111111111111111111111111111111111111111111111111111111111111111111111111111
`US007840486B2
`
`(12) United States Patent
`D'Agostino
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 7,840,486 B2
`Nov. 23, 2010
`
`(54) SYSTEM AND METHOD FOR PERFORMING
`SECURE CREDIT CARD PURCHASES
`
`(76)
`
`Inventor:
`
`John D'Agostino, 6237 Weymouth Dr.,
`Sarasota, FL (US) 34238
`
`( *) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.c. 154(b) by 0 days.
`
`(21) Appl. No.: 11/252,009
`
`(22)
`
`Filed:
`
`Oct. 17, 2005
`
`(65)
`
`(63)
`
`Prior Publication Data
`
`US 2006/0031161 Al
`
`Feb. 9,2006
`
`Related U.S. Application Data
`
`Continuation of application No. 10/037,007, filed on
`Nov. 9, 2001, now abandoned, which is a continuation(cid:173)
`in-part ofapplication No. 09/231,745, filed on Jan. 15,
`1999, now Pat. No. 6,324,526.
`
`(51)
`
`Int. Cl.
`G06Q40/00
`
`(52)
`
`U.S. Cl.
`
`(2006.01)
`
`705/44; 705/41
`
`(58)
`
`(56)
`
`CA
`
`Field of Classification Search .... ... ... ..... .... 705/39,
`705/40,44
`See application file for complete search history.
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`3,938,091 A
`2/1976 Atalla et al.
`12/1983 Sano et al.
`4,423,316 A
`(Continued)
`
`FOREIGN PATENT DOCUMENTS
`2167543
`7/1997
`(Continued)
`
`OTHER PUBLICATIONS
`
`Lee et al.: Evoluntionary business models for e-cash with smart
`cards, Korea Advanced Institute of Science and Technology, Korea,
`htp://koasas.kaist.ac.kr/bitstrearn/l0203/4774/1/2000-092.pdf , pp.
`352-358.*
`
`(Continued)
`
`Primary Examiner-Hani Kazimi
`Assistant Examiner-Bijendra K Shrestha
`(74) Attorney, Agent, or Firm-Maxey Law Offices, PLLC;
`Stephen Lewellyn
`
`(57)
`
`ABSTRACT
`
`A method and system of performing secure credit card pur(cid:173)
`chases in the context of a remote commercial transaction,
`such as over the telephone, wherein only the customer, once
`generally deciding upon a product or service to be purchased,
`communicates with a custodial authorizing entity, such as a
`credit card company or issuing bank wherein such entity has
`previous knowledge of the credit card number as well as
`custodial control of other account parameters such as interest
`rate, payment history, available credit limit etc. The customer
`supplies the custodial authorizing entity with the account
`identification data such as the credit card number and a
`requested one of a possible plurality of predetermined pay(cid:173)
`ment categories which define the dollar amount for the pur(cid:173)
`chase and specific, predetermined time parameters within
`which authorization by the custodial authorizing entity will
`remain in effect. The custodial authorizing entity then gener(cid:173)
`ates a transaction code which is communicated exclusively to
`the customer wherein the customer in tum communicates
`only the transaction code to the merchant instead of a credit
`card number. The transaction code is indicative of merchant
`identification, credit card account identification and a desig(cid:173)
`nated one of the plurality of predetermined payment catego(cid:173)
`nes.
`
`30 Claims, 2 Drawing Sheets
`
`MasterCard, Exh. 1001, p. 1
`
`

`

`u.s. PATENT DOCUMENTS
`4,707,592 A
`11/1987 Ware
`4,720,860 A
`1/1988 Weiss
`4,725,719 A
`2/1988 Oncken et al.
`4,747,050 A
`5/1988 Bracht! et al.
`4,797,920 A
`1/1989 Stein
`4,893,330 A *
`1/1990 Franco
`5,097,505 A
`3/1992 Weiss
`5,130,519 A
`7/1992 Bush et al.
`5,163,097 A
`11/1992 Pegg
`5,193,114 A
`3/1993 Moseley
`5,196,840 A
`3/1993 Leith et al.
`5,202,826 A
`4/1993 McCarthy
`5,239,583 A
`8/1993 Parrillo
`5,287,268 A
`2/1994 McCarthy
`5,317,636 A
`5/1994 Vizcaino
`5,323,338 A
`6/1994 Hawthorne
`5,326,960 A
`7/1994 Tannenbaum
`5,350,906 A
`9/1994 Brodyet al.
`5,363,449 A
`11/1994 Bestock
`5,428,684 A
`6/1995 Akiyama et al.
`5,466,919 A
`11/1995 Hovakimian
`5,478,994 A
`12/1995 Rahman et al.
`5,485,510 A
`1/1996 Colbert
`5,500,513 A *
`3/1996 Langhans et al.
`5,504,808 A
`4/1996 Harmick, Jr.
`5,555,497 A
`9/1996 Helbling
`5,577,109 A
`11/1996 Stimson et al.
`5,583,918 A
`12/1996 Nakagawa
`5,606,614 A
`2/1997 Bradyet al.
`5,621,201 A
`4/1997 Langhans et al.
`5,627,355 A
`5/1997 Rahman et al.
`5,671,279 A
`9/1997 Elgamal
`5,677,955 A
`10/1997 Doggett et al.
`5,694,471 A
`12/1997 Chen et al.
`5,696,908 A
`12/1997 Muehlberger et al.
`5,715,314 A
`2/1998 Payne et al.
`5,721,768 A
`2/1998 Stimson et al.
`5,724,424 A
`3/1998 Gifford
`5,727,163 A
`3/1998 Bezos
`5,729,594 A
`3/1998 Klingman
`5,748,908 A
`5/1998 Yu
`5,757,917 A
`5/1998 Rose et al.
`5,768,381 A
`6/1998 Hawthorne
`5,777,305 A
`7/1998 Smith et al.
`5,777,306 A
`7/1998 Masuda
`5,794,221 A
`8/1998 Egendorf
`5,815,657 A
`9/1998 Williams et al.
`5,822,737 A
`10/1998 Ogram
`5,825,881 A
`10/1998 Colvin, Sr.
`5,826,241 A
`10/1998 Stein et al.
`5,826,243 A
`10/1998 Musmanno et al.
`5,832,087 A
`11/1998 Hawthorne
`5,845,281 A *
`12/1998 Benson et al.
`5,864,830 A
`1/1999 Armetta et al.
`5,868,236 A
`2/1999 Rademacher
`5,883,810 A
`3/1999 Franklin et al.
`5,890,137 A
`3/1999 Koreeda
`5,893,907 A
`4/1999 Ukuda
`5,903,878 A
`5/1999 Talati et al.
`5,914,472 A *
`6/1999 Foladare et al
`5,953,710 A *
`9/1999 Fleming
`5,956,699 A
`9/1999 Wong et al.
`5,984,180 A
`11/1999 Albrecht
`5,991,749 A *
`11/1999 Morrill, Jr
`5,991,750 A *
`11/1999 Watson
`6,000,832 A *
`12/1999 Franklin et al.
`6,014,650 A *
`1/2000 Zampese
`6,029,150 A *
`2/2000 Kravitz
`6,029,890 A
`2/2000 Austin
`6,144,948 A
`11/2000 Walker et al.
`6,163,771 A *
`12/2000 Walker et al
`
`.
`
`US 7,840,486 B2
`Page 2
`
`379/91.02
`
`235/380
`
`6,188,761 Bl
`6,226,624 Bl *
`6,240,397 Bl
`6,267,292 Bl
`6,298,335 Bl
`6,324,526 Bl
`6,339,766 Bl
`6,341,724 B2
`6,343,279 Bl
`6,375,084 Bl
`6,422,462 Bl
`6,456,984 Bl *
`6,598,031 Bl
`6,636,833 Bl
`2001/0011249 Al *
`2002/0120587 Al
`2002/0152158 Al *
`2003/0018567 Al
`2003/0028481 Al
`2003/0097331 Al
`2003/0216997 Al
`
`2/2001 Dickerman et al.
`5/2001 Watson et al
`5/2001 Sachs
`7/2001 Walker et al.
`10/2001 Bernstein
`11/2001 D' Agostino
`1/2002 Gephart
`1/2002 Campisano
`1/2002 Bissonette et al.
`4/2002 Stanford et al.
`7/2002 Cohen
`9/2002 Demoff et al.
`7/2003 Ice
`10/2003 Flitcroft et al.
`8/2001 Yanagihara et al
`8/2002 D' Agostino
`10/2002 Paleiov et al.
`1/2003 Flitcroft et al.
`2/2003 Flitcroft et al.
`5/2003 Cohen
`11/2003 Cohen
`
`FOREIGN PATENT DOCUMENTS
`
`705/44
`
`705/40
`
`705/41
`
`705/39
`
`EP
`EP
`EP
`EP
`FR
`GB
`GB
`GB
`GB
`WO
`WO
`WO
`WO
`WO
`WO
`WO
`WO
`WO
`WO
`
`0081921 Al
`0590861 A2
`0590861 A3
`0590961 A2
`2661996 Al
`2145265 A
`2252270 A
`2327831 A
`2361790 A
`WO 91/12693
`WO 93/14476
`WO 95/07512
`WO 96/08756
`WO 96/42150
`WO 97/15893
`WO 97/19549
`WO 98/26376
`WO 99/49424
`WO 00/42486
`
`6/1983
`4/1994
`4/1994
`4/1994
`11/1991
`3/1985
`8/1992
`2/1999
`10/2001
`5/1992
`7/1993
`3/1995
`3/1996
`12/1996
`5/1997
`5/1997
`6/1998
`9/1999
`7/2000
`
`OTHER PUBLICATIONS
`
`Jones, R.: Prepaid cards, an emerging internet payment mechanism,
`the Nuvantage Group, Jun. 2001, pp. 1-9.*
`Eran Gabber and Abraham Silberschatz, A Minimal Distributed Pro(cid:173)
`tocol
`for Electronic Commerce, www.usenix.org/publications
`(Article), Oakland, USA, Nov. 18-21, 1996.
`Citi.com, Total Fraud Protection ... Solutions for your safety and
`peace of mind, (printout) CBSD002144-CBSD002153.
`Owen Thomas, Money Changers, www.ecompany.com. (Article),
`Oct. 2000.
`Netchex-a short brief, www.trnl.hut.fi/StudiesiTik-110.50/1997/
`Ecomerce/netchex-5.htrnl, (Article), Nov. 5, 2002.
`GE Capital Financial Inc., GE Pre-Authorization System, (GE's
`website printout).
`Matt Barthel, Diebold Plans Major Push in Market for Debit-Card
`Point of Sale Terminals, Sep. 28, 1993, American Banker, pp. 1-2.
`Bob Woods, New Dell E-Commerce Guarantee Called "Weak", Aug.
`13, 1998, Newbytes News pp. 1-2.
`Anne Finnigan, The Safe Way to Shop Online, Good Housekeeping,
`Sep. 1998, pp. 1-2.
`Paul Demery, Attaching the Smart Card Fortress, Credit Card Man(cid:173)
`agement, Sep. 1998, pp. 1-4.
`Larry Chase, Taking Transactions Online, Target Marketting, Oct.
`1998, 1-4.
`Virtual Credit Card (VCe), www.geocites.comiEurekaiParkl5014/
`vcc.htrn, (printout). Jun. 28, 1999.
`Smart Cards, disc.cba.uh.edu, (printout), Nov. 1,2001.
`
`1/1
`
`235/380
`705/38
`
`705/44
`705/44
`700/232
`705/44
`705/39
`
`705/18
`
`MasterCard, Exh. 1001, p. 2
`
`

`

`US 7,840,486 B2
`Page 3
`
`Vincent Moscaritolo & Robert Hettinga, Digital Connnerce for the
`Rest of Us Apple in a Geodesic Economy, www.shipwright.coml
`rants/rant_15.html, (article), Sep. 4, 1996.
`Black Ives & Michael Earl, Mondex International Reengineering
`Money, London Business School Article,
`isds.bus.Isu.edu/casesl
`mondex.html, Nov. 1,2001.
`Smart Card New Ltd's Information Gateway, www.smartcard.co.uk/
`articles/electronicmoney.html, Nov. 1, 2001.
`Putting Risk in Perspective, (Article) Internet Outlook (Jul. 20,
`1997), vol. 1 No.3, www.webreference.com. Nov. 1,2001.
`
`Keith Lamond,Credit Card Transactions Real World and Online.
`www.virtualschools.edu/mon/ElectronicProperty/klamond/
`credit_card.htm, Sep. 11, 2001.
`Steven P. Ketchpel & Andreas Paepcke, Shopping Models: A Flexible
`Architecture for Information Connnerce, dbpubs.stanford.edu:8090,
`Oct. 1, 2002, (Stanford, USA).
`Re-examination of U.S. Patent No. 6,324,526 granted to John
`D' Agostino, assigned U.S. Appl. No. 901007,481, filed Mar. 28,
`2005.
`* cited by examiner
`
`MasterCard, Exh. 1001, p. 3
`
`

`

`u.s. Patent
`
`Nov. 23, 2010
`
`Sheet 1 of2
`
`US 7,840,486 B2
`
`Contact
`Customer
`
`Terminate
`
`18'
`
`18
`
`Customer Retrieves
`Promotional
`Information
`
`Customer Contacts
`Authorizing Entity
`
`Customer Supplies
`Credit Card Info. &
`Payment Category
`
`Generate
`Transaction
`Code
`
`Transmit
`Transaction Code
`To Customer
`
`Customer Transmits
`Transaction Code
`To Merchant
`
`10
`
`12
`
`14
`
`16
`
`20
`
`22
`
`24
`
`Terminate
`Transaction
`
`Inform
`Customer
`
`30
`
`28
`
`26
`
`FIG. 1
`
`MasterCard, Exh. 1001, p. 4
`
`

`

`u.s. Patent
`
`Nov. 23, 2010
`
`Sheet 2 of2
`
`US 7,840,486 B2
`
`54
`
`Customer
`
`o
`
`Camp.
`
`Tel.
`
`58
`
`42'
`
`66
`
`66'
`
`56
`
`Merchant
`
`Tel.
`
`Compo
`
`56'
`
`44'
`
`Authorizing Entity
`
`64
`
`45'
`
`FIG. 2
`
`45'
`
`54
`
`Customer
`
`Camp.
`
`Tel.
`
`42'
`
`66
`
`66'
`
`62
`
`60
`
`56
`
`Merchant
`
`Tel.
`
`Camp.
`
`56'
`
`44'
`
`Authorizing Entity
`
`45'
`
`64
`
`45'
`
`FIG. 3
`
`MasterCard, Exh. 1001, p. 5
`
`

`

`US 7,840,486 B2
`
`1
`SYSTEM AND METHOD FOR PERFORMING
`SECURE CREDIT CARD PURCHASES
`
`The present application is a Continuation of u.s. patent
`applicationSer. No. 10/037,007, filed Nov. 4, 2001 nowaban(cid:173)
`doned, which is a continuation-in-part of u.s. patent appli(cid:173)
`cation Ser. No. 09/231,745, filed on Jan. IS, 1999, now U.S.
`Pat. No. 6,324,526, issued on Nov. 27, 2001.
`
`BACKGROUND OF THE INVENTION
`
`1. Field of the Invention
`This invention relates to a system and method of perform(cid:173)
`ing secure credit card purchases in connection with remote
`commercial transactions, wherein a credit card holder does
`not have to reveal their credit card number to a merchant or a
`mechanism controlled by the merchant in order to accomplish
`a purchase, and wherein the merchant is still assured of the
`necessary credit verifications and approvals prior to authoriz(cid:173)
`ing and/or completing a credit card transaction,
`thereby
`increasing overall security by minimizing any access to credit
`card numbers without having to substantially modifY or devi(cid:173)
`ate from existing, accepted credit card transaction practices.
`2. Description of the Related Art
`The utilization of credit and debit cards to conduct trans(cid:173)
`actions is ever increasing. This is especially the case with
`remote or "mail-order" transactions wherein merchants
`desire to be assured of a payment prior to shipping a product.
`For example, recent years have seen a substantial increase in
`the popularity of televised shopping networks to further
`supplement the popularity ofcatalogue type sales. Moreover,
`the increasing use and popularity of distributed computer
`networks such as the internet has also contributed to the
`dramatic increase in the number ofremote commercial trans(cid:173)
`actions conducted every day.
`One primary reason associated with the rapid growth of
`remote commercial transactions is the ability ofa merchant to
`reach an almost limitless number of potential customers at a
`substantially insignificant cost and with little or no operating
`overhead since an actual store is not required. Additionally,
`such sales techniques permit customers to view the products
`and services in a greatly expanded marketplace, representing
`a great number ofvendors, without extensive travel and with(cid:173)
`out foregoing the privacy and convenience of their home or
`other predetermined computer site in some cases. Simply put,
`a telephone or like commnnication avenue is all that is needed
`to place the consumer in contact with the merchant and com(cid:173)
`plete the transaction.
`The vast increase in popularity of remote commercial
`transactions conducted over the telephone or internet is fur(cid:173)
`ther facilitated by the relatively simple protocols and proce(cid:173)
`dures necessary to conduct such transactions. In particular, in
`order to complete a valid transaction, a merchant need not
`physically see the customer or the credit card, but must
`merely accept and enter a customer's credit card acconnt 55
`number and an expiration date thereofto obtain authorization.
`This same convenience, however, is the primary disadvantage
`and/or problem associated with conducting commerce in the
`manners set forth above. Specifically, there is a great reluc(cid:173)
`tance on the part of the customer to transmit the credit card 60
`acconnt
`information,
`including the credit card number,
`because of the proliferation of fraud, and a well recognized
`lack of security directed to the protection of such acconnt
`information. Indeed, it has been established that security and
`privacy concerns are realistic due to the fact that credit card 65
`acconnt data is easily readable or interceptable by unautho(cid:173)
`rized parties, and can be readily used for all types of remote
`
`2
`transactions with minimal risk ofbeing physically caught. In
`fact, unscrupulous individuals have many ways of gaining
`access to a consumer's legitimate remote transactions and
`thereby obtaining the credit card information. This informa(cid:173)
`tion can be obtained from old credit card receipts or even from
`the unauthorized notation and use ofthe information by mer(cid:173)
`chants or their employees after a legitimate transaction is
`made. Naturally, the latter is the most difficult to prevent
`utilizing known methods and systems unless a consumer is
`10 willing to completely forego the use of a credit card for
`purchases.
`In the case of computerized remote transactions, as mes(cid:173)
`sages, including account data or other confidential informa-
`15 tion, move across the internet, they can easily pass through
`numerous computers, anyone of which can be utilized to
`copy such confidential information or data, thereby leading to
`a further risk of potential fraud when conducting such trans(cid:173)
`actions. Presently, some companies currently seek to address
`20 such security and privacy concerns by the employment of
`encryption programs and techniques. To this end there is an
`extensive facility associated with both public and private
`encryption schemes being deployed in order to guard the
`private or secured information being transmitted across the
`25 internet or like world wide networks. Unfortunately, however,
`even with such encryption techniques, the account informa(cid:173)
`tion must usually still ultimately be transmitted to a third
`party who did not previously have access to that information
`previously. Even some more sophisticated systems which
`30 ~~~~~~ni~:~oa:s:~:;~:~at~e::~~~%~~a:~~:~~~~:a:~~d-
`rization and forward it to the merchant, that information must
`still be made available to and/or transmitted to that third party,
`thereby leaving open an avenue for fraud or theft. Further,
`35 such encryption techniques, even if minimally effective for
`computerized remote transactions, are not truly useable for
`other conventional types ofremote transactions, or even nor(cid:173)
`mal in person transactions.
`Based on the above, there is an obvious need in the field of
`40 art associated with remote commercial transactions for a sys(cid:173)
`tem and method ofperforming secure credit card purchases of
`goods and services which truly reduces the risk of potential
`fraud and theft by eliminating outside access to a consumer's
`private credit card information without requiring complex
`45 encryption equipment or significantly altering the ease and
`convenience of current transaction techniques. Further, such
`a system and method should also be effective for use in
`conventional, "in person" transactions as well, thereby pro(cid:173)
`viding an added measure of security and minimizing the
`50 hazards associated with the passing on of account informa(cid:173)
`tion by unscrupulous merchants. Also, such a system should
`provide limits to potential loss or liability in a manner which
`does not impede the transaction.
`
`SUMMARY OF THE INVENTION
`
`The present invention is directed towards a system and
`method of performing secure credit card purchases, wherein
`payment for goods or services purchased is efficiently accom(cid:173)
`p ished while eliminating the necessity of disclosure or dis(cid:173)
`semination of a consumers specific credit card number or
`other account data which the customer or other individual
`may wish to maintain in confidence. The system and method
`of the present invention incorporates the advantage of con(cid:173)
`snnnnating the purchase by the customer through the selec(cid:173)
`tion of anyone of a plurality of predetermined payment
`categories. Collectively, the payment categories represent a
`
`MasterCard, Exh. 1001, p. 6
`
`

`

`US 7,840,486 B2
`
`3
`variety of methods for accomplishing payment for a fixed
`transaction, a multiple transaction and/or a repeating transac(cid:173)
`tion.
`One embodiment of the system and method of the present
`invention comprises a customer
`receiving information,
`including specific data necessary for the purchase of any
`given product or service. This promotional information gen(cid:173)
`erated by the merchant can be received by any ofa plurality of
`conventional means including advertisements, catalogues,
`computer network connections, direct person to person cus(cid:173)
`tomer and merchant contact,
`telephone solicitation, mail
`orders, etc. Once the customer has identified the product or
`services which he/she wishes to purchase, the customer con(cid:173)
`tacts and supplies a custodial authorizing entity with the
`requisite information concerning both the identification of a
`specific credit card or debit card account and a requested
`payment category. Additionally, security against unautho(cid:173)
`rized use of confidential account data may also preferably
`include information relating to the merchant's identification
`and/or location.
`The custodial authorizing entity is preferably defined as the
`entity which has or has been assigned the custodial responsi(cid:173)
`bility for the financial account data ofa customer's credit card
`account, including a previous knowledge of the credit card
`number and other information such as credit limits, payment 25
`history, available credit amounts and other information which
`will determine the status of a given credit card account in
`terms of authorizing a requested payment for a current pur(cid:173)
`chase.
`As part of the security system for accomplishing a com(cid:173)
`mercial transaction utilizing credit card or debit card pay(cid:173)
`ment,
`the custodial authorizing entity includes sufficient
`facilities, preferably including a processing computer or like
`applicable hardware for the generation of an exclusive trans(cid:173)
`action code. The transaction code is to be used in substitution 35
`for the credit card number and when utilized as authorized,
`will issue the merchant a credit approval, and will accomplish
`payment for the goods or services desired in the normal
`fashion normally associated with a credit or debit card trans(cid:173)
`action, without the publication or dissemination of an identi- 40
`fying credit card number for a specific customer's account to
`any entity that is not already aware of that information.
`Further, a feature of the transaction code is its ability to
`indicate anyone of preferably a plurality of predetermined
`payment categories which may be either requested by the 45
`customer or automatically chosen by the custodial authoriz(cid:173)
`ing entity based on the type ofaccount or the type ofpurchase
`or other commercial transaction involved. Each of the pay(cid:173)
`ment categories are reflective of a different type of payment
`desired or required to consummate the intended purchase. 50
`More specifically, the plurality of payment categories may
`include a single transaction involving a specific dollar amount
`for a purchase within a specific time period, such as twenty
`four hours, during which authorization of the purchase
`remains valid. Alternately, a single transaction may be 55
`involved wherein a maximum limit or a dollar amount is
`determined above which the purchase will become invali(cid:173)
`dated and further wherein a fixed period of time is preferably
`established for maintaining authorization of such purchase.
`Other alternatives would involve one or more of the catego- 60
`ries coded to define multiple transactions involving a maxi(cid:173)
`mum dollar amount for purchases, as well as a fixed period of
`time for authorization of such purchases, and/or a repeating
`transaction wherein payments may be automatically accessed
`by a merchant over a predetermined or unspecified time inter- 65
`val (such as every thirty days) for a specific dollar amount or
`a maximum dollar amount limit. Also, limits solely as to a
`
`4
`specific merchant or a given time period can be effectively
`established for which the transaction code is valid.
`A further feature ofthe present invention to be described in
`greater detail hereinafter, is the requirement that the transac(cid:173)
`tion code, once received by the customer is transmitted to the
`merchant by the customer or a person specifically authorized
`by the customer. Only minimal contact by the merchant and
`the custodial authorizing entity is provided for purposes ofthe
`10 merchant verifYing the validity ofthe transaction code utiliz(cid:173)
`ing a conventional process electronically or otherwise similar
`to the verification of a credit card number normally offered to
`a merchant for the purchase of goods or services. There is,
`therefore, no disclosure, publication or other dissemination of
`15 the specific credit card number of a given customer account
`beyond those entities who already know the information, and
`the transaction code is transmitted exclusively to the cus(cid:173)
`tomer by the custodial authorizing entity who has the ability
`to better identify whether the customer is properly authorized
`20 to use the account. Moreover, the transaction code, once given
`out by the customer, only has a limited usefulness, thereby
`limiting the risk of misuse and minimizing the potential
`losses to be experienced by the credit card company and/or
`the account holder.
`Accordingly, it is an object of the present invention to
`provide a system and attendant method for performing
`remote commercial transactions utilizing credit cards, which
`maximizes the security of the transaction and limits the
`30 potential liability to be experienced from a fraudulent trans(cid:173)
`action.
`Yet another object of the present invention is to provide a
`secure system and method for establishing credit card pur(cid:173)
`chases which eliminate the disclosure or dissemination ofthe
`actual credit card number to anyone other than a custodial
`authorizing entity which normally has custodial responsibili(cid:173)
`ties for account information including the previously estab(cid:173)
`lished credit card number.
`It is another object of the present invention to provide a
`system and method of establishing secure credit card pur(cid:173)
`chases through the generation of a transaction code which
`renders it extremely difficult or impossible to access or infil(cid:173)
`trate a customer's credit card account by unauthorized means.
`It is yet another object ofthe present invention to provide a
`secure method of completing a remote commercial transac(cid:173)
`tion which eliminates the need to convey actual account infor(cid:173)
`mation to a merchant, but which allows the merchant to
`conduct a normal verification of information needed to con(cid:173)
`sUlllillate a given purchase.
`It is also an object of the present invention to provide a
`system and attendant method of accomplishing secure credit
`card purchases which eliminate the need to disclose or dis(cid:173)
`seminate a given credit card number while providing the
`customer with the versatility of choosing anyone of a plural(cid:173)
`ity of predetermined payment categories.
`It is yet another feature of the present invention to provide
`a system and method of accomplishing secure credit card
`payments having the versatility of allowing the customer to
`select anyone of a plurality ofpayment categories which are
`indicative ofa variance in the amount of a purchase as well as
`the time in which authorization for such payment is valid.
`These and other objects, features and advantages of the
`present invention will become more clear when the drawings
`as well as the detailed description are taken into consider(cid:173)
`ation.
`
`MasterCard, Exh. 1001, p. 7
`
`

`

`US 7,840,486 B2
`
`5
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`For a fuller understanding of the nature of the present
`invention, reference should be had to the following detailed
`description taken in connection with the accompanying draw(cid:173)
`ings in which:
`FIG. 1 is a schematic representation of a flow chart show(cid:173)
`ing various steps involved in the performance of the system
`and method ofthe present invention for the secure credit card
`purchasing;
`FIG. 2 is a schematic representation similar to that of FIG.
`1 wherein customer to merchant contact is accomplished by
`conventional facilities such as television; and
`FIG. 3 is a schematic representation similar that of FIG. 2
`wherein customer to merchant contact is established either by
`phone or in person.
`Like reference numerals refer to like parts throughout the
`several views of the drawings.
`
`DETAILED DESCRIPTION OF THE PREFERRED
`EMBODIMENT
`
`As shown in the accompanying Figures, the present inven(cid:173)
`tion is directed towards a system and method for accomplish(cid:173)
`ing secure credit card purchases. Moreover, these purchases
`can be "in person", but preferably include remote commercial
`transactions such as mail order, purchases over the intemet,
`television solicitations, telephone solicitations, etc. Security
`is established by virtue of the elimination of the need to
`disclose an active credit card number and expiration date to
`the merchant or any other party other than the original credit
`card company, issuing bank or like financial institution which
`already has custodial responsibilities for the financial or
`account data associated with a given customer's credit card
`account.
`More specifically and with reference to FIG. 1 the system
`as well as an attendant method is preferably instigated by the
`customer viewing a product, identifYing a desired amount for
`a transaction and/or receiving promotional information as at
`10, either in person or by any of the electronic or more
`conventional techniques which will be described in greater
`detail with reference to FIGS. 2 through 3. Once the customer
`reviews the product or promotional information and has suf(cid:173)
`ficient information, such as including price, product or ser(cid:173)
`vice identification, payment requirement, etc., regarding the
`remote commercial transaction to be conducted, the customer
`contacts, either by computer, telephone or in person, a custo(cid:173)
`dial authorizing entity as at 12. The custodial authorizing
`entity may herein be defined as comprising that entity or
`institution which has or has been designated by the entity
`which has custodial responsibility for the financial data and
`security of a given credit card account of a customer. As set
`forth above such custodial authorizing entity can be repre(cid:173)
`sented by the credit card company issuing a credit card to a
`given customer or alternately can be represented by a bank or
`other financial institution serving to sponsor a credit card or
`debit card to the extent of processing the debits and credit
`associated therewith. The authorizing entity's custodial
`responsibilities of course includes the previous knowledge
`and/or storage ofthe credit card number serving to identify a
`specific customer's credit card account. Once contacted, the
`customer then supplies appropriate identification data to
`inform the custodial authorizing entity of a specific custom(cid:173)
`er's credit card account as at 14. In addition, the customer will
`supply the custodial authorizing entity with additional
`required information needed to consummate the purchase as
`well as ensure the security of the account in order to prevent
`
`6
`its unauthorized use. Such additional information may pref(cid:173)
`erably include the identification ofthe merchant or merchants
`involved, when such information is deemed necessary, and a
`requested one of a plurality of predetermined payment cat(cid:173)
`egories to facilitate consummation of the purchase of the
`products or services desired. Such predetermined plurality of
`payment categories will be discussed in greater detail here(cid:173)
`inafter.
`Once the appropriate information has been received from
`10 the customer as indicated at 16, the custodial authorizing
`entity verifies the credit card status and account identification
`of the customer to determine the viability of the account in
`terms of dollar amount limits, payment history, available
`credit balance, etc. Ifthe accessed credit card account is not in
`15 good standing, the custodial authorizing entity will perma(cid:173)
`nently or temporarily terminate the transaction as at 18 and/or
`communicate to the customer directly as at 18' by any appli(cid:173)
`cable means for purposes of informing the customer of the
`unacceptable status ofthe accessed credit card account. Ifthe
`20 credit card account is in good standing, based at least in part
`on the requested payment category, (amount ofpayment), the
`custodial authorizing entity generates a transaction code as at
`20. The transaction code is used in substitution for the specific
`credit card number which would normally identifY a custom-
`25 er's credit card account and would allow access thereto by any
`entity having possession ofthe credit card number whether or
`not such possession was authorized or unauthorized. More
`specifically, the transaction code is pre-coded to be indicative
`of a specific credit card account, preferably a merchant or
`30 merchants identification and a designated payment category,
`selected from the plurality ofpredetermined payment catego(cid:173)
`ries as set forth above. Once generated, the transaction code is
`communicated exclusively to the authorized and verified cus(cid:173)
`tomer by the custodial authorizing entity as at 22, wherein the
`35 system and method of the present
`invention preferably
`restricts communication between the custodial authorizing
`entity and the merchant except to conduct a normal verifica(cid:173)
`tion as will be explained.
`The verified customer thereafter and preferably within a
`40 time limit to be determined by the customer and pre-coded in
`association with the transaction code, will directly or through
`an authorized representative communicate the transaction
`code to the merchant as at 24. The system and method of the
`preferred embodiment of the present invention contemplates
`45 that only the verified customer will transmit the generated
`transaction code to the merchant in the case of a remote
`commercial transaction, thereby limiting knowledge of the
`transaction code to those parties having a need to know. Of
`course, however, as the transaction code will generally have a
`50 limited value as defied by the verified customer when
`obtained, the verified customer may designate an agent or
`other entity to act as the customer on hislher behalf, with the
`amount of potential liability to be experienced by such a
`transaction to be limited to the amount defined by the verified
`55 customer when obtaining the transaction code.
`At this point the purchase is consummated at least from the
`customer standpoint in that the customer has previously
`established the acceptable status ofthe account. Therefore the
`customer feels free to disclose the transaction code to the
`60 merchant or merchants instead of the actual credit card num(cid:173)
`ber as at 22, 24 and is relatively unconcerned ifthe transaction
`code is published or otherwise disseminated to unauthorized
`entities. In a preferred embodiment wherein a merchant iden(cid:173)
`tifier is pre-coded in association with the transaction code, the
`65 pre-coding of the transaction code will prohibit an unautho(cid:173)
`rized use due at least in part to the fact that the merchant is
`specifically identified and any a