier assigned to the end user equipment 12 .
- the logical identifier assigned to the end user equipment 12 may not be conveyed by the message 102 * but may already be known to the server 30 n due to prior interaction between the computing device 16 and the server 30 n .
- the information to be transmitted to the server 30 n as part of the message 102 * may be encrypted by the computing device 16 prior to being transmitted to the server 30 n .
- This encryption may be effected using the SSL protocol or some other encryption technique, by virtue of interaction between the computing device 16 and the server 30 n .
- the server 30 n Upon receiving the message 102 *, the server 30 n processes the message 102 *, possibly decrypting one or more of its portions. As part of its processing operations, the server 30 n recognizes that an online transaction is attempted to be effected via the end user equipment 12 and proceeds to send a message 103 * to the computing device 16 of the end user equipment 12 .
- the message 103 * contains a request to obtain the location object 24 stored in the memory 22 of the end user equipment 12 .
- the computing device 16 of the end user equipment 12 proceeds to generate and transmit to the server 30 n a message 105 * that conveys the location object 24 stored in the memory 22 of the end user equipment 12 .
- Information conveyed by the message 105 * may be encrypted prior to transmission to the server 30 n .
- the message 103 * may be in accordance with the DHCP or HTTP Enabled Location Delivery (HELD) protocols.
- the end user equipment 12 has the ability to decide whether to release the message 105 * and in fact may, under certain circumstances, decide not to release the message 105 *.
- the server 30 n may need to figure on a list of “trusted location object requesting” servers or it may need to pass a test in order to gain or assert an authorization to request the location object 24 from the end user equipment 12 .
- the server 30 n Upon receiving the message 105 *, the server 30 n processes the message 105 *, possibly decrypting one or more of its portions, and proceeds to send a message 104 * to a “payment gateway” 60 .
- the payment gateway 60 is a network element that is connected to a financial network 68 and that is used by the server 30 n to process online transactions attempted to be made via the network site implemented by the server 30 n .
- the financial network 68 interconnects a plurality of servers or other computers associated with banks and/or other financial institutions, including, in this example, the transaction validation server 51 that is associated with the card issuing bank and a server 70 that is associated with an acquiring bank, i.e., a financial institution that is used by an entity, in this case, a merchant, which operates, manages or is otherwise associated with the server 30 n .
- the financial network 68 may be part of the packet-switched network 14 , may comprise individual point-to-point links or may be dispensed with altogether.
- the message 104 * sent to the payment gateway 60 may be generated by the server 30 n based on the message 102 *, the message 105 * and possibly other information known to the server 30 n (e.g., the order information, the purchase amount, the credit card information and/or the logical identifier assigned to the end user equipment 12 ).
- the message 104 * conveys: (i) the purchase amount information indicative of an amount to be paid to purchase the selected product/service/content; (ii) the credit card information entered by the user 10 to purchase the selected product/service/content; and (iii) the location object 24 .
- Information conveyed by the message 104 * may be encrypted prior to transmission to the payment gateway 60 .
- the computing device 16 of the end user equipment 12 now transmits to the server 30 n a message 102 .
- the message 102 conveys: (i) order information indicative of the selected product/service/content; (ii) purchase amount information indicative of an amount to be paid to purchase the selected product/service/content; and (iii) the credit card information entered by the user 10 to purchase the selected product/service/content.
- the order information, the purchase amount information and possibly even the credit card information may already be known to the server 30 n due to prior interaction between the computing device 16 and the server 30 n .
- the message 102 may simply convey an indication or confirmation of a desire of the user 10 to purchase the selected product/service/content.
- the message 102 may also convey the logical identifier assigned to the end user equipment 12 .
- the logical identifier assigned to the end user equipment 12 may not be conveyed by the message 102 but may already be known to the server 30 n due to prior interaction between the computing device 16 and the server 30 n .
- the message 102 may convey the location object 24 stored in the memory 22 of the end user equipment 12 .
- the location object 24 may not be conveyed by the message 102 but may already be known to the server 30 n due to prior interaction between the computing device 16 and the server 30 n .
- no request is made for the location object 24 ; rather, the location object 24 is either sent in an unsolicited manner by the end user equipment 12 within message 102 or is already known to the server 30 n .
- the information to be transmitted to the server 30 n as part of the message 102 may be encrypted by the computing device 16 prior to being transmitted to the server 30 n .
- This encryption may be effected using the SSL protocol or some other encryption technique, by virtue of interaction between the computing device 16 and the server 30 n .
- the server 30 n Upon receiving the message 102 , the server 30 n processes the message 102 , possibly decrypting one or more of its portions, and proceeds to send a message 104 to the payment gateway 60 .
- the message 104 sent to the payment gateway 60 may be identical to the message 102 , i.e., it may be a relayed version of the message 102 .
- the message 104 may be generated by the server 30 n based on the message 102 and possibly other information known to the server 30 n (e.g., the order information, the purchase amount information, the credit card information, the logical identifier assigned to the end user equipment 12 and/or the location object 24 ).
- the message 104 conveys: (i) the purchase amount information indicative of an amount to be paid to purchase the selected product/service/content; (ii) the credit card information entered by the user 10 to purchase the selected product/service/content; and (iii) the location object 24 .
- Information conveyed by the message 104 may be encrypted prior to transmission to the payment gateway 60 .
- the payment gateway 60 Upon receiving the message 104 or 104 *, the payment gateway 60 processes the message 104 or 104 *, possibly decrypting one or more of its portions. Based on content of the message 104 or 104 *, the payment gateway 60 determines that it originates from the server 30 n and proceeds to send a message 106 , over the financial network 68 , to the server 70 , which is associated with the acquiring bank used by the merchant associated with the server 30 n .
- the message 106 which can be viewed as a request for transaction authorization, is intended to elicit from the financial network 68 a response as to whether the online transaction attempted to be made by the user 10 is approved or denied.
- the payment gateway 60 generates the message 106 based on the message 104 or 104 * such that the message 106 conveys: (i) the purchase amount information indicative of an amount to be paid to purchase the selected product/service/content; (ii) the credit card information entered by the user 10 to purchase the selected product/service/content; and (iii) the location object 24 .
- the server 70 receives the message 106 and processes it to gain knowledge that a transaction involving the merchant associated with the server 30 n is attempted to be effected. Based on the credit card information conveyed by the message 106 , the server 70 proceeds to send a message 108 to the transaction validation server 51 over the financial network 68 .
- the message 108 may be identical to the message 106 , i.e., it may be a relayed version of the message 106 . Alternatively, the message 108 may be generated by the server 70 based on the message 106 and possibly other information known to the server 70 .
- the message 108 conveys: (i) the purchase amount information indicative of an amount to be paid to purchase the selected product/service/content; (ii) the credit card information entered by the user 10 to purchase the selected product/service/content; and (iii) the location object 24 .
- the transaction validation server 51 which is associated with the card issuing bank that issued the particular credit card that has been used by the user 10 to attempt to purchase the selected product/service/content, receives the message 108 .
- the transaction validation server 51 proceeds to process the message 108 to determine whether the online transaction attempted to be made by the user 10 is to be approved or denied. Specifically, the transaction validation server 51 proceeds to validate the online transaction based at least in part on the location object 24 .
- the transaction validation server 51 consults the database 53 to identify a particular one of the records 57 1 . . . 57 P that corresponds to the credit card information conveyed by the message 108 . Upon identifying the particular one of the records 57 1 . . . 57 P , the transaction validation server 51 obtains the corresponding information that assists in validation of the online transaction. It is recalled that depending on the embodiment, such information may comprise one or more of:
- the transaction validation server 51 can validate the online transaction.
- the following considers validation in greater detail, with respect to the above three example types of information that assists in validation of the online transaction.
- the transaction validation server 51 determines that the credit card information conveyed by the message 108 is associated with an authorized transaction point location, the transaction validation server 51 proceeds to effect a verification as to whether the location specified by the location object 24 (and conveyed by the message 108 ) corresponds to this authorized transaction point location.
- the transaction validation server 51 handles the online transaction in different manners depending on whether or not the location specified by the location object 24 corresponds to the authorized transaction point location associated with the credit card information.
- validation may be deemed unsuccessful. This may result in the online transaction being denied by the transaction validation server 51 without performing any further processing operations to assess whether it should be approved or denied.
- the transaction validation server 51 may perform additional processing operations to determine whether the online transaction attempted to be made by the user 10 is to be approved or denied, including processing operations to re-assess legitimacy of the online transaction attempted to be made by the user 10 , i.e., to probe more deeply into whether the user 10 legitimately used the credit card information conveyed by the message 108 .
- these additional processing operations may effect conventional verifications, such as a card security code (CSC) verification, an address verification system (AVS), a phone call to verbally confirm legitimacy of the online transaction attempted to be made by the user 10 , etc.
- CSC card security code
- AVS address verification system
- the transaction validation server 51 may conclude that the online transaction attempted to be made using the credit card information conveyed by the message 108 is authorized to be made from the location from which it is attempted.
- the fact that the location specified by the location object 24 supplied by the end user equipment 12 corresponds to an authorized transaction point location may simply be interpreted as successful completion of one among several steps in an overall authorization process.
- the transaction validation server 51 may also perform other processing operations to determine whether the online transaction attempted to be made by the user 10 is to be approved or denied. For example, based on the ancillary information (e.g., a credit limit, a balance due, etc.) included in the particular one of the records 57 1 . . . 57 P and the purchase amount information indicative of an amount to be paid to purchase the selected product/service/content that is conveyed by the message 108 , the transaction validation server 51 may determine whether the online transaction is to be approved or denied. It will be appreciated that approval or denial of the online transaction may be determined by the transaction validation server 51 based on other factors.
- ancillary information e.g., a credit limit, a balance due, etc.
- the transaction validation server 51 determines that the credit card information conveyed by the message 108 is associated with an unauthorized transaction point location, the transaction validation server 51 proceeds to effect a verification as to whether the location specified by the location object 24 (and conveyed by the message 108 ) corresponds to this unauthorized transaction point location.
- the transaction validation server 51 handles the online transaction in different manners depending on whether or not the location specified by the location object 24 corresponds to the unauthorized transaction point location associated with the credit card information.
- validation may be deemed unsuccessful. This may result in the online transaction being denied by the transaction validation server 51 without performing any further processing operations to assess whether it should be approved or denied.
- the transaction validation server 51 may perform additional processing operations to determine whether the online transaction attempted to be made by the user 10 is to be approved or denied, including processing operations to re-assess legitimacy of the online transaction attempted to be made by the user 10 , i.e., to probe more deeply into whether the user 10 legitimately used the credit card information conveyed by the message 108 .
- these additional processing operations may effect conventional verifications, such as a card security code (CSC) verification, an address verification system (AVS), a phone call to verbally confirm legitimacy of the online transaction attempted to be made by the user 10 , etc.
- CSC card security code
- AVS address verification system
- the transaction validation server 51 may conclude that the online transaction attempted to be made using the credit card information conveyed by the message 108 is authorized to be made from the location from which it is attempted.
- the fact that the location specified by the location object 24 supplied by the end user equipment 12 does not correspond to an unauthorized transaction point location may simply be interpreted as successful completion of one among several steps in an overall authorization process.
- the transaction validation server 51 may also perform other processing operations to determine whether the online transaction attempted to be made by the user 10 is to be approved or denied. For example, based on the ancillary information (e.g., a credit limit, a balance due, etc.) included in the particular one of the records 57 1 . . . 57 P and the purchase amount information indicative of an amount to be paid to purchase the selected product/service/content that is conveyed by the message 108 , the transaction validation server 51 may determine whether the online transaction is to be approved or denied. It will be appreciated that approval or denial of the online transaction may be determined by the transaction validation server 51 based on other factors.
- ancillary information e.g., a credit limit, a balance due, etc.
- the transaction validation server 51 may compare the location specified by the location object 24 (and conveyed by the message 108 ) and possibly a time at which the online transaction is attempted to be made (which may be conveyed by the message 108 or otherwise obtained by the transaction validation server 51 ) to the spatio-temporal history of previous online transactions.
- the transaction validation server 51 handles the online transaction in different manners depending on whether the location specified by the location object 24 and possibly the time at which the online transaction is attempted to be made compare favorably (i.e., are consistent) or unfavorably (i.e., are inconsistent) with the spatio-temporal history of previous online transactions.
- validation may be deemed unsuccessful.
- a specific location e.g., a specific civic address
- validation may be deemed unsuccessful.
- a previous online transaction has been made using the credit card information included in particular one of the records 57 1 . . .
- validation may be deemed unsuccessful. In these and other examples, this may result in the online transaction being denied by the transaction validation server 51 without performing any further processing operations to assess whether it should be approved or denied.
- the transaction validation server 51 may perform additional processing operations to determine whether the online transaction attempted to be made by the user 10 is to be approved or denied, including processing operations to re-assess legitimacy of the online transaction attempted to be made by the user 10 , i.e., to probe more deeply into whether the user 10 legitimately used the credit card information conveyed by the message 108 .
- these additional processing operations may effect conventional verifications, such as a card security code (CSC) verification, an address verification system (AVS), a phone call to verbally confirm legitimacy of the online transaction attempted to be made by the user 10 , etc.
- CSC card security code
- AVS address verification system
- the transaction validation server 51 concludes that the online transaction attempted to be made using the credit card information conveyed by the message 108 is consistent with one or more previous online transactions made using this credit card information.
- the transaction validation server 51 may also perform other processing operations to determine whether the online transaction attempted to be made by the user 10 is to be approved or denied. For example, based on the ancillary information (e.g., a credit limit, a balance due, etc.) included in the particular one of the records 57 1 . . . 57 P and the purchase amount information indicative of an amount to be paid to purchase the selected product/service/content that is conveyed by the message 108 , the transaction validation server 51 may determine whether the online transaction is to be approved or denied. It will be appreciated that approval or denial of the online transaction may be determined by the transaction validation server 51 based on other factors.
- ancillary information e.g., a credit limit, a balance due, etc.
- Post-validation processing is now described with reference to FIG. 5 . Specifically, upon determining whether the online transaction is approved or denied, the transaction validation server 51 returns a message 114 to the server 70 over the financial network 68 . The message 114 indicates whether the online transaction was approved or denied.
- the message 114 may indicate (e.g., by a code) a reason for this denial, such as insufficient funds, an unavailable bank link, etc.
- the transaction validation server 51 may also take further action, such as freezing a credit account corresponding to the particular credit card, informing fraud prevention and/or law enforcement authorities of a possible attempt to make a fraudulent online transaction, etc.
- the transaction validation server 51 may update the particular one of the records 57 1 . . . 57 P associated with the particular credit card to take into account approval of the online transaction. For example: one or more elements of ancillary information (e.g., a balance due, an available credit, etc.) included in the particular one of the records 57 1 . . . 57 P may be updated to reflect the approved online transaction; if the information to assist in validation of an online transaction that is included in the particular one of the records 57 1 . . . 57 P comprises a spatio-temporal history of previous online transactions made using the credit card information corresponding to that record, this spatio-temporal history may be updated to reflect the approved online transaction; etc.
- ancillary information e.g., a balance due, an available credit, etc.
- the server 70 receives the message 114 and processes it to determine whether the online transaction was approved or denied. If approved, the online transaction is eventually settled via a settlement process involving the acquiring bank and the card issuing bank. This settlement process is well known and thus not described herein.
- the server 70 proceeds to return a message 116 to the payment gateway 60 .
- the message 116 may be identical to the message 114 , i.e., it may be a relayed version of the message 114 .
- the message 116 may be generated by the server 70 based on the message 114 .
- the message 116 indicates whether the online transaction is approved or denied and, if applicable, may indicate a reason for denial of the online transaction.
- the payment gateway 60 Upon receiving the message 116 , the payment gateway 60 processes it and proceeds to send a message 118 to the server 30 n . Generated by the payment gateway 60 on a basis of the message 116 , the message 118 indicates whether the online transaction is approved or denied and, if applicable, may indicate a reason for denial of the online transaction. Information conveyed by the message 118 may be encrypted by the payment gateway 60 prior to being transmitted to the server 30 n .
- the server 30 n receives the message 118 .
- the server 30 n processes the message 118 , possibly decrypting one or more of its portions, to ascertain whether the online transaction is approved or denied. Approval or denial of the online transaction (and a reason for denial, if applicable) may be recorded by the server 30 n for future reference.
- the server 30 n proceeds to send a message 120 to the computing device 16 of the end user equipment 12 in order to communicate approval or denial of the online transaction to the user 10 . Since it travels over the packet-switched network 14 , information conveyed by the message 120 may be encrypted by the server 30 n prior to being transmitted to the computing device 16 .
- the computing device 16 Upon receiving the message 120 , the computing device 16 processes the message 120 , possibly decrypting one or more of its portions, so as to communicate approval or denial of the online transaction to the user 10 . For example, this may be achieved by displaying a “transaction approved” or “transaction denied” message (or any conceivable variant thereof) on the display of the computing device 16 .
- the location object 24 may also be subjected to various security measures intended to protect the location object 24 between its receipt from the service provider and its transmission to a network site in the context of an online transaction.
- security measures include encryption on the wire, encryption of the location object 24 itself and applying a digital signature to the location object 24 (using mechanisms such as XML digital signature), to name a few non-limiting possibilities.
- the server 30 n , the transaction validation server 51 and/or the server 70 may, upon obtaining the encrypted location object 24 from the communication apparatus 12 , proceed to decrypt the location object 24 .
- the server 30 n , the transaction validation server 51 and/or the server 70 may proceed to decrypt the location object 24 using a decryption key that is obtained from the service provider (e.g., from the network element 23 or another network component operated by the service provider), possibly in return for payment to the service provider.
- the network element 23 (or another network component operated by the service provider) may provide the decryption key to the server 30 n , the transaction validation server 51 and/or the server 70 in response to a request received therefrom.
- the network element 23 may have previously provided the decryption key to the server 30 n , the transaction validation server 51 and/or the server 70 by virtue of a trust relationship established between the service provider and the entity operating the server 30 n , the transaction validation server 51 and/or the server 70 .
- the service provider can effectively control use of the location object 24 (that it caused to be stored on the communication apparatus 12 ) by network components such as the server 30 n , the transaction validation server 51 and/or the server 70 .
- the message 103 * containing a request to obtain the location object 24 stored in the memory 22 of the end user equipment 12 was generated by the server 30 n .
- the message 103 * may be generated by other network entities involved in processing of the transaction and at various instances, such as:
- the end user equipment 12 has the ability to decide whether to release a message in response to the message 103 * and containing the location object 24 . That is to say, the end user equipment 12 may, under certain circumstances, decide not to release the response.
- requesting entity e.g., the server 70 or the transaction validation server 51 in the previous paragraph
- the payment gateway 60 , the server 70 , the transaction validation server 51 and the server 30 n have been described as separate entities, this has been done for convenience and illustration only. It should therefore be understood that in certain embodiments, any one or more of the payment gateway 60 , the server 70 , the transaction validation server 51 and the server 30 n may be integrated into a single network entity or component.
- the computing device 16 effecting an online transaction with a network site over the packet-switched network 14
- the computing device 16 it is also within the scope of the invention for the computing device 16 to be implemented as a communication device and to effect an online transaction with a called party reachable over the packet-switched network 14 .
- the communication device could be embodied as a VoIP phone, a Plain Old Telephone Service (POTS) phone equipped with an analog terminal adapter (ATA), or a soft phone (i.e., a computer equipped with telephony software).
- POTS Plain Old Telephone Service
- ATA analog terminal adapter
- a soft phone i.e., a computer equipped with telephony software
- one party can be a purveyor of goods or services.
- the location object 24 is conveyed from the communication device to the purveyor of goods or services.
- a given component described herein may be implemented as pre-programmed hardware or firmware elements (e.g., application specific integrated circuits (ASICs), electrically erasable programmable read-only memories (EEPROMs), etc.) or other related elements.
- a given component described herein e.g., the transaction validation server 51
- the program instructions may be stored on a medium which is fixed, tangible, and readable directly by the given component (e.g., removable diskette, CD-ROM, ROM, fixed disk, USB key, etc.).
- the program instructions may be stored remotely but transmittable to the given component via a modem or other interface device connected to a network over a transmission medium.
- the transmission medium may be either a tangible medium (e.g., optical or analog communications lines) or a medium implemented using wireless techniques (e.g., RF, microwave, infrared or other wireless transmission schemes).
Abstract
A method that comprises obtaining from end user equipment a location object caused to be stored on the end user equipment by a service provider; and validating an online transaction attempted using the end user equipment, based at least in part on the location object so obtained. The method may further comprise obtaining transaction object information provided via the end user equipment; and obtaining information to assist in validating online transactions attempted using the transaction object information. The validating of the online transaction may comprise comparing a location specified by the location object to the information to assist in validating online transactions attempted using the transaction object information and taking a validation action based on a result of the comparing.
Description
- The present application claims the benefit of U.S. Provisional Application Ser. No. 60/941,830, filed on Jun. 4, 2007, hereby incorporated by reference herein.
- The present invention relates generally to online transactions and, more particularly, to methods, apparatuses and computer-readable media for validating online transactions using an element of information referred to as a location object.
- Online transactions are now widely used to effect electronic commerce (e-commerce). One common type of online transaction involves an electronic payment by a first party to a second party, for example, to purchase goods or services. This electronic payment is typically effected by the first party entering payment card information at his/her computer. Information pertaining to the online transaction attempted to be made, including the entered payment card information, is transmitted over a computer network (e.g., the Internet) and a financial network to different computers which process this information in order to approve or deny the online transaction. Approval or denial of the online transaction is communicated to the first party via his/her computer and, if approved, settlement of the online transaction takes place between the first party's card issuing bank and the second party's acquiring bank.
- While computer networking makes online transactions convenient and efficient, it also exposes a potential for fraudulent activity and thus one major area of interest with online transactions is fraud prevention. Accordingly, various security measures have been implemented to counter fraudulent online transactions. Example security measures include data encryption, card security code (CSC) verification (where an individual attempting to make an online transaction using a payment card is asked to enter the payment card's CSC), and address verification systems (AVS—where an address entered by an individual attempting to make an online transaction using a payment card is compared to a billing address known to the payment card's issuing bank).
- Although such security measures help reduce the potential for fraud to a certain degree, they do not insulate online transactions from equally—if not more—severe forms of attack, including conventional theft of physical cards and the emerging threat posed by identity theft. As the volume of online transactions continues to grow, there is clearly a pressing need in the industry to combat online fraud more effectively than has been done in the past.
- According to a first broad aspect, the present invention seeks to provide a method, comprising: obtaining from end user equipment a location object caused to be stored on the end user equipment by a service provider; and validating an online transaction attempted using the end user equipment, based at least in part on the location object.
- According to a second broad aspect, the present invention seeks to provide a computer-readable medium storing a program element for execution by a computer. The program element comprises first program code for causing the computer to obtain from end user equipment a location object caused to be stored on the end user equipment by a service provider; and second program code for causing the computer to validate an online transaction attempted using the end user equipment, based at least in part on the location object.
- According to a third broad aspect, the present invention seeks to provide an apparatus, comprising: an interface for communication with end user equipment over a network; and a processing unit coupled to the interface. The processing unit is configured to: obtain from the end user equipment via the interface a location object caused to be stored on the end user equipment by a service provider; and validate an online transaction attempted using the end user equipment, based at least in part on the location object.
- According to a fourth broad aspect, the present invention seeks to provide an apparatus, which comprises means for obtaining from end user equipment a location object caused to be stored on the end user equipment by a service provider; and means for validating an online transaction attempted using the end user equipment based on the location object.
- According to a fifth broad aspect, the present invention seeks to provide a method for execution by end user equipment connected to a network. The method comprises storing in a memory a location object provided by a service provider; and sending the location object to a server over the network for validation of an online transaction attempted using the end user equipment.
- These and other aspects of the invention will become apparent to those of ordinary skill in the art upon review of the following description of certain embodiments of the invention in conjunction with the accompanying drawings.
- A detailed description of embodiments of the present invention is provided herein below, by way of example only, with reference to the accompanying drawings, in which:
-
FIG. 1 shows an architecture allowing a user of end user equipment connected to a packet-switched network to access and interact with network sites of that network, for example, to make online transactions, in accordance with an embodiment of the present invention. -
FIG. 2 shows an example of potential contents of a database accessible to a transaction validation server of the architecture shown inFIG. 1 . -
FIG. 3A shows an example of message flow in the architecture ofFIG. 1 , in the context of a transaction where a location object stored on end user equipment is provided to a server when specifically requested. -
FIG. 3B shows an example of message flow in the architecture ofFIG. 1 , in the context of a transaction where a location object stored on end user equipment is provided at or prior to the time when the transaction is attempted. -
FIG. 4 shows an example of message flow that continues fromFIGS. 3A and 3B , in the context of validation of the transaction based on the location object. -
FIG. 5 shows an example of message flow that continues fromFIG. 4 , in the context of post-validation processing. - It is to be expressly understood that the description and drawings are only for the purpose of illustration of certain embodiments of the invention and are an aid for understanding. They are not intended to be a definition of the limits of the invention.
-
FIG. 1 depicts an architecture allowing auser 10 ofend user equipment 12 connected to a packet-switched network 14 (e.g., the Internet or a private network) to access and interact with network sites (e.g., web sites) of that network, in accordance with a non-limiting embodiment of the present invention. - In this embodiment, the
end user equipment 12 comprises acomputing device 16 and anetwork interface unit 18. For example, thecomputing device 16 may be implemented as a personal computer (PC) such as a desktop computer, a laptop computer, or a tablet PC. Thecomputing device 16 is provided with at least one input device such as a keyboard, a mouse, a touchscreen, a stylus, a microphone, etc., as well as a display and possibly one or more other output devices (e.g., speakers) that enable interaction between theuser 10 and thecomputing device 16. Thecomputing device 16 is operative to run a software application implementing a network browser (e.g., a web browser) with which theuser 10 can interact via the display (and possibly one or more other output devices) and the at least one input device in order to access and interact with network sites of the packet-switchednetwork 14. - The
network interface unit 18 enables theend user equipment 12 to exchange data with the packet-switchednetwork 14 via acommunication link 20. For example, in various embodiments, and depending on the nature of thecommunication link 20, thenetwork interface unit 18 may be implemented as a modem such as a broadband modem (e.g., a digital subscriber line (DSL) modem or a cable modem) or a narrowband modem (e.g., a dial-up modem). In other embodiments, such as in the case of Fiber to the premises (FTTP), thenetwork interface 18 may be implemented as an optical network termination (ONT)-based Ethernet connection. Although it is shown as being a separate component inFIG. 1 , thenetwork interface unit 18 may be integrated into the computing device 16 (e.g., it may be a card internal to the computing device 16). - The
communication link 20 may traverse one or more network elements and may comprise one or more physical links and one or more logical links. For example, thecommunication link 20 may comprise aphysical link 17 between thenetwork interface unit 18 and anetwork element 21. Thephysical link 17 may comprise a copper twisted pair, a coax cable, an Ethernet link, a fiber optic link (e.g., in the case of FTTP), a fixed wireless link, a satellite link, or a combination thereof. Depending on the nature of thephysical link 17, thenetwork element 21 may be a DSL access multiplexer (DSLAM), a cable modem termination system (CMTS), or another type of network element. Thecommunication link 20 may also comprise a dedicatedlogical link 19 between thenetwork element 21 and anothernetwork element 23 that provides access to the packet-switchednetwork 14. For instance, thenetwork element 23 may be a network access server (NAS), a router, etc. It will be appreciated that thecommunication link 20 may take on many forms in various embodiments. - While in this embodiment the
end user equipment 12 comprises thecomputing device 16 and thenetwork interface unit 18, it will be appreciated that theend user equipment 12 may comprise other components in other embodiments. - In order to exchange data with the packet-switched
network 14, theend user equipment 12 may be assigned a logical identifier. The logical identifier, which may in fact be assigned to thecomputing device 16 or the network interface unit 18 (both forming part of theend user equipment 12 in this embodiment), may be an Internet Protocol (IP) address (e.g., in compliance with IPv4 or IPv6) or a proprietary address, label, or tag. The logical identifier may be statically assigned to theend user equipment 12 in which case it does not change over time (e.g., a static IP address). Alternatively, the logical identifier may be dynamically assigned to theend user equipment 12 in which case it may change over time (e.g., a dynamic IP address). - For example, the logical identifier may be assigned to the
end user equipment 12 by a network element that is part of the communication link 20 (e.g., thenetwork element 23 in embodiments where it is a network access server). This network element may assign the logical identifier to theend user equipment 12 when theend user equipment 12 is activated (e.g., when thenetwork interface unit 18 and/or thecomputing device 16 is/are powered-up) or otherwise regains network connectivity and/or at certain time intervals which may range from an hour or less to several months or more. For instance, in embodiments where the logical identifier is a dynamic IP address, the network element assigning the dynamic IP address to theend user equipment 12 may do so in accordance with the Dynamic Host Configuration Protocol (DHCP) using a pool of IP addresses accessible to that network element. It will be recognized that assignment of the logical identifier to theend user equipment 12 may be effected in various ways in various embodiments. - The
computing device 16 has amemory 22 that stores alocation object 24. Thelocation object 24 is an element of information which specifies a physical location. - In some embodiments, the location specified by the
location object 24 corresponds to a location of a service point (hereinafter “service point location”) where theend user equipment 12 is located. A “service point” refers to a point where a network access service is provided to theuser 10 by a service provider, such as an Access Service Provider (ASP), a Regional Access Network Provider (RANP) or an Internet Service Provider (ISP). By way of a specific non-limiting example, a service point may be a house or other building, or an area thereof. An approach for determining the service point location where theend user equipment 12 is located is described in U.S. Pat. No. 7,079,637 to Crago et al., issued Jul. 18, 2006, hereby incorporated by reference herein. - In other embodiments, the location specified by the
location object 24 can specify the current position of theend user equipment 12, as detected or measured by other means (e.g., triangulation). The current position can be specified to any desired resolution. For example, the current position can be specified to the level of which network access point is being used by theend user equipment 12. Such an approach may be used by cable companies and various online search engines and online advertisement providers. Still other levels of precision/accuracy/resolution are within the scope of the present invention. - The location specified by the
location object 24 may be expressed as a geo location (latitude, longitude, elevation, and the datum which identifies the coordinate system used, such as, without limitation, the World Geodetic System 1984 (WGS841) datum). Alternatively or in addition, the location specified by thelocation object 24 may be expressed as a civic location (a set of elements that describe detailed street address information). Still other possibilities exist and are within the scope of the invention. - In a specific non-limiting embodiment, the
location object 24 may be formatted as a Presence Information Document Format—Location Object (PIDF-LO) as defined by the Internet Engineering Task Force (IETF) in a variety of documents hereby incorporated by reference herein, including RFC 4119, “draft-ietf-geopriv-pidf-lo-profile-10” and “draft-ietf-geopriv-revised-civic-lo-06” available from http://tools.ietf.org/wg/geopriv/ and incorporated by reference herein. Another possible format for thelocation object 24 is an XML format, a description of which can be found in “Geographic Markup Language”, available from http://www.opengeospatial.org/standards/gml, hereby incorporated by reference herein. Still other possibilities exist and are within the scope of the invention. - In accordance with embodiments of the present invention, the service provider determines the service point location where the
end user equipment 12 is located, or determines the current position of theend user equipment 12, and then generates thelocation object 24. The service provider subsequently causes storage of thelocation object 24 in thememory 22 of thecomputing device 16. For example, thenetwork element 23 may receive a request for network access by theend user equipment 12. Thenetwork element 23 may then consult a location information server (LIS—not shown) that stores thelocation object 24 to be stored on theend user equipment 12. Thenetwork element 23 may then send thelocation object 24 to theend user equipment 12 over thecommunication link 20. Theend user equipment 12 may then store thelocation object 24 in thememory 22. It should be appreciated that variations may be made in the above procedure without departing from the scope of the invention, with the end result being the same, namely that the service provider causes thelocation object 24 to be stored in thememory 22 of thecomputing device 16. - Should there be a change in the service point location where the
end user equipment 12 is located, or in the current position of theend user equipment 12, the above procedure may be repeated, so that thelocation object 24 is kept up to date. - As mentioned previously, the
user 10 can use theend user equipment 12 to access and interact with network sites of the packet-switchednetwork 14. These network sites are implemented byservers 30 1 . . . 30 N connected to the packet-switchednetwork 14. Theservers 30 1 . . . 30 N and the network sites that they implement are operated, managed or otherwise associated with various entities, including, for example, companies, governmental organizations, non-profit organizations, and individuals. - Each of the
servers 30 1 . . . 30 N comprises suitable hardware, firmware, software, control logic, or a combination thereof for implementing a plurality of functional components, including an interface and a processing unit. The interface of each of theservers 30 1 . . . 30 N is adapted to receive messages from and send messages to communication equipment (such as the end user equipment 12) connected to the packet-switchednetwork 14, as well as to receive data from or send data to other elements (e.g., computers or databases) communicatively coupled to that server but not necessarily connected to the packet-switchednetwork 14. The processing unit of each of theservers 30 1 . . . 30 N is adapted to effect various processing operations to implement that server's functionality. - Interaction of the
user 10 with a network site implemented by a server 30 n (1≦n≦N) typically involves the network browser implemented by thecomputing device 16 interacting with theserver 30 n in order to allow theuser 10 to view, hear or otherwise be exposed to content (e.g., web pages) of the network site via the display and/or one or more other output devices of thecomputing device 16, and to input information (e.g., by entering text, selecting an option, etc.) and/or one or more commands (e.g., by clicking on a graphical button or a hyperlink) via the at least one input device of thecomputing device 16. - Occasionally, during his/her interaction with the network site implemented by the
server 30 n, theuser 10 may desire or need to effect an online transaction. For example, and depending on the nature of the network site, theuser 10 may desire or need to: purchase or otherwise obtain a product and/or a service and/or content offered on the network site; pay a bill for a previously obtained product/service/content via the network site; transfer funds from one account to another via the network site; trade securities (e.g., stocks, bonds, etc.) via the network site; make a donation to a charity or other institution through the network site; access secure online content via the network site; access a virtual private network via the network site; etc. It will be appreciated that various other situations may arise in which online transactions may be desired or may need to be effected. - In the course of attempting to effect an online transaction as part of his/her interaction with the network site implemented by the
server 30 n, certain information regarding a transaction object (hereinafter “transaction object information”) may be provided by theuser 10 via theend user equipment 12. A “transaction object” refers to any physical or virtual object designed to be used in an attempt to make a transaction. For example, a transaction object may constitute a payment card (e.g., a credit card, a debit card, etc.), an account (e.g., a bank account, an online wallet account, login credentials for accessing secure content or a VPN, etc.), an electronic check, a set of one or more digital cash (electronic money) certificates, or any other physical or virtual object designed to be used in an attempt to make a transaction. The transaction object information can therefore take on various forms. - For example, the transaction object information may include payment card information regarding a payment card in situations where, for instance, the
user 10 desires to purchase or otherwise obtain a product/service/content offered on the network site implemented by theserver 30 n, pay a bill for a previously obtained product/service/content via the network site, or make a donation to a charity or other institution through the network site using the payment card. Such payment card information may be, for instance, credit card information regarding a credit card (e.g., a number, expiry date, and/or holder's name) or debit card information regarding a debit card (e.g., a number and/or holder's name). The payment card may comprise one or more card elements adapted to convey part or all of the payment card information, such as one or more sets of characters (e.g., printed and/or embossed characters), a magnetic stripe, and/or a chip (e.g., an EMV chip). - In another example, the transaction object information may include electronic check information regarding an electronic check (e.g., a check number and/or a checking account number) in situations where, for instance, the
user 10 desires to effect a payment via the network site implemented by theserver 30 n using the electronic check. In order to process the payment attempted to be effected by theuser 10 using the electronic check, an entity (e.g., a bank or other financial institution, or the service provider) that allows theuser 10 to use the electronic check may store on a computer-readable medium (e.g., as part of a database) information regarding the electronic check, including the electronic check information provided by theuser 10. - In yet another example, the transaction object information may include digital cash information regarding a set of one or more digital cash certificates (e.g., digital cash certificate identifiers) in situations where, for instance, the
user 10 desires to effect a payment via the network site implemented by theserver 30 n using the set of one or more digital cash certificates. In order to process the payment attempted to be effected by theuser 10 using the set of one or more digital cash certificates, an entity (e.g., a bank or other financial institution) that allows theuser 10 to use the set of one or more digital cash certificates may store on a computer-readable medium (e.g., as part of a database) information regarding the set of one or more digital cash certificates, including the digital cash information provided by theuser 10. - In a further example, the transaction object information may include account information regarding an account (e.g., an account number and/or holder's name and/or login credentials) in situations where, for instance, the
user 10 desires to effect a transfer of funds to or from the account via the network site implemented by theserver 30 n, or where theuser 10 desires to access secure online content or a VPN via the network site implemented by theserver 30 n. In order to process the attempted transfer or access, an entity (e.g., a bank or other financial institution, a corporate extranet server) that allows theuser 10 to use the account may store on a computer-readable medium (e.g., as part of a database) information regarding the account, including the account information provided by theuser 10. - Various possibilities exist for providing the transaction object information via the
end user equipment 12. For example, theuser 10 may use one or more of the at least one input device of thecomputing device 16 to enter the transaction object information and cause this information to be sent by theend user equipment 12 to the server 30 n (or another computer associated with the server 30 n) over the packet-switchednetwork 14. Alternatively, the transaction object information may have been previously stored in thememory 22 of thecomputing device 16, in which case theuser 10 may use one or more of the at least one input device of thecomputing device 16 to cause theend user equipment 12 to send the previously stored transaction object information to the server 30 n (or another computer associated with the server 30 n) over the packet-switchednetwork 14. - Additionally, and in accordance with an embodiment of the present invention, the ability to successfully effect an online transaction with the network site implemented by the
server 30 n involves thelocation object 24 being retrieved from thememory 22 of thecomputing device 16 and transmitted from theend user equipment 12 to the server 30 n (or another computer associated with the server 300. Thecomputing device 16 can be configured to effect this transmission according to various schemes, such as (i) autonomously once per online transaction; (ii) regularly without regard to any attempt to effect an online transaction; or (iii) upon request from theserver 30 n when an online transaction is attempted or susceptible of being attempted. Still other schemes are possible and are within the scope of the present invention. - The online transaction attempted to be effected by the
user 10 may be subjected to various conventional security measures intended to protect information exchanged between theend user equipment 12 and the packet-switchednetwork 14 and to counter fraudulent online transactions. For example, the transaction object information provided by theuser 10 via theend user equipment 12 may be encrypted (e.g., using the Secure Socket Layer (SSL) protocol) prior to being sent over the packet-switchednetwork 14. In other examples, when the transaction object information includes payment card information regarding a payment card, card security code (CSC) verification may be employed whereby theuser 10 is asked to enter the payment card's CSC, and/or address verification systems (AVS) may be employed whereby an address entered by theuser 10 is compared to a billing address known to the payment card's issuing bank. Various other security measures may be employed in different cases. - Continuing with the embodiment illustrated in
FIG. 1 , there is provided anetwork element 51, hereinafter referred to as a transaction validation server. Thetransaction validation server 51 is operated, managed or otherwise associated with an entity responsible for validating online transactions. For example, this entity may be a bank or other financial institution that provides the transaction object to the user 10 (e.g., a card issuing bank in cases where the transaction object is a credit card or a debit card). This entity could also be the service provider if the transaction object is an account number of an account being held by the service provider for theuser 10. - The
transaction validation server 51 comprises suitable hardware, firmware, software, control logic, or a combination thereof for implementing a plurality of functional components, including an interface and a processing unit. The interface of thetransaction validation server 51 is adapted to receive messages from and send messages to other servers and/or other computers, and to exchange data with other elements (e.g., databases). - For example, the
transaction validation server 51 may be connected to the server 30 n (or another computer associated with the server 30 n) via acommunication path 55, over which thetransaction validation server 51 receives transaction object information transmitted by theend user equipment 12 in relation to an online transaction attempted to be effected by theuser 10. Thecommunication path 55 may be established over the packet-switchednetwork 14 and/or another network 59 (e.g., a financial network) and may traverse one or more network elements (e.g., gateways, other servers). Thecommunication path 55 may take on various forms depending on the nature of the online transaction attempted to be effected by theuser 10. An example of thecommunication path 55 will be described later on. - The processing unit of the
transaction validation server 51 is adapted to effect various processing operations to implement that server's functionality. For example, thetransaction validation server 51 is operative to use information included in adatabase 53 to validate the online transaction attempted to be made using the transaction object information provided by theuser 10 via theend user equipment 12. In some embodiments, thetransaction validation server 51 and thedatabase 53 may be part of separate network elements and communicatively coupled to one another via a communication link, which may traverse one or more network elements and comprise one or more physical links and one or more logical links. In other embodiments, thetransaction validation server 51 and thedatabase 53 may be part of a common network element. In yet other embodiments, thedatabase 53 may be distributed amongst a plurality of network elements and/or physical locations. - With additional reference to
FIG. 2 , there is shown an example of potential contents of thedatabase 53. In this example, thedatabase 53 stores a plurality of records 57 1 . . . 57 P. Each of the records 57 1 . . . 57 P is associated with a respective transaction object and contains (i) transaction object information pertaining to the respective transaction object and (ii) information to assist in validating an online transaction attempted using the transaction object information pertaining to the respective transaction object. - The information to assist in validating an online transaction attempted using the transaction object information pertaining to the transaction object associated with a given one of the records 57 1 . . . 57 P may comprise one or more of:
-
- a list of one or more “authorized transaction points”, which are points from which attempts to make online transactions using this transaction object information are authorized (for example, by the entity responsible for validating online transactions). The location of an authorized transaction point (hereinafter “authorized transaction point location”) may be expressed as a civic address, a set of geo-coordinates, or any other information identifying where the authorized transaction point is located;
- a list of one or more “unauthorized transaction points”, which are points from which attempts to make online transactions using this transaction object information are not authorized (for example, by the entity responsible for validating online transactions). The location of an unauthorized transaction point (hereinafter “unauthorized transaction point location”) may be expressed as a civic address, a set of geo-coordinates, or any other information identifying where the unauthorized transaction point is located;
- a spatio-temporal history of previous online transactions attempted using this transaction object information;
- etc.
- Each of the records 57 i . . . 57 P may also include ancillary information that may be required to process an online transaction attempted to be made using the transaction object information included in that record. Such ancillary information depends on the nature of the transaction object associated with that record and can thus take on many forms. For example, in a case where the transaction object associated with a given one of the records 57 1 . . . 57 P is a credit card, the ancillary information included in that record may include a credit limit, a balance due, a billing address (i.e., an address where credit card bills are to be sent), a shipping address, a list of recent transactions, and possibly other information regarding the credit card (e.g., other card holders' names).
- Operation of the
transaction validation server 51, as well as operation of other network elements inFIG. 1 , will now be illustrated in the context of an example where the online transaction attempted to be made by theuser 10 while interacting with the network site implemented by theserver 30 n involves theuser 10 attempting to purchase a product/service/content offered on the network site using a particular credit card. Accordingly, for purposes of this example, thetransaction validation server 51 is assumed to be a server associated with a card issuing bank, i.e., a financial institution that issued the particular credit card. In this example, therefore, each of the records 57 1 . . . 57 P is associated with a transaction object which is a credit card, and includes transaction object information which is credit card information regarding that credit card. In other embodiments, thetransaction validation server 51 may be within the realm of the service provider, and can in fact be the same entity that caused storage of thelocation object 24 in thememory 22 of theend user equipment 12. - The
user 10 interacts with the network site implemented by theserver 30 n using thecomputing device 16 of theend user equipment 12 in order to select the product/service/content that he/she desires to purchase. This may involve theuser 10 using an online shopping cart implemented by theserver 30 n. Upon selecting the desired product/service/content, theuser 10 indicates that he/she desires to purchase that product/service/content, for instance, by selecting a “check-out” option on the network site. - The network site then prompts the
user 10 to provide payment information to pay for the selected product/service/content. In this example, theuser 10 thus proceeds to enter credit card information regarding the particular credit card. Theuser 10 then indicates his/her intent to submit an order to purchase the selected product/service/content using the entered credit card information, for instance, by selecting a “submit order” option on the network site. - According to a first variant, and referring to
FIG. 3A , thecomputing device 16 of theend user equipment 12 transmits to the server 30 n amessage 102*. In this example, themessage 102* conveys: (i) order information indicative of the selected product/service/content; (ii) purchase amount information indicative of an amount to be paid to purchase the selected product/service/content; and (iii) the credit card information entered by theuser 10 to purchase the selected product/service/content. Alternatively, the order information, the purchase amount information and possibly even the credit card information may already be known to theserver 30 n due to prior interaction between thecomputing device 16 and theserver 30 n. In such a case, themessage 102* may simply convey an indication or confirmation of a desire of theuser 10 to purchase the selected product/service/content. - Additionally, the
message 102* may also convey the logical identifier assigned to theend user equipment 12. Alternatively, the logical identifier assigned to theend user equipment 12 may not be conveyed by themessage 102* but may already be known to theserver 30 n due to prior interaction between thecomputing device 16 and theserver 30 n. - Since it travels over the packet-switched
network 14, the information to be transmitted to theserver 30 n as part of themessage 102* may be encrypted by thecomputing device 16 prior to being transmitted to theserver 30 n. This encryption may be effected using the SSL protocol or some other encryption technique, by virtue of interaction between thecomputing device 16 and theserver 30 n. - Upon receiving the
message 102*, theserver 30 n processes themessage 102*, possibly decrypting one or more of its portions. As part of its processing operations, theserver 30 n recognizes that an online transaction is attempted to be effected via theend user equipment 12 and proceeds to send amessage 103* to thecomputing device 16 of theend user equipment 12. Themessage 103* contains a request to obtain thelocation object 24 stored in thememory 22 of theend user equipment 12. - When it receives the
message 103*, thecomputing device 16 of theend user equipment 12 proceeds to generate and transmit to the server 30 n amessage 105* that conveys thelocation object 24 stored in thememory 22 of theend user equipment 12. Information conveyed by themessage 105* may be encrypted prior to transmission to theserver 30 n. In two examples not to be considered limiting, themessage 103* may be in accordance with the DHCP or HTTP Enabled Location Delivery (HELD) protocols. - It should be appreciated that the
end user equipment 12 has the ability to decide whether to release themessage 105* and in fact may, under certain circumstances, decide not to release themessage 105*. For example, theserver 30 n may need to figure on a list of “trusted location object requesting” servers or it may need to pass a test in order to gain or assert an authorization to request thelocation object 24 from theend user equipment 12. - Upon receiving the
message 105*, theserver 30 n processes themessage 105*, possibly decrypting one or more of its portions, and proceeds to send amessage 104* to a “payment gateway” 60. Thepayment gateway 60 is a network element that is connected to afinancial network 68 and that is used by theserver 30 n to process online transactions attempted to be made via the network site implemented by theserver 30 n. Thefinancial network 68 interconnects a plurality of servers or other computers associated with banks and/or other financial institutions, including, in this example, thetransaction validation server 51 that is associated with the card issuing bank and aserver 70 that is associated with an acquiring bank, i.e., a financial institution that is used by an entity, in this case, a merchant, which operates, manages or is otherwise associated with theserver 30 n. It should be appreciated that in certain embodiments, thefinancial network 68 may be part of the packet-switchednetwork 14, may comprise individual point-to-point links or may be dispensed with altogether. - The
message 104* sent to thepayment gateway 60 may be generated by theserver 30 n based on themessage 102*, themessage 105* and possibly other information known to the server 30 n (e.g., the order information, the purchase amount, the credit card information and/or the logical identifier assigned to the end user equipment 12). Ultimately, in this example, themessage 104* conveys: (i) the purchase amount information indicative of an amount to be paid to purchase the selected product/service/content; (ii) the credit card information entered by theuser 10 to purchase the selected product/service/content; and (iii) thelocation object 24. Information conveyed by themessage 104* may be encrypted prior to transmission to thepayment gateway 60. - According to a second variant, and with reference to
FIG. 3B , thecomputing device 16 of theend user equipment 12 now transmits to the server 30 n amessage 102. In this example, themessage 102 conveys: (i) order information indicative of the selected product/service/content; (ii) purchase amount information indicative of an amount to be paid to purchase the selected product/service/content; and (iii) the credit card information entered by theuser 10 to purchase the selected product/service/content. Alternatively, the order information, the purchase amount information and possibly even the credit card information may already be known to theserver 30 n due to prior interaction between thecomputing device 16 and theserver 30 n. In such a case, themessage 102 may simply convey an indication or confirmation of a desire of theuser 10 to purchase the selected product/service/content. - Additionally, the
message 102 may also convey the logical identifier assigned to theend user equipment 12. Alternatively, the logical identifier assigned to theend user equipment 12 may not be conveyed by themessage 102 but may already be known to theserver 30 n due to prior interaction between thecomputing device 16 and theserver 30 n. - Also, the
message 102 may convey thelocation object 24 stored in thememory 22 of theend user equipment 12. Alternatively, thelocation object 24 may not be conveyed by themessage 102 but may already be known to theserver 30 n due to prior interaction between thecomputing device 16 and theserver 30 n. Under the present variant, no request is made for thelocation object 24; rather, thelocation object 24 is either sent in an unsolicited manner by theend user equipment 12 withinmessage 102 or is already known to theserver 30 n. - Since it travels over the packet-switched
network 14, the information to be transmitted to theserver 30 n as part of themessage 102 may be encrypted by thecomputing device 16 prior to being transmitted to theserver 30 n. This encryption may be effected using the SSL protocol or some other encryption technique, by virtue of interaction between thecomputing device 16 and theserver 30 n. - Upon receiving the
message 102, theserver 30 n processes themessage 102, possibly decrypting one or more of its portions, and proceeds to send amessage 104 to thepayment gateway 60. Themessage 104 sent to thepayment gateway 60 may be identical to themessage 102, i.e., it may be a relayed version of themessage 102. Alternatively, themessage 104 may be generated by theserver 30 n based on themessage 102 and possibly other information known to the server 30 n (e.g., the order information, the purchase amount information, the credit card information, the logical identifier assigned to theend user equipment 12 and/or the location object 24). Ultimately, in this example, themessage 104 conveys: (i) the purchase amount information indicative of an amount to be paid to purchase the selected product/service/content; (ii) the credit card information entered by theuser 10 to purchase the selected product/service/content; and (iii) thelocation object 24. Information conveyed by themessage 104 may be encrypted prior to transmission to thepayment gateway 60. - Reference is now made to
FIG. 4 , which applies to both of the above variants. Upon receiving themessage payment gateway 60 processes themessage message payment gateway 60 determines that it originates from theserver 30 n and proceeds to send amessage 106, over thefinancial network 68, to theserver 70, which is associated with the acquiring bank used by the merchant associated with theserver 30 n. Themessage 106, which can be viewed as a request for transaction authorization, is intended to elicit from the financial network 68 a response as to whether the online transaction attempted to be made by theuser 10 is approved or denied. In this example, thepayment gateway 60 generates themessage 106 based on themessage message 106 conveys: (i) the purchase amount information indicative of an amount to be paid to purchase the selected product/service/content; (ii) the credit card information entered by theuser 10 to purchase the selected product/service/content; and (iii) thelocation object 24. - The
server 70 receives themessage 106 and processes it to gain knowledge that a transaction involving the merchant associated with theserver 30 n is attempted to be effected. Based on the credit card information conveyed by themessage 106, theserver 70 proceeds to send amessage 108 to thetransaction validation server 51 over thefinancial network 68. Themessage 108 may be identical to themessage 106, i.e., it may be a relayed version of themessage 106. Alternatively, themessage 108 may be generated by theserver 70 based on themessage 106 and possibly other information known to theserver 70. Ultimately, in this example, themessage 108 conveys: (i) the purchase amount information indicative of an amount to be paid to purchase the selected product/service/content; (ii) the credit card information entered by theuser 10 to purchase the selected product/service/content; and (iii) thelocation object 24. - The
transaction validation server 51, which is associated with the card issuing bank that issued the particular credit card that has been used by theuser 10 to attempt to purchase the selected product/service/content, receives themessage 108. Thetransaction validation server 51 proceeds to process themessage 108 to determine whether the online transaction attempted to be made by theuser 10 is to be approved or denied. Specifically, thetransaction validation server 51 proceeds to validate the online transaction based at least in part on thelocation object 24. - To this end, the
transaction validation server 51 consults thedatabase 53 to identify a particular one of the records 57 1 . . . 57 P that corresponds to the credit card information conveyed by themessage 108. Upon identifying the particular one of the records 57 1 . . . 57 P, thetransaction validation server 51 obtains the corresponding information that assists in validation of the online transaction. It is recalled that depending on the embodiment, such information may comprise one or more of: -
- a list of one or more “authorized transaction points”, which are points from which attempts to make online transactions using this credit card information are authorized;
- a list of one or more “unauthorized transaction points”, which are points from which attempts to make online transactions using this credit card information are not authorized;
- a spatio-temporal history of previous online transactions made using this credit card information;
- etc.
- With the above information, as well as knowledge of the
location object 24, thetransaction validation server 51 can validate the online transaction. The following considers validation in greater detail, with respect to the above three example types of information that assists in validation of the online transaction. - If the
transaction validation server 51 determines that the credit card information conveyed by themessage 108 is associated with an authorized transaction point location, thetransaction validation server 51 proceeds to effect a verification as to whether the location specified by the location object 24 (and conveyed by the message 108) corresponds to this authorized transaction point location. - As discussed below, the
transaction validation server 51 handles the online transaction in different manners depending on whether or not the location specified by thelocation object 24 corresponds to the authorized transaction point location associated with the credit card information. - If the location specified by the
location object 24 supplied by theend user equipment 12 does not correspond to an authorized transaction point location, validation may be deemed unsuccessful. This may result in the online transaction being denied by thetransaction validation server 51 without performing any further processing operations to assess whether it should be approved or denied. Alternatively, thetransaction validation server 51 may perform additional processing operations to determine whether the online transaction attempted to be made by theuser 10 is to be approved or denied, including processing operations to re-assess legitimacy of the online transaction attempted to be made by theuser 10, i.e., to probe more deeply into whether theuser 10 legitimately used the credit card information conveyed by themessage 108. For instance, and as mentioned above, these additional processing operations may effect conventional verifications, such as a card security code (CSC) verification, an address verification system (AVS), a phone call to verbally confirm legitimacy of the online transaction attempted to be made by theuser 10, etc. - On the other hand, if the location specified by the
location object 24 supplied by theend user equipment 12 does correspond to an authorized transaction point location, thetransaction validation server 51 may conclude that the online transaction attempted to be made using the credit card information conveyed by themessage 108 is authorized to be made from the location from which it is attempted. Alternatively, the fact that the location specified by thelocation object 24 supplied by theend user equipment 12 corresponds to an authorized transaction point location may simply be interpreted as successful completion of one among several steps in an overall authorization process. - The
transaction validation server 51 may also perform other processing operations to determine whether the online transaction attempted to be made by theuser 10 is to be approved or denied. For example, based on the ancillary information (e.g., a credit limit, a balance due, etc.) included in the particular one of the records 57 1 . . . 57 P and the purchase amount information indicative of an amount to be paid to purchase the selected product/service/content that is conveyed by themessage 108, thetransaction validation server 51 may determine whether the online transaction is to be approved or denied. It will be appreciated that approval or denial of the online transaction may be determined by thetransaction validation server 51 based on other factors. - If the
transaction validation server 51 determines that the credit card information conveyed by themessage 108 is associated with an unauthorized transaction point location, thetransaction validation server 51 proceeds to effect a verification as to whether the location specified by the location object 24 (and conveyed by the message 108) corresponds to this unauthorized transaction point location. - As discussed below, the
transaction validation server 51 handles the online transaction in different manners depending on whether or not the location specified by thelocation object 24 corresponds to the unauthorized transaction point location associated with the credit card information. - If the location specified by the
location object 24 supplied by theend user equipment 12 does correspond to an unauthorized transaction point location, validation may be deemed unsuccessful. This may result in the online transaction being denied by thetransaction validation server 51 without performing any further processing operations to assess whether it should be approved or denied. Alternatively, thetransaction validation server 51 may perform additional processing operations to determine whether the online transaction attempted to be made by theuser 10 is to be approved or denied, including processing operations to re-assess legitimacy of the online transaction attempted to be made by theuser 10, i.e., to probe more deeply into whether theuser 10 legitimately used the credit card information conveyed by themessage 108. For instance, and as mentioned above, these additional processing operations may effect conventional verifications, such as a card security code (CSC) verification, an address verification system (AVS), a phone call to verbally confirm legitimacy of the online transaction attempted to be made by theuser 10, etc. - On the other hand, if the location specified by the
location object 24 supplied by theend user equipment 12 does not correspond to an unauthorized transaction point location, thetransaction validation server 51 may conclude that the online transaction attempted to be made using the credit card information conveyed by themessage 108 is authorized to be made from the location from which it is attempted. Alternatively, the fact that the location specified by thelocation object 24 supplied by theend user equipment 12 does not correspond to an unauthorized transaction point location may simply be interpreted as successful completion of one among several steps in an overall authorization process. - The
transaction validation server 51 may also perform other processing operations to determine whether the online transaction attempted to be made by theuser 10 is to be approved or denied. For example, based on the ancillary information (e.g., a credit limit, a balance due, etc.) included in the particular one of the records 57 1 . . . 57 P and the purchase amount information indicative of an amount to be paid to purchase the selected product/service/content that is conveyed by themessage 108, thetransaction validation server 51 may determine whether the online transaction is to be approved or denied. It will be appreciated that approval or denial of the online transaction may be determined by thetransaction validation server 51 based on other factors. - If the information to assist in validation of the online transaction that is included in the particular one of the records 57 1 . . . 57 P comprises a spatio-temporal history of previous online transactions made using the credit card information included in that record, the
transaction validation server 51 may compare the location specified by the location object 24 (and conveyed by the message 108) and possibly a time at which the online transaction is attempted to be made (which may be conveyed by themessage 108 or otherwise obtained by the transaction validation server 51) to the spatio-temporal history of previous online transactions. - As discussed below, the
transaction validation server 51 handles the online transaction in different manners depending on whether the location specified by thelocation object 24 and possibly the time at which the online transaction is attempted to be made compare favorably (i.e., are consistent) or unfavorably (i.e., are inconsistent) with the spatio-temporal history of previous online transactions. - If the location specified by the
location object 24 and possibly the time at which the online transaction is attempted to be made compare unfavorably with the spatio-temporal history of previous online transactions, validation may be deemed unsuccessful. In a specific non-limiting example, if all or a majority of the online transactions made using the credit card information included in particular one of the records 57 1 . . . 57 P over the last three (3) months have been made from a specific location (e.g., a specific civic address) and the location specified by thelocation object 24 supplied by theend user equipment 12 does not correspond to this specific location, validation may be deemed unsuccessful. In another specific non-limiting example, if a previous online transaction has been made using the credit card information included in particular one of the records 57 1 . . . 57 P from a specific location a short time ago and the location specified by thelocation object 24 supplied by theend user equipment 12 is far (e.g., situated at least a certain distance or more from) this specific location, validation may be deemed unsuccessful. In these and other examples, this may result in the online transaction being denied by thetransaction validation server 51 without performing any further processing operations to assess whether it should be approved or denied. Alternatively, thetransaction validation server 51 may perform additional processing operations to determine whether the online transaction attempted to be made by theuser 10 is to be approved or denied, including processing operations to re-assess legitimacy of the online transaction attempted to be made by theuser 10, i.e., to probe more deeply into whether theuser 10 legitimately used the credit card information conveyed by themessage 108. For instance, and as mentioned above, these additional processing operations may effect conventional verifications, such as a card security code (CSC) verification, an address verification system (AVS), a phone call to verbally confirm legitimacy of the online transaction attempted to be made by theuser 10, etc. - On the other hand, if the location specified by the
location object 24 supplied by theend user equipment 12 and possibly the time at which the online transaction is attempted to be made compare favorably with the spatio-temporal history of previous online transactions, thetransaction validation server 51 concludes that the online transaction attempted to be made using the credit card information conveyed by themessage 108 is consistent with one or more previous online transactions made using this credit card information. - The
transaction validation server 51 may also perform other processing operations to determine whether the online transaction attempted to be made by theuser 10 is to be approved or denied. For example, based on the ancillary information (e.g., a credit limit, a balance due, etc.) included in the particular one of the records 57 1 . . . 57 P and the purchase amount information indicative of an amount to be paid to purchase the selected product/service/content that is conveyed by themessage 108, thetransaction validation server 51 may determine whether the online transaction is to be approved or denied. It will be appreciated that approval or denial of the online transaction may be determined by thetransaction validation server 51 based on other factors. - Post-validation processing is now described with reference to
FIG. 5 . Specifically, upon determining whether the online transaction is approved or denied, thetransaction validation server 51 returns amessage 114 to theserver 70 over thefinancial network 68. Themessage 114 indicates whether the online transaction was approved or denied. - If the online transaction was denied, the
message 114 may indicate (e.g., by a code) a reason for this denial, such as insufficient funds, an unavailable bank link, etc. In cases where it denies the online transaction as being potentially fraudulent, thetransaction validation server 51 may also take further action, such as freezing a credit account corresponding to the particular credit card, informing fraud prevention and/or law enforcement authorities of a possible attempt to make a fraudulent online transaction, etc. - If the online transaction was approved, the
transaction validation server 51 may update the particular one of the records 57 1 . . . 57 P associated with the particular credit card to take into account approval of the online transaction. For example: one or more elements of ancillary information (e.g., a balance due, an available credit, etc.) included in the particular one of the records 57 1 . . . 57 P may be updated to reflect the approved online transaction; if the information to assist in validation of an online transaction that is included in the particular one of the records 57 1 . . . 57 P comprises a spatio-temporal history of previous online transactions made using the credit card information corresponding to that record, this spatio-temporal history may be updated to reflect the approved online transaction; etc. - The
server 70 receives themessage 114 and processes it to determine whether the online transaction was approved or denied. If approved, the online transaction is eventually settled via a settlement process involving the acquiring bank and the card issuing bank. This settlement process is well known and thus not described herein. - The
server 70 proceeds to return amessage 116 to thepayment gateway 60. Themessage 116 may be identical to themessage 114, i.e., it may be a relayed version of themessage 114. Alternatively, themessage 116 may be generated by theserver 70 based on themessage 114. Themessage 116 indicates whether the online transaction is approved or denied and, if applicable, may indicate a reason for denial of the online transaction. - Upon receiving the
message 116, thepayment gateway 60 processes it and proceeds to send amessage 118 to theserver 30 n. Generated by thepayment gateway 60 on a basis of themessage 116, themessage 118 indicates whether the online transaction is approved or denied and, if applicable, may indicate a reason for denial of the online transaction. Information conveyed by themessage 118 may be encrypted by thepayment gateway 60 prior to being transmitted to theserver 30 n. - The
server 30 n receives themessage 118. Theserver 30 n processes themessage 118, possibly decrypting one or more of its portions, to ascertain whether the online transaction is approved or denied. Approval or denial of the online transaction (and a reason for denial, if applicable) may be recorded by theserver 30 n for future reference. Theserver 30 n proceeds to send amessage 120 to thecomputing device 16 of theend user equipment 12 in order to communicate approval or denial of the online transaction to theuser 10. Since it travels over the packet-switchednetwork 14, information conveyed by themessage 120 may be encrypted by theserver 30 n prior to being transmitted to thecomputing device 16. - Upon receiving the
message 120, thecomputing device 16 processes themessage 120, possibly decrypting one or more of its portions, so as to communicate approval or denial of the online transaction to theuser 10. For example, this may be achieved by displaying a “transaction approved” or “transaction denied” message (or any conceivable variant thereof) on the display of thecomputing device 16. - It will thus be appreciated that a fraudulent online transaction using credit card information becomes considerably more difficult to make for an individual who maliciously or otherwise without entitlement (e.g., via identity theft, loss or stealing of the particular credit card, etc.) obtained this credit card information and/or the particular credit card, since it requires the end user equipment used by such individual to send a location object specifying an acceptable location for that transaction.
- To ensure the integrity of the
location object 24, there may be implemented a security feature that prevents such acts as tampering with thelocation object 24 while it is stored in thememory 22 of thecomputing device 16. Thelocation object 24 may also be subjected to various security measures intended to protect thelocation object 24 between its receipt from the service provider and its transmission to a network site in the context of an online transaction. Such security measures include encryption on the wire, encryption of thelocation object 24 itself and applying a digital signature to the location object 24 (using mechanisms such as XML digital signature), to name a few non-limiting possibilities. - In the case where the
location object 24 has been encrypted, theserver 30 n, thetransaction validation server 51 and/or theserver 70 may, upon obtaining theencrypted location object 24 from thecommunication apparatus 12, proceed to decrypt thelocation object 24. For instance, theserver 30 n, thetransaction validation server 51 and/or theserver 70 may proceed to decrypt thelocation object 24 using a decryption key that is obtained from the service provider (e.g., from thenetwork element 23 or another network component operated by the service provider), possibly in return for payment to the service provider. In some cases, the network element 23 (or another network component operated by the service provider) may provide the decryption key to theserver 30 n, thetransaction validation server 51 and/or theserver 70 in response to a request received therefrom. In other cases, the network element 23 (or another network component operated by the service provider) may have previously provided the decryption key to theserver 30 n, thetransaction validation server 51 and/or theserver 70 by virtue of a trust relationship established between the service provider and the entity operating theserver 30 n, thetransaction validation server 51 and/or theserver 70. Under such an encryption/decryption scheme, the service provider can effectively control use of the location object 24 (that it caused to be stored on the communication apparatus 12) by network components such as theserver 30 n, thetransaction validation server 51 and/or theserver 70. - Although the above-described example relates to an online transaction involving an online purchase using a credit card, it will be recognized that principles described herein apply to other types of online transactions, including, for example, those involving online purchases or payments using other payment objects (e.g., digital cash, electronic checks), online fund transfers involving accounts (e.g., bank accounts, online wallet accounts), attempts to access secure online content; and attempts to access a virtual private network, to name a few non-limiting possibilities.
- Also, in the variant presented above, the
message 103* containing a request to obtain thelocation object 24 stored in thememory 22 of theend user equipment 12 was generated by theserver 30 n. However, it should be appreciated that in various alternative embodiments, themessage 103* may be generated by other network entities involved in processing of the transaction and at various instances, such as: -
- by the
server 70 upon receipt ofmessage 106 from thepayment gateway 60; - by the
transaction validation server 51 upon receipt of themessage 108 from theserver 70; or - by the
server 70 upon receipt of themessage 114 from thetransaction validation server 51.
- by the
- It should be reiterated that the
end user equipment 12 has the ability to decide whether to release a message in response to themessage 103* and containing thelocation object 24. That is to say, theend user equipment 12 may, under certain circumstances, decide not to release the response. For example, it is envisaged that requesting entity (e.g., theserver 70 or thetransaction validation server 51 in the previous paragraph) may need to be on a list of “trusted location object requesting” servers or it may need to undergo a test in order to gain or assert an authorization to request thelocation object 24 from theend user equipment 12. - Still other possibilities are within the scope of the present invention.
- It should further be appreciated that although the
payment gateway 60, theserver 70, thetransaction validation server 51 and theserver 30 n have been described as separate entities, this has been done for convenience and illustration only. It should therefore be understood that in certain embodiments, any one or more of thepayment gateway 60, theserver 70, thetransaction validation server 51 and theserver 30 n may be integrated into a single network entity or component. - It should also be appreciated that although the above references to online transactions have involved the
computing device 16 effecting an online transaction with a network site over the packet-switchednetwork 14, it is also within the scope of the invention for thecomputing device 16 to be implemented as a communication device and to effect an online transaction with a called party reachable over the packet-switchednetwork 14. Specifically, the communication device could be embodied as a VoIP phone, a Plain Old Telephone Service (POTS) phone equipped with an analog terminal adapter (ATA), or a soft phone (i.e., a computer equipped with telephony software). For its part, one party can be a purveyor of goods or services. In this scenario, thelocation object 24 is conveyed from the communication device to the purveyor of goods or services. - In addition, while in the above-described example certain messages are exchanged between various elements of the architecture depicted in
FIG. 1 , it will be appreciated that different messages may be exchanged in other embodiments. - Those skilled in the art will also appreciate that, in some embodiments, certain functionality of a given component described herein (e.g., the transaction validation server 51) may be implemented as pre-programmed hardware or firmware elements (e.g., application specific integrated circuits (ASICs), electrically erasable programmable read-only memories (EEPROMs), etc.) or other related elements. In other embodiments, a given component described herein (e.g., the transaction validation server 51) may comprise a processor having access to a code memory which stores program instructions for operation of the processor to implement functionality of that given component. The program instructions may be stored on a medium which is fixed, tangible, and readable directly by the given component (e.g., removable diskette, CD-ROM, ROM, fixed disk, USB key, etc.). Alternatively, the program instructions may be stored remotely but transmittable to the given component via a modem or other interface device connected to a network over a transmission medium. The transmission medium may be either a tangible medium (e.g., optical or analog communications lines) or a medium implemented using wireless techniques (e.g., RF, microwave, infrared or other wireless transmission schemes).
- Although various embodiments of the present invention have been described and illustrated, it will be apparent to those skilled in the art that numerous modifications and variations can be made without departing from the scope of the invention, which is defined in the appended claims.
Claims (30)
1. A method, comprising:
obtaining from end user equipment a location object caused to be stored on the end user equipment by a service provider; and
validating an online transaction attempted using the end user equipment, based at least in part on the location object.
2. The method defined in claim 1 , further comprising:
obtaining transaction object information provided via the end user equipment; and
obtaining information to assist in validating online transactions attempted using the transaction object information;
wherein validating the online transaction comprises:
comparing a location specified by the location object to the information to assist in validating online transactions attempted using the transaction object information; and
taking a validation action based on a result of said comparing.
3. The method defined in claim 2 , wherein the information to assist in validating online transactions attempted using the transaction object information includes at least one authorized transaction point location, and wherein the validation action comprises handling the online transaction in a first manner if the location specified by the location object corresponds to at least one of the at least one authorized transaction point location.
4. The method defined in claim 3 , wherein the validation action comprises handling the online transaction in a second manner different from the first manner if the location specified by the location object does not correspond to any of the at least one authorized transaction point location.
5. The method defined in claim 4 , wherein handling the online transaction in the second manner comprises denying the online transaction.
6. The method defined in claim 2 , wherein the information to assist in validating online transactions attempted using the transaction object information includes at least one unauthorized transaction point location, and wherein the validation action comprises handling the online transaction in a first manner if the location specified by the location object corresponds to at least one of the at least one unauthorized transaction point location.
7. The method defined in claim 6 , wherein the validation action comprises handling the online transaction in a second manner different from the first manner if the location specified by the location object does not correspond to any of the at least one unauthorized transaction point location.
8. The method defined in claim 2 , wherein obtaining the information to assist in validating online transactions attempted using the transaction object information comprises consulting a database on a basis of the transaction object information.
9. The method defined in claim 2 , wherein obtaining the information to assist in validating online transactions attempted using the transaction object information comprises receiving a message conveying the information to assist in validating online transactions attempted using the transaction object information.
10. The method defined in claim 2 , wherein the transaction object information comprises at least one of:
payment card information regarding a payment card;
electronic check information regarding an electronic check;
digital cash information regarding a set of at least one digital cash certificate; and
account information regarding an account.
11. The method defined in claim 1 , wherein the location object specifies a service point location associated with the end user equipment.
12. The method defined in claim 11 , wherein the service point location is expressed as a civic address.
13. The method defined in claim 11 , wherein the service point location is expressed as a set of geo-coordinates.
14. The method defined in claim 1 , wherein the location object specifies a current position of the end user equipment.
15. The method defined in claim 1 , executed by a transaction validation entity.
16. The method defined in claim 1 , further comprising transmitting to the end user equipment a location request message, wherein said obtaining comprises receiving a message containing the location object transmitted in response to receipt by the end user equipment of said location request message.
17. The method defined in claim 1 , wherein said obtaining further comprises:
receiving encrypted data from the end user equipment; and
decrypting the encrypted data using a key provided by the service provider to obtain the location object.
18. A computer-readable medium storing a program element for execution by a computer, said program element comprising:
first program code for causing the computer to obtain from end user equipment a location object caused to be stored on the end user equipment by a service provider; and
second program code for causing the computer to validate an online transaction attempted using the end user equipment, based at least in part on the location object.
19. An apparatus, comprising:
an interface for communication with end user equipment over a network; and
a processing unit coupled to said interface, said processing unit being configured to:
obtain from the end user equipment via said interface a location object caused to be stored on the end user equipment by a service provider; and
validate an online transaction attempted using the end user equipment, based at least in part on the location object.
20. An apparatus, comprising:
means for obtaining from end user equipment a location object caused to be stored on the end user equipment by a service provider; and
means for validating an online transaction attempted using the end user equipment based on the location object.
21. A method for execution by end user equipment connected to a network, said method comprising:
storing in a memory a location object provided by a service provider; and
sending the location object to a server over the network for validation of an online transaction attempted using the end user equipment.
22. The method defined in claim 21 , wherein the location object specifies a service point location associated with the end user equipment.
23. The method defined in claim 21 , further comprising receiving from the server a result of the validation of the online transaction based at least in part on the location object.
24. The method defined in claim 21 , wherein the location object is formatted in conformity with (i) a Presence Information Document Format—Location Object (ii) Geographic Markup Language; or (iii) a revised, updated or equivalent of the foregoing.
25. The method defined in claim 21 , further comprising sending transaction object information when the online transaction is attempted.
26. The method defined in claim 21 , wherein sending the location object is performed in response to receipt of a location request message from the server.
27. The method defined in claim 26 , further comprising receiving the location request message from the server consequent to the online transaction being attempted.
28. The method defined in claim 27 , further comprising effecting a determination of whether the server is authorized to request the location object, wherein said sending the location object is effected only if said determination is positive.
29. The method defined in claim 21 , wherein sending the location object is performed prior to the online transaction being attempted.
30. The method defined in claim 21 , further comprising receiving the location object over the network and implementing a security feature that prevents the location object from being altered between said receiving and said sending of the location object.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/162,297 US20100235279A1 (en) | 2007-06-04 | 2007-12-05 | Online transaction validation using a location object |
US15/726,824 US10649984B2 (en) | 2007-06-04 | 2017-10-06 | Online transaction validation using a location object |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US94183007P | 2007-06-04 | 2007-06-04 | |
PCT/CA2007/002188 WO2008148186A1 (en) | 2007-06-04 | 2007-12-05 | Online transaction validation using a location object |
US12/162,297 US20100235279A1 (en) | 2007-06-04 | 2007-12-05 | Online transaction validation using a location object |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CA2007/002188 A-371-Of-International WO2008148186A1 (en) | 2007-06-04 | 2007-12-05 | Online transaction validation using a location object |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/726,824 Continuation US10649984B2 (en) | 2007-06-04 | 2017-10-06 | Online transaction validation using a location object |
Publications (1)
Publication Number | Publication Date |
---|---|
US20100235279A1 true US20100235279A1 (en) | 2010-09-16 |
Family
ID=40093096
Family Applications (14)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/298,720 Active 2030-06-16 US10482081B2 (en) | 2007-06-04 | 2007-06-27 | Methods and systems for validating online transactions using location information |
US12/226,880 Abandoned US20100205652A1 (en) | 2007-06-04 | 2007-08-14 | Methods and Systems for Handling Online Request Based on Information Known to a Service Provider |
US12/087,427 Active 2030-05-18 US10180958B2 (en) | 2007-06-04 | 2007-10-11 | Methods and computer-readable media for enabling secure online transactions with simplified user experience |
US12/227,709 Active 2033-03-05 US9430517B2 (en) | 2007-06-04 | 2007-10-26 | Methods and systems for presenting online content elements based on information known to a service provider |
US12/224,506 Active 2032-08-16 US9600518B2 (en) | 2007-06-04 | 2007-11-22 | Methods and systems for presenting online content elements based on information caused to be stored on a communication apparatus by a service provider |
US12/162,297 Abandoned US20100235279A1 (en) | 2007-06-04 | 2007-12-05 | Online transaction validation using a location object |
US12/292,750 Active 2030-11-04 US10078660B2 (en) | 2007-06-04 | 2008-11-25 | Methods and systems for presenting online content elements based on information known to a service provider |
US12/292,745 Active 2032-03-27 US10691758B2 (en) | 2007-06-04 | 2008-11-25 | Methods and systems for presenting online content elements based on information known to a service provider |
US14/488,699 Active US10831840B2 (en) | 2007-06-04 | 2014-09-17 | Methods and systems for handling online requests based on information known to a service provider |
US15/726,824 Active US10649984B2 (en) | 2007-06-04 | 2017-10-06 | Online transaction validation using a location object |
US16/247,009 Active US10885138B2 (en) | 2007-06-04 | 2019-01-14 | Methods and computer-readable media for enabling secure online transactions with simplified user experience |
US16/688,383 Active 2027-11-20 US11244018B2 (en) | 2007-06-04 | 2019-11-19 | Methods and systems for validating online transactions using location |
US17/094,244 Active 2027-11-05 US11687605B2 (en) | 2007-06-04 | 2020-11-10 | Methods and systems for handling online requests based on information known to a service provider |
US17/141,954 Pending US20210124788A1 (en) | 2007-06-04 | 2021-01-05 | Methods and computer-readable media for enabling secure online transactions with simplified user experience |
Family Applications Before (5)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/298,720 Active 2030-06-16 US10482081B2 (en) | 2007-06-04 | 2007-06-27 | Methods and systems for validating online transactions using location information |
US12/226,880 Abandoned US20100205652A1 (en) | 2007-06-04 | 2007-08-14 | Methods and Systems for Handling Online Request Based on Information Known to a Service Provider |
US12/087,427 Active 2030-05-18 US10180958B2 (en) | 2007-06-04 | 2007-10-11 | Methods and computer-readable media for enabling secure online transactions with simplified user experience |
US12/227,709 Active 2033-03-05 US9430517B2 (en) | 2007-06-04 | 2007-10-26 | Methods and systems for presenting online content elements based on information known to a service provider |
US12/224,506 Active 2032-08-16 US9600518B2 (en) | 2007-06-04 | 2007-11-22 | Methods and systems for presenting online content elements based on information caused to be stored on a communication apparatus by a service provider |
Family Applications After (8)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/292,750 Active 2030-11-04 US10078660B2 (en) | 2007-06-04 | 2008-11-25 | Methods and systems for presenting online content elements based on information known to a service provider |
US12/292,745 Active 2032-03-27 US10691758B2 (en) | 2007-06-04 | 2008-11-25 | Methods and systems for presenting online content elements based on information known to a service provider |
US14/488,699 Active US10831840B2 (en) | 2007-06-04 | 2014-09-17 | Methods and systems for handling online requests based on information known to a service provider |
US15/726,824 Active US10649984B2 (en) | 2007-06-04 | 2017-10-06 | Online transaction validation using a location object |
US16/247,009 Active US10885138B2 (en) | 2007-06-04 | 2019-01-14 | Methods and computer-readable media for enabling secure online transactions with simplified user experience |
US16/688,383 Active 2027-11-20 US11244018B2 (en) | 2007-06-04 | 2019-11-19 | Methods and systems for validating online transactions using location |
US17/094,244 Active 2027-11-05 US11687605B2 (en) | 2007-06-04 | 2020-11-10 | Methods and systems for handling online requests based on information known to a service provider |
US17/141,954 Pending US20210124788A1 (en) | 2007-06-04 | 2021-01-05 | Methods and computer-readable media for enabling secure online transactions with simplified user experience |
Country Status (3)
Country | Link |
---|---|
US (14) | US10482081B2 (en) |
CA (6) | CA2689479A1 (en) |
WO (6) | WO2008148180A1 (en) |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8667102B1 (en) * | 2008-12-02 | 2014-03-04 | ioBridge, Inc. | Module-based device interaction system |
US20150310201A1 (en) * | 2014-04-23 | 2015-10-29 | DeNA Co., Ltd. | User authentication system |
US9256752B2 (en) | 2014-01-07 | 2016-02-09 | Microsoft Technology Licensing, Llc | Product authorization with cross-region access |
US20160084933A1 (en) * | 2012-07-18 | 2016-03-24 | Unify Gmbh & Co. Kg | Method of updating a location information representing a physical location of a communication device, a computer program product for executing the method, and a communication system for updating the location information |
US9497261B1 (en) * | 2008-12-02 | 2016-11-15 | ioBridge, Inc. | System, method, and computer-readable medium for wireless interaction with a device via a module-based device interaction system |
US9681357B1 (en) * | 2008-12-02 | 2017-06-13 | ioBridge, Inc. | System, method, and computer-readable medium for interaction with a device via a module-based device interaction system enabled for wireless communication |
US9727866B2 (en) | 2013-10-15 | 2017-08-08 | Intuit Inc. | Methods systems and computer program products for verifying consumer identity during transaction |
US20170308898A1 (en) * | 2016-04-25 | 2017-10-26 | AO Kaspersky Lab | System and method of recognizing transactions as trusted |
US10756918B2 (en) | 2008-12-02 | 2020-08-25 | ioBridge, Inc. | Activating a device via a module-based device interaction system |
US20210342411A1 (en) * | 2014-08-04 | 2021-11-04 | Ent. Services Development Corporation Lp | Event stream processing |
Families Citing this family (76)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7912960B2 (en) * | 2005-06-20 | 2011-03-22 | Microsoft Corporation | Reciprocal public trust relationship |
US9088355B2 (en) | 2006-03-24 | 2015-07-21 | Arris Technology, Inc. | Method and apparatus for determining the dynamic range of an optical link in an HFC network |
US10482081B2 (en) | 2007-06-04 | 2019-11-19 | Bce Inc. | Methods and systems for validating online transactions using location information |
US20110009188A1 (en) * | 2007-11-20 | 2011-01-13 | Adiraju Srinivyasa M | Controlling wagering transactions for multi-provider game content |
CA2689072C (en) * | 2007-12-05 | 2018-01-09 | Bce Inc. | Methods and computer-readable media for facilitating forensic investigations of online transactions |
US20090172033A1 (en) * | 2007-12-28 | 2009-07-02 | Bce Inc. | Methods, systems and computer-readable media for facilitating forensic investigations of online activities |
US20090182586A1 (en) * | 2008-01-10 | 2009-07-16 | Cohane Joseph P | Point-of-sale, value-added payment processing system and method thereof |
US10269024B2 (en) * | 2008-02-08 | 2019-04-23 | Outbrain Inc. | Systems and methods for identifying and measuring trends in consumer content demand within vertically associated websites and related content |
US8430741B2 (en) * | 2008-03-04 | 2013-04-30 | Wms Gaming, Inc. | Presenting wagering game content in multiple windows |
US20090240538A1 (en) * | 2008-03-20 | 2009-09-24 | Embarq Holdings Company, Llc | System and Method for Local Call-Based Advertising |
US20090313097A1 (en) * | 2008-06-13 | 2009-12-17 | Embarq Holdings Company, Llc | System and Method for Advertisers to Bid on Distributing Ads to Telephone Calling Parties |
US20110212785A1 (en) * | 2008-11-13 | 2011-09-01 | Wms Gaming, Inc. | Presenting content in wagering game systems |
US20110040604A1 (en) * | 2009-08-13 | 2011-02-17 | Vertical Acuity, Inc. | Systems and Methods for Providing Targeted Content |
US9396485B2 (en) * | 2009-12-24 | 2016-07-19 | Outbrain Inc. | Systems and methods for presenting content |
DE102009039650A1 (en) * | 2009-09-02 | 2011-03-10 | Elektro-Bauelemente Gmbh | Method for energizing e.g. electrical operable vehicle in parking lot, involves sending releasing signal so that current is fed to vehicle, during correlation of characteristics with information, and metering electrical quantity |
US8526485B2 (en) | 2009-09-23 | 2013-09-03 | General Instrument Corporation | Using equalization coefficients of end devices in a cable television network to determine and diagnose impairments in upstream channels |
US10713666B2 (en) | 2009-12-24 | 2020-07-14 | Outbrain Inc. | Systems and methods for curating content |
US20110197137A1 (en) * | 2009-12-24 | 2011-08-11 | Vertical Acuity, Inc. | Systems and Methods for Rating Content |
US20110161091A1 (en) * | 2009-12-24 | 2011-06-30 | Vertical Acuity, Inc. | Systems and Methods for Connecting Entities Through Content |
US10607235B2 (en) * | 2009-12-24 | 2020-03-31 | Outbrain Inc. | Systems and methods for curating content |
US8170921B2 (en) * | 2009-12-29 | 2012-05-01 | Ebay, Inc. | Dynamic hosted shopping cart |
CN102947817B (en) * | 2010-06-23 | 2016-03-02 | 富士通株式会社 | Communicator, communication means and signal procedure |
US8886773B2 (en) | 2010-08-14 | 2014-11-11 | The Nielsen Company (Us), Llc | Systems, methods, and apparatus to monitor mobile internet activity |
US8910259B2 (en) | 2010-08-14 | 2014-12-09 | The Nielsen Company (Us), Llc | Systems, methods, and apparatus to monitor mobile internet activity |
US8654640B2 (en) | 2010-12-08 | 2014-02-18 | General Instrument Corporation | System and method for IP video delivery using distributed flexible channel bonding |
US8458069B2 (en) * | 2011-03-04 | 2013-06-04 | Brighterion, Inc. | Systems and methods for adaptive identification of sources of fraud |
US20120296818A1 (en) * | 2011-05-17 | 2012-11-22 | Ebay Inc. | Method for authorizing the activation of a spending card |
US20120303503A1 (en) * | 2011-05-26 | 2012-11-29 | First Data Corporation | Systems and Methods for Tokenizing Financial Information |
US9070131B2 (en) * | 2011-06-14 | 2015-06-30 | Ark Ideaz, Inc. | Authentication systems and methods |
US8937992B2 (en) | 2011-08-30 | 2015-01-20 | General Instrument Corporation | Method and apparatus for updating equalization coefficients of adaptive pre-equalizers |
US9210150B2 (en) | 2011-10-25 | 2015-12-08 | Salesforce.Com, Inc. | Two-factor authentication systems and methods |
US10212588B2 (en) | 2011-10-25 | 2019-02-19 | Salesforce.Com, Inc. | Preemptive authorization automation |
US10225242B2 (en) | 2011-10-25 | 2019-03-05 | Salesforce.Com, Inc. | Automated authorization response techniques |
US10225264B2 (en) | 2011-10-25 | 2019-03-05 | Salesforce.Com, Inc. | Automated authorization response techniques |
KR101583741B1 (en) | 2011-10-25 | 2016-01-12 | 투퍼, 인코포레이티드 | Two-Factor Authentication Systems and Methods |
EP2787476A4 (en) * | 2011-12-01 | 2015-08-19 | Mozido Corfire Korea Ltd | Method and system for safe mobile wallet transaction |
US9113181B2 (en) | 2011-12-13 | 2015-08-18 | Arris Technology, Inc. | Dynamic channel bonding partial service triggering |
US8620788B2 (en) * | 2012-03-09 | 2013-12-31 | Hartford Fire Insurance Company | System and method for dynamic financial account management |
US9021553B1 (en) | 2012-03-30 | 2015-04-28 | Emc Corporation | Methods and apparatus for fraud detection and remediation in knowledge-based authentication |
US9009844B1 (en) | 2012-03-30 | 2015-04-14 | Emc Corporation | Methods and apparatus for knowledge-based authentication using historically-aware questionnaires |
US20130275547A1 (en) * | 2012-04-16 | 2013-10-17 | Kindsight Inc. | System and method for providing supplemental electronic content to a networked device |
US9065731B2 (en) | 2012-05-01 | 2015-06-23 | Arris Technology, Inc. | Ensure upstream channel quality measurement stability in an upstream channel bonding system using T4 timeout multiplier |
US8762266B2 (en) * | 2012-05-08 | 2014-06-24 | Vantiv, Llc | Systems and methods for performing funds freeze and/or funds seizure with respect to prepaid payment cards |
US11538055B2 (en) * | 2012-06-15 | 2022-12-27 | Edatanetworks Inc. | Systems and method for incenting consumers |
US9136943B2 (en) | 2012-07-30 | 2015-09-15 | Arris Technology, Inc. | Method of characterizing impairments detected by equalization on a channel of a network |
KR101460179B1 (en) | 2012-11-28 | 2014-11-10 | 에스케이씨앤씨 주식회사 | Method for Temporary Payment Card Set-up and Mobile Device using the same |
US9973492B2 (en) * | 2012-12-25 | 2018-05-15 | At&T Mobility Ip, Llc | Unified mobile security system and method of operation |
US9197886B2 (en) | 2013-03-13 | 2015-11-24 | Arris Enterprises, Inc. | Detecting plant degradation using peer-comparison |
US9042236B2 (en) | 2013-03-15 | 2015-05-26 | Arris Technology, Inc. | Method using equalization data to determine defects in a cable plant |
US9025469B2 (en) | 2013-03-15 | 2015-05-05 | Arris Technology, Inc. | Method for estimating cable plant topology |
US10356579B2 (en) | 2013-03-15 | 2019-07-16 | The Nielsen Company (Us), Llc | Methods and apparatus to credit usage of mobile devices |
US10477199B2 (en) | 2013-03-15 | 2019-11-12 | Arris Enterprises Llc | Method for identifying and prioritizing fault location in a cable plant |
US9246892B2 (en) | 2013-04-03 | 2016-01-26 | Salesforce.Com, Inc. | System, method and computer program product for managing access to systems, products, and data based on information associated with a physical location of a user |
US9667436B2 (en) * | 2013-09-09 | 2017-05-30 | British Telecommunications Public Limited Company | Method and apparatus for communicating with an access node |
EP2854335A1 (en) | 2013-09-30 | 2015-04-01 | British Telecommunications public limited company | Data network management |
US9978079B1 (en) * | 2013-12-20 | 2018-05-22 | Google Llc | Content selection based on connection information |
US9762688B2 (en) | 2014-10-31 | 2017-09-12 | The Nielsen Company (Us), Llc | Methods and apparatus to improve usage crediting in mobile devices |
US11423420B2 (en) | 2015-02-06 | 2022-08-23 | The Nielsen Company (Us), Llc | Methods and apparatus to credit media presentations for online media distributions |
US10311423B2 (en) | 2015-06-09 | 2019-06-04 | Zumigo, Inc. | System and method for transaction approval based on confirmation of proximity of mobile subscriber device to a particular location |
CN112990933A (en) * | 2016-06-07 | 2021-06-18 | 华为技术有限公司 | Data processing method, related device and system |
US10460395B2 (en) * | 2016-06-30 | 2019-10-29 | Square, Inc. | Graphical user interface for tracking transactions |
US10453049B2 (en) | 2016-06-30 | 2019-10-22 | Square, Inc. | Physical, logical separation of balances of funds |
US10680843B2 (en) | 2016-12-21 | 2020-06-09 | British Telecommunications Public Limited Company | Network node |
EP3635585A1 (en) * | 2017-06-09 | 2020-04-15 | Humada Holdings Inc. | Enrichment of user specific information |
US10812509B2 (en) * | 2017-10-30 | 2020-10-20 | Micro Focus Llc | Detecting anomolous network activity based on scheduled dark network addresses |
US10819707B1 (en) * | 2017-10-31 | 2020-10-27 | NortonLifeLock, Inc. | Systems and methods for validating a user's physical location |
FR3076032A1 (en) * | 2017-12-21 | 2019-06-28 | Orange | METHOD AND DEVICE FOR VALIDATING A PAYMENT TRANSACTION. |
US10728218B2 (en) * | 2018-02-26 | 2020-07-28 | Mcafee, Llc | Gateway with access checkpoint |
US20190303967A1 (en) * | 2018-03-30 | 2019-10-03 | Panasonic Intellectual Property Management Co., Ltd. | System and method to characterize a user of a handheld device |
US10812476B2 (en) | 2018-05-22 | 2020-10-20 | Salesforce.Com, Inc. | Authorization of another device for participation in multi-factor authentication |
US11108764B2 (en) | 2018-07-02 | 2021-08-31 | Salesforce.Com, Inc. | Automating responses to authentication requests using unsupervised computer learning techniques |
US11756020B1 (en) | 2019-07-31 | 2023-09-12 | Block, Inc. | Gesture and context interpretation for secure interactions |
US20230010577A1 (en) * | 2021-07-06 | 2023-01-12 | Capital One Services, Llc | Computer-Based System for Locking User Account Access |
US11750407B2 (en) * | 2021-07-09 | 2023-09-05 | ReadyLinks Inc. | Bidirectional power feed digital communication device |
AU2022307935A1 (en) | 2021-07-09 | 2024-02-08 | ReadyLinks Inc. | Facilitating and provisioning customer broadband transport service |
US11558264B1 (en) * | 2021-07-09 | 2023-01-17 | ReadyLinks Inc. | Facilitating and provisioning customer broadband transport service |
Citations (78)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5903878A (en) * | 1997-08-20 | 1999-05-11 | Talati; Kirit K. | Method and apparatus for electronic commerce |
US5903721A (en) * | 1997-03-13 | 1999-05-11 | cha|Technologies Services, Inc. | Method and system for secure online transaction processing |
US6029150A (en) * | 1996-10-04 | 2000-02-22 | Certco, Llc | Payment and transactions in electronic commerce system |
US6041353A (en) * | 1997-04-22 | 2000-03-21 | Hitachi, Ltd. | Method for searching for network connection path |
US6169890B1 (en) * | 1992-11-11 | 2001-01-02 | Sonera Smarttrust Oy | Mobile telephone system and method for carrying out financial transactions using a mobile telephone system |
US20010053999A1 (en) * | 2000-06-09 | 2001-12-20 | Sony Corp./Sony Electronics, Inc. | System and method for providing customized advertisements over a network |
US6339761B1 (en) * | 1999-05-13 | 2002-01-15 | Hugh V. Cottingham | Internet service provider advertising system |
US20020010747A1 (en) * | 2000-07-21 | 2002-01-24 | Ableclick Corp. | Method for acquiring on-line information regarding customer preferences and a target advertising method using e-mail based on customer preferences |
US20020019831A1 (en) * | 2000-01-19 | 2002-02-14 | Wyly Wade | Methods, systems, and presentations for delivery over the internet |
US20020035622A1 (en) * | 2000-06-07 | 2002-03-21 | Barber Timothy P. | Online machine data collection and archiving process |
US20020069176A1 (en) * | 2000-12-06 | 2002-06-06 | Daniel Newman | System for obtaining fee-based data and services |
US20020077837A1 (en) * | 1999-12-16 | 2002-06-20 | Scott Krueger | Secure networked transaction system |
US20020107981A1 (en) * | 2001-02-06 | 2002-08-08 | International Business Machines Corporation | Internet domain names with regional associations |
US20020143655A1 (en) * | 2001-04-02 | 2002-10-03 | Stephen Elston | Remote ordering system for mobile commerce |
US20020161701A1 (en) * | 2001-04-30 | 2002-10-31 | Todd Warmack | Debit or credit card transaction clearing house system |
US6484148B1 (en) * | 2000-02-19 | 2002-11-19 | John E. Boyd | Electronic advertising device and method of using the same |
US6487538B1 (en) * | 1998-11-16 | 2002-11-26 | Sun Microsystems, Inc. | Method and apparatus for local advertising |
US20030023489A1 (en) * | 2001-06-14 | 2003-01-30 | Mcguire Myles P. | Method and system for providing network based target advertising |
US20030041240A1 (en) * | 2001-08-22 | 2003-02-27 | Jim Roskind | Single universal authentication system for internet services |
US20030105710A1 (en) * | 2000-07-11 | 2003-06-05 | Ellen Barbara | Method and system for on-line payments |
US20030140120A1 (en) * | 1999-12-01 | 2003-07-24 | Hartman Alex James | Method and apparatus for network access |
US20030172036A1 (en) * | 2002-03-05 | 2003-09-11 | Idan Feigenbaum | Online financial transaction veracity assurance mechanism |
US20030187949A1 (en) * | 2002-03-28 | 2003-10-02 | Bhatt Jaydutt B. | Determining geographic location of internet users |
US20040006489A1 (en) * | 2002-07-03 | 2004-01-08 | Bynon Douglas B. | Benefits services payment and credit system |
US6700965B1 (en) * | 2002-05-03 | 2004-03-02 | At&T Corp. | Identifier-triggered personalized customer relations management service |
US20040102197A1 (en) * | 1999-09-30 | 2004-05-27 | Dietz Timothy Alan | Dynamic web page construction based on determination of client device location |
US20040205004A1 (en) * | 2000-02-22 | 2004-10-14 | Paramvir Bahl | Methods and systems for providing variable rates of service for accessing networks, methods and systems for accessing the internet |
US20040250236A1 (en) * | 2003-04-30 | 2004-12-09 | O'malley Austin | Establishing and maintaining a relationship between a three-dimensional model and related data |
US6836765B1 (en) * | 2000-08-30 | 2004-12-28 | Lester Sussman | System and method for secure and address verifiable electronic commerce transactions |
US20050021853A1 (en) * | 1999-05-03 | 2005-01-27 | Parekh Sanjay M. | Systems and methods for determining, collecting, and using geographic locations of Internet users |
US6859791B1 (en) * | 1998-08-13 | 2005-02-22 | International Business Machines Corporation | Method for determining internet users geographic region |
US20050066339A1 (en) * | 2003-03-19 | 2005-03-24 | Thoen Gregory S. | System and method for seamlessly providing video content to client systems over a network |
US6895387B1 (en) * | 1999-10-29 | 2005-05-17 | Networks Associates Technology, Inc. | Dynamic marketing based on client computer configurations |
US20050108177A1 (en) * | 1999-07-30 | 2005-05-19 | Sancho Enrique D. | System and method for secure network purchasing |
US20050144073A1 (en) * | 2002-06-05 | 2005-06-30 | Lawrence Morrisroe | Method and system for serving advertisements |
US20050165684A1 (en) * | 2004-01-28 | 2005-07-28 | Saflink Corporation | Electronic transaction verification system |
US20050177562A1 (en) * | 2004-02-09 | 2005-08-11 | Limelight Networks, Inc. | Universal search engine |
US20050190901A1 (en) * | 2003-11-07 | 2005-09-01 | Oborn Patrick K. | System and method to determine and deliver quotes for distance-sensitive communication links from multiple service providers |
US6957393B2 (en) * | 2001-03-19 | 2005-10-18 | Accenture Llp | Mobile valet |
US20050260973A1 (en) * | 2004-05-24 | 2005-11-24 | Van De Groenendaal Joannes G | Wireless manager and method for managing wireless devices |
US20060020508A1 (en) * | 2004-07-23 | 2006-01-26 | Gorti Sreenivasa R | Proxy-based profile management to deliver personalized services |
US20060059044A1 (en) * | 2004-09-14 | 2006-03-16 | Chan Wesley T | Method and system to provide advertisements based on wireless access points |
US20060080147A1 (en) * | 2004-10-08 | 2006-04-13 | Mark Greenstein | Method of purchasing a product to avoid adverse selection |
US20060085263A1 (en) * | 1997-06-25 | 2006-04-20 | Paul Greer | User demographic profile driven advertising targeting |
US20060085357A1 (en) * | 2004-10-19 | 2006-04-20 | First Data Corporation | Methods and systems for performing credit transactions with a wireless device |
US20060111991A1 (en) * | 2002-07-08 | 2006-05-25 | Murray Wilshinsky | Confindential information sharing system |
US20060116924A1 (en) * | 1996-08-20 | 2006-06-01 | Angles Paul D | System and method for delivering customized advertisements within interactive communication systems |
US20060190287A1 (en) * | 2004-10-15 | 2006-08-24 | Rearden Commerce, Inc. | Fraudulent address database |
US7111789B2 (en) * | 2001-08-31 | 2006-09-26 | Arcot Systems, Inc. | Enhancements to multi-party authentication and other protocols |
US20060235795A1 (en) * | 2005-04-19 | 2006-10-19 | Microsoft Corporation | Secure network commercial transactions |
US20060271953A1 (en) * | 2005-01-05 | 2006-11-30 | Ronald Jacoby | System and method for delivering personalized advertisements |
US20070050481A1 (en) * | 1999-12-30 | 2007-03-01 | Rod Rigole | Systems and methods for online selection of service providers and management of service accounts |
US20070067297A1 (en) * | 2004-04-30 | 2007-03-22 | Kublickis Peter J | System and methods for a micropayment-enabled marketplace with permission-based, self-service, precision-targeted delivery of advertising, entertainment and informational content and relationship marketing to anonymous internet users |
US20070106660A1 (en) * | 2005-11-09 | 2007-05-10 | Bbnt Solutions Llc | Method and apparatus for using confidence scores of enhanced metadata in search-driven media applications |
US20070220604A1 (en) * | 2005-05-31 | 2007-09-20 | Long Kurt J | System and Method of Fraud and Misuse Detection |
US20070239546A1 (en) * | 2006-04-10 | 2007-10-11 | Scott Blum | Computer implemented interactive advertising system and method |
US7292996B2 (en) * | 2000-10-06 | 2007-11-06 | Openwave Systems Inc. | Method and apparatus for performing a credit based transaction between a user of a wireless communications device and a provider of a product or service |
US7359869B1 (en) * | 2000-07-14 | 2008-04-15 | Stamps.Com, Inc. | Method and system for facilitating secure electronic transactions with multiple merchants |
US20080095173A1 (en) * | 2006-10-19 | 2008-04-24 | Embarq Holdings Company, Llc | System and method for monitoring the connection of an end-user to a remote network |
US20080164308A1 (en) * | 2007-01-10 | 2008-07-10 | Aaron Jeffrey A | Credit card transaction servers, methods and computer program products employing wireless teminal location and registered purchasing locations |
US7411905B1 (en) * | 2003-09-05 | 2008-08-12 | Sprint Communications Company L.P. | Segmented IP backbone network access |
US20080255944A1 (en) * | 2007-03-29 | 2008-10-16 | Shah Nitin J | Campaign Management Platform for Network-Based Online Advertising and Directed Media Transmission System |
US20090172033A1 (en) * | 2007-12-28 | 2009-07-02 | Bce Inc. | Methods, systems and computer-readable media for facilitating forensic investigations of online activities |
US7630939B1 (en) * | 2001-03-26 | 2009-12-08 | Usa Technologies, Inc. | System and method for locally authorizing cashless transactions at point of sale |
US7665658B2 (en) * | 2005-06-07 | 2010-02-23 | First Data Corporation | Dynamic aggregation of payment transactions |
US20100174660A1 (en) * | 2007-12-05 | 2010-07-08 | Bce Inc. | Methods and computer-readable media for facilitating forensic investigations of online transactions |
US7778935B2 (en) * | 2006-03-09 | 2010-08-17 | Colella Brian A | System for secure payment and authentication |
US7818229B2 (en) * | 2004-10-19 | 2010-10-19 | Apollo Enterprise Solutions, Inc. | Method for future payment transactions |
US7827101B2 (en) * | 2003-01-10 | 2010-11-02 | First Data Corporation | Payment system clearing for transactions |
US7827108B2 (en) * | 2008-11-21 | 2010-11-02 | Visa U.S.A. Inc. | System and method of validating a relationship between a user and a user account at a financial institution |
US7941370B2 (en) * | 2006-04-25 | 2011-05-10 | Uc Group Limited | Systems and methods for funding payback requests for financial transactions |
US7983961B1 (en) * | 2005-10-27 | 2011-07-19 | Alvin Chang | Methods and apparatus for marketing profiling while preserving user privacy |
US20110208663A1 (en) * | 2004-03-19 | 2011-08-25 | Kennis Peter H | Extraction of transaction data for compliance monitoring |
US8032536B2 (en) * | 2002-12-19 | 2011-10-04 | Base Base Corporation | System and method for applying network protocols to telephony |
US8041717B2 (en) * | 2005-09-14 | 2011-10-18 | Jumptap, Inc. | Mobile advertisement syndication |
US8045956B2 (en) * | 2007-01-05 | 2011-10-25 | Macronix International Co., Ltd. | System and method of managing contactless payment transactions using a mobile communication device as a stored value device |
US8321278B2 (en) * | 2003-09-30 | 2012-11-27 | Google Inc. | Targeted advertisements based on user profiles and page profile |
US8566237B2 (en) * | 2002-11-01 | 2013-10-22 | Western Union Financial Services, Inc. | Internet payment system and method |
Family Cites Families (85)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5012466A (en) * | 1987-10-13 | 1991-04-30 | At&T Bell Laboratories | Call service initialization arrangement |
MX9404860A (en) * | 1993-06-28 | 1995-01-31 | Bellsouth Corp | MEDIATION OF AN INTELLIGENT, OPEN, ADVANCED NETWORK INTERCONNECTION, SWITCHED PUBLIC TELEPHONE WALL. |
DE69520097T2 (en) * | 1994-03-17 | 2001-07-19 | Dow Benelux | SYSTEM FOR REAL-TIME OPTIMIZATION AND PRESENTATION OF THE PROFIT |
US20040243478A1 (en) * | 1996-09-04 | 2004-12-02 | Walker Jay S. | Purchasing, redemption, and settlement systems and methods wherein a buyer takes possession at a retailer of a product purchased using a communication network |
US8396811B1 (en) * | 1999-02-26 | 2013-03-12 | Syncada Llc | Validation approach for auditing a vendor-based transaction |
US8799100B2 (en) * | 1997-07-08 | 2014-08-05 | Groupon, Inc. | Retail system for selling products based on a flexible product description |
US6760746B1 (en) * | 1999-09-01 | 2004-07-06 | Eric Schneider | Method, product, and apparatus for processing a data request |
US6233616B1 (en) * | 1997-10-24 | 2001-05-15 | William J. Reid | Enterprise network management using directory containing network addresses of users obtained through DHCP to control routers and servers |
US6894994B1 (en) * | 1997-11-03 | 2005-05-17 | Qualcomm Incorporated | High data rate wireless packet data communications system |
US6327363B1 (en) * | 1998-04-17 | 2001-12-04 | Mci Worldcom, Inc. | Method and system for automated customer services |
US6385729B1 (en) | 1998-05-26 | 2002-05-07 | Sun Microsystems, Inc. | Secure token device access to services provided by an internet service provider (ISP) |
PL345032A1 (en) | 1998-06-19 | 2001-11-19 | Protx Ltd | Verified payment system |
US6125391A (en) * | 1998-10-16 | 2000-09-26 | Commerce One, Inc. | Market makers using documents for commerce in trading partner networks |
US7076504B1 (en) | 1998-11-19 | 2006-07-11 | Accenture Llp | Sharing a centralized profile |
US20040019560A1 (en) * | 1999-03-12 | 2004-01-29 | Evans Scott L. | System and method for debt presentment and resolution |
US7213061B1 (en) * | 1999-04-29 | 2007-05-01 | Amx Llc | Internet control system and method |
EP1266317A4 (en) * | 1999-06-14 | 2005-12-14 | Integral Dev Corp | System and method for conducting web-based financial transactions in capital markets |
US8527337B1 (en) * | 1999-07-20 | 2013-09-03 | Google Inc. | Internet based system and apparatus for paying users to view content and receiving micropayments |
DE19946539B4 (en) * | 1999-09-28 | 2010-04-29 | T-Mobile Deutschland Gmbh | Method for billing Internet shops via mobile communications |
US6757691B1 (en) * | 1999-11-09 | 2004-06-29 | America Online, Inc. | Predicting content choices by searching a profile database |
US7647278B1 (en) * | 1999-12-29 | 2010-01-12 | Pitney Bowes Inc. | Method for facilitating a transaction between a merchant and a buyer |
US6363357B1 (en) * | 1999-12-29 | 2002-03-26 | Pitney Bowes, Inc. | Method and apparatus for providing authorization to make multiple copies of copyright protected products purchased in an online commercial transaction |
JP3545666B2 (en) | 2000-02-14 | 2004-07-21 | 株式会社東芝 | Service providing system for mobile terminals |
AUPQ600800A0 (en) | 2000-03-06 | 2000-03-23 | Interfusion.Net Pty Ltd | User-targeted information and advertising |
EP1136961B1 (en) | 2000-03-24 | 2004-02-25 | Mobipay International, S.A. | System and process for remote payments and transactions in real time by mobile telephone |
US6539392B1 (en) * | 2000-03-29 | 2003-03-25 | Bizrate.Com | System and method for data collection, evaluation, information generation, and presentation |
WO2001086546A1 (en) * | 2000-05-05 | 2001-11-15 | Crossmar, Inc. | Method and system for routing and processing financial transaction data |
US20020013827A1 (en) * | 2000-05-18 | 2002-01-31 | Edstrom Claes G.R. | Personal service environment management apparatus and methods |
US6892184B1 (en) * | 2000-06-19 | 2005-05-10 | E4X Inc. | System and method for multiple currency transactions |
US7660737B1 (en) * | 2000-07-18 | 2010-02-09 | Smartpenny.Com, Inc. | Economic filtering system for delivery of permission based, targeted, incentivized advertising |
US8087064B1 (en) * | 2000-08-31 | 2011-12-27 | Verizon Communications Inc. | Security extensions using at least a portion of layer 2 information or bits in the place of layer 2 information |
US20110219035A1 (en) * | 2000-09-25 | 2011-09-08 | Yevgeny Korsunsky | Database security via data flow processing |
GB0023570D0 (en) * | 2000-09-26 | 2000-11-08 | Volantis Systems Ltd | Web server |
WO2002049257A2 (en) | 2000-12-12 | 2002-06-20 | Nintendo Of America Inc. | System for identifying unauthorized sales and providing post-sale information to purchasers using electronic product registration |
US7937470B2 (en) * | 2000-12-21 | 2011-05-03 | Oracle International Corp. | Methods of determining communications protocol latency |
US20030006911A1 (en) * | 2000-12-22 | 2003-01-09 | The Cadre Group Inc. | Interactive advertising system and method |
US6606690B2 (en) * | 2001-02-20 | 2003-08-12 | Hewlett-Packard Development Company, L.P. | System and method for accessing a storage area network as network attached storage |
US7316819B2 (en) * | 2001-03-08 | 2008-01-08 | Unigene Laboratories, Inc. | Oral peptide pharmaceutical dosage form and method of production |
US20020198937A1 (en) * | 2001-03-09 | 2002-12-26 | Arif Diwan | Content-request redirection method and system |
US8156185B1 (en) * | 2001-05-17 | 2012-04-10 | Ibm Corporation | Method and system for monitoring the status of an online transaction |
US7849173B1 (en) * | 2001-12-31 | 2010-12-07 | Christopher Uhlik | System for on-demand access to local area networks |
US7117182B2 (en) * | 2002-01-08 | 2006-10-03 | International Business Machines Corporation | Method for disaggregating customer data in online transactions to preserve privacy |
US7228417B2 (en) * | 2002-02-26 | 2007-06-05 | America Online, Inc. | Simple secure login with multiple-authentication providers |
US7107285B2 (en) * | 2002-03-16 | 2006-09-12 | Questerra Corporation | Method, system, and program for an improved enterprise spatial system |
CA2436319C (en) * | 2002-08-02 | 2014-05-13 | Calin A. Sandru | Payment validation network |
US7885644B2 (en) * | 2002-10-18 | 2011-02-08 | Kineto Wireless, Inc. | Method and system of providing landline equivalent location information over an integrated communication system |
US7640008B2 (en) * | 2002-10-18 | 2009-12-29 | Kineto Wireless, Inc. | Apparatus and method for extending the coverage area of a licensed wireless communication system using an unlicensed wireless communication system |
CA2413340C (en) | 2002-11-29 | 2009-10-13 | Research In Motion Limited | System and method for conducting an electronic commercial transaction |
GB0307763D0 (en) * | 2003-04-04 | 2003-05-07 | Zap Corp Uk The Ltd | System and method of broadcasting advertisements |
US7401104B2 (en) * | 2003-08-21 | 2008-07-15 | Microsoft Corporation | Systems and methods for synchronizing computer systems through an intermediary file system share or device |
US7290278B2 (en) * | 2003-10-02 | 2007-10-30 | Aol Llc, A Delaware Limited Liability Company | Identity based service system |
KR100661313B1 (en) * | 2003-12-03 | 2006-12-27 | 한국전자통신연구원 | Multimedia communication system based on session initiation protocol capable of providing mobility using lifelong number |
US8041779B2 (en) * | 2003-12-15 | 2011-10-18 | Honda Motor Co., Ltd. | Method and system for facilitating the exchange of information between a vehicle and a remote location |
US7853533B2 (en) * | 2004-03-02 | 2010-12-14 | The 41St Parameter, Inc. | Method and system for identifying users and detecting fraud by use of the internet |
US7634550B2 (en) * | 2004-04-21 | 2009-12-15 | Sap Ag | Message-oriented middleware provider having multiple server instances |
US7889384B2 (en) * | 2004-06-03 | 2011-02-15 | International Business Machines Corporation | Method for more efficiently managing complex payloads in a point of sale system |
FI117587B (en) * | 2004-06-18 | 2006-11-30 | Nethawk Oyj | Method, device, and computer program product for monitoring data communications |
US7966405B2 (en) * | 2004-06-29 | 2011-06-21 | Microsoft Corporation | Session multiplex protocol |
US7730030B1 (en) * | 2004-08-15 | 2010-06-01 | Yongyong Xu | Resource based virtual communities |
US8732004B1 (en) * | 2004-09-22 | 2014-05-20 | Experian Information Solutions, Inc. | Automated analysis of data to generate prospect notifications based on trigger events |
US7885844B1 (en) * | 2004-11-16 | 2011-02-08 | Amazon Technologies, Inc. | Automatically generating task recommendations for human task performers |
US8170897B1 (en) * | 2004-11-16 | 2012-05-01 | Amazon Technologies, Inc. | Automated validation of results of human performance of tasks |
US20080307339A1 (en) * | 2006-03-20 | 2008-12-11 | Kidzui, Inc. | Child-oriented computing system |
US8079087B1 (en) * | 2005-05-03 | 2011-12-13 | Voltage Security, Inc. | Universal resource locator verification service with cross-branding detection |
WO2006133141A2 (en) * | 2005-06-06 | 2006-12-14 | Sms.Ac, Inc. | Billing system and method for micro-transactions |
US7805706B1 (en) * | 2005-06-21 | 2010-09-28 | Unisys Corporation | Process for optimizing software components for an enterprise resource planning (ERP) application SAP on multiprocessor servers |
US8538875B2 (en) | 2005-11-04 | 2013-09-17 | Instamed Communications Llc | Process for linked healthcare and financial transaction initiation |
US20070174477A1 (en) * | 2006-01-20 | 2007-07-26 | Bostick James E | Communication profiles for integrated database messaging system |
WO2007092715A2 (en) * | 2006-02-06 | 2007-08-16 | Solidus Networks, Inc. | Method and system for providing online authentication utilizing biometric data |
US7516882B2 (en) * | 2006-03-09 | 2009-04-14 | Robert Cucinotta | Remote validation system useful for financial transactions |
US7814116B2 (en) * | 2006-03-16 | 2010-10-12 | Hauser Eduardo A | Method and system for creating customized news digests |
US20070276721A1 (en) * | 2006-05-25 | 2007-11-29 | Invelus Communications Llc | Computer implemented shopping system |
US7613735B2 (en) * | 2006-06-13 | 2009-11-03 | Alcatel-Lucent Usa Inc. | Method and apparatus for managing multimedia content |
JP4901334B2 (en) * | 2006-06-30 | 2012-03-21 | 株式会社東芝 | Memory controller |
US9430773B2 (en) * | 2006-07-18 | 2016-08-30 | American Express Travel Related Services Company, Inc. | Loyalty incentive program using transaction cards |
EP1887506A1 (en) * | 2006-08-10 | 2008-02-13 | Jepay SAS | Electronic commerce transaction process |
WO2008042812A2 (en) * | 2006-09-29 | 2008-04-10 | Google Inc. | Advertisement campaign simulator |
US8371919B2 (en) * | 2006-10-18 | 2013-02-12 | Wms Gaming Inc. | Wagering game with community game having a persistent-state feature |
US8914729B2 (en) * | 2006-10-30 | 2014-12-16 | Yahoo! Inc. | Methods and systems for providing a customizable guide for navigating a corpus of content |
US8108501B2 (en) * | 2006-11-01 | 2012-01-31 | Yahoo! Inc. | Searching and route mapping based on a social network, location, and time |
WO2008067442A2 (en) * | 2006-11-29 | 2008-06-05 | Wisconsin Alumni Research Foundation | Method and apparatus for network anomaly detection |
US8019331B2 (en) * | 2007-02-26 | 2011-09-13 | Kineto Wireless, Inc. | Femtocell integration into the macro network |
US10482081B2 (en) | 2007-06-04 | 2019-11-19 | Bce Inc. | Methods and systems for validating online transactions using location information |
US8175975B2 (en) * | 2008-08-18 | 2012-05-08 | Alcatel Lucent | IMS device operable for financial transaction authorization and ID cards display |
KR20130009754A (en) * | 2010-02-01 | 2013-01-23 | 점프탭, 인크. | Integrated advertising system |
-
2007
- 2007-06-27 US US12/298,720 patent/US10482081B2/en active Active
- 2007-06-27 WO PCT/CA2007/001152 patent/WO2008148180A1/en active Application Filing
- 2007-06-27 CA CA002689479A patent/CA2689479A1/en not_active Withdrawn
- 2007-08-14 CA CA2689863A patent/CA2689863C/en active Active
- 2007-08-14 WO PCT/CA2007/001865 patent/WO2008148183A1/en active Application Filing
- 2007-08-14 US US12/226,880 patent/US20100205652A1/en not_active Abandoned
- 2007-10-11 WO PCT/CA2007/001802 patent/WO2008148182A1/en active Application Filing
- 2007-10-11 CA CA2690090A patent/CA2690090C/en active Active
- 2007-10-11 US US12/087,427 patent/US10180958B2/en active Active
- 2007-10-26 CA CA2654400A patent/CA2654400C/en active Active
- 2007-10-26 US US12/227,709 patent/US9430517B2/en active Active
- 2007-10-26 WO PCT/CA2007/001921 patent/WO2008148184A1/en active Application Filing
- 2007-11-22 US US12/224,506 patent/US9600518B2/en active Active
- 2007-11-22 CA CA2689864A patent/CA2689864C/en active Active
- 2007-11-22 WO PCT/CA2007/002119 patent/WO2008148185A1/en active Application Filing
- 2007-12-05 WO PCT/CA2007/002188 patent/WO2008148186A1/en active Application Filing
- 2007-12-05 US US12/162,297 patent/US20100235279A1/en not_active Abandoned
- 2007-12-05 CA CA2690030A patent/CA2690030C/en active Active
-
2008
- 2008-11-25 US US12/292,750 patent/US10078660B2/en active Active
- 2008-11-25 US US12/292,745 patent/US10691758B2/en active Active
-
2014
- 2014-09-17 US US14/488,699 patent/US10831840B2/en active Active
-
2017
- 2017-10-06 US US15/726,824 patent/US10649984B2/en active Active
-
2019
- 2019-01-14 US US16/247,009 patent/US10885138B2/en active Active
- 2019-11-19 US US16/688,383 patent/US11244018B2/en active Active
-
2020
- 2020-11-10 US US17/094,244 patent/US11687605B2/en active Active
-
2021
- 2021-01-05 US US17/141,954 patent/US20210124788A1/en active Pending
Patent Citations (80)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6169890B1 (en) * | 1992-11-11 | 2001-01-02 | Sonera Smarttrust Oy | Mobile telephone system and method for carrying out financial transactions using a mobile telephone system |
US20060116924A1 (en) * | 1996-08-20 | 2006-06-01 | Angles Paul D | System and method for delivering customized advertisements within interactive communication systems |
US6029150A (en) * | 1996-10-04 | 2000-02-22 | Certco, Llc | Payment and transactions in electronic commerce system |
US5903721A (en) * | 1997-03-13 | 1999-05-11 | cha|Technologies Services, Inc. | Method and system for secure online transaction processing |
US6041353A (en) * | 1997-04-22 | 2000-03-21 | Hitachi, Ltd. | Method for searching for network connection path |
US20060085263A1 (en) * | 1997-06-25 | 2006-04-20 | Paul Greer | User demographic profile driven advertising targeting |
US5903878A (en) * | 1997-08-20 | 1999-05-11 | Talati; Kirit K. | Method and apparatus for electronic commerce |
US6859791B1 (en) * | 1998-08-13 | 2005-02-22 | International Business Machines Corporation | Method for determining internet users geographic region |
US6487538B1 (en) * | 1998-11-16 | 2002-11-26 | Sun Microsystems, Inc. | Method and apparatus for local advertising |
US20050021853A1 (en) * | 1999-05-03 | 2005-01-27 | Parekh Sanjay M. | Systems and methods for determining, collecting, and using geographic locations of Internet users |
US20060123105A1 (en) * | 1999-05-03 | 2006-06-08 | Parekh Sanjay M | Systems and methods for determining, collecting, and using geographic locations of internet users |
US6339761B1 (en) * | 1999-05-13 | 2002-01-15 | Hugh V. Cottingham | Internet service provider advertising system |
US20050108177A1 (en) * | 1999-07-30 | 2005-05-19 | Sancho Enrique D. | System and method for secure network purchasing |
US20040102197A1 (en) * | 1999-09-30 | 2004-05-27 | Dietz Timothy Alan | Dynamic web page construction based on determination of client device location |
US6895387B1 (en) * | 1999-10-29 | 2005-05-17 | Networks Associates Technology, Inc. | Dynamic marketing based on client computer configurations |
US20030140120A1 (en) * | 1999-12-01 | 2003-07-24 | Hartman Alex James | Method and apparatus for network access |
US20020077837A1 (en) * | 1999-12-16 | 2002-06-20 | Scott Krueger | Secure networked transaction system |
US20070050481A1 (en) * | 1999-12-30 | 2007-03-01 | Rod Rigole | Systems and methods for online selection of service providers and management of service accounts |
US20020019831A1 (en) * | 2000-01-19 | 2002-02-14 | Wyly Wade | Methods, systems, and presentations for delivery over the internet |
US6484148B1 (en) * | 2000-02-19 | 2002-11-19 | John E. Boyd | Electronic advertising device and method of using the same |
US20040205004A1 (en) * | 2000-02-22 | 2004-10-14 | Paramvir Bahl | Methods and systems for providing variable rates of service for accessing networks, methods and systems for accessing the internet |
US20020035622A1 (en) * | 2000-06-07 | 2002-03-21 | Barber Timothy P. | Online machine data collection and archiving process |
US20010053999A1 (en) * | 2000-06-09 | 2001-12-20 | Sony Corp./Sony Electronics, Inc. | System and method for providing customized advertisements over a network |
US20030105710A1 (en) * | 2000-07-11 | 2003-06-05 | Ellen Barbara | Method and system for on-line payments |
US7359869B1 (en) * | 2000-07-14 | 2008-04-15 | Stamps.Com, Inc. | Method and system for facilitating secure electronic transactions with multiple merchants |
US20020010747A1 (en) * | 2000-07-21 | 2002-01-24 | Ableclick Corp. | Method for acquiring on-line information regarding customer preferences and a target advertising method using e-mail based on customer preferences |
US6836765B1 (en) * | 2000-08-30 | 2004-12-28 | Lester Sussman | System and method for secure and address verifiable electronic commerce transactions |
US7292996B2 (en) * | 2000-10-06 | 2007-11-06 | Openwave Systems Inc. | Method and apparatus for performing a credit based transaction between a user of a wireless communications device and a provider of a product or service |
US20020069176A1 (en) * | 2000-12-06 | 2002-06-06 | Daniel Newman | System for obtaining fee-based data and services |
US20020107981A1 (en) * | 2001-02-06 | 2002-08-08 | International Business Machines Corporation | Internet domain names with regional associations |
US6957393B2 (en) * | 2001-03-19 | 2005-10-18 | Accenture Llp | Mobile valet |
US7630939B1 (en) * | 2001-03-26 | 2009-12-08 | Usa Technologies, Inc. | System and method for locally authorizing cashless transactions at point of sale |
US20020143655A1 (en) * | 2001-04-02 | 2002-10-03 | Stephen Elston | Remote ordering system for mobile commerce |
US20020161701A1 (en) * | 2001-04-30 | 2002-10-31 | Todd Warmack | Debit or credit card transaction clearing house system |
US20030023489A1 (en) * | 2001-06-14 | 2003-01-30 | Mcguire Myles P. | Method and system for providing network based target advertising |
US20030041240A1 (en) * | 2001-08-22 | 2003-02-27 | Jim Roskind | Single universal authentication system for internet services |
US7111789B2 (en) * | 2001-08-31 | 2006-09-26 | Arcot Systems, Inc. | Enhancements to multi-party authentication and other protocols |
US20030172036A1 (en) * | 2002-03-05 | 2003-09-11 | Idan Feigenbaum | Online financial transaction veracity assurance mechanism |
US20030187949A1 (en) * | 2002-03-28 | 2003-10-02 | Bhatt Jaydutt B. | Determining geographic location of internet users |
US6700965B1 (en) * | 2002-05-03 | 2004-03-02 | At&T Corp. | Identifier-triggered personalized customer relations management service |
US20050144073A1 (en) * | 2002-06-05 | 2005-06-30 | Lawrence Morrisroe | Method and system for serving advertisements |
US20040006489A1 (en) * | 2002-07-03 | 2004-01-08 | Bynon Douglas B. | Benefits services payment and credit system |
US20060111991A1 (en) * | 2002-07-08 | 2006-05-25 | Murray Wilshinsky | Confindential information sharing system |
US8566237B2 (en) * | 2002-11-01 | 2013-10-22 | Western Union Financial Services, Inc. | Internet payment system and method |
US8032536B2 (en) * | 2002-12-19 | 2011-10-04 | Base Base Corporation | System and method for applying network protocols to telephony |
US7827101B2 (en) * | 2003-01-10 | 2010-11-02 | First Data Corporation | Payment system clearing for transactions |
US20050066339A1 (en) * | 2003-03-19 | 2005-03-24 | Thoen Gregory S. | System and method for seamlessly providing video content to client systems over a network |
US20040250236A1 (en) * | 2003-04-30 | 2004-12-09 | O'malley Austin | Establishing and maintaining a relationship between a three-dimensional model and related data |
US7411905B1 (en) * | 2003-09-05 | 2008-08-12 | Sprint Communications Company L.P. | Segmented IP backbone network access |
US8321278B2 (en) * | 2003-09-30 | 2012-11-27 | Google Inc. | Targeted advertisements based on user profiles and page profile |
US20050190901A1 (en) * | 2003-11-07 | 2005-09-01 | Oborn Patrick K. | System and method to determine and deliver quotes for distance-sensitive communication links from multiple service providers |
US20050165684A1 (en) * | 2004-01-28 | 2005-07-28 | Saflink Corporation | Electronic transaction verification system |
US20050177562A1 (en) * | 2004-02-09 | 2005-08-11 | Limelight Networks, Inc. | Universal search engine |
US20110208663A1 (en) * | 2004-03-19 | 2011-08-25 | Kennis Peter H | Extraction of transaction data for compliance monitoring |
US20070067297A1 (en) * | 2004-04-30 | 2007-03-22 | Kublickis Peter J | System and methods for a micropayment-enabled marketplace with permission-based, self-service, precision-targeted delivery of advertising, entertainment and informational content and relationship marketing to anonymous internet users |
US20050260973A1 (en) * | 2004-05-24 | 2005-11-24 | Van De Groenendaal Joannes G | Wireless manager and method for managing wireless devices |
US20060020508A1 (en) * | 2004-07-23 | 2006-01-26 | Gorti Sreenivasa R | Proxy-based profile management to deliver personalized services |
US20060059044A1 (en) * | 2004-09-14 | 2006-03-16 | Chan Wesley T | Method and system to provide advertisements based on wireless access points |
US20060080147A1 (en) * | 2004-10-08 | 2006-04-13 | Mark Greenstein | Method of purchasing a product to avoid adverse selection |
US20060190287A1 (en) * | 2004-10-15 | 2006-08-24 | Rearden Commerce, Inc. | Fraudulent address database |
US20060085357A1 (en) * | 2004-10-19 | 2006-04-20 | First Data Corporation | Methods and systems for performing credit transactions with a wireless device |
US8510189B2 (en) * | 2004-10-19 | 2013-08-13 | Apollo Enterprise Solutions, Inc. | Method for future payment transactions |
US7818229B2 (en) * | 2004-10-19 | 2010-10-19 | Apollo Enterprise Solutions, Inc. | Method for future payment transactions |
US20060271953A1 (en) * | 2005-01-05 | 2006-11-30 | Ronald Jacoby | System and method for delivering personalized advertisements |
US20060235795A1 (en) * | 2005-04-19 | 2006-10-19 | Microsoft Corporation | Secure network commercial transactions |
US20070220604A1 (en) * | 2005-05-31 | 2007-09-20 | Long Kurt J | System and Method of Fraud and Misuse Detection |
US7665658B2 (en) * | 2005-06-07 | 2010-02-23 | First Data Corporation | Dynamic aggregation of payment transactions |
US8041717B2 (en) * | 2005-09-14 | 2011-10-18 | Jumptap, Inc. | Mobile advertisement syndication |
US7983961B1 (en) * | 2005-10-27 | 2011-07-19 | Alvin Chang | Methods and apparatus for marketing profiling while preserving user privacy |
US20070106660A1 (en) * | 2005-11-09 | 2007-05-10 | Bbnt Solutions Llc | Method and apparatus for using confidence scores of enhanced metadata in search-driven media applications |
US7778935B2 (en) * | 2006-03-09 | 2010-08-17 | Colella Brian A | System for secure payment and authentication |
US20070239546A1 (en) * | 2006-04-10 | 2007-10-11 | Scott Blum | Computer implemented interactive advertising system and method |
US7941370B2 (en) * | 2006-04-25 | 2011-05-10 | Uc Group Limited | Systems and methods for funding payback requests for financial transactions |
US20080095173A1 (en) * | 2006-10-19 | 2008-04-24 | Embarq Holdings Company, Llc | System and method for monitoring the connection of an end-user to a remote network |
US8045956B2 (en) * | 2007-01-05 | 2011-10-25 | Macronix International Co., Ltd. | System and method of managing contactless payment transactions using a mobile communication device as a stored value device |
US20080164308A1 (en) * | 2007-01-10 | 2008-07-10 | Aaron Jeffrey A | Credit card transaction servers, methods and computer program products employing wireless teminal location and registered purchasing locations |
US20080255944A1 (en) * | 2007-03-29 | 2008-10-16 | Shah Nitin J | Campaign Management Platform for Network-Based Online Advertising and Directed Media Transmission System |
US20100174660A1 (en) * | 2007-12-05 | 2010-07-08 | Bce Inc. | Methods and computer-readable media for facilitating forensic investigations of online transactions |
US20090172033A1 (en) * | 2007-12-28 | 2009-07-02 | Bce Inc. | Methods, systems and computer-readable media for facilitating forensic investigations of online activities |
US7827108B2 (en) * | 2008-11-21 | 2010-11-02 | Visa U.S.A. Inc. | System and method of validating a relationship between a user and a user account at a financial institution |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10756918B2 (en) | 2008-12-02 | 2020-08-25 | ioBridge, Inc. | Activating a device via a module-based device interaction system |
US9497261B1 (en) * | 2008-12-02 | 2016-11-15 | ioBridge, Inc. | System, method, and computer-readable medium for wireless interaction with a device via a module-based device interaction system |
US9497272B1 (en) * | 2008-12-02 | 2016-11-15 | ioBridge, Inc. | Module-based device interaction system |
US9681357B1 (en) * | 2008-12-02 | 2017-06-13 | ioBridge, Inc. | System, method, and computer-readable medium for interaction with a device via a module-based device interaction system enabled for wireless communication |
US8667102B1 (en) * | 2008-12-02 | 2014-03-04 | ioBridge, Inc. | Module-based device interaction system |
US10021553B2 (en) * | 2012-07-18 | 2018-07-10 | Unify Gmbh & Co. Kg | Method of updating a location information representing a physical location of a communication device, a computer program product for executing the method, and a communication system for updating the location information |
US10368226B2 (en) * | 2012-07-18 | 2019-07-30 | Unify Gmbh & Co. Kg | Method of updating a location information representing a physical location of a communication device, a computer program product for executing the method, and a communication system for updating the location information |
US20160084933A1 (en) * | 2012-07-18 | 2016-03-24 | Unify Gmbh & Co. Kg | Method of updating a location information representing a physical location of a communication device, a computer program product for executing the method, and a communication system for updating the location information |
US10187777B2 (en) * | 2012-07-18 | 2019-01-22 | Unify Gmbh & Co. Kg | Method of updating a location information representing a physical location of a communication device, a computer program product for executing the method, and a communication system for updating the location information |
US20180288600A1 (en) * | 2012-07-18 | 2018-10-04 | Unify Gmbh & Co. Kg | Method of Updating a Location Information Representing a Physical Location of a Communication Device, A Computer Program Product for Executing the Method, and a Communication System for Updating the Location Information |
US9883367B2 (en) * | 2012-07-18 | 2018-01-30 | Unify Gmbh & Co. Kg | Method of updating a location information representing a physical location of a communication device, a computer program product for executing the method, and a communication system for updating the location information |
US9727866B2 (en) | 2013-10-15 | 2017-08-08 | Intuit Inc. | Methods systems and computer program products for verifying consumer identity during transaction |
US10290000B2 (en) | 2013-10-15 | 2019-05-14 | Intuit Inc | Methods systems and computer program products for verifying consumer identity during transaction |
US9256752B2 (en) | 2014-01-07 | 2016-02-09 | Microsoft Technology Licensing, Llc | Product authorization with cross-region access |
US9439070B2 (en) * | 2014-04-23 | 2016-09-06 | DeNA Co., Ltd. | User authentication system |
US20150310201A1 (en) * | 2014-04-23 | 2015-10-29 | DeNA Co., Ltd. | User authentication system |
US20210342411A1 (en) * | 2014-08-04 | 2021-11-04 | Ent. Services Development Corporation Lp | Event stream processing |
US20170308898A1 (en) * | 2016-04-25 | 2017-10-26 | AO Kaspersky Lab | System and method of recognizing transactions as trusted |
Also Published As
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10649984B2 (en) | Online transaction validation using a location object | |
US11798003B2 (en) | Methods and computer-readable media for facilitating forensic investigations of online transactions | |
CN110869961A (en) | System and method for securing sensitive credentials using transaction identifiers | |
US20090172033A1 (en) | Methods, systems and computer-readable media for facilitating forensic investigations of online activities | |
US20010034702A1 (en) | System and method for dynamically issuing and processing transaction specific digital credit or debit cards | |
US8494962B2 (en) | Method and system for secure mobile remittance | |
US8930272B2 (en) | Systems and methods for mobile transactions | |
US20130226803A1 (en) | Method and system for authenticating an entity using transaction processing | |
KR101093126B1 (en) | Method for Providing Integrated Property using Internet Banking Service and Recording Medium | |
US20180341950A1 (en) | Transaction control | |
KR100698398B1 (en) | Method to handle guarantee process for electronic commerce | |
KR20140047370A (en) | System and method for providing payment service using otp | |
CA2633227A1 (en) | Methods, systems and computer-readable media for facilitating forensic investigations of online activities | |
KR20090009364A (en) | System and method for integrated payment of trade transaction service and program recording medium | |
JP2002230455A (en) | System and method for electronic settlement processing | |
KR20090085566A (en) | System for integrated payment of trade transaction service and program recording medium | |
KR20090001890A (en) | System and method for processing joining of specified money in trust and program recording medium | |
KR20090083887A (en) | System for managing lottery present by using non-faced channel |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: BCE INC., CANADA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BOUCHARD, JEAN;FORTIER, STEPHANE MAXIME FRANCOIS;REEL/FRAME:021295/0829 Effective date: 20080625 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |