Patent Application
20130185214
Noncash tender types are commonplace in today's society. Consumers routinely participate in transactions for purchasing goods and services by providing merchants with payment tokens which may be associated with any number of account types. “Credit card” tokens associated with secured or unsecured lines of credit and “gift card” or “debit card” tokens associated with stored value accounts are common examples of noncash tender used in today's marketplace.
The payment credentials represented by tokens are inherently confidential and must be safeguarded, lest the credentials be misappropriated by an unauthorized user. Even so, a user of a physical credit card token, for example, must freely hand over payment credentials to a merchant in order to complete a purchase transaction at a point of sale (“POS”). A common scenario exhibiting such an unsecured use of payment credentials is a consumer using a credit card to pay for a meal in a restaurant. In many such cases, the consumer reviews the bill and then actually hands his physical credit card token to a server, trusting that the payment credentials on the token will be safeguarded during and after the transaction.
Some payment systems and methodologies that make use of portable computing devices (“PCD”), such as smartphones, address the inherent insecurity of using a physical payment token at the point of sale. In these systems, the consumer and merchant are usually required to complete the transaction “in the cloud.” The merchant uses his POS system and the consumer uses his PCD to simultaneously authorize settlement of the transaction at a remote service. Some such methods require the consumer to render credentials at the POS and authorize settlement in the cloud, while other methods may conduct the entire transaction remotely. Notably, although such systems and methods do not necessarily require physical presentment of payment credentials, a disadvantage of all is that both the merchant and the consumer must be “online” to conduct the transaction. Moreover, some such systems and methods require the payment credentials to be stored on the PCD and/or digitally transmitted during the transaction process, thus potentially compromising the security of the credentials.
At the core of any system and method for settling transactions using payment credentials is the issue of authentication, i.e. proving that the consumer is authorized to use the payment credentials before the account associated with those credentials is debited. Current systems and methods can cause the confidentiality of payment credentials to be compromised, whether during authentication of the user of the credentials or during the actual process of settling a transaction. Further, current systems and methods for using PCDs to settle payment transactions at a POS require the PCD to be online during the transaction. Therefore, what is needed in the art is a system and method for conducting payment transactions offline with a PCD. Further, what is needed in the art is a system and method for conducting payment transactions offline with a PCD without requiring that payment credentials be stored on the PCD and/or transmitted from the PCD to a POS system.
Various embodiments of methods and systems for completing a purchase transaction using cryptographic authorizations shared between a consumer's portable computing device (“PCD”) and a merchant's point of sale (“POS”) system are described. According to embodiments, prior to conducting a purchase transaction both the consumer associated with a PCD and the merchant associated with a POS system will have completed a registration process with a remote service. To conduct a purchase transaction according to an exemplary embodiment, the consumer PCD and merchant POS system may be physically proximate in a storefront environment. Notably, however, it is envisioned that certain embodiments will not require the consumer PCD and merchant POS system to be physically proximate as purchase transactions may be conducted between them over a telecommunication or the like.
At the point of sale, the consumer PCD receives a payment request transmitted from a merchant POS system. The payment request may be tantamount to an invoice or the like for a good or service that the consumer wishes to purchase from the merchant associated with the POS system. The payment request may be transmitted wirelessly from the POS system to the PCD and, in some embodiments, is transmitted wirelessly using a series of audible tones. Accordingly, in such exemplary sound-based embodiments, the POS system and the PCD 110 are equipped with microphones and speakers that are configured to transmit and receive data via sound.
Upon receipt of the payment request at the PCD, the PCD may be operable to render the payment request for review by the consumer. After review, the consumer may approve the payment request by entering a personal identification number (“PIN”) which causes the PCD to digitally sign the payment request with a unique private key associated with the user. As is understood in the art of cryptography, the private key may serve to confirm the consumer's identity to a holder of the complimentary public key. The digital signature is transmitted back to the POS system where a digital signature associated with the merchant is also added, thus indicating the merchant's approval of the transaction. The payment request and the unique digital signatures are subsequently forwarded via a network connection from the merchant POS system to a remote service.
Upon receiving the digital signatures of the transacting parties (the merchant and the consumer) which indicate approval of the payment request, the remote service may use public keys previously uploaded to the service by the consumer and the merchant for use in verifying their respective identities. In some embodiments, the remote service may determine from the consumer's profile or data included within the signed payment request that a certain one of a plurality of accounts associated with the consumer should be debited in accordance with the payment request total. Further, it is envisioned that some embodiments of the system may include a means for selecting consumer accounts according to predefined rules or algorithms.
Once the identities of the parties have been confirmed, the remote service may query a database to identify a token that points to a previously registered consumer account. The service then leverages the token to settle the transaction to the identified consumer account by forwarding the token and payment request to a gateway/card processor. The gateway/card processor may then use the token to request payment credentials of the consumer from a vault service. Once the payment credentials are received from the vault service, the card processor may use the credentials to debit the associated account by the amount of the payment request, as is understood in the art of credit card processing. In some embodiments, a confirmation that the transaction has been settled to the consumer account is saved by the remote service and returned to the POS system. Subsequently, the POS system may generate a receipt and wirelessly transmit such to the PCD of the consumer.
Advantageously, a purchase transaction completed via the exemplary methods occurs without the consumer PCD being online or otherwise in communication with the remote service. That is, the data transmitted between the PCD and the POS system is exchanged wirelessly between the two components entirely within the storefront. Further, the purchase transaction is commenced and completed without consumer payment credentials being stored on the PCD or, for that matter, transmitted from the PCD to the merchant POS system.
In the Figures, like reference numerals refer to like parts throughout the various views unless otherwise indicated. For reference numerals with letter character designations such as “102A” or “102B”, the letter character designations may differentiate two like parts or elements present in the same figure. Letter character designations for reference numerals may be omitted when it is intended that a reference numeral encompass all parts having the same reference numeral in all figures.
The word “exemplary” is used herein to mean “serving as an example, instance, or illustration.” Any aspect described herein as “exemplary” is not necessarily to be construed as preferred or advantageous over other aspects.
In this description, the terms “application” and “app” may also include files having executable content, such as: object code, scripts, byte code, markup language files, and patches. In addition, an “application” or “app” referred to herein, may also include files that are not executable in nature, such as documents that may need to be opened or other data files that need to be accessed.
The term “content” may also include files having executable content, such as: object code, scripts, byte code, markup language files, and patches. In addition, “content” referred to herein, may also include files that are not executable in nature, such as documents that may need to be opened or other data files that need to be accessed.
As used in this description, the terms “component,” “database,” “module,” “system,” and the like are intended to refer to a computer-related entity, either hardware, firmware, a combination of hardware and software, software, or software in execution. For example, a module may be, but is not limited to being, a process running on a processor, a processor, an object, an executable, a thread of execution, a program, and/or a computer. By way of illustration, both an application running on a computing device and the computing device may be a module. One or more modules may reside within a process and/or thread of execution, and a module may be localized on one computer and/or distributed between two or more computers. In addition, these modules may execute from various computer readable media having various data structures stored thereon. The modules may communicate by way of local and/or remote processes such as in accordance with a signal having one or more data packets (e.g., data from one module interacting with another module in a local system, distributed system, and/or across a network such as the Internet or local WiFi with other systems by way of the signal).
In this description, the terms “mobile device” and “portable computing device” (“PCD”) is used to describe any device operating on a limited capacity power supply, such as a battery, and which does not have any active cooling devices, such as a fan. Although battery operated PCDs have been in use for decades, technological advances in rechargeable batteries coupled with the advent of third generation (“3G”) wireless technology have enabled numerous PCDs with multiple capabilities. Therefore, a PCD may be a cellular telephone, a satellite telephone, a pager, a PDA, a smartphone, a navigation device, a smartbook or reader, a media player, a combination of the aforementioned devices, a laptop computer with a wireless connection, at tablet, among others.
Embodiments of the system and method described herein seek to provide a solution to the above described needs in the art, as well as other needs in the art, through secure digital signing at the point of sale (“POS”). At the heart of any system for paying by token is authentication—proving the token holder is who he says he is before giving him access to the resource represented by the payment credentials associated with the token. A corollary to authentication in a payment by token system is the desire to keep confidential the payment credentials, even while using them to complete a purchase transaction. Accordingly, embodiments of the systems and methods enable a consumer associated with certain payment credentials to complete a purchase transaction at a POS without transmitting, rendering or otherwise disclosing confidential payment credentials to the merchant or his POS system.
Exemplary embodiments enable consumers and merchants to conduct secure mobile payment transactions using audible or ultrasonic transmissions to transmit purchase and approval/authorization data between a consumer's PCD and a merchant's POS system without disclosing the consumer's payment credentials in the process. The consumer's PCD and the merchant's POS system are paired at the front end of the system so that the purchase transaction data and approval/authorization data can be exchanged between the parties before the transaction is ultimately settled by crediting the merchant's account and debiting the consumer's account in a backend system via secure channels inaccessible by the parties to the transaction.
Notably, although it is envisioned that some embodiments may use sound to exchange non-confidential data between a consumer PCD and a merchant POS, it is envisioned that other embodiments may use other protocols to share data between paired devices such as, but not limited to, near field communications (“NFC”), QR codes, etc. Even so, an advantage of embodiments that use sound to transmit data between a PCD and a POS system is the ease of integrating a solution into existing mobile payment systems because merchant and consumer mobile devices may already include the necessary hardware components (i.e., microphone and speaker).
Certain embodiments require both a consumer and a merchant to register online prior to conducting a payment transaction. Advantageously, once the merchant and consumer have completed the online registration process, it is not required that the consumer be online to complete a purchase transaction with the merchant because only authorization data is shared with the merchant's POS at the time of purchase. To initiate the payment transaction, a payment request is transmitted from the merchant POS system to the consumer PCD. A payment request may include, but is not limited to including, data indicative of a merchant ID, item descriptions, price totals, etc. Upon receiving the payment request, the consumer's PCD may render it for approval by the consumer. If the payment request is satisfactory, the consumer may digitally sign the payment request, thereby approving it, by entering a personal identification number (“PIN”) using the user interface of the PCD. Entry of the PIN causes the PCD to respond to the merchant POS system by transmitting an encrypted digital signature to serve as evidence of the consumer's authorization. Notably, the digital signature transmitted from the consumer PCD to the merchant POS system is uniquely associated with the specific purchase transaction, thus it can't be used again by the merchant or other party to create a fraudulent transaction.
Once the POS system has received the digitally signed payment request from the user, the merchant may also approve the payment request by digitally signing the payment request using his own private key. The merchant POS may then transmit the signed payment request to a remote service with which both the consumer and merchant previously registered. Using public keys to verify the signatures and identification of the consumer and merchant, as is understood by one of ordinary skill in the art of cryptography, the remote service may proceed to process and settle the purchase transaction (i.e., credit an account associated with one party and debit an account associated with the other) via proxy to a card network, payment service, etc. The payment transaction is complete and, advantageously, payment credentials associated with the consumer were not shared at the POS.
Turning now to the figures, exemplary systems and methods for completing a purchase transaction using cryptographic authorizations shared between a consumer's PCD and a merchant's POS system are described in detail. Referring to
Importantly, while in some embodiments storefront 135 may be a location in which a PCD 110 and POS system 125 are physically proximate, it is envisioned that other embodiments may include a virtual storefront 135 for purchase transactions, such as a website or telecommunication, wherein the PCD 110 and the POS system 125 are not physically co-located.
Leveraging system 100 to effect a purchase transaction between a consumer associated with PCD 110 and a merchant associated with POS system 125 has many useful applications. Briefly, and to provide the basis for an exemplary, non-limiting application scenario in which aspects of some embodiments of the disclosed systems and methods may be suitably described, consider a user of PCD 110 being associated with a plurality of value accounts having unique payment credentials. The plurality of value accounts are uniquely associated with the user of PCD 110 and may include any combination of credit accounts and/or stored value accounts (e.g., merchant-specific gift card accounts). To further the example, a merchant establishment, whether virtual or physical, may be represented by storefront 135.
A user/consumer associated with PCD 110 enters the merchant's store 135 with PCD 110 running a “SonicPay” module 118. The merchant's store 135 is located in an underground mall where the PCD 110 is incapable of wirelessly transmitting data online, i.e. it has no reception. The consumer presents goods for purchase to the merchant associated with POS system 125. The merchant “rings up” the goods for purchase, provides a purchase total to the consumer and asks for a payment method.
As is known to one of ordinary skill in the art, the consumer may select any number of payment methods including, but not necessarily limited to, cash, credit, gift card, debit card, etc. Notably, with the exception of payment by cash, which is essentially anonymous, each of the conventional methods of payment require the consumer to provide the merchant with confidential, or pseudo-confidential, data in the form of payment credentials. In the exemplary scenario, however, the consumer associated with PCD 110 elects payment by the “SonicPay” system and causes the PCD 110 to “listen” for a payment request from POS system 125. It should be understood that the use of the term “sonic” in connection with the exemplary systems and methods does not limit the present disclosure to the use of sound as a means for transmission of data between a PCD 110 and a POS system 125. Rather, it is envisioned that various embodiments may use other offline means of transmitting data between a PCD 110 and a POS system 125 including, but not limited to, light between photodiodes, QR codes, NFC tags, short wave radio transmissions, etc.
Returning to
The SonicPay Service server 105 may use the digital signatures to verify the identification of the merchant and consumer and query database 120 to identify accounts associated with the consumer and merchant. In some embodiments, the signed payment request may contain the consumer's payment account preference(s). The SonicPay Service server 105 may communicate with Payment Service server 106 or Vaulting Service server 107 to settle the transaction using payment credentials of the consumer, as may have been dictated by the consumer during a preregistration process or indicated by the signed payment request from the consumer. For instance, the SonicPay Service server 105 may communicate with Payment Service server 106 to debit an account associated with the consumer, such as a PayPal™ account, and credit an account associated with the merchant. Alternatively, the SonicPay Service server 105 may communicate with a Vaulting Service server 107 to cause a credit account of the consumer to be debited, such as a VISA™ or MasterCard™ account accessible via Card Network (“CN”) server 108, and an account of the merchant to be credited.
Once the digital signatures and associated purchase request data are received at SonicPay Service server 105, the digital signature of the consumer may be verified and the consumer's stored profile may be queried for associated stored value accounts in the account database 120. Notably, the value accounts associated with the consumer may be of a credit type or of a stored value account type. For the purpose of the exemplary scenario, however, suppose that a query of database 120 determines that the consumer has a gift card account associated with the merchant. In such an embodiment, SonicPay Service server 105 may leverage a predefined rules algorithm to debit the gift card account before settling the balance of the transaction to a credit account associated with Vaulting Service and CN servers 107, 108.
Concerning the various components depicted in the
The illustrated computer system 100 may comprise servers 105, 106, 107, 108 that may be coupled to a network 130 comprising any or all of a wide area network (“WAN”), a local area network (“LAN”), the Internet, or a combination of other types of networks. It should be understood that the term server may refer to a single server system or multiple systems or multiple servers. The SonicPay Service server 105 may be coupled to database 120, which may include a data/service database in addition to a user account database. The database 120 may store various records related to, but not limited to, device configurations, software updates, user's manuals, troubleshooting manuals, user-specific PCD configurations, PCD user-specific contact or account information, user-specific contact or account information, historical content, validation algorithms, cryptographic keys, filters/rules algorithms, audio/video data, etc.
When the server 105 is coupled to the network 130, the server 105 may communicate through the network 130 with various different PCDs 110 that may be comprised of desktop or laptop computers, thin clients, handheld devices such as personal digital assistants (“PDAs”), cellular telephones or other smart devices. Each PCD 110 may run or execute web browsing software or functionality to access the server 105 and its various applications at various times including, but not limited to, the initial registration process. Any device that may access the network 130 either directly or via a tether to a complimentary device may be a PCD 110 according to the computer system 100. The PCDs 110, as well as other components within system 100 such as, but not limited to, a database server (not specifically depicted) associated with data/service database 120 or POS 125, may be coupled to the network 130 by various types of communication links 145.
Each PCD 110 may include a display 114, wireless communication hardware 112, a radio transceiver 116 and a SonicPay module 118. It is envisioned that the display 114 may comprise any type of display device such as a liquid crystal display (“LCD”), a plasma display, an organic light-emitting diode (“OLED”) display, a touch activated display, and a cathode ray tube (“CRT”) display, a brail display, an LED bank, and a segmented display. A PCD 110 may execute, run or interface to a SonicPay module 118. The SonicPay module 118 may comprise a multimedia platform that may be part of a plug-in for an Internet web browser.
The SonicPay module 118 is designed to work with wireless communication hardware 112, a radio transceiver 116 and any stored or retrievable content to render a payment request and/or authorize a payment request against an account associated with a digital signature. When PCD 110 is leveraged within storefront 135, various content associated with the PCD user, purchase transaction, merchant storefront 135 and the like may be rendered on the display 114.
Referring to
The modules 117, 118 may be configured to data through wireless communication hardware 112 via communication application programming interfaces (“API”) 111. As such, one of ordinary skill in the art will recognize that a SonicPay and/or SonicPOS module 118, 117 may be designed to include the communication API 111 and/or wireless communication hardware 112 as part of its module in a unitary design. Further, the SonicPOS module 117 may be configured to interface with cellular radio transceiver 116B, via a radio API 115B for receiving and transmitting purchase transaction authorization or confirmation data as well as other information to exemplary server 105, as depicted in the system 100 embodiment. Even further, the modules 117, 118 may be configured to leverage a text to speech (“TTS”) module (not depicted) as may be known in the art to relay non-confidential information in an audible format. Thus, one of ordinary skill in the art will also recognize that a module 117, 118 may also include the radio API 115 and/or cellular radio transceiver 116 and/or a TTS module as part of its module in a unitary design.
It is envisioned that a PCD 110 may be configured to leverage the cellular radio transceiver 116 to transmit data, such as preregistration data, a personal identification number (PIN), a security key or other data generated by SonicPay module 118 to SonicPay Service server 105 via a link 145. A wireless link 145 may comprise a secure channel established on a cellular telephone network. Moreover, communication links 145, in general, may comprise any combination of wireless and wired links including, but not limited to, any combination of radio-frequency (“RF”) links, infrared links, acoustic links, other wireless mediums, wide area networks (“WAN”), local area networks (“LAN”), the Internet, a Public Switched Telephony Network (“PSTN”), and a paging network.
An exemplary PCD 110 and/or POS system 125 may also comprise a computer readable storage/memory component 119 for storing, whether temporarily or permanently, various data including, but not limited to, purchase transaction data and digital signature data as well as data added to, extracted or derived from SonicPay related data or accounts associated with a SonicPay service user. Data added to, extracted or derived from the purchase transaction data may comprise a user ID, a transaction ID, a directory number (“DN”) or calling line ID (“CLID”) associated with PCD 110, a merchant ID, a network name, a hash value, a codec key, encryption or decryption data, account numbers and other account related data such as, but not limited to, data related to an item being purchased, price of an item being purchased, purchase discount rates or amounts, customer loyalty data, sales tax rates or amounts, merchant employee identification, etc.
Turning now to
As illustrated in
Referring to
As further illustrated in
Further, a vibrator device 478 may be coupled to the analog signal processor 426. Also shown is that a power supply 480 may be coupled to the on-chip system 422. In a particular aspect, the power supply 480 is a direct current (“DC”) power supply that provides power to the various components of the PCD 110 requiring power. Further, in a particular aspect, the power supply is a rechargeable DC battery or a DC power supply that is derived from an alternating current (“AC”) to DC transformer that is connected to an AC power source.
As depicted in
In a particular aspect, one or more of the method steps described herein may be stored in the memory 119A as computer program instructions, such as SonicPay module 118. These instructions may be executed by the digital signal processor 109A, the analog signal processor 426, or another processor, to perform the methods described herein. Further, the processors, 109A, 426, the memory 119A, the instructions stored therein, or a combination thereof may serve as a means for performing one or more of the method steps described herein.
At block 510, the vault service 107 returns a token to the PCD 110 that serves to point to the uploaded user profile and payment credentials, as is understood in the art of payment credential vaulting. At block 515, a consumer associated with a PCD 110 having a SonicPay client module 118 running thereon enters a personal identification number (“PIN”) via a user interface of PCD 110, as would be understood by one of ordinary skill in the art. At block 520, the SonicPay client module 118 generates a cryptographic key pair, encrypts the private key portion of the key pair and forwards the public key portion to the SonicPay Service 105. At this point, as is understood by one of ordinary skill in the art of cryptography, the SonicPay Service 105 may use the public key to verify the identity of the consumer associated with the private key held by the SonicPay client module 118. At block 525, the SonicPay Service 105 generates a user ID for the consumer associated with PCD 110.
Notably, at the conclusion of block 525, the consumer has successfully registered with the SonicPay Service without uploading confidential payment credentials to the SonicPay service. That is, the payment credentials are safely stored at the Vaulting Service and the SonicPay service is equipped with a consumer profile, a public key for verifying a digital signature/authorization of the consumer and a token that points to the secure payment credentials at the vaulting service. The entire registration process 500 is conducted online via communication link 145A prior to a purchase transaction between the consumer associated with PCD 110 and a merchant associated with POS system 125.
At block 615, the SonicPay Service 105 generates a user ID for the consumer associated with PCD 110 and then, at block 620, requests a preapproval key from the Third Party Payment Service 106 for use in accessing a stored value account associated with the consumer of PCD 110 and managed by the Payment Service 106. Upon receiving back a preapproval key, at block 625 the SonicPay Service 105 returns the Payment Service preapproval key SonicPay Service user ID to the SonicPay client module 118 of PCD 110. At block 630, the SonicPay client module 118 saves the user ID. At block 635, the consumer of PCD 110 may log into the Payment Service 106 via communication link 145A, as is understood by one of ordinary skill in the art. Once logged in, the consumer may use the provided preapproval key to authorize the SonicPay Service 105 to have limited access to the stored value account. The registration process is complete. Notably, if provided with a digital signature and user ID associated with the consumer, the SonicPay Service 105 may use the corresponding public key to verify the identity of the consumer and facilitate authorized access to a Third Party Payment Service 106. As such, the SonicPay Service 105 may debit the stored value account on behalf of the consumer to settle a transaction authorized by the consumer.
At block 710, a merchant associated with a POS system 125 having a SonicPOS client module 117 running thereon enters a personal identification number (“PIN”) via a user interface of POS 125, as would be understood by one of ordinary skill in the art. At block 715, the SonicPOS client module 117 generates a cryptographic key pair, encrypts the private key portion of the key pair and forwards the public key portion to the SonicPay Service 105 along with the merchant profile and processor credentials. At this point, as is understood by one of ordinary skill in the art of cryptography, the SonicPay Service 105 may use the public key to verify the identity of the merchant associated with the private key held by the SonicPOS client module 117.
At block 720, the SonicPay Service 105 may use the processor credentials and profile to verify their accuracy with the gateway processor of the card network 108. At decision block 725, if the credentials fail, the process moves to block 730 where the merchant is requested to reenter or provide new credentials/profile. If the credentials are authenticated at decision block 725, then at block 735 the SonicPay Service 105 generates a user ID for the merchant associated with POS system 125. At block 740 a confirmation including the user ID may be returned to the merchant POS system 125 indicating that registration is complete.
Returning to method 900, at block 905 the consumer PCD 110 receives a payment request transmitted from POS system 125. The payment request, at its essence, is an invoice or the like for a good or service that the consumer wishes to purchase from the merchant associated with POS system 125. For example, the consumer may have placed an item priced at $9.99 on the merchant's counter with the intent to purchase the item. The merchant then may have “rung up” the item, thereby adding tax for a total price of $10.50. The payment request, in the example, would indicate the total price of $10.50—the merchant is asking the consumer to remit $10.50 in order to purchase the item. Moreover, as described above, the payment request may be transmitted wirelessly from the POS system 125 to the PCD 110 via any number of ways including, but not limited to, sound, light, radio transmission, etc. In certain embodiments, the POS system 125 and the PCD 110 are equipped with microphones and speakers that are configured to transmit and receive data via sound. In some such embodiments, the sound may be audible to the users of the PCD 110 and POS system 125, although not all embodiments require that the sound frequency be audible to the users. For instance, in some embodiments, the sound may be at a frequency that attenuates quickly so not as to interfere with other transactions occurring nearby. Further, some embodiments, the data may be transmitted between a POS system 125 and a PCD 110 at a frequency inaudible to the users while an audible tone is used to notify the users of the process.
Returning to the method 900, at decision block 910 the consumer associated with PCD 110 may review the payment request and determine if it is satisfactory. In the example above, if the $10.50 price for the item was not acceptable to the consumer, then the consumer may decline the purchase at block 915. In some embodiments, declining the purchase may cause PCD 110 to return a signal to POS system 125 indicating that the consumer has declined the transaction, although such is not required in all embodiments. If at decision block 910 the consumer approves the payment request, then in some embodiments the consumer may modify the payment request at block 920 such as add a tip, make a counter offer, etc.
Once the payment request is in condition for approval by the consumer, at block 925 the consumer may enter a PIN which causes the PCD 110 to digitally sign the payment request. As described above, the digital signature is generated using a unique private key associated with the user and serves to indicate the consumer's identity to a holder of the complimentary public key. The signed payment request is transmitted back to the POS system 125 and received at block 930. At block 935, the SonicPOS module 117 may add the digital signature of the merchant to the payment request and the consumer digital signature at block 935. At block 940, the bundle of the payment request and the unique digital signatures are forwarded from the SonicPOS system 125 to the SonicPay Service 105.
Upon receiving the digital signatures of the transacting parties (the merchant and the consumer) which indicate approval of the payment request, at block 945 the SonicPay Service 105 may use the public keys uploaded in exemplary registration methods 500 and 700 to verify the identity of the transacting parties. At block 950, the SonicPay Service may determine from the user's profile or the signed payment request that a certain one (or more) of a plurality of accounts associated with the consumer should be debited in accordance with the payment request total. It is envisioned, however, that some embodiments of a SonicPay Service may include a Rules module 122 for selecting consumer accounts according to predefined rules or algorithms. For instance, a Rules module 122 may be configured to select consumer accounts to maximize rewards points, take advantage of pre-loaded gift accounts, etc.
Returning to the method 900 at block 955, the SonicPay Service 105, having identified the consumer via the digital signature, may query database 120 to identify a token that points to a previously registered payment account of the consumer. At block 960, the SonicPay Service 105 leverages the token to settle the transaction to the identified consumer account by forwarding the token and payment request to a gateway/card processor as is understood in the art of card network transactions. At block 965, the token and settlement transaction are received at the gateway processor 108 and, at block 970, the processor uses the token to request the associated payment credentials from the vault service 107.
At block 975, the gateway 108 receives the payment credentials from the vault service 107 and uses the credentials to debit the associated account by the amount of the payment request. In some embodiments, at block 980 a confirmation that the transaction has been settled to the consumer account is returned to the POS system 125 via communication links of network 130. The SonicPay Service may save data representative of the transaction at block 985 so that the consumer may access it at a later date. At block 990, the SonicPOS module 117 may generate a receipt and wirelessly transmit such to the PCD 110 of the user where the SonicPay module 118 may cause the receipt to be rendered on the display of the PCD 110.
Advantageously, a purchase transaction completed via exemplary method 900 occurs without the consumer PCD 110 being online. That is, the data transmitted from PCD 110 and received by PCD 110 during the process is exchanged entirely within storefront 135 wirelessly from PCD 110 and POS system 125. Further, the purchase transaction occurs without the need for confidential payment credentials of the consumer to be stored on the PCD 110 or, for that matter, transmitted from PCD 110 to merchant POS system 125.
Advantageously, a purchase transaction completed via exemplary method 1000 occurs without the consumer PCD 110 being online. That is, the data transmitted from PCD 110 and received by PCD 110 during the process is exchanged entirely within storefront 135 wirelessly between PCD 110 and POS system 125. Further, the purchase transaction occurs without the need for confidential payment credentials of the consumer to be stored on the PCD 110 or, for that matter, transmitted from PCD 110 to merchant POS system 125.
Certain steps or blocks in the processes or process flows described in this specification naturally precede others for the invention to function as described. However, the invention is not limited to the order of the steps or blocks described if such order or sequence does not alter the functionality of the invention. That is, it is recognized that some steps or blocks may performed before, after, or parallel (substantially simultaneously with) other steps or blocks without departing from the scope and spirit of the invention. In some instances, certain steps or blocks may be omitted or not performed without departing from the invention. Also, in some instances, multiple actions depicted and described as unique steps or blocks in the present disclosure may be comprised within a single step or block. Further, words such as “thereafter”, “then”, “next”, “subsequently”, etc. are not intended to limit the order of the steps or blocks. These words are simply used to guide the reader through the description of the exemplary method.
Additionally, one of ordinary skill in programming is able to write computer code or identify appropriate hardware and/or circuits to implement the disclosed invention without difficulty based on the flow charts and associated description in this specification, for example. Therefore, disclosure of a particular set of program code instructions or detailed hardware devices is not considered necessary for an adequate understanding of how to make and use the invention. The inventive functionality of the claimed computer implemented processes is explained in more detail in the above description and in conjunction with the Figures which may illustrate various process flows.
In one or more exemplary aspects, the functions described may be implemented in hardware, software, firmware, or any combination thereof. If implemented in software, the functions may be stored on or transmitted as one or more instructions or code on a computer-readable medium. Computer-readable media include both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another.
A storage media may be any available media that may be accessed by a computer. By way of example, and not limitation, such computer-readable media may comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that may be used to carry or store desired program code in the form of instructions or data structures and that may be accessed by a computer. Also, any connection is properly termed a computer-readable medium. For example, if the software is transmitted from a website, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, digital subscriber line (“DSL”), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, acoustic and microwave are included in the definition of medium.
Disk and disc, as used herein, includes compact disc (“CD”), laser disc, optical disc, digital versatile disc (“DVD”), floppy disk and blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers. Combinations of the above should also be included within the scope of computer-readable media.
Therefore, although selected aspects have been illustrated and described in detail, it will be understood that various substitutions and alterations may be made therein without departing from the spirit and scope of the present invention, as defined by the following claims.
Priority under 35 U.S.C. §119(e) is claimed to the U.S. provisional application entitled “SYSTEM AND METHOD FOR SECURE OFFLINE PAYMENT TRANSACTIONS USING A PORTABLE COMPUTING DEVICE,” filed on Jan. 12, 2012 and assigned application Ser. No. 61/585,714, the entire contents of which are hereby incorporated by reference.
| Number | Date | Country | |
|---|---|---|---|
| 61585714 | Jan 2012 | US |
