CA2275211C - Secure interactive electronic account statement delivery system - Google Patents
Secure interactive electronic account statement delivery system Download PDFInfo
- Publication number
- CA2275211C CA2275211C CA002275211A CA2275211A CA2275211C CA 2275211 C CA2275211 C CA 2275211C CA 002275211 A CA002275211 A CA 002275211A CA 2275211 A CA2275211 A CA 2275211A CA 2275211 C CA2275211 C CA 2275211C
- Authority
- CA
- Canada
- Prior art keywords
- customer
- statement
- issuer
- certificate
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/085—Payment architectures involving remote charge determination or related payment systems
- G06Q20/0855—Payment architectures involving remote charge determination or related payment systems involving a third party
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
- G06Q20/102—Bill distribution or payments
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/14—Payment architectures specially adapted for billing systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
Abstract
The present invention consists of a secure interactive electronic account statement delivery system suitable for use over open networks such as the Internet. The invention utilizes a certification hierarchy to insure that electronic bills, invoices, and other account statements can be securely sent over open networks. The participants in the system are a certification authority, certificated banks, billers, and customers. The certification authority grants digital certificates to the certificated banks, which in turn grant digital certificates to billers and customers. Digital certificates form the basis for encryption and authentication of network communications, using public and private keys. The certificates associate a customer and biller with a certificated bank and with the electronic billing system, much like payment cards associate a customer with a payment card issuer and a particular payme nt card system.
Description
SECURE INTERACTIVE ELECTRONIC A('COLJNT STATEMENT DELIVERY
SYSTEM
FIELD OF THE INVENTION
The present invention relates to the field of electronic billing and paying systems.
More particularly, the present invention relates to a secure interactive electronic statement delivery system suitable for use on open networks such as the Intemet.
BACKGROUND ART
Every month. millions of customers receive bills and other account statements from utilities, banks, stores, credit card companies, iinsurance companies, and other service 1o providers. Almost all of these account statements are sent by mail.
A typical bill includes four primarv cornponents:
l. Summary information. Typically includes an amount due, a due date, a customer account number, a statement issuer (biller) name and address. The summary information is often printed on a detachable remittance stub that is intended to be returned by the customer with a check for payment.
SYSTEM
FIELD OF THE INVENTION
The present invention relates to the field of electronic billing and paying systems.
More particularly, the present invention relates to a secure interactive electronic statement delivery system suitable for use on open networks such as the Intemet.
BACKGROUND ART
Every month. millions of customers receive bills and other account statements from utilities, banks, stores, credit card companies, iinsurance companies, and other service 1o providers. Almost all of these account statements are sent by mail.
A typical bill includes four primarv cornponents:
l. Summary information. Typically includes an amount due, a due date, a customer account number, a statement issuer (biller) name and address. The summary information is often printed on a detachable remittance stub that is intended to be returned by the customer with a check for payment.
2. A pre-addressed return envelope.
3. Detailed invoice of charges. Typically includes a detailed listing of the charges accrued. For example, if the account statement is a telephone company bill, the detailed invoice will list details of each toll call. The detailed information may include legally mandated information, particularly if the statement issuer is a public utility. For example. an electric company may be required to list month[y or yearly comparisons of a customer's energy use. The content and format of such legally mandated information mav varv from one legal jurisdiction (town, county, state) to another.
4. Marketing materials. Statement issuers typically include information such as newsletters announcing new products or servicf:s, and often also include third party advertising pieces.
SUBSTITUTE SHEET (RULE 26) A customer typically pavs a bill by writing a check for the amount due, placing the check and the remittance stub in the return envelope, sealing and stamping the envelope, and placing it in the mail.
For every bill received and paid by a customer, a billing institution (biller) has to perform numerous paper handling tasks. First the biller has to generate the bill and mail it to the customer. The bill generation process involves retrieving billing data for a customer, formatting the billing data in the legally prescribed manner, printing each customer's bill, placing the bill and other included materials in an envelope, and mailing the envelope to the customer. The biller also has to process the payment remittance received.
Remittance lo processing involves opening envelopes, identifying the customer's account, extracting the check, and presenting the check for payment. Given the large volume of bills sent out and payments received each month, the paper handling involved is a massive and expensive undertaking.
Various systems have been proposed to reduce the paper handling involved in bill paying and remittance processing. For example, there exist electronic bill payment service bureaus that allow customers to electronically pay their bills via a home computer or telephone. However, although use of these bureaus make bill paying more convenient for customers, they make remittance processing more expensive for billers because the payments forwarded to the biller by the bureau are exception items for many billers. When using a bill payment service, a customer directs the service bureau to make payments to the biller. As a result, the remittance is not presented to the biller in the usual way, i.e., a check with the biller's remittance stub in a single envelope. Instead, the biller receives payment, without the remittance stub, from the service bureau. The payment itself, depending on the practice used by the service bureau, may take a number of forms. The biller may receive a check printed by the service bureau drawn on the customer's bank account containing the customer's account number with the biller and MICR (Magnetic Ink Character Recognition) data encoding the customer's bank account number. Alternatively, the service bureau may consolidate payments from several customers to a biller into a single payment.
In this case, the biller receives one payment and a list of customers whose bills have been 3o aggregated into the single payment. In another automatic bill payment system, a customer SUBSTITUTE SHEET (RULE 26) pre-authorizes a biller to automatically deduct amounts due from the customer's bank account using the Automated Clearing House ("ACH"). In this case, the biller must comply with ACH procedures for validating and obtaining payments.
U.S. Patent No. 5,465.206, issued November 7.1995, for "Electronic Bill Pay System", assigned to the assignee of the present invention and, discloses a bill pay system that allows customers to pay bills to participating billers through a centralized payment network operating according to preset rules. The participating customers receive bills from participating billers which indicate an amount owed and a unique biller identification number, which is assigned by the payment network. The bills may be mailed bills. e-mail notices, or implied bills for automatic debts. To authorize a remittance, a customer transmits to its bank, which is a participating bank, a bill pay order indicating a payment date, a payment amount, the customer's account number with the biller, a source of funds. and the biller's biller identification number. The customer's bank then submits a payment message to a payment network. The payment network forwards the payment message to the biller's bank. For settlement, the customer's bank debits the customer's account and is obligated to a net position with the payment network. Likewise, the biller's bank receives a net position from the payment network and credits the biller's bank account.
The biller receives payment details from the biller's bank. or alternatively directly from the payment network. and updates its accounts receivable records. The customer initiates bill pay orders manually via paper correspondence. at an ATM, via PC, or via telephone keypad.
Prior art systems have primarily addressed the bill payment portion of customer bill processing. The bill generation and presentation portion of customer bill processing has not yet been satisfactorily addressed. U.S. Patent No. 5,465,206 suggests that bills may be sent electronically by e-mail, but does not elaborate. U.S. Patent No.
SUBSTITUTE SHEET (RULE 26) A customer typically pavs a bill by writing a check for the amount due, placing the check and the remittance stub in the return envelope, sealing and stamping the envelope, and placing it in the mail.
For every bill received and paid by a customer, a billing institution (biller) has to perform numerous paper handling tasks. First the biller has to generate the bill and mail it to the customer. The bill generation process involves retrieving billing data for a customer, formatting the billing data in the legally prescribed manner, printing each customer's bill, placing the bill and other included materials in an envelope, and mailing the envelope to the customer. The biller also has to process the payment remittance received.
Remittance lo processing involves opening envelopes, identifying the customer's account, extracting the check, and presenting the check for payment. Given the large volume of bills sent out and payments received each month, the paper handling involved is a massive and expensive undertaking.
Various systems have been proposed to reduce the paper handling involved in bill paying and remittance processing. For example, there exist electronic bill payment service bureaus that allow customers to electronically pay their bills via a home computer or telephone. However, although use of these bureaus make bill paying more convenient for customers, they make remittance processing more expensive for billers because the payments forwarded to the biller by the bureau are exception items for many billers. When using a bill payment service, a customer directs the service bureau to make payments to the biller. As a result, the remittance is not presented to the biller in the usual way, i.e., a check with the biller's remittance stub in a single envelope. Instead, the biller receives payment, without the remittance stub, from the service bureau. The payment itself, depending on the practice used by the service bureau, may take a number of forms. The biller may receive a check printed by the service bureau drawn on the customer's bank account containing the customer's account number with the biller and MICR (Magnetic Ink Character Recognition) data encoding the customer's bank account number. Alternatively, the service bureau may consolidate payments from several customers to a biller into a single payment.
In this case, the biller receives one payment and a list of customers whose bills have been 3o aggregated into the single payment. In another automatic bill payment system, a customer SUBSTITUTE SHEET (RULE 26) pre-authorizes a biller to automatically deduct amounts due from the customer's bank account using the Automated Clearing House ("ACH"). In this case, the biller must comply with ACH procedures for validating and obtaining payments.
U.S. Patent No. 5,465.206, issued November 7.1995, for "Electronic Bill Pay System", assigned to the assignee of the present invention and, discloses a bill pay system that allows customers to pay bills to participating billers through a centralized payment network operating according to preset rules. The participating customers receive bills from participating billers which indicate an amount owed and a unique biller identification number, which is assigned by the payment network. The bills may be mailed bills. e-mail notices, or implied bills for automatic debts. To authorize a remittance, a customer transmits to its bank, which is a participating bank, a bill pay order indicating a payment date, a payment amount, the customer's account number with the biller, a source of funds. and the biller's biller identification number. The customer's bank then submits a payment message to a payment network. The payment network forwards the payment message to the biller's bank. For settlement, the customer's bank debits the customer's account and is obligated to a net position with the payment network. Likewise, the biller's bank receives a net position from the payment network and credits the biller's bank account.
The biller receives payment details from the biller's bank. or alternatively directly from the payment network. and updates its accounts receivable records. The customer initiates bill pay orders manually via paper correspondence. at an ATM, via PC, or via telephone keypad.
Prior art systems have primarily addressed the bill payment portion of customer bill processing. The bill generation and presentation portion of customer bill processing has not yet been satisfactorily addressed. U.S. Patent No. 5,465,206 suggests that bills may be sent electronically by e-mail, but does not elaborate. U.S. Patent No.
5,007,084 for "Payment Authorization and Information Device", issued April 9. 1991, describes a home terminal for receiving and printing out billing information. The billing data is simple text data received by the customer via an encoded signal broadcast by a centralized invoice distribution center during vertical blanking intervals of a television broadcast or via telephone lines and a modem. A special device is used to decode and print out a hard copy of the received text. The same device can be used to pay the bill electronically.
The electronic bills delivered by these systems consist of simple text messages. As such, the electronic bills cannot deliver the same varietv of information and materials as, and are therefore a poor substitute for, traditional mailed paper bills.
Furthermore, these systems require the use of a specialized, centralized distribution network and/or special equipment.
Security is an issue for messages and other data transmitted over open networks such as the Internet. Encryption is one mechanism that can improve the security of lo transmitted communications. Two well known types of encryption are secret key encryption and public key encryption.
Secret key encryption is a symmetric form of encryption in which the same key is used to encrypt and decrypt messages. To encrypt a message, the message and the secret key are supplied to a software encryption program that transforms the message by means of an encryption routine that uses the secret key and the message as an input.
The original message can only be obtained from the encrypted message by applying a reverse decryption process which transforms the encrypted message by means of a decryption routine that uses the encrypted message and the secret key as an input.
Because the same secret key is used for encryption and decryption, both the sender and the recipient of the encrypted message must have a copy of the secret key. The security of secret key encryption can therefore be compromised by either the sender or the recipient.
Public key encryption is an asymmetric form of encryption that uses a two-key pair, typically referred to as a public key and a private key. In public key encryption, messages encrypted with either one of the public and private keys can only be decrypted using the other key. For example, a message encrypted with the public key can only be decrypted using the private key. Conversely, a message encrypted with the private key can only be decrypted using the public key.
SUBSTITUTE SHEET (RULE 26) The terms "public" key and "private" key stem from the manner in which public key encryption is often used. A party concerned about security of its incoming communications generates its public and private keys. It keeps its private key secret, but freely distributes its public key. Any party wishir-g to send a confidential message to the party that generated the keys can encrypt its message using the freely available public key.
Since the message can then only be decrypted using the private key, which the receiving party keeps in its sole possession, the sending party can be assured that only the receiving party will be able to decode the encrypted message.
Another security mechanism that can be used in conjunction with public key 1o encryption is a digital signature. The purpose of a digital signature is to confirm to the recipient that a message that is sent has in fact originated witli the purported sender.
One form of digital signature uses a message digest. A message digest is a value that is generated when the message is passed through a digesting program, which may be a hashing routine. An ideal digesting program is one for which the probability of two different messages generating the same message digest is extremely low. In this form of digital signature, both the sender and the recipient need to know which digesting program is being used. The sender generates the message, and generates a message digest by passing the message through the digesting program. The sender encrypts the message digest with the sender's private key. The result of this encryption then becomes the digital signature which the sender appends to a message just as a holographic signature would be added to a paper document. Finally, the sender encrypts the entire package with the recipient's public key, and sends the encrypted package to the recipient.
The recipient receives the encrypted package and decrypts it using the recipient's private key to obtain the message and message digest encrypted with the sender's private key. Next, the sender decrypts the message digest using the sender's public key. The recipient then runs the message, minus message digest. through the digesting program and compares the message digest so obtained to the message digest included in the message. If they are both the same, the recipient is ensured that the message indeed originated with the sender and that it has not been changed enroute.
SUBSTITUTE SHEET (RULE 26) In practice, entire messages are rarely encrypted/decrypted using public keys.
Although possible, most algorithms used for public key encryption are computationally intensive. Accordingly, the usual practice is for the sender to generate a secret "session"
key that is used in a symmetric encryption algorithm, which is less computationally intensive than a public key algorithm. The sender encrypts the message with the session key, encrypts the session key with the recipients public key, and sends both to the recipient. To retrieve the sender's message, the recipient decrypts the session key with the recipient's private key, and then uses the session key to decrypt the message.
The use of encryption and digital signatures in electronic transactions over the Internet is further described in "Secure Electronic Transactions (SET) Specification, Draft for testing, June 17, 1996" published on the Internet by Visa International at www.visa.com and by MasterCard at www.mastercard.com.
SLJMMARY OF THE INVENTION
The present invention consists of a secure interactive electronic account statement delivery systeni suitable for use over open networks such as the Internet. The present invention utilizes a certification hierarchy to insure that electronic bills, invoices, and other account statements can be sent over open networks with certainty that they will only be received by the intended recipients. The participants in the system are a certification authority, certificated banks, billers and other service providers, and customers. The certification authority grants digital certificates to the certificated banks, which in turn are authorized to grant digital certificates to billers and customers. Digital certificates form the basis for encryption and authentication of network communications, using the concepts of public and private keys. The certificates associate a customer and biller with a certificated bank and with the electronic billing system, much like payment cards associate a customer with a payment card issuer (typically a bank) and a particular payment card system (e.g.
Visa, MasterCard, etc.). Digital signatures are used for authentication and nonrepudiation.
The certificates may be stored as digital data on storage media of a customer's or biller's computer system, or may be contained in integrated circuit or chip cards physically issued to billers and customers.
SUBSTITUTE SHEET (RULE 26) To send an account statement such as a bill to a customer in one embodiment of the present invention, the biller and the customer must each have a valid certificate, typically issued by a certificated bank. The biller must know the e-mail address of the customer, as well as the customer's public key. This information may be obtained, for example, from the certification authority, which maintains a file or d:irectory of customer public keys and e-mail addresses, as well as a file or directory of biller public keys and e-mail addresses. The biller sends an e-mail message signed with the biller's digital signature and encrypted using the customer's public key (or using a session key which is encrypted with the customer's public key) to the customer's e-mail address. In one embodiment, the biller includes a copy to of the biller's certificate with the e-mail message. In another embodiment, the customer obtains the biller's certificate from a directory maintained by a certification authority or from local storage (if the customer previously obtained the biller's certificate). When the customer retrieves the e-mail message, for example using a home computer, software in the customer's computer decrypts the message using the customer's private key, or using the session key decrypted using the customer's private key, and verifies that the e-mail message is a bona-fide message from a certificated biller by verifying the biller's certificate and digital signature. Since only the customer has access to the customer's private key, only the customer can decrypt and read the e-mail bill. The present invention thus provides a level of privacy and security that is at least as great as using regular mail.
The e-mail message itself may be a simple-text message containing the equivalent of summary information for the bill, or may be a more elaborate bill containing detailed text and graphics. However. the bill delivery system of the present invention allows the creation of much more eiaborate bills. In one embodiment of the invention, the e-mail message contains a number of embedded links: for example, an embedded URL of a biller's world wide web server that allows the customer to interactively bring up detailed billing information at a touch of an on-screen button that activates the link.
The e-mail message may also include links to third party web sites offering special product promotions or other services, thereby performing the same funct.ion, but with greater flexibility. as that performed by marketing materials included in mailed hard-copy bills. The e-mail message may also contain an embedded command to send the biller a confirmation message when SUBSTITUTE SHEET (RULE 26) the customer first displays the biller's message. Customer certificates and customer digital signatures are used to insure authenticity of communications originated by a customer.
Accordingly, in one aspect of the present invention providing a method for delivering account statement data from a statement issuer to a customer using a communications network comprising directing application information for a customer certificate transmitted from a customer to a certificated bank; sending said customer certificate from said certificated bank to said customer; informing said customer whether a statement issuer is a participant in an electronic billing system; providing said customer with an e-mail address which belongs to said statement issuer; receiving an electronic statement activation request, a customer digital signature, and a copy of said customer certificate transmitted from said customer to said statement issuer through use of the e-mail address;
authenticating, by said statement issuer, of said electronic statement activation request; updating, by said statement issuer, a customer data base following successful authentication; activating said electronic billing system between the statement issuer and the customer; issuing a statement issuer certificate from a first certificate issuer to said statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer;
issuing said customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer; generating a customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate; and transmitting said customer statement message from said statement issuer to said customer using said communications network.
In a still further aspect, the present invention provides a method for delivering account statement data from a statement issuer to a customer using a communications network comprising issuing a statement issuer certificate from a first certificate issuer to a statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer; issuing a customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer; generating a customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate, transmitting said customer statement message from said statement issuer to said customer using said communications network; receiving said customer statement message transmitted from said statement issuer to said customer; verifying an authenticity of said copy of said statement issuer certificate included in said customer statement message; verifying an authenticity of said account statement data by verifying said statement issuer digital signature included in said customer statement message; displaying a summary bill which is contained within said customer statement message on a display screen, said customer statement message comprises link activation information displayed as a link activation area when said summary bill is displayed on said display screen, wherein activation of said link activation area activates a communication to a server computer using said communications network;
receiving a request for detailed bill information transmitted from said customer to said server computer;
authenticating said request for said detailed bill information at said server computer;
retrieving a set of detailed bill data; retrieving an appropriate detailed bill form; entering said set of detailed bill data into said appropriate detailed bill form; and thereafter sending said appropriate detailed bill form containing said detailed bill data to said customer.
In a further aspect, the present invention provides a program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform operations for delivering account statement data from a statement issuer to a customer using a communications network, said method comprising directing application information for a customer certificate transmitted from a customer to a certificated bank;
sending said customer certificate from said certificated bank to said customer; informing said customer whether a statement issuer is a participant in an electronic billing system; providing said customer with an e-mail address which belongs to said statement issuer;
receiving an electronic statement activation request, a customer digital signature, and a copy of said customer certificate transmitted from said customer to said statement issuer through use of the e-mail address; authenticating, by said statement issuer, of said electronic statement activation request; updating, by said statement issuer, a customer data base following successful authentication; activating said electronic billing system between the statement issuer and the customer; issuing a statement issuer certificate from a first certificate issuer to said statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer; issuing said customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer;
generating a customer 8a statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate; and transmitting said customer statement message from said statement issuer to said customer using said communications network.
In a further aspect, the present invention provides a method for delivering account statement data from a statement issuer to a customer using a communications network comprising the steps of issuing a first certificate to a first certificate issuer that includes data related to said first certificate issuer and a digital signature of a certificate authority; issuing a statement issuer certificate from a first certificate issuer to a statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer; issuing a customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer; receiving a request from said customer to initiate electronic billing, said request including customer information and said customer certificate;
authenticating said customer request to initiate electronic billing using said customer certificate; generating an encrypted customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate; and transmitting said customer statement message in the form of an electronic mail message from said statement issuer to said customer using said communications network.
In a still further aspect, the present invention provides an electronic account statement delivery system for delivering an account statement from a statement issuer to a customer using a communications network, said system comprising a certificate issuer having a certificate issuer certificate including data related to said certificate issuer and a digital signature of a certification authority; a statement issuer, said statement issuer being issued with a statement issuer certificate from said certificate issuer, said statement issuer certificate including data related to said statement issuer and a digital signature of said certificate issuer;
a customer, said customer participating in said electronic account statement delivery system, said customer being issued with a customer certificate from said certificate issuer, said customer certificate including data related to said customer and a digital signature of said certificate issuer, customer means for generating a request to initiate electronic billing, said request including customer information and said customer certificate;
statement issuer means for authenticating said customer request to initiate electronic billing using said customer 8b certificate; means for generating an encrypted electronic account statement message including account statement data for said customer related to an account of said customer with said statement issuer, said statement issuer certificate, and said certificate issuer certificate; and an electronic mail system, whereby said electronic account statement message is delivered from said statement issuer to said customer via electronic mail.
BRIEF DESCRIPTION OF THE DRAWINGS
Figure 1 is a schematic diagram illustrating the topology of one embodiment of the interactive electronic billing system of the present invention.
Figure 2 is a block diagram illustrating the certificate hierarchy used in one embodiment of the present invention.
Figure 3 is a schematic diagram of a bank certificate of one embodiment of the present invention.
Figure 4 is a schematic diagram of a customer certificate of one embodiment of the present invention.
Figure 5 is a schematic diagram of a biller certificate of one embodiment of the present invention.
Figure 6 is a block diagram illustrating a process by which a certification authority issues a bank certificate in one embodiment of the present invention.
Figure 7 is a block diagram illustrating a process by which a certificated bank issues a customer or biller certificate in one embodiment of the present invention.
Figure 7A is a block diagram illustrating a process by which a customer registers with a biller to receive electronic bills in one embodiment of the present invention.
Figure 7B is a schematic diagram of a customer request for electronic billing service to a biller of one embodiment of the present invention.
Figure 8 is a block diagram illustrating the process by which a biller sends a bill to a customer in one embodiment of the present invention.
8c Figure 8A is a schematic diagram of one embodiment of a biller's e-mail message containing summary bill data.
Figure 9 is a block diagram of a method used by a customer's software to authenticate an incoming biller message in one embodiment of the present invention.
Figure 10 is an illustration of an interactive bill of one embodiment of the present invention containing summary data.
Figure 11 is an illustration of an interactive bill of one embodiment of the present invention containing detailed data.
Figure 12 is a schematic diagram of an example computer system that can be used for a customer, biller, bank, or certification authority computer system of the present invention.
DETAILED DESCRIPTION OF THE INVENTION
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. It will be apparent to one skilled in the art, however, that the present inve;ntion may be practiced without these specific details. In other instances, well-known features have not been described in detail in order not to unnecessarily obscure the present invention.
Figure 1 shows the topology of one embodirnent of an interactive electronic billing system of the present invention. As shown in Figure 1, this embodiment includes a biller 100, a certificated biller bank 110, a transport netvrork 120, a certificated customer bank 130, a customer 140, and a certification authority 150. Biller 100 may be any of a variety of entities that provide products or services to customer 140 and that provide periodic account statements to customer 140. Examples of entities that may be a biller 100 include utility companies, banks, credit card companies, retailers, stockbrokers, etc.
Certificated biller bank I10 is a bank that has been certificated by certification authority 150 and that has provided a biller certificate to biller 100. Biller bank I 10 may also provide electronic bill payment services to biller 100. Transport network 120 is a data SUBSTITUTE SHEET (FIUL.E 26) communications network to which biller 100, certificated biller bank 110, certificated customer bank 130, customer 140, and certification authority 150 have access.
For example, transport network 120 may be the Internet. Certificated customer bank 130 is a bank or other service provider that has been certificated by certification authority 150 and that has provided a customer certificate to customer 140. Customer Bank 130 may also provide electronic bill payment services to customer 140. Customer 140 is any entity that has obtained a customer certificate and is a customer of biller 100.
Certification Authority 150 distributes certificates to certificated banks and may administer the protocol and certificate hierarchy used in the system.
Figure 2 is a block diagram illustrating the certificate hierarchy used in one embodiment of the present invention. At the top level of the hierarchy is certification authority 200, which is responsible for overall integrity of the system.
Certification authority 200 issues certificates to certificated banks. These certificates are shown as bank certificates 210a and 210b. Bank certificates 210a-b constitute the second level of certificates below the top level occupied by certification authority 200.
Certificated banks issue customer certificates and biller certificates to customers and billers, respectively. As shown in Figure 2, customer certificate 220a and biller certificate 230a are issued under the authority of bank certificate 210a, while customer certificate 220b and biller certificate 230b are issued under authority of bank certificate 210b. Customer certificates 220a-b and biller certificates 230a-b occupy the same level of the certificate hierarchy shown in Figure 2. This level is one level below bank certificates 210a-b.
A digital certificate of the present invention consists of digital data of a particular form and content, as established by a certification authority. A digital certificate of the present invention may be delivered from the issuer of the certificate to the recipient as an electronic message or in physical form. If delivered in physical form, the digital certificate is stored on a physical medium, for example, on a chip card. The chip card is delivered by some secure means to the recipient.
SUBSTITUTE SHEET (RULE 26) Figure 3 illustrates the digital data contained in a bank certificate of one embodiment of the present invention. As shown in. Figure 3, bank certificate 350 includes a bank ID 300, a bank public key 305, a certification authority digital signature 310, and a certification authority affiliation 315.
Bank ID 300 is a unique identifier that identifies the certificated bank to which the certificate is being issued within the electronic billing system administered by the certification authority identified by certification authority affiliation 315.
In one embodiment, bank ID 300 consists of a combination of a bank's name, location, Federal Reserve Bank routing number, and/or American Bank Association ("ABA") number.
Bank l0 public key 305 is the public key of the bank. Certification authority affiliation 315 indicates the particular certification authority that has issued the bank certificate.
Certification authority digital signature 310 is a digital signature of the certification authority that authenticates the certificate as a valid certificate issued by the certification authority identified by certification authority affiliation 315. Certification authority digital signature 310 may be viewed as a seal that authenticates bank ID 300 and bank public key 305 that ensures that they are delivered intact and unchanged to a recipient.
Certification authority digital signature 310 may, for example, be generated by creating a message digest of bank ID 300 and bank public key 305 and eticrypting the message digest using the certification authority's private key.
Figure 4 illustrates the digital data contained in a customer certificate issued by a certificated bank in one embodiment of the present invention. As sliown in Figure 4, customer certificate 450 contains a copy of bank certificate 350 in the form of bank ID 415, bank public key 420, certification authority digital signature 425, and certification authority affiliation 430, which are copies of bank ID 300, bank public key 305, certification authority digital signature 310, and certification authority affiliation 315 respectively. In addition, customer certificate 450 includes a customer ID
400, a customer public key 405, and a bank digital signature 410.
Customer ID 400 is a unique identifier with. respect to the issuing certificated bank that uniquely identifies the customer to whom customer certificate 450 is issued from SUBSTITUTE SHEET (RULE 26) among the entities to which the certificated bank identified by bank ID 410 has issued certificates. Customer ID 400 in combination with bank ID 410 uniquely identifies the customer to whom certificate 450 has been issued from among all participants of the electronic billing system administered by the certification authority identified by certification authoritv affiliation 430.
Customer public key 405 is the public key of the customer. Bank digital signature 410 is a digital signature of the certificated bank that authenticates customer ID 400 and customer public key 405 and ensures that they are delivered intact and unchanged to a recipient. Certificated bank digital signature 410 may, for example, be generated by creating a message digest of customer ID 400 and customer public key 405 and encrypting the message digest using the certificated bank's private key.
Figure 5 illustrates the digital data contained in a biller certificate issued by a certificated bank in one embodiment of the present invention. As shown in Figure 5, biller certificate 550 is similar to customer certificate 450 of Figure 4, except that the customer ID 400 and customer public key 410 are replaced with biller ID 500 and biller public key 510, respectively. Biller ID 500, like customer ID 400, is a unique identifier with respect to the issuing certificated bank that uniquely identifies the biller to whom biller certificate 550 is issued from among the entities to wllich the certificated bank identified by bank ID
510 has issued certificates. Biller ID 500 in combination with bank ID 510 uniquely identifies the biller to whom certificate 550 has been issued from among all participants of the electronic billing system administered by the certification authority identified by certification authority affiliation 530.
Figure 6 illustrates the process by which a certification authority issues a bank certificate to a bank in one embodiment of the present invention. The certification authority in general issues a bank certificate to a bank only if the bank meets financial and security qualifications established by the certification authority, and if the bank agrees to the terms and conditions associated with the electronic billing system.
As shown in Figure 6, the process starts when a certification authority (CA) receives a certification application at block 600. A certification application may, for SUBSTITUTE SHEET (RULE 26) example, consist of a request for certification along with supporting documentation as required by the certification authority.
After receiving the certification application, the certification authority reviews the application and the applicant bank's qualifications at block 605. If the applicant bank fails to meet the certification authority's required qualifications at block 610, the bank's application is rejected at block 615. If the bank meets the certification authority's qualifications at block 610, the certification authority selects an ID for the bank at block 620. The certification authority sends billing system software to the bank (if needed) at block 625, and requests the bank's public key from the bank at block 630. The bank lo generates its public and private key pair using the billing system software (or some other appropriate method) at 635, and sends its public key to the certification authority at block 640. Alternatively, the bank's public and private keys may be generated by the certification authority, as part of the application process or after approval of the application. In this case, the private key must be delivered to the bank in a secure manner.
The certification authority stores the bank ID and the bank's public key in a directory at block 645, and assembles the bank's certificate at block 650.
Finally, the certification authority delivers the bank's certificate to the bank by secure means at block 655.
One secure means that may be used for conveying the bank certificate from the certification authority to the bank is to encrypt a digitally signed bank certificate with the bank's public key, or with a session key encrypted with the bank's public key, and transmit it to the bank. In an embodiment in which the cer!ification authority generates the bank's private key, the certification authority must also deliver the bank's private key to the bank. A second secure means that may be used is storing the certificate on a physical storage medium such as an integrated chip card and physically conveying the chip card to the bank.
Figure 7 illustrates the process by which a certificated bank (a bank that has been certified by a certification authority) issues a biller certificate or a customer certificate to a biller or customer. respectively, in one embod:iment of the present invention.
The SUBSTITUTE SHEET (RULE 26) certificated bank in general issues a biller or customer certificate only if the biller or customer meets financial and/or other qualifications established by the certificated bank and/or the certification authority.
As shown in Figure 7, the process starts when a certificated bank (CB) receives a certification application from a biller or customer (B/C) at block 700. A
certification application may, for example, consist of a request for a B/C certificate along with supporting documentation as required by the certificated bank.
After receiving the certification application, the certificated bank reviews the application and the B/C's qualifications at block 705. If the applicant fails to meet the certification authority's required qualifications at block 710, the B/C's application is rejected at block 715. If the B/C meets the certificated bank's qualifications at block 710, the certificated bank generates an ID for the B/C at block 720. In one embodiment, the ID
consists of a combination of B/C information (name, address, etc.) and a certificated bank-generated number, for example, an account number. The certificated bank sends billing system software to the B/C (if needed) at block 725. The certificated bank requests the B/C's public key from the B/C at block 730. The B/C generates its public and private key pair using the billing system software (or some other appropriate method) at 735, and sends its public key to the certificated bank at block 740. Alternatively, the B/C's public and private keys may be generated by the certificated bank, as part of the application process or after approval of the application. In this case, the private key must be delivered to the B/C
in a secure manner.
The certificated bank sends the B/C ID and public key to the certification authority at block 745. The certification authority stores the B/C ID and the B/C's public key in a directory at block 750. Alternatively, or in addition, the certificated bank may store the B/C
ID and public key in its own directory. The certificated bank assembles the B/C certificate at block 755. Finally, the certificated bank delivers the B/C's certificate to the B/C at block 760.
Figure 7A is a block diagram illustrating a process by which a customer registers with a biller to receive electronic bills in one embodiment of the present invention. As SUBSTITUTE SHEET (RULE 26) shown in Figure 7A, the process starts when a customer becomes a participant in an electronic billing system by applying for and receiving a certificate from a certificated bank at blocks 770 and 772, respectively. Once the customer receives the customer's certificate, the customer is able to request electronic bill presentation services from a biller or other statement issuer. The customer identifies a statement issuer from whom the customer wishes to receive electronic statements at block 774, and inquires as to whether the statement issuer has been issued a biller certificate, and is therefore a participant in the electronic billing system, at block 776. The customer may undertake such an inquiry in a variety of ways. For example, the customer may contact the biller directly, by telephone or t0 other means, or the customer mav request informaition as to whether a biller is a participant from the customer's certificated bank or the certification authority.
Alternatively, a biller mav inform its customers, by letter or otherwise, of the biller's participation in an electronic payment system, or the biller may indicate the biller's participation in an electronic billing system on paper bills sent to its customers. In one embodiment, a certification authority authorizes a participant biller to use a logo or other identifier owned by the certification authority to indicate the biller's participation in an electronic billing system in a manner analogous to the way in whic;h payment card systems (such as Visa, MasterCard, etc.) authorize merchants to display system logos to communicate that they accept payment cards issued by those systems.
If the customer learns that the prospective biller is not a participant at block 778, electronic statement delivery is not available and the process ends at block 780. The customer is unable to receive electronic statements from this particular biller until such time as the biller becomes a participant in the electronic billing system by applying for and receiving a biller certificate.
If the customer learns that the prospective biller is a participant in the electronic billing system, the customer obtains the biller's e-mail address (for example, from the biller or the certificated bank or certification authority) at block 781 and sends a digitally signed request message for electronic billing to the biller at block 782. One embodiment of such a request message is shown in Figure 7B. In this embodiment, the request message includes the request for service 795 (which may include, for example, customer SUBSTITUTE SHEET (RULE 26) information sucii as the customer's name and address and the customer's account number with the biller), the customer's digital signature 797 (consisting of a message digest of the request 795 encrypted with the customer's private key), and a copy of the customer's certificate 799.
The biller authenticates the customer's request at block 784. In one embodiment, the biller authenticates the request by first authenticating the customer's certificate to verify that the customer has been validly certified by a validly certified certificated bank and to obtain the customer's public key. The biller then uses the customer's public key to decrypt the customer's digital signature, obtaining a message digest of the request itself, and l0 compares the message digest from the customer's decrypted digital signature to a message digest of the request as received by the biller. If the two message digests are identical, the request is an authentic message from the customer identified in the customer certificate. In one embodiment, the biller also compares customer information included in the request to its customer records to verify that the customer is a customer of biller and is authorized to request changes in service. This authentication process is analogous to the process that is used by a biller receiving a change in address notification from a customer to verify that the change in address request is authentic.
If the biller finds that the request is not authentic at block 786, for example, because the certificate is not valid, or because the message digest contained in the customer's decrypted digital signature is not identical to a message digest of the appended request, or if customer information included in the request does not match biller account records, then the biller sends an error message to that effect at block 788. If the request is authentic, the biller updates the biller's customer data base to add the customer's e-mail address and public key and to reflect that the customer has requested initiation of electronic billing at block 790. The biller begins its electronic billing service to the customer at block 792.
Figure 8 is a block diagram illustrating the process by which a biller sends a bill or other account statement to a customer in one embodiment of the present invention. As shown in Figure 8, the process starts when the billing date occurs at block 800. The biller generates summary and detailed bill data at block 801. The biller obtains the customer's e-SUBSTITUTE SHEET (RULE 26) mail address and public key at block 802. The biller may obtain the customer's e-mail address and public key from a locally stored data file, if available (for example if the biller has previously obtained the customer's e-mail ad.dress and public key), or from the data base maintained by the certification authority or certificated bank, or by some other appropriate means. The biller sends the customer an authenticated e-mail message at block 803. Software at the customer's computer authenticates the e-mail message at block 804.
In one embodiment, the body of the e-mail message contains the summary bill data, as well as links for accessing detailed billing data., for obtaining advertising materials, and for initiating electronic payment of the bill. The biller appends the biller's digital certificate, digitally signs the body of the email message, and encrypts the entire e-mail message, including the digital signature. using the customer's public key (or using a session key encrypted with the customer's public key). The biller then sends the encrypted message (and encrypted session key, if applicable) to the customer.
Figure 8A is a schematic diagram of one embodiment of a biller's e-mail message containing summary bill data. As shown in Figure 8A. in this embodiment the e-mail message 850 includes summary bill data 852, the biller's digital signature 854, the biller's certificate 856, and a session key 858. The biller's digital signature 854 consists of a message digest of the summary bill data 852 encrypted with the biller's private key. In this embodiment, summary bill data 852, biller's digital signature 854, and biller's certificate 856 are all encrypted using session key 858. Session key 858 in turn is encrypted using the customer's public key.
The customer's software decrypts the message using the customer's private key (and decrypted session key, if applicable), and verifies the digital signatures of the certification authority and the certificated bank contained in the biller's certificate.
Finally, the customer's software verifies the biller's digital signature, and displays the authenticated message to the customer. In one embodiment, the customer's software stores a copy of the biller's digital certificate, or a record that the biller's public key has been validated, in a local storage media such as the customer computer's hard disk drive. By doing so, for SUBSTITUTE SHEET (RULE 26) subsequent bills from the same biller, the onlv computation required is verification of the biller's digital signature.
The customer views the authenticated e-mail message at block 805. In this embodiment, the viewing of the e-mail message by the customer (or, more precisely, the display of the e-mail message) triggers the sending of a return e-mail message to the biller confirming that the bill has been delivered to the customer. The biller receives this confirmation at block 806.
In this embodiment, the summary, bill contains links that can. optionally be activated by the customer. These links include a link to a detailed bill, a link to an lo advertiser, and a link to an electronic bill pay system.
If the customer does not activate any of the options, bill delivery is completed at block 808. The customer may print out the bill, or leave it stored on the computer. The customer may pay the bill by mail or by electronic means.
If the customer activates the bill detail option at block 809, the customer's software sends a request to the biller for detailed information. The link to the detailed bill information contained in the e-mail message contains the appropriate network address to which the request should be transmitted. The request contains a unique bill identification number obtained from the summary bill. The customer's software may append the customer's digital certificate to the body of the message. The customer's software digitally signs the message, optionally encrypts the message, if additional security is needed, using the biller's public key (or a session key generated by the customer's software and encrypted with the biller's public key), and transmits the message to the address for the appropriate biller detail server specified in the link at block 810.
The biller's software decrypts, if necessary, and authenticates the received customer request for detailed data at block 811, and retrieves the detail data at block 812. The biller retrieves the appropriate detail form at block 813. The particular form selected will conform to the legal requirements for the particular jurisdiction in which the customer is located. The biller enters the detail data into the appropriate form at block 814 and returns SUBSTITUTE SHEET (RULE 26) the form, complete with data, to the customer at block 815. In this embodiment the detail bill constitutes an HTML document. In one embodiment, the entire HTML document is encrypted and sent with the same security provisions as those used in sending the summary data bill. In an alternate embodiment, only selected data in the HTML document (for example, data which by agreement between the customer and the biller, by law, or for some other reason, must be kept confidential) is encrypted. In an embodiment in which the summary data bill is encrypted with a session key, the same session key may be used to encrypt the detail bill. Finally, the customer's software authenticates and decrypts the detail bill and displays it to the customer at block 816.
The detail bill, like the summary bill, may contain links to advertising materials and/or to an electronic bill payment process or system.
If the customer activates the link for requesting advertising information at block 817, either from the summary bill or from the detailed bill, the customer's software connects to the advertiser's web page using the address contained in the advertising information link at block 818.
If the customer activates the link for paying the bill electronically at block 819, either from the summary bill or from the detailed bill, the customer's software initiates an electronic bill pay process at block 821. This electronic pay process may utilize the SET
protocols. or may be any other appropriate electroriic bill pay process. The process may, but need not, be provided by the customer's certificated bank.
If the customer neither selects the advertising information or the bill payment options at blocks 817 and 819, respectively, bill delivery is completed at block 820.
The process by which a biller's message is authenticated by the customer's software in one embodiment of the present invention is illustrated in Figure 9. The same general process, substituting the customer for the biller and the biller for the customer, as appropriate, may be used by a biller to authenticate a customer message.
As shown in Figure 9, the biller, or more precisely the biller's software, assembles the body of the e-mail message at block 900, and processes the message using a digesting SUBSTITUTE SHEET (RULE 26) program to obtain a message digest at block 905. The biller's software encrypts the message digest using the biller's private key at block 910 and appends the encrypted message digest to the message at block 915. The encrypting of the message digest using the biller's private key and appending the encrypted message digest to the message constitutes digitally signing the message with the biller's signature. The digital signature allows the customer to verify that the biller is the originator of the message and that the message has not been changed en route to the customer.
The biller' s software appends the biller's digital certificate to the digitally signed message at block 920. In this embodiment, the biller's certificate, as in the embodiment of 1o Figure 5, includes a certification authority's digital signature verifying the certification of the certificated biller bank, and the certificated bank's digital signature verifying the certification of the biller and the authenticity of the biller's public key.
In this embodiment, the certification authority's digital signature consists of a message digest of the certificated biller bank's ID number and public. key encrypted, using the certification authority's private key. Similarly, the biller bank's digital signature consists of the biller's ID number and public key encrypted using the biller bank's private key.
After appending the biller certificate to the message, the biller's software generates a session key at block 922, and encrypts the biller's message (including the appended digital signature and certificate) using the session key at block 924. The biller's software then encrypts the session key using the customer's public key at block 926.
The biller's software sends the encrypted message and encrypted session key to the customer via e-mail at block 928. The customer receives the biller's email package at block 930. The customer's software decrypts the session key using the customer's private key at block 932, and uses the decrypted session key to decrypt the remainder of the-mail message at block 934.
The customer's software verifies the message by sequentially verifying the hierarchy of digital signatures included in the biller's digital certificate.
The customer's software first retrieves the certification authority's identity from the certification authority affiliation field of the biller's certificate. Using the public key of the certification authority SUBSTITUTE SHEET (RULE 26) so identified (which the certification authority r,nakes widely available), the customer's software verifies the certification authority's digital signature to determine whether the public key and bank ID for the certificated bank included in the biller's certificate are genuine. The customer's software decrypts the cei-tification authority's digital signature at block 936, obtaining a message digest of the biller bank's ID number and public key. The customer's software derives a message digest of the biller bank's ID number and public key as specified7 in the biller certificate at block 938, and compares the derived message digest to the message digest from the decrypted certification authority's digital signature at block 940. If the message digests are found to be not identical at block 942, the customer's 1o software sends an error message to the biller at block 944.
If the message digests are found to be identical at block 942, then the certificated bank's ID and public key included in the biller's digital certificate are authentic. The customer's software uses the biller bank's authenticated public key to decrypt the certificated biller bank's digital signature at block 946, obtaining a message digest of the biller's ID number and public key. The customer software derives a message digest of the biller's ID and public key as specified in the biller's certificate at block 948, and compares the two message digests at block 950. If the two digests are found to be not identical at block 952, the customer software sends an error message to the biller at block 954.
If the message digests are found to be identical at block 952, then the biller's ID and public key included in the biller's digital certificate are authentic. The customer's software uses the authenticated public key of the biller to decrypt the biller's digital signature at block 956, obtaining a message digest of the included message. The customer software derives a message digest of the message at block 958, and compares the two message digests at block 960. If the two digests are founcl to be not identical at block 962, the customer software sends an error message to the biller at block 966.
If the message digests are found to be identical at block 962, then the included message is authentic. and the customer software displays the message to the customer at block 964.
SUBSTITUTE SHEET (RULE 26) In one embodiment of the invention, a certificate issued by a certificated bank to a customer may be used by the customer to make electronic payments as well as to receive electronic statements, and a certificate issued by a certificated bank to a biller may be used by the biller to receive electronic payments as well as to present bills electronically. In one embodiment, a customer or biller applying for a certificate from a certificated bank may request that an electronic payment account be established that is linked to the certificate. In one embodiment, such an account functions much like a credit card account or a checking account with debit card access. The customer sends a biller an authorization to receive payment from the customer's payment account, the biller conveys the authorization to the lo customer's certificated bank, and the customer's certificated bank electronically transmits the authorized amount to the biller's certificated bank for payment into the biller's electronic payment account. In another embodiment, the customer may use the customer's certificate to make electronic payments using an existing payment card. In one embodiment, the customer sends a payment authorization to the biller in which the customer specifies the amount being paid and the credit card (or other payment card) account number to be charged. The customer's software digitally signs the payment authorization by encrypting a message digest of the payment authorization with the customer's private key. The customer's software appends the customer's certificate to the digitally signed payment authorization and encrypts the customer's payment authorization, 2o digital signature, and certificate using a session key. The customer's software encrypts the-session key using the biller's public key, appends the encrypted session key to the rest of the message, and sends the resulting message- via e-mail to the biller. The biller decrypts the session key using the biller's private key and uses the session key to decrypt the customer's certificate, digital signature and payment authorization. The biller verifies the authenticity of the customer's certificate, and verifies that the message digest obtained by decrypting the customer's digital signature using the customer's public key matches a message digest of the customer's payment authorization. The biller submits the payment authorization to the appropriate payment card authority, and the biller's account is credited with the payment amount. in one embodiment, the biller retains a copy of the customer's payment authorization and digital signature for accountability and to prevent repudiation of the payment authorization by the customer.
SUBSTITUTE SHEET (RULE 26) Figure 10 is an illustration of an embodiment of a summary bill that may be sent by a biller in one embodiment of the present invention. Figure 10 shows the bill as displayed by the customer's software on the customer's computer or other display device.
This embodiment is shown as an example only. A wide variety of other formats for a summary bill may be used.
As shown.in Figure 10, summary bill 1000 consists of a summary bill information area 1010 and four action buttons 1020, 1030, 1040 and 1050, respectively.
Summary bill information area 1010 contains summary bill data. In this example, the biller is an electric utility company. The summary bill data includes the biller's name 1005, the customer's 1o account number with the biller 1015, the customer's name and address 1025, a listing of current and previous charges 1035, an explanation of current charges 1045, a return address for the biller 1055, and customer service information 1060. Customer service information 1060 includes the biller's customer service telephone number, e-mail address and URL that can be used by the customer to contact the biller if' there are any questions.
The summary information, contained in the summary bill information area 1010 corresponds generally to the information that would be 20 contained on the remittance stub of a mailed, paper bill.
Action buttons 1020, 1030, 1040 and 1050 allow the customer to obtain additional information or perform certain functions. Action button 1020 is a "Details"
button. By activating action button 1020, for example by clicking on it with a mouse, the customer's software at the customer's computer sends a request for bill details to the biller. Action button 1030 is a "Pay" button. Action button 1030 is displayed if the customer has access to an electronic bill payment system. In one embodiment, activating button 1030 initiates a link to electronic bill payment system software that allows the customer to initiate payment of the bill utilizing an electronic bill payment system such as, for example, the electronic bill pay system described in U.S. Patent No. 5,465,206. In another embodiment of the invention, the customer's software includes the capability of transmitting an electronic payment directly to the biller, for example in the form of an encrypted and digitally signed payment card payment authorization. Action button 1040 is a "Print" action button. By activating button 1040, a hard copy of the displayed summary bill is printed on the customer's printer. Action button 1050 is a "Special Offer" action button. In the SUBSTITUTE SHEET (F3ULE 26) embodiment of Figure 1050, action button 1050 contains a short "teaser" about the special offer in the form of the words "Save 50% on Airfares!" By activating button 1050, the customer's software retrieves a web page linked to button 1050, and displays the web page to the customer. The web page may be a web page of a third party advertiser containing an advertisement from the third party as in the embodiment shown in Figure 10, or may be a web page of the biller, containing details of a special offer available from the biller.
Figure 11 illustrates an example of a detailed bill of one embodiment of the present invention that is sent by the biller to the customer in response to the customer activating "Details" action button 1020 of summary bill 1000 of Figure 10. The detailed bill may be to an HTML document. As shown in Figure 11, detailed bill i 100, like summary bill 1000, includes the biller's name 1005, the customer's account number 1015, the customer's name and address 1025, a listing of current and previous charges 1035, an explanation of current charges 1045, return address 1055, and customer service information 1060. In the embodiment of Figure 11, customer service information 1060 includes a customer service link button 1150 that links directly to the biller's customer service web page. Detailed bill 1100 also includes "Pay" action button 1030 and "Print" action button 1040. In addition, detailed bill 1100 includes an additional detail field 1110, advertising fields 1130 and 1140, and public service message field 1120.
In the embodiment of Figure 11, additional detail field 1110 contains a graph showing the customer's usage history. In other embodiments, additional detail field 1110 may contain other billing information that would be included in the detailed portion of a mailed, paper bill. For example, if the bill is a telephone bill, detail data field 1110 may include a listing of all toll calls made by the customer during the billing period. Additional detail field 1110 may contain additional sub-fields, be of any desired size, and may encompass several pages.
Advertising fields 1130 and 1140 contain advertisements. These advertisements may be advertisements for products and services of the biller or may be for products and services for third party advertisers. The particular advertisements displayed on a customer's bill may be selected based on criteria such as the customer's profile, the particular time and SUBSTITUTE SHEET (RULE 26) date at which the customer requests the detailed bill, the geographic location of the customer, the customer's usage history, etc. Advertisements may therefore be highly focused. For example, special offers may be rernoved when time limits or limits on the number of respondents have been exceeded. Messages concerning water conservation may be directed by a utility to high water users. On a very hot day, an electric company may display an advertisement for energy saving air conditioners that appears to come from the utility but links to the web page of an appliance store in the customer's vicinity.
In the embodiment of Figure 11, advertising field 1 130 contains an advertisement for automotive services while field 1140 contains an advertisement for a travel lo organization. To access details of the advertisements, advertising fields 1130 and 1140 include action buttons 1 135 and 1145, respectively. Selecting either of these action buttons will bring up the web page containing additional information about the advertised items.
Advertising fields 1 130 and 1 140 as a whole may also constitute link activation areas.
Public message field 1120 is used to display messages intended to be helpful to the customer, and may contain public service messages, llints on conserving energy and resources. or any other messages. In the embodin-ient of Figure 11, public message field 1120 is itself an action button. Accordingly, clickiiig anywhere on message field 1120 wll bring up the corresponding web 15 page.
The present invention can be implemented by means of software programming on 2o any of a variety of one or more computer systems as are well known in the art, including, without limitation, computer systems such as that shown in Figure 12. The computer system of Figure 12 may, for example, be used as a customer computer, a biller computer, a bank computer, or a certification authority computer. The computer system shown in Figure 12 includes a CPU unit 1200 that includes a central processor, main memory, peripheral interfaces, input-output devices, power supply, and associated circuitry and devices; a display device 1210 which may be a cathode ray tube display, LCD
display, gas-plasma display, or any other computer display; an input device 1230. which may include a keyboard, mouse, digitizer, or other input device. 'The computer system may or may not include non-volatile storage 1220. which may include magnetic, optical, or other mass SUBSTITUTE SHEET (RULE 26) storage devices, and a printer 1250. The computer system may also include a network interface 1240, which may consist of a modem, allowing the computer system to communicate with other systems over a communications network such as the Internet. Any of a variety of other configurations of computer systems may also be used.
Thus a novel secure interactive electronic account statement delivery system has been presented. Although the present invention has been described with respect to certain example embodiments, it will be apparent to those skilled in the art that the present invention is not limited to these specific embodiments. For example, although the statements that are electronically presented to a customer using the present invention have in certain instances been described as "bills" and the originators of the statements as "billers," it will be apparent to those skilled in the art that the invention may be used for presenting statements other than bills from entities other than billers. For example, the present information can be used by a bank, stock broker, or other financial services provider to deliver periodic account balance information to a customer.
Further, although the operation of certain embodiments has been described in detail using certain detailed process steps, some of the steps may be omitted or other similar steps may be substituted without departing from the scope of the invention. Further, although the invention has been described as utilizing the Internet as a transport network, other networks or other communications media may be used.
SUBSTITUTE SHEET (RULE 26)
The electronic bills delivered by these systems consist of simple text messages. As such, the electronic bills cannot deliver the same varietv of information and materials as, and are therefore a poor substitute for, traditional mailed paper bills.
Furthermore, these systems require the use of a specialized, centralized distribution network and/or special equipment.
Security is an issue for messages and other data transmitted over open networks such as the Internet. Encryption is one mechanism that can improve the security of lo transmitted communications. Two well known types of encryption are secret key encryption and public key encryption.
Secret key encryption is a symmetric form of encryption in which the same key is used to encrypt and decrypt messages. To encrypt a message, the message and the secret key are supplied to a software encryption program that transforms the message by means of an encryption routine that uses the secret key and the message as an input.
The original message can only be obtained from the encrypted message by applying a reverse decryption process which transforms the encrypted message by means of a decryption routine that uses the encrypted message and the secret key as an input.
Because the same secret key is used for encryption and decryption, both the sender and the recipient of the encrypted message must have a copy of the secret key. The security of secret key encryption can therefore be compromised by either the sender or the recipient.
Public key encryption is an asymmetric form of encryption that uses a two-key pair, typically referred to as a public key and a private key. In public key encryption, messages encrypted with either one of the public and private keys can only be decrypted using the other key. For example, a message encrypted with the public key can only be decrypted using the private key. Conversely, a message encrypted with the private key can only be decrypted using the public key.
SUBSTITUTE SHEET (RULE 26) The terms "public" key and "private" key stem from the manner in which public key encryption is often used. A party concerned about security of its incoming communications generates its public and private keys. It keeps its private key secret, but freely distributes its public key. Any party wishir-g to send a confidential message to the party that generated the keys can encrypt its message using the freely available public key.
Since the message can then only be decrypted using the private key, which the receiving party keeps in its sole possession, the sending party can be assured that only the receiving party will be able to decode the encrypted message.
Another security mechanism that can be used in conjunction with public key 1o encryption is a digital signature. The purpose of a digital signature is to confirm to the recipient that a message that is sent has in fact originated witli the purported sender.
One form of digital signature uses a message digest. A message digest is a value that is generated when the message is passed through a digesting program, which may be a hashing routine. An ideal digesting program is one for which the probability of two different messages generating the same message digest is extremely low. In this form of digital signature, both the sender and the recipient need to know which digesting program is being used. The sender generates the message, and generates a message digest by passing the message through the digesting program. The sender encrypts the message digest with the sender's private key. The result of this encryption then becomes the digital signature which the sender appends to a message just as a holographic signature would be added to a paper document. Finally, the sender encrypts the entire package with the recipient's public key, and sends the encrypted package to the recipient.
The recipient receives the encrypted package and decrypts it using the recipient's private key to obtain the message and message digest encrypted with the sender's private key. Next, the sender decrypts the message digest using the sender's public key. The recipient then runs the message, minus message digest. through the digesting program and compares the message digest so obtained to the message digest included in the message. If they are both the same, the recipient is ensured that the message indeed originated with the sender and that it has not been changed enroute.
SUBSTITUTE SHEET (RULE 26) In practice, entire messages are rarely encrypted/decrypted using public keys.
Although possible, most algorithms used for public key encryption are computationally intensive. Accordingly, the usual practice is for the sender to generate a secret "session"
key that is used in a symmetric encryption algorithm, which is less computationally intensive than a public key algorithm. The sender encrypts the message with the session key, encrypts the session key with the recipients public key, and sends both to the recipient. To retrieve the sender's message, the recipient decrypts the session key with the recipient's private key, and then uses the session key to decrypt the message.
The use of encryption and digital signatures in electronic transactions over the Internet is further described in "Secure Electronic Transactions (SET) Specification, Draft for testing, June 17, 1996" published on the Internet by Visa International at www.visa.com and by MasterCard at www.mastercard.com.
SLJMMARY OF THE INVENTION
The present invention consists of a secure interactive electronic account statement delivery systeni suitable for use over open networks such as the Internet. The present invention utilizes a certification hierarchy to insure that electronic bills, invoices, and other account statements can be sent over open networks with certainty that they will only be received by the intended recipients. The participants in the system are a certification authority, certificated banks, billers and other service providers, and customers. The certification authority grants digital certificates to the certificated banks, which in turn are authorized to grant digital certificates to billers and customers. Digital certificates form the basis for encryption and authentication of network communications, using the concepts of public and private keys. The certificates associate a customer and biller with a certificated bank and with the electronic billing system, much like payment cards associate a customer with a payment card issuer (typically a bank) and a particular payment card system (e.g.
Visa, MasterCard, etc.). Digital signatures are used for authentication and nonrepudiation.
The certificates may be stored as digital data on storage media of a customer's or biller's computer system, or may be contained in integrated circuit or chip cards physically issued to billers and customers.
SUBSTITUTE SHEET (RULE 26) To send an account statement such as a bill to a customer in one embodiment of the present invention, the biller and the customer must each have a valid certificate, typically issued by a certificated bank. The biller must know the e-mail address of the customer, as well as the customer's public key. This information may be obtained, for example, from the certification authority, which maintains a file or d:irectory of customer public keys and e-mail addresses, as well as a file or directory of biller public keys and e-mail addresses. The biller sends an e-mail message signed with the biller's digital signature and encrypted using the customer's public key (or using a session key which is encrypted with the customer's public key) to the customer's e-mail address. In one embodiment, the biller includes a copy to of the biller's certificate with the e-mail message. In another embodiment, the customer obtains the biller's certificate from a directory maintained by a certification authority or from local storage (if the customer previously obtained the biller's certificate). When the customer retrieves the e-mail message, for example using a home computer, software in the customer's computer decrypts the message using the customer's private key, or using the session key decrypted using the customer's private key, and verifies that the e-mail message is a bona-fide message from a certificated biller by verifying the biller's certificate and digital signature. Since only the customer has access to the customer's private key, only the customer can decrypt and read the e-mail bill. The present invention thus provides a level of privacy and security that is at least as great as using regular mail.
The e-mail message itself may be a simple-text message containing the equivalent of summary information for the bill, or may be a more elaborate bill containing detailed text and graphics. However. the bill delivery system of the present invention allows the creation of much more eiaborate bills. In one embodiment of the invention, the e-mail message contains a number of embedded links: for example, an embedded URL of a biller's world wide web server that allows the customer to interactively bring up detailed billing information at a touch of an on-screen button that activates the link.
The e-mail message may also include links to third party web sites offering special product promotions or other services, thereby performing the same funct.ion, but with greater flexibility. as that performed by marketing materials included in mailed hard-copy bills. The e-mail message may also contain an embedded command to send the biller a confirmation message when SUBSTITUTE SHEET (RULE 26) the customer first displays the biller's message. Customer certificates and customer digital signatures are used to insure authenticity of communications originated by a customer.
Accordingly, in one aspect of the present invention providing a method for delivering account statement data from a statement issuer to a customer using a communications network comprising directing application information for a customer certificate transmitted from a customer to a certificated bank; sending said customer certificate from said certificated bank to said customer; informing said customer whether a statement issuer is a participant in an electronic billing system; providing said customer with an e-mail address which belongs to said statement issuer; receiving an electronic statement activation request, a customer digital signature, and a copy of said customer certificate transmitted from said customer to said statement issuer through use of the e-mail address;
authenticating, by said statement issuer, of said electronic statement activation request; updating, by said statement issuer, a customer data base following successful authentication; activating said electronic billing system between the statement issuer and the customer; issuing a statement issuer certificate from a first certificate issuer to said statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer;
issuing said customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer; generating a customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate; and transmitting said customer statement message from said statement issuer to said customer using said communications network.
In a still further aspect, the present invention provides a method for delivering account statement data from a statement issuer to a customer using a communications network comprising issuing a statement issuer certificate from a first certificate issuer to a statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer; issuing a customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer; generating a customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate, transmitting said customer statement message from said statement issuer to said customer using said communications network; receiving said customer statement message transmitted from said statement issuer to said customer; verifying an authenticity of said copy of said statement issuer certificate included in said customer statement message; verifying an authenticity of said account statement data by verifying said statement issuer digital signature included in said customer statement message; displaying a summary bill which is contained within said customer statement message on a display screen, said customer statement message comprises link activation information displayed as a link activation area when said summary bill is displayed on said display screen, wherein activation of said link activation area activates a communication to a server computer using said communications network;
receiving a request for detailed bill information transmitted from said customer to said server computer;
authenticating said request for said detailed bill information at said server computer;
retrieving a set of detailed bill data; retrieving an appropriate detailed bill form; entering said set of detailed bill data into said appropriate detailed bill form; and thereafter sending said appropriate detailed bill form containing said detailed bill data to said customer.
In a further aspect, the present invention provides a program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform operations for delivering account statement data from a statement issuer to a customer using a communications network, said method comprising directing application information for a customer certificate transmitted from a customer to a certificated bank;
sending said customer certificate from said certificated bank to said customer; informing said customer whether a statement issuer is a participant in an electronic billing system; providing said customer with an e-mail address which belongs to said statement issuer;
receiving an electronic statement activation request, a customer digital signature, and a copy of said customer certificate transmitted from said customer to said statement issuer through use of the e-mail address; authenticating, by said statement issuer, of said electronic statement activation request; updating, by said statement issuer, a customer data base following successful authentication; activating said electronic billing system between the statement issuer and the customer; issuing a statement issuer certificate from a first certificate issuer to said statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer; issuing said customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer;
generating a customer 8a statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate; and transmitting said customer statement message from said statement issuer to said customer using said communications network.
In a further aspect, the present invention provides a method for delivering account statement data from a statement issuer to a customer using a communications network comprising the steps of issuing a first certificate to a first certificate issuer that includes data related to said first certificate issuer and a digital signature of a certificate authority; issuing a statement issuer certificate from a first certificate issuer to a statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer; issuing a customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer; receiving a request from said customer to initiate electronic billing, said request including customer information and said customer certificate;
authenticating said customer request to initiate electronic billing using said customer certificate; generating an encrypted customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate; and transmitting said customer statement message in the form of an electronic mail message from said statement issuer to said customer using said communications network.
In a still further aspect, the present invention provides an electronic account statement delivery system for delivering an account statement from a statement issuer to a customer using a communications network, said system comprising a certificate issuer having a certificate issuer certificate including data related to said certificate issuer and a digital signature of a certification authority; a statement issuer, said statement issuer being issued with a statement issuer certificate from said certificate issuer, said statement issuer certificate including data related to said statement issuer and a digital signature of said certificate issuer;
a customer, said customer participating in said electronic account statement delivery system, said customer being issued with a customer certificate from said certificate issuer, said customer certificate including data related to said customer and a digital signature of said certificate issuer, customer means for generating a request to initiate electronic billing, said request including customer information and said customer certificate;
statement issuer means for authenticating said customer request to initiate electronic billing using said customer 8b certificate; means for generating an encrypted electronic account statement message including account statement data for said customer related to an account of said customer with said statement issuer, said statement issuer certificate, and said certificate issuer certificate; and an electronic mail system, whereby said electronic account statement message is delivered from said statement issuer to said customer via electronic mail.
BRIEF DESCRIPTION OF THE DRAWINGS
Figure 1 is a schematic diagram illustrating the topology of one embodiment of the interactive electronic billing system of the present invention.
Figure 2 is a block diagram illustrating the certificate hierarchy used in one embodiment of the present invention.
Figure 3 is a schematic diagram of a bank certificate of one embodiment of the present invention.
Figure 4 is a schematic diagram of a customer certificate of one embodiment of the present invention.
Figure 5 is a schematic diagram of a biller certificate of one embodiment of the present invention.
Figure 6 is a block diagram illustrating a process by which a certification authority issues a bank certificate in one embodiment of the present invention.
Figure 7 is a block diagram illustrating a process by which a certificated bank issues a customer or biller certificate in one embodiment of the present invention.
Figure 7A is a block diagram illustrating a process by which a customer registers with a biller to receive electronic bills in one embodiment of the present invention.
Figure 7B is a schematic diagram of a customer request for electronic billing service to a biller of one embodiment of the present invention.
Figure 8 is a block diagram illustrating the process by which a biller sends a bill to a customer in one embodiment of the present invention.
8c Figure 8A is a schematic diagram of one embodiment of a biller's e-mail message containing summary bill data.
Figure 9 is a block diagram of a method used by a customer's software to authenticate an incoming biller message in one embodiment of the present invention.
Figure 10 is an illustration of an interactive bill of one embodiment of the present invention containing summary data.
Figure 11 is an illustration of an interactive bill of one embodiment of the present invention containing detailed data.
Figure 12 is a schematic diagram of an example computer system that can be used for a customer, biller, bank, or certification authority computer system of the present invention.
DETAILED DESCRIPTION OF THE INVENTION
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. It will be apparent to one skilled in the art, however, that the present inve;ntion may be practiced without these specific details. In other instances, well-known features have not been described in detail in order not to unnecessarily obscure the present invention.
Figure 1 shows the topology of one embodirnent of an interactive electronic billing system of the present invention. As shown in Figure 1, this embodiment includes a biller 100, a certificated biller bank 110, a transport netvrork 120, a certificated customer bank 130, a customer 140, and a certification authority 150. Biller 100 may be any of a variety of entities that provide products or services to customer 140 and that provide periodic account statements to customer 140. Examples of entities that may be a biller 100 include utility companies, banks, credit card companies, retailers, stockbrokers, etc.
Certificated biller bank I10 is a bank that has been certificated by certification authority 150 and that has provided a biller certificate to biller 100. Biller bank I 10 may also provide electronic bill payment services to biller 100. Transport network 120 is a data SUBSTITUTE SHEET (FIUL.E 26) communications network to which biller 100, certificated biller bank 110, certificated customer bank 130, customer 140, and certification authority 150 have access.
For example, transport network 120 may be the Internet. Certificated customer bank 130 is a bank or other service provider that has been certificated by certification authority 150 and that has provided a customer certificate to customer 140. Customer Bank 130 may also provide electronic bill payment services to customer 140. Customer 140 is any entity that has obtained a customer certificate and is a customer of biller 100.
Certification Authority 150 distributes certificates to certificated banks and may administer the protocol and certificate hierarchy used in the system.
Figure 2 is a block diagram illustrating the certificate hierarchy used in one embodiment of the present invention. At the top level of the hierarchy is certification authority 200, which is responsible for overall integrity of the system.
Certification authority 200 issues certificates to certificated banks. These certificates are shown as bank certificates 210a and 210b. Bank certificates 210a-b constitute the second level of certificates below the top level occupied by certification authority 200.
Certificated banks issue customer certificates and biller certificates to customers and billers, respectively. As shown in Figure 2, customer certificate 220a and biller certificate 230a are issued under the authority of bank certificate 210a, while customer certificate 220b and biller certificate 230b are issued under authority of bank certificate 210b. Customer certificates 220a-b and biller certificates 230a-b occupy the same level of the certificate hierarchy shown in Figure 2. This level is one level below bank certificates 210a-b.
A digital certificate of the present invention consists of digital data of a particular form and content, as established by a certification authority. A digital certificate of the present invention may be delivered from the issuer of the certificate to the recipient as an electronic message or in physical form. If delivered in physical form, the digital certificate is stored on a physical medium, for example, on a chip card. The chip card is delivered by some secure means to the recipient.
SUBSTITUTE SHEET (RULE 26) Figure 3 illustrates the digital data contained in a bank certificate of one embodiment of the present invention. As shown in. Figure 3, bank certificate 350 includes a bank ID 300, a bank public key 305, a certification authority digital signature 310, and a certification authority affiliation 315.
Bank ID 300 is a unique identifier that identifies the certificated bank to which the certificate is being issued within the electronic billing system administered by the certification authority identified by certification authority affiliation 315.
In one embodiment, bank ID 300 consists of a combination of a bank's name, location, Federal Reserve Bank routing number, and/or American Bank Association ("ABA") number.
Bank l0 public key 305 is the public key of the bank. Certification authority affiliation 315 indicates the particular certification authority that has issued the bank certificate.
Certification authority digital signature 310 is a digital signature of the certification authority that authenticates the certificate as a valid certificate issued by the certification authority identified by certification authority affiliation 315. Certification authority digital signature 310 may be viewed as a seal that authenticates bank ID 300 and bank public key 305 that ensures that they are delivered intact and unchanged to a recipient.
Certification authority digital signature 310 may, for example, be generated by creating a message digest of bank ID 300 and bank public key 305 and eticrypting the message digest using the certification authority's private key.
Figure 4 illustrates the digital data contained in a customer certificate issued by a certificated bank in one embodiment of the present invention. As sliown in Figure 4, customer certificate 450 contains a copy of bank certificate 350 in the form of bank ID 415, bank public key 420, certification authority digital signature 425, and certification authority affiliation 430, which are copies of bank ID 300, bank public key 305, certification authority digital signature 310, and certification authority affiliation 315 respectively. In addition, customer certificate 450 includes a customer ID
400, a customer public key 405, and a bank digital signature 410.
Customer ID 400 is a unique identifier with. respect to the issuing certificated bank that uniquely identifies the customer to whom customer certificate 450 is issued from SUBSTITUTE SHEET (RULE 26) among the entities to which the certificated bank identified by bank ID 410 has issued certificates. Customer ID 400 in combination with bank ID 410 uniquely identifies the customer to whom certificate 450 has been issued from among all participants of the electronic billing system administered by the certification authority identified by certification authoritv affiliation 430.
Customer public key 405 is the public key of the customer. Bank digital signature 410 is a digital signature of the certificated bank that authenticates customer ID 400 and customer public key 405 and ensures that they are delivered intact and unchanged to a recipient. Certificated bank digital signature 410 may, for example, be generated by creating a message digest of customer ID 400 and customer public key 405 and encrypting the message digest using the certificated bank's private key.
Figure 5 illustrates the digital data contained in a biller certificate issued by a certificated bank in one embodiment of the present invention. As shown in Figure 5, biller certificate 550 is similar to customer certificate 450 of Figure 4, except that the customer ID 400 and customer public key 410 are replaced with biller ID 500 and biller public key 510, respectively. Biller ID 500, like customer ID 400, is a unique identifier with respect to the issuing certificated bank that uniquely identifies the biller to whom biller certificate 550 is issued from among the entities to wllich the certificated bank identified by bank ID
510 has issued certificates. Biller ID 500 in combination with bank ID 510 uniquely identifies the biller to whom certificate 550 has been issued from among all participants of the electronic billing system administered by the certification authority identified by certification authority affiliation 530.
Figure 6 illustrates the process by which a certification authority issues a bank certificate to a bank in one embodiment of the present invention. The certification authority in general issues a bank certificate to a bank only if the bank meets financial and security qualifications established by the certification authority, and if the bank agrees to the terms and conditions associated with the electronic billing system.
As shown in Figure 6, the process starts when a certification authority (CA) receives a certification application at block 600. A certification application may, for SUBSTITUTE SHEET (RULE 26) example, consist of a request for certification along with supporting documentation as required by the certification authority.
After receiving the certification application, the certification authority reviews the application and the applicant bank's qualifications at block 605. If the applicant bank fails to meet the certification authority's required qualifications at block 610, the bank's application is rejected at block 615. If the bank meets the certification authority's qualifications at block 610, the certification authority selects an ID for the bank at block 620. The certification authority sends billing system software to the bank (if needed) at block 625, and requests the bank's public key from the bank at block 630. The bank lo generates its public and private key pair using the billing system software (or some other appropriate method) at 635, and sends its public key to the certification authority at block 640. Alternatively, the bank's public and private keys may be generated by the certification authority, as part of the application process or after approval of the application. In this case, the private key must be delivered to the bank in a secure manner.
The certification authority stores the bank ID and the bank's public key in a directory at block 645, and assembles the bank's certificate at block 650.
Finally, the certification authority delivers the bank's certificate to the bank by secure means at block 655.
One secure means that may be used for conveying the bank certificate from the certification authority to the bank is to encrypt a digitally signed bank certificate with the bank's public key, or with a session key encrypted with the bank's public key, and transmit it to the bank. In an embodiment in which the cer!ification authority generates the bank's private key, the certification authority must also deliver the bank's private key to the bank. A second secure means that may be used is storing the certificate on a physical storage medium such as an integrated chip card and physically conveying the chip card to the bank.
Figure 7 illustrates the process by which a certificated bank (a bank that has been certified by a certification authority) issues a biller certificate or a customer certificate to a biller or customer. respectively, in one embod:iment of the present invention.
The SUBSTITUTE SHEET (RULE 26) certificated bank in general issues a biller or customer certificate only if the biller or customer meets financial and/or other qualifications established by the certificated bank and/or the certification authority.
As shown in Figure 7, the process starts when a certificated bank (CB) receives a certification application from a biller or customer (B/C) at block 700. A
certification application may, for example, consist of a request for a B/C certificate along with supporting documentation as required by the certificated bank.
After receiving the certification application, the certificated bank reviews the application and the B/C's qualifications at block 705. If the applicant fails to meet the certification authority's required qualifications at block 710, the B/C's application is rejected at block 715. If the B/C meets the certificated bank's qualifications at block 710, the certificated bank generates an ID for the B/C at block 720. In one embodiment, the ID
consists of a combination of B/C information (name, address, etc.) and a certificated bank-generated number, for example, an account number. The certificated bank sends billing system software to the B/C (if needed) at block 725. The certificated bank requests the B/C's public key from the B/C at block 730. The B/C generates its public and private key pair using the billing system software (or some other appropriate method) at 735, and sends its public key to the certificated bank at block 740. Alternatively, the B/C's public and private keys may be generated by the certificated bank, as part of the application process or after approval of the application. In this case, the private key must be delivered to the B/C
in a secure manner.
The certificated bank sends the B/C ID and public key to the certification authority at block 745. The certification authority stores the B/C ID and the B/C's public key in a directory at block 750. Alternatively, or in addition, the certificated bank may store the B/C
ID and public key in its own directory. The certificated bank assembles the B/C certificate at block 755. Finally, the certificated bank delivers the B/C's certificate to the B/C at block 760.
Figure 7A is a block diagram illustrating a process by which a customer registers with a biller to receive electronic bills in one embodiment of the present invention. As SUBSTITUTE SHEET (RULE 26) shown in Figure 7A, the process starts when a customer becomes a participant in an electronic billing system by applying for and receiving a certificate from a certificated bank at blocks 770 and 772, respectively. Once the customer receives the customer's certificate, the customer is able to request electronic bill presentation services from a biller or other statement issuer. The customer identifies a statement issuer from whom the customer wishes to receive electronic statements at block 774, and inquires as to whether the statement issuer has been issued a biller certificate, and is therefore a participant in the electronic billing system, at block 776. The customer may undertake such an inquiry in a variety of ways. For example, the customer may contact the biller directly, by telephone or t0 other means, or the customer mav request informaition as to whether a biller is a participant from the customer's certificated bank or the certification authority.
Alternatively, a biller mav inform its customers, by letter or otherwise, of the biller's participation in an electronic payment system, or the biller may indicate the biller's participation in an electronic billing system on paper bills sent to its customers. In one embodiment, a certification authority authorizes a participant biller to use a logo or other identifier owned by the certification authority to indicate the biller's participation in an electronic billing system in a manner analogous to the way in whic;h payment card systems (such as Visa, MasterCard, etc.) authorize merchants to display system logos to communicate that they accept payment cards issued by those systems.
If the customer learns that the prospective biller is not a participant at block 778, electronic statement delivery is not available and the process ends at block 780. The customer is unable to receive electronic statements from this particular biller until such time as the biller becomes a participant in the electronic billing system by applying for and receiving a biller certificate.
If the customer learns that the prospective biller is a participant in the electronic billing system, the customer obtains the biller's e-mail address (for example, from the biller or the certificated bank or certification authority) at block 781 and sends a digitally signed request message for electronic billing to the biller at block 782. One embodiment of such a request message is shown in Figure 7B. In this embodiment, the request message includes the request for service 795 (which may include, for example, customer SUBSTITUTE SHEET (RULE 26) information sucii as the customer's name and address and the customer's account number with the biller), the customer's digital signature 797 (consisting of a message digest of the request 795 encrypted with the customer's private key), and a copy of the customer's certificate 799.
The biller authenticates the customer's request at block 784. In one embodiment, the biller authenticates the request by first authenticating the customer's certificate to verify that the customer has been validly certified by a validly certified certificated bank and to obtain the customer's public key. The biller then uses the customer's public key to decrypt the customer's digital signature, obtaining a message digest of the request itself, and l0 compares the message digest from the customer's decrypted digital signature to a message digest of the request as received by the biller. If the two message digests are identical, the request is an authentic message from the customer identified in the customer certificate. In one embodiment, the biller also compares customer information included in the request to its customer records to verify that the customer is a customer of biller and is authorized to request changes in service. This authentication process is analogous to the process that is used by a biller receiving a change in address notification from a customer to verify that the change in address request is authentic.
If the biller finds that the request is not authentic at block 786, for example, because the certificate is not valid, or because the message digest contained in the customer's decrypted digital signature is not identical to a message digest of the appended request, or if customer information included in the request does not match biller account records, then the biller sends an error message to that effect at block 788. If the request is authentic, the biller updates the biller's customer data base to add the customer's e-mail address and public key and to reflect that the customer has requested initiation of electronic billing at block 790. The biller begins its electronic billing service to the customer at block 792.
Figure 8 is a block diagram illustrating the process by which a biller sends a bill or other account statement to a customer in one embodiment of the present invention. As shown in Figure 8, the process starts when the billing date occurs at block 800. The biller generates summary and detailed bill data at block 801. The biller obtains the customer's e-SUBSTITUTE SHEET (RULE 26) mail address and public key at block 802. The biller may obtain the customer's e-mail address and public key from a locally stored data file, if available (for example if the biller has previously obtained the customer's e-mail ad.dress and public key), or from the data base maintained by the certification authority or certificated bank, or by some other appropriate means. The biller sends the customer an authenticated e-mail message at block 803. Software at the customer's computer authenticates the e-mail message at block 804.
In one embodiment, the body of the e-mail message contains the summary bill data, as well as links for accessing detailed billing data., for obtaining advertising materials, and for initiating electronic payment of the bill. The biller appends the biller's digital certificate, digitally signs the body of the email message, and encrypts the entire e-mail message, including the digital signature. using the customer's public key (or using a session key encrypted with the customer's public key). The biller then sends the encrypted message (and encrypted session key, if applicable) to the customer.
Figure 8A is a schematic diagram of one embodiment of a biller's e-mail message containing summary bill data. As shown in Figure 8A. in this embodiment the e-mail message 850 includes summary bill data 852, the biller's digital signature 854, the biller's certificate 856, and a session key 858. The biller's digital signature 854 consists of a message digest of the summary bill data 852 encrypted with the biller's private key. In this embodiment, summary bill data 852, biller's digital signature 854, and biller's certificate 856 are all encrypted using session key 858. Session key 858 in turn is encrypted using the customer's public key.
The customer's software decrypts the message using the customer's private key (and decrypted session key, if applicable), and verifies the digital signatures of the certification authority and the certificated bank contained in the biller's certificate.
Finally, the customer's software verifies the biller's digital signature, and displays the authenticated message to the customer. In one embodiment, the customer's software stores a copy of the biller's digital certificate, or a record that the biller's public key has been validated, in a local storage media such as the customer computer's hard disk drive. By doing so, for SUBSTITUTE SHEET (RULE 26) subsequent bills from the same biller, the onlv computation required is verification of the biller's digital signature.
The customer views the authenticated e-mail message at block 805. In this embodiment, the viewing of the e-mail message by the customer (or, more precisely, the display of the e-mail message) triggers the sending of a return e-mail message to the biller confirming that the bill has been delivered to the customer. The biller receives this confirmation at block 806.
In this embodiment, the summary, bill contains links that can. optionally be activated by the customer. These links include a link to a detailed bill, a link to an lo advertiser, and a link to an electronic bill pay system.
If the customer does not activate any of the options, bill delivery is completed at block 808. The customer may print out the bill, or leave it stored on the computer. The customer may pay the bill by mail or by electronic means.
If the customer activates the bill detail option at block 809, the customer's software sends a request to the biller for detailed information. The link to the detailed bill information contained in the e-mail message contains the appropriate network address to which the request should be transmitted. The request contains a unique bill identification number obtained from the summary bill. The customer's software may append the customer's digital certificate to the body of the message. The customer's software digitally signs the message, optionally encrypts the message, if additional security is needed, using the biller's public key (or a session key generated by the customer's software and encrypted with the biller's public key), and transmits the message to the address for the appropriate biller detail server specified in the link at block 810.
The biller's software decrypts, if necessary, and authenticates the received customer request for detailed data at block 811, and retrieves the detail data at block 812. The biller retrieves the appropriate detail form at block 813. The particular form selected will conform to the legal requirements for the particular jurisdiction in which the customer is located. The biller enters the detail data into the appropriate form at block 814 and returns SUBSTITUTE SHEET (RULE 26) the form, complete with data, to the customer at block 815. In this embodiment the detail bill constitutes an HTML document. In one embodiment, the entire HTML document is encrypted and sent with the same security provisions as those used in sending the summary data bill. In an alternate embodiment, only selected data in the HTML document (for example, data which by agreement between the customer and the biller, by law, or for some other reason, must be kept confidential) is encrypted. In an embodiment in which the summary data bill is encrypted with a session key, the same session key may be used to encrypt the detail bill. Finally, the customer's software authenticates and decrypts the detail bill and displays it to the customer at block 816.
The detail bill, like the summary bill, may contain links to advertising materials and/or to an electronic bill payment process or system.
If the customer activates the link for requesting advertising information at block 817, either from the summary bill or from the detailed bill, the customer's software connects to the advertiser's web page using the address contained in the advertising information link at block 818.
If the customer activates the link for paying the bill electronically at block 819, either from the summary bill or from the detailed bill, the customer's software initiates an electronic bill pay process at block 821. This electronic pay process may utilize the SET
protocols. or may be any other appropriate electroriic bill pay process. The process may, but need not, be provided by the customer's certificated bank.
If the customer neither selects the advertising information or the bill payment options at blocks 817 and 819, respectively, bill delivery is completed at block 820.
The process by which a biller's message is authenticated by the customer's software in one embodiment of the present invention is illustrated in Figure 9. The same general process, substituting the customer for the biller and the biller for the customer, as appropriate, may be used by a biller to authenticate a customer message.
As shown in Figure 9, the biller, or more precisely the biller's software, assembles the body of the e-mail message at block 900, and processes the message using a digesting SUBSTITUTE SHEET (RULE 26) program to obtain a message digest at block 905. The biller's software encrypts the message digest using the biller's private key at block 910 and appends the encrypted message digest to the message at block 915. The encrypting of the message digest using the biller's private key and appending the encrypted message digest to the message constitutes digitally signing the message with the biller's signature. The digital signature allows the customer to verify that the biller is the originator of the message and that the message has not been changed en route to the customer.
The biller' s software appends the biller's digital certificate to the digitally signed message at block 920. In this embodiment, the biller's certificate, as in the embodiment of 1o Figure 5, includes a certification authority's digital signature verifying the certification of the certificated biller bank, and the certificated bank's digital signature verifying the certification of the biller and the authenticity of the biller's public key.
In this embodiment, the certification authority's digital signature consists of a message digest of the certificated biller bank's ID number and public. key encrypted, using the certification authority's private key. Similarly, the biller bank's digital signature consists of the biller's ID number and public key encrypted using the biller bank's private key.
After appending the biller certificate to the message, the biller's software generates a session key at block 922, and encrypts the biller's message (including the appended digital signature and certificate) using the session key at block 924. The biller's software then encrypts the session key using the customer's public key at block 926.
The biller's software sends the encrypted message and encrypted session key to the customer via e-mail at block 928. The customer receives the biller's email package at block 930. The customer's software decrypts the session key using the customer's private key at block 932, and uses the decrypted session key to decrypt the remainder of the-mail message at block 934.
The customer's software verifies the message by sequentially verifying the hierarchy of digital signatures included in the biller's digital certificate.
The customer's software first retrieves the certification authority's identity from the certification authority affiliation field of the biller's certificate. Using the public key of the certification authority SUBSTITUTE SHEET (RULE 26) so identified (which the certification authority r,nakes widely available), the customer's software verifies the certification authority's digital signature to determine whether the public key and bank ID for the certificated bank included in the biller's certificate are genuine. The customer's software decrypts the cei-tification authority's digital signature at block 936, obtaining a message digest of the biller bank's ID number and public key. The customer's software derives a message digest of the biller bank's ID number and public key as specified7 in the biller certificate at block 938, and compares the derived message digest to the message digest from the decrypted certification authority's digital signature at block 940. If the message digests are found to be not identical at block 942, the customer's 1o software sends an error message to the biller at block 944.
If the message digests are found to be identical at block 942, then the certificated bank's ID and public key included in the biller's digital certificate are authentic. The customer's software uses the biller bank's authenticated public key to decrypt the certificated biller bank's digital signature at block 946, obtaining a message digest of the biller's ID number and public key. The customer software derives a message digest of the biller's ID and public key as specified in the biller's certificate at block 948, and compares the two message digests at block 950. If the two digests are found to be not identical at block 952, the customer software sends an error message to the biller at block 954.
If the message digests are found to be identical at block 952, then the biller's ID and public key included in the biller's digital certificate are authentic. The customer's software uses the authenticated public key of the biller to decrypt the biller's digital signature at block 956, obtaining a message digest of the included message. The customer software derives a message digest of the message at block 958, and compares the two message digests at block 960. If the two digests are founcl to be not identical at block 962, the customer software sends an error message to the biller at block 966.
If the message digests are found to be identical at block 962, then the included message is authentic. and the customer software displays the message to the customer at block 964.
SUBSTITUTE SHEET (RULE 26) In one embodiment of the invention, a certificate issued by a certificated bank to a customer may be used by the customer to make electronic payments as well as to receive electronic statements, and a certificate issued by a certificated bank to a biller may be used by the biller to receive electronic payments as well as to present bills electronically. In one embodiment, a customer or biller applying for a certificate from a certificated bank may request that an electronic payment account be established that is linked to the certificate. In one embodiment, such an account functions much like a credit card account or a checking account with debit card access. The customer sends a biller an authorization to receive payment from the customer's payment account, the biller conveys the authorization to the lo customer's certificated bank, and the customer's certificated bank electronically transmits the authorized amount to the biller's certificated bank for payment into the biller's electronic payment account. In another embodiment, the customer may use the customer's certificate to make electronic payments using an existing payment card. In one embodiment, the customer sends a payment authorization to the biller in which the customer specifies the amount being paid and the credit card (or other payment card) account number to be charged. The customer's software digitally signs the payment authorization by encrypting a message digest of the payment authorization with the customer's private key. The customer's software appends the customer's certificate to the digitally signed payment authorization and encrypts the customer's payment authorization, 2o digital signature, and certificate using a session key. The customer's software encrypts the-session key using the biller's public key, appends the encrypted session key to the rest of the message, and sends the resulting message- via e-mail to the biller. The biller decrypts the session key using the biller's private key and uses the session key to decrypt the customer's certificate, digital signature and payment authorization. The biller verifies the authenticity of the customer's certificate, and verifies that the message digest obtained by decrypting the customer's digital signature using the customer's public key matches a message digest of the customer's payment authorization. The biller submits the payment authorization to the appropriate payment card authority, and the biller's account is credited with the payment amount. in one embodiment, the biller retains a copy of the customer's payment authorization and digital signature for accountability and to prevent repudiation of the payment authorization by the customer.
SUBSTITUTE SHEET (RULE 26) Figure 10 is an illustration of an embodiment of a summary bill that may be sent by a biller in one embodiment of the present invention. Figure 10 shows the bill as displayed by the customer's software on the customer's computer or other display device.
This embodiment is shown as an example only. A wide variety of other formats for a summary bill may be used.
As shown.in Figure 10, summary bill 1000 consists of a summary bill information area 1010 and four action buttons 1020, 1030, 1040 and 1050, respectively.
Summary bill information area 1010 contains summary bill data. In this example, the biller is an electric utility company. The summary bill data includes the biller's name 1005, the customer's 1o account number with the biller 1015, the customer's name and address 1025, a listing of current and previous charges 1035, an explanation of current charges 1045, a return address for the biller 1055, and customer service information 1060. Customer service information 1060 includes the biller's customer service telephone number, e-mail address and URL that can be used by the customer to contact the biller if' there are any questions.
The summary information, contained in the summary bill information area 1010 corresponds generally to the information that would be 20 contained on the remittance stub of a mailed, paper bill.
Action buttons 1020, 1030, 1040 and 1050 allow the customer to obtain additional information or perform certain functions. Action button 1020 is a "Details"
button. By activating action button 1020, for example by clicking on it with a mouse, the customer's software at the customer's computer sends a request for bill details to the biller. Action button 1030 is a "Pay" button. Action button 1030 is displayed if the customer has access to an electronic bill payment system. In one embodiment, activating button 1030 initiates a link to electronic bill payment system software that allows the customer to initiate payment of the bill utilizing an electronic bill payment system such as, for example, the electronic bill pay system described in U.S. Patent No. 5,465,206. In another embodiment of the invention, the customer's software includes the capability of transmitting an electronic payment directly to the biller, for example in the form of an encrypted and digitally signed payment card payment authorization. Action button 1040 is a "Print" action button. By activating button 1040, a hard copy of the displayed summary bill is printed on the customer's printer. Action button 1050 is a "Special Offer" action button. In the SUBSTITUTE SHEET (F3ULE 26) embodiment of Figure 1050, action button 1050 contains a short "teaser" about the special offer in the form of the words "Save 50% on Airfares!" By activating button 1050, the customer's software retrieves a web page linked to button 1050, and displays the web page to the customer. The web page may be a web page of a third party advertiser containing an advertisement from the third party as in the embodiment shown in Figure 10, or may be a web page of the biller, containing details of a special offer available from the biller.
Figure 11 illustrates an example of a detailed bill of one embodiment of the present invention that is sent by the biller to the customer in response to the customer activating "Details" action button 1020 of summary bill 1000 of Figure 10. The detailed bill may be to an HTML document. As shown in Figure 11, detailed bill i 100, like summary bill 1000, includes the biller's name 1005, the customer's account number 1015, the customer's name and address 1025, a listing of current and previous charges 1035, an explanation of current charges 1045, return address 1055, and customer service information 1060. In the embodiment of Figure 11, customer service information 1060 includes a customer service link button 1150 that links directly to the biller's customer service web page. Detailed bill 1100 also includes "Pay" action button 1030 and "Print" action button 1040. In addition, detailed bill 1100 includes an additional detail field 1110, advertising fields 1130 and 1140, and public service message field 1120.
In the embodiment of Figure 11, additional detail field 1110 contains a graph showing the customer's usage history. In other embodiments, additional detail field 1110 may contain other billing information that would be included in the detailed portion of a mailed, paper bill. For example, if the bill is a telephone bill, detail data field 1110 may include a listing of all toll calls made by the customer during the billing period. Additional detail field 1110 may contain additional sub-fields, be of any desired size, and may encompass several pages.
Advertising fields 1130 and 1140 contain advertisements. These advertisements may be advertisements for products and services of the biller or may be for products and services for third party advertisers. The particular advertisements displayed on a customer's bill may be selected based on criteria such as the customer's profile, the particular time and SUBSTITUTE SHEET (RULE 26) date at which the customer requests the detailed bill, the geographic location of the customer, the customer's usage history, etc. Advertisements may therefore be highly focused. For example, special offers may be rernoved when time limits or limits on the number of respondents have been exceeded. Messages concerning water conservation may be directed by a utility to high water users. On a very hot day, an electric company may display an advertisement for energy saving air conditioners that appears to come from the utility but links to the web page of an appliance store in the customer's vicinity.
In the embodiment of Figure 11, advertising field 1 130 contains an advertisement for automotive services while field 1140 contains an advertisement for a travel lo organization. To access details of the advertisements, advertising fields 1130 and 1140 include action buttons 1 135 and 1145, respectively. Selecting either of these action buttons will bring up the web page containing additional information about the advertised items.
Advertising fields 1 130 and 1 140 as a whole may also constitute link activation areas.
Public message field 1120 is used to display messages intended to be helpful to the customer, and may contain public service messages, llints on conserving energy and resources. or any other messages. In the embodin-ient of Figure 11, public message field 1120 is itself an action button. Accordingly, clickiiig anywhere on message field 1120 wll bring up the corresponding web 15 page.
The present invention can be implemented by means of software programming on 2o any of a variety of one or more computer systems as are well known in the art, including, without limitation, computer systems such as that shown in Figure 12. The computer system of Figure 12 may, for example, be used as a customer computer, a biller computer, a bank computer, or a certification authority computer. The computer system shown in Figure 12 includes a CPU unit 1200 that includes a central processor, main memory, peripheral interfaces, input-output devices, power supply, and associated circuitry and devices; a display device 1210 which may be a cathode ray tube display, LCD
display, gas-plasma display, or any other computer display; an input device 1230. which may include a keyboard, mouse, digitizer, or other input device. 'The computer system may or may not include non-volatile storage 1220. which may include magnetic, optical, or other mass SUBSTITUTE SHEET (RULE 26) storage devices, and a printer 1250. The computer system may also include a network interface 1240, which may consist of a modem, allowing the computer system to communicate with other systems over a communications network such as the Internet. Any of a variety of other configurations of computer systems may also be used.
Thus a novel secure interactive electronic account statement delivery system has been presented. Although the present invention has been described with respect to certain example embodiments, it will be apparent to those skilled in the art that the present invention is not limited to these specific embodiments. For example, although the statements that are electronically presented to a customer using the present invention have in certain instances been described as "bills" and the originators of the statements as "billers," it will be apparent to those skilled in the art that the invention may be used for presenting statements other than bills from entities other than billers. For example, the present information can be used by a bank, stock broker, or other financial services provider to deliver periodic account balance information to a customer.
Further, although the operation of certain embodiments has been described in detail using certain detailed process steps, some of the steps may be omitted or other similar steps may be substituted without departing from the scope of the invention. Further, although the invention has been described as utilizing the Internet as a transport network, other networks or other communications media may be used.
SUBSTITUTE SHEET (RULE 26)
Claims (119)
1. A method for delivering account statement data from a statement issuer to a customer using a communications network comprising:
directing application information for a customer certificate transmitted from a customer to a certificated bank;
sending said customer certificate from said certificated bank to said customer;
informing said customer whether a statement issuer is a participant in an electronic billing system;
providing said customer with an e-mail address which belongs to said statement issuer;
receiving an electronic statement activation request, a customer digital signature, and a copy of said customer certificate transmitted from said customer to said statement issuer through use of the e-mail address;
authenticating, by said statement issuer, of said electronic statement activation request;
updating, by said statement issuer, a customer data base following successful authentication;
activating said electronic billing system between the statement issuer and the customer;
issuing a statement issuer certificate from a first certificate issuer to said statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer;
issuing said customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer;
generating a customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate; and transmitting said customer statement message from said statement issuer to said customer using said communications network.
directing application information for a customer certificate transmitted from a customer to a certificated bank;
sending said customer certificate from said certificated bank to said customer;
informing said customer whether a statement issuer is a participant in an electronic billing system;
providing said customer with an e-mail address which belongs to said statement issuer;
receiving an electronic statement activation request, a customer digital signature, and a copy of said customer certificate transmitted from said customer to said statement issuer through use of the e-mail address;
authenticating, by said statement issuer, of said electronic statement activation request;
updating, by said statement issuer, a customer data base following successful authentication;
activating said electronic billing system between the statement issuer and the customer;
issuing a statement issuer certificate from a first certificate issuer to said statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer;
issuing said customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer;
generating a customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate; and transmitting said customer statement message from said statement issuer to said customer using said communications network.
2. The method of claim 1 wherein the authenticating of said electronic statement activation request further comprises:
verifying an authenticity of said copy of said customer certificate included with said electronic statement activation request; and verifying an authenticity of said electronic statement activation request by verifying said customer digital signature.
verifying an authenticity of said copy of said customer certificate included with said electronic statement activation request; and verifying an authenticity of said electronic statement activation request by verifying said customer digital signature.
3. A method for delivering account statement data from a statement issuer to a customer using a communications network comprising:
issuing a statement issuer certificate from a first certificate issuer to a statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer;
issuing a customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer;
generating a customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate, transmitting said customer statement message from said statement issuer to said customer using said communications network;
receiving said customer statement message transmitted from said statement issuer to said customer;
verifying an authenticity of said copy of said statement issuer certificate included in said customer statement message;
verifying an authenticity of said account statement data by verifying said statement issuer digital signature included in said customer statement message;
displaying a summary bill which is contained within said customer statement message on a display screen, said customer statement message comprises link activation information displayed as a link activation area when said summary bill is displayed on said display screen, wherein activation of said link activation area activates a communication to a server computer using said communications network;
receiving a request for detailed bill information transmitted from said customer to said server computer;
authenticating said request for said detailed bill information at said server computer;
retrieving a set of detailed bill data;
retrieving an appropriate detailed bill form;
entering said set of detailed bill data into said appropriate detailed bill form; and thereafter sending said appropriate detailed bill form containing said detailed bill data to said customer.
issuing a statement issuer certificate from a first certificate issuer to a statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer;
issuing a customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer;
generating a customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate, transmitting said customer statement message from said statement issuer to said customer using said communications network;
receiving said customer statement message transmitted from said statement issuer to said customer;
verifying an authenticity of said copy of said statement issuer certificate included in said customer statement message;
verifying an authenticity of said account statement data by verifying said statement issuer digital signature included in said customer statement message;
displaying a summary bill which is contained within said customer statement message on a display screen, said customer statement message comprises link activation information displayed as a link activation area when said summary bill is displayed on said display screen, wherein activation of said link activation area activates a communication to a server computer using said communications network;
receiving a request for detailed bill information transmitted from said customer to said server computer;
authenticating said request for said detailed bill information at said server computer;
retrieving a set of detailed bill data;
retrieving an appropriate detailed bill form;
entering said set of detailed bill data into said appropriate detailed bill form; and thereafter sending said appropriate detailed bill form containing said detailed bill data to said customer.
4. The method of claim 3 further comprising:
receiving and authenticating said detailed bill form containing said detailed bill data transmitted from said customer; and displaying said detailed bill form containing said detailed bill data on said display screen.
receiving and authenticating said detailed bill form containing said detailed bill data transmitted from said customer; and displaying said detailed bill form containing said detailed bill data on said display screen.
5. The method of claims 1 or 3 wherein said statement issuer certificate comprises a first certificate issuer certificate.
6. The method of claim 5 wherein said first certificate issuer certificate comprises a digital signature of a certification authority.
7. The method of claims 1 or 3 wherein said first certificate issuer is a certificated bank.
8. The method of claims 1 or 3 wherein said second certificate issuer is a certificated bank.
9. The method of claims 1 or 3 wherein said statement issuer is a biller.
10. The method of claims 1 or 3 wherein said statement issuer certificate comprises data related to said statement issuer and wherein said digital signature of said first certificate issuer comprises an encrypted message digest of said data related to said statement issuer.
11. The method of claim 10 wherein said data related to said statement issuer comprises an identification number for said statement issuer.
12. The method of claim 11 wherein said data related to said statement issuer comprises a public key of said statement issuer.
13. The method of claim 10 wherein said encrypted message digest is encrypted using a private key of said first certificate issuer.
14. The method of claim 10 wherein said statement issuer certificate comprises a first certificate issuer certificate, wherein said first certificate issuer certificate comprises a digital signature of a certification authority, and wherein said first certificate issuer certificate comprises data related to said first certificate issuer and wherein said digital signature of said certification authority comprises an encrypted message digest of said data related to said first certificate issuer.
15. The method of claim 14 wherein said data related to said first certificate issuer comprises an identification number for said first certificate issuer.
16. The method of claim 15 wherein said data related to said first certificate issuer comprises a public key of said first certificate issuer.
17. The method of claims 1 or 3 wherein said customer certificate comprises data related to said customer and wherein said digital signature of said first certificate issuer or said second certificate issuer comprises an encrypted message digest of said data related to said customer.
18. The method of claim 17 wherein said data related to said customer comprises an id identification number for said customer.
19. The method of claim 18 wherein said data related to said customer comprises a public key of said customer.
20. The method of claim 17 wherein said encrypted message digest is encrypted using a private key of said first certificate issuer or said second certificate issuer.
21. The method of claim 1 further comprising:
receiving said customer statement message transmitted from said statement issuer to said customer;
verifying an authenticity of said copy of said statement issuer certificate included in said customer statement message; and verifying an authenticity of said account statement data by verifying said statement issuer digital signature included in said customer statement message.
receiving said customer statement message transmitted from said statement issuer to said customer;
verifying an authenticity of said copy of said statement issuer certificate included in said customer statement message; and verifying an authenticity of said account statement data by verifying said statement issuer digital signature included in said customer statement message.
22. The method of claims 21 or 3 wherein said statement issuer certificate comprises data related to said statement issuer, and wherein said digital signature of said first certificate issuer comprises an encrypted first message digest of said data related to said statement issuer.
23. The method of claim 22 wherein said verifying an authenticity of said copy of said statement issuer certificate comprises:
decrypting said digital signature of said first certificate issuer using a public key of said first certificate issuer to obtain an unencrypted first message digest of said data related to said statement issuer;
deriving a second message digest of said data related to said statement issuer included in said copy of said statement issuer certificate included in said customer statement message received by said customer; and comparing said first message digest and said second message digest.
decrypting said digital signature of said first certificate issuer using a public key of said first certificate issuer to obtain an unencrypted first message digest of said data related to said statement issuer;
deriving a second message digest of said data related to said statement issuer included in said copy of said statement issuer certificate included in said customer statement message received by said customer; and comparing said first message digest and said second message digest.
24. The method of claims 21 or 3 wherein said digital signature of said statement issuer comprises an encrypted first message digest of said account statement data for said customer and wherein said verifying an authenticity of said account statement data is performed by verifying said statement issuer digital signature included in said customer statement message comprises:
deriving a second message digest of said account statement data for said customer included in said customer statement message; and comparing said first message digest and said second message digest.
deriving a second message digest of said account statement data for said customer included in said customer statement message; and comparing said first message digest and said second message digest.
25. The method of claims 1 or 3 wherein said customer statement message comprises an electronic mail message.
26. The method of claim 21 further comprising displaying a summary bill which is contained within said customer statement message on a display screen.
27. The method of claims 26 or 3 further comprising sending a notification message to said statement issuer notifying said statement issuer that said customer statement message has been displayed.
28. The method of claim 26 wherein said customer statement message comprises link activation information displayed as a link activation area when said summary bill is displayed on said display screen.
29. The method of claim 28 wherein activation of said link activation area activates a communication to a server computer using said communications network.
30. The method of claims 29 or 3 wherein said server computer provides additional customer account statement data to said customer in response to said communication.
31. The method of claims 29 or 3 wherein said server computer provides advertising data to said customer in response to said communication.
32. The method of claim 31 wherein said advertising data provided by said server computer to said customer depends upon a time at which said communication is made.
33. The method of claim 31 wherein said advertising data provided by said server computer to said customer depends upon a geographic location of said customer.
34. The method of claim 31 wherein said advertising data provided by said server computer to said customer depends upon a parameter related to said customer.
35. The method of claim 27 wherein said customer account statement data comprises amount due data further comprising:
displaying an electronic payment activation area on said display screen.
displaying an electronic payment activation area on said display screen.
36. The method of is claim 35 wherein activating said electronic payment activation area activates an electronic payment process that may be used by said customer to pay said amount due.
37. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform operations for delivering account statement data from a statement issuer to a customer using a communications network, said method comprising:
directing application information for a customer certificate transmitted from a customer to a certificated bank;
sending said customer certificate from said certificated bank to said customer;
informing said customer whether a statement issuer is a participant in an electronic billing system;
providing said customer with an e-mail address which belongs to said statement issuer;
receiving an electronic statement activation request, a customer digital signature, and a copy of said customer certificate transmitted from said customer to said statement issuer through use of the e-mail address;
authenticating, by said statement issuer, of said electronic statement activation request;
updating, by said statement issuer, a customer data base following successful authentication;
activating said electronic billing system between the statement issuer and the customer;
issuing a statement issuer certificate from a first certificate issuer to said statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer;
issuing said customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer;
generating a customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate; and transmitting said customer statement message from said statement issuer to said customer using said communications network.
directing application information for a customer certificate transmitted from a customer to a certificated bank;
sending said customer certificate from said certificated bank to said customer;
informing said customer whether a statement issuer is a participant in an electronic billing system;
providing said customer with an e-mail address which belongs to said statement issuer;
receiving an electronic statement activation request, a customer digital signature, and a copy of said customer certificate transmitted from said customer to said statement issuer through use of the e-mail address;
authenticating, by said statement issuer, of said electronic statement activation request;
updating, by said statement issuer, a customer data base following successful authentication;
activating said electronic billing system between the statement issuer and the customer;
issuing a statement issuer certificate from a first certificate issuer to said statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer;
issuing said customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer;
generating a customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate; and transmitting said customer statement message from said statement issuer to said customer using said communications network.
38. The program storage device of claim 37 wherein said statement issuer certificate comprises a first certificate issuer certificate.
39. The program storage device of claim 38 wherein said first certificate issuer certificate comprises a digital signature of a certification authority.
40. The program storage device of claim 37 wherein said first certificate issuer is a certificated bank.
41. The program storage device of claim 37 wherein said second certificate issuer is a certificated bank.
42. The program storage device of claim 37 wherein said statement issuer is a biller.
43. The program storage device of claim 37 wherein said statement issuer certificate comprises data related to said statement issuer and wherein said digital signature of said first certificate issuer comprises an encrypted message digest of said data related to said statement issuer.
44. The program storage device of claim 43 wherein said data related to said statement issuer comprises an identification number for said statement issuer.
45. The program storage device of claim 44 wherein said data related to said statement issuer comprises a public key of said statement issuer.
46. The program storage device of claim 43 wherein said encrypted message digest is encrypted using a private key of said first certificate issuer.
47. The program storage device of claim 43 wherein said statement issuer certificate comprises a first certificate issuer certificate, wherein said first certificate issuer certificate comprises a digital signature of a certification authority, and wherein said first certificate issuer certificate comprises data related to said first certificate issuer and wherein said digital signature of said certification authority comprises an encrypted message digest of said data related to said first certificate issuer.
48. The program storage device of claim 46 wherein said data related to said first certificate issuer comprises an identification number for said first certificate issuer.
49. The program storage device of claim 48 wherein said data related to said first certificate issuer comprises a public key of said first certificate issuer.
50. The program storage device of claim 37 wherein said customer certificate comprises data related to said customer and wherein said digital signature of said first certificate issuer or said second certificate issuer comprises an encrypted message digest of said data related to said customer.
51. The program storage device of claim 50 wherein said data related to said customer comprises an identification number for said customer.
52. The program storage device of claim 51 wherein said data related to said customer comprises a public key of said customer.
53. The program storage device of claim 50 wherein said encrypted message digest is encrypted using a private key of said first certificate issuer or said second certificate issuer.
54. The program storage device of claim 37 wherein said method further comprises:
receiving said customer statement message transmitted from said statement issuer to said customer;
verifying an authenticity of said copy of said statement issuer certificate included in said customer statement message; and verifying an authenticity of said account statement data by verifying said statement issuer digital signature included in said customer statement message.
receiving said customer statement message transmitted from said statement issuer to said customer;
verifying an authenticity of said copy of said statement issuer certificate included in said customer statement message; and verifying an authenticity of said account statement data by verifying said statement issuer digital signature included in said customer statement message.
55. The program storage device of claim 54 wherein said statement issuer certificate comprises data related to said statement issuer, and wherein said digital signature of said first certificate issuer comprises an encrypted first message digest of said data related to said statement issuer.
56. The program storage device of claim 55 wherein said verifying an authenticity of said copy of said statement issuer certificate comprises:
decrypting said digital signature of said first certificate issuer using a public key of said first certificate issuer to obtain an unencrypted first message digest of said data related to said statement issuer;
deriving a second message digest of said data related to said statement issuer included in said copy of said statement issuer certificate included in said customer statement message received by said customer; and comparing said first message digest and said second message digest.
decrypting said digital signature of said first certificate issuer using a public key of said first certificate issuer to obtain an unencrypted first message digest of said data related to said statement issuer;
deriving a second message digest of said data related to said statement issuer included in said copy of said statement issuer certificate included in said customer statement message received by said customer; and comparing said first message digest and said second message digest.
57. The program storage device of claim 54 wherein said digital signature of said statement issuer comprises an encrypted first message digest of said account statement data for said customer and wherein said verifying an authenticity of said account statement data is performed by verifying said statement issuer digital signature included in said customer statement message comprises:
deriving a second message digest of said account statement data for said customer included in said customer statement message; and comparing said first message digest and said second message digest.
deriving a second message digest of said account statement data for said customer included in said customer statement message; and comparing said first message digest and said second message digest.
58. The program storage device of claim 37 wherein said customer statement message comprises an electronic mail message.
59. The program storage device of claim 54 further comprising displaying said customer statement message on a display screen.
60. The program storage device of claim 59 wherein said method further comprises sending a notification message to said statement issuer notifying said statement issuer that said customer statement message has been displayed.
61. The program storage device of claim 59 wherein said customer statement message comprises link activation information displayed as a link activation area when said customer statement message is displayed on said display screen.
62. The program storage device of claim 61 wherein activation of said link activation area activates a communication to a server computer using said communications network.
63. The program storage device of claim 62 wherein said server computer provides additional customer account statement data to said customer in response to said communication.
64. The program storage device of claim 62 wherein said server computer provides advertising data to said customer in response to said communication.
65. The program storage device of claim 64 wherein said advertising data provided by said server computer to said customer depends upon a time at which said communication is made.
66. The program storage device of claim 64 wherein said advertising data provided by said server computer to said customer depends upon a geographic location of said customer.
67. The program storage device of claim 64 wherein said advertising data provided by said server computer to said customer depends upon a parameter related to said customer.
68. The program storage device of claim 60 wherein said customer account statement data comprises amount due data and wherein said method further comprises:
displaying an electronic payment activation area on said display screen.
displaying an electronic payment activation area on said display screen.
69. The program storage device of claim 68 wherein activating said electronic payment activation area activates an electronic payment process that may be used by said customer to pay said amount due.
70. A method for delivering account statement data from a statement issuer to a customer using a communications network comprising the steps of:
issuing a first certificate to a first certificate issuer that includes data related to said first certificate issuer and a digital signature of a certificate authority, issuing a statement issuer certificate from a first certificate issuer to a statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer;
issuing a customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer;
receiving a request from said customer to initiate electronic billing, said request including customer information and said customer certificate;
authenticating said customer request to initiate electronic billing using said customer certificate;
generating an encrypted customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate; and transmitting said customer statement message in the form of an electronic mail message from said statement issuer to said customer using said communications network.
issuing a first certificate to a first certificate issuer that includes data related to said first certificate issuer and a digital signature of a certificate authority, issuing a statement issuer certificate from a first certificate issuer to a statement issuer, said statement issuer certificate comprising a digital signature of said first certificate issuer;
issuing a customer certificate from one of said first certificate issuer or a second certificate issuer to a customer, said customer certificate comprising a digital signature of said first certificate issuer or said second certificate issuer;
receiving a request from said customer to initiate electronic billing, said request including customer information and said customer certificate;
authenticating said customer request to initiate electronic billing using said customer certificate;
generating an encrypted customer statement message comprising account statement data for said customer, a digital signature of said statement issuer, and a copy of said statement issuer certificate; and transmitting said customer statement message in the form of an electronic mail message from said statement issuer to said customer using said communications network.
71. The method of claim 70, wherein said statement issuer certificate comprises a first certificate issuer certificate.
72. The method of claim 71 wherein said first certificate issuer certificate comprises a digital signature of a certification authority.
73. The method of any one of claims 70 to 72, wherein said first certificate issuer is a certificated bank.
74. The method of any one of claims 70 to 73, wherein said second certificate issuer is a certificated bank.
75. The method of any one of claims 70 to 74, wherein said statement issuer is a biller.
76. The method of any one of claims 70 to 75, wherein said statement issuer certificate comprises data related to said statement issuer and wherein said digital signature of said first certificate issuer comprises an encrypted message digest of said data related to said statement issuer.
77. The method of claim 76, wherein said data related to said statement issuer comprises an identification number for said statement issuer.
78. The method of either claim 76 or claim 77, wherein said data related to said statement issuer comprises a public key of said statement issuer.
79. The method of any one of claims 76 to 78, wherein said encrypted message digest is encrypted using a private key of said first certificate issuer.
80. The method of any one of claims 76 to 79, wherein said first certificate issuer certificate comprises data related to said first certificate issuer and said digital signature of said certification authority comprises an encrypted message digest of said data related to said first certificate issuer.
81. The method of any one of claims 76 to 80, wherein said data related to said first certificate issuer comprises an identification number for said first certificate issuer.
82. The method of any one of claims 76 to 81, wherein said data related to said first certificate issuer comprises a public key of said first certificate issuer,
83. The method of any one of claims 70 to 82, wherein said customer certificate comprises data related to said customer and wherein said digital signature of said first certificate issuer or of said second certificate issuer comprises an encrypted message digest of said data related to said customer.
84. The method of claim83, wherein said data related to said customer comprises an identification number for said customer.
85. The method of either claim 83 or claim 84, wherein said data related to said customer comprises a public key of said customer.
86. The method of any one of claims 83 to 85, wherein said encrypted message digest is encrypted using a private key of said first certificate issuer or of said second certificate issuer.
87. The method of any one of claims 70 to 86, further comprising the steps of:
receiving said customer statement messages transmitted from said statement issuer to said customer, verifying an authenticity of said copy of said statement issuer certificate included in said customer statement message;
verifying an authenticity of said account statement data by verifying said statement issuer digital signature included in said customer statement message.
receiving said customer statement messages transmitted from said statement issuer to said customer, verifying an authenticity of said copy of said statement issuer certificate included in said customer statement message;
verifying an authenticity of said account statement data by verifying said statement issuer digital signature included in said customer statement message.
88. The method of claim 87, wherein said statement issuer certificate comprises data related to said statement issuer, and wherein said digital signature of said first certificate issuer comprises an encrypted first message digest of said data related to said statement issuer.
89. The method of either claim 87 or claim 88, wherein said step of verifying an authenticity of said copy of said statement issuer certificate comprises the steps of:
decrypting said digital signature of said first certificate issuer using a public key of said first certificate issuer to obtain an unencrypted first message digest of said data related to said statement issuer;
deriving a second message digest of said data related to said statement issuer included in said copy of said statement issuer certificate included in said customer statement message received by said customer;
comparing said first message digest and said second message digest.
decrypting said digital signature of said first certificate issuer using a public key of said first certificate issuer to obtain an unencrypted first message digest of said data related to said statement issuer;
deriving a second message digest of said data related to said statement issuer included in said copy of said statement issuer certificate included in said customer statement message received by said customer;
comparing said first message digest and said second message digest.
90. The method of any one of claims 87 to 89, wherein said digital signature of said statement issuer comprises an encrypted first message digest of said account statement data for said customer and wherein said step of verifying an authenticity of said account statement data is performed by verifying said statement issuer digital signature included in said customer statement message, comprises the steps of:
deriving a second message digest of said account statement data for said customer included in said customer statement message;
comparing said first message digest and said second message digest.
deriving a second message digest of said account statement data for said customer included in said customer statement message;
comparing said first message digest and said second message digest.
91. The method of any one of claims 87to 90, further comprising the step of displaying said customer statement message on a display screen.
92. The method of any one of claims 87 to 91, further comprising the step of sending a notification message to said statement issuer notifying said statement issuer that said customer statement message has been displayed.
93. The method of any one of claims 87to 92, wherein said customer statement message comprises link activation information displayed as a link activation area when said customer statement message is displayed on said display screen.
94. The method of claim 93, wherein activation of said link activation area activates a communication to a server computer using said communications network.
95. The method of 94, wherein said server computer provides additional customer account statement data to said customer in response to said communication.
96. The method of either claim 94 or claim 95, wherein said server computer provides advertising data to said customer in response to said communication.
97. The method of claim 96, wherein said advertising data provided by said server computer to said customer depends upon a time at which said communication is made.
98. The method of either claim 96 or claim 97, wherein said advertising data provided by said server computer to said customer depends upon a geographic location of said customer.
99. The method of any one of claims 96 to 98, wherein said advertising data provided by said server computer to said customer depends upon a parameter related to said customer.
100. The method of any one of claims 92 to 99, wherein said customer account statement data comprises amount due data further comprising the step of:
displaying an electronic payment activation area on said display screen.
displaying an electronic payment activation area on said display screen.
101. The method of claim 100, wherein activating said electronic payment activation area activates an electronic payment process that may be used by said customer to pay said amount due.
102. An electronic account statement delivery system for delivering an account statement from a statement issuer to a customer using a communications network, said system comprising:
a certificate issuer having a certificate issuer certificate including data related to said certificate issuer and a digital signature of a certification authority;
a statement issuer, said statement issuer being issued with a statement issuer certificate from said certificate issuer, said statement issuer certificate including data related to said statement issuer and a digital signature of said certificate issuer;
a customer, said customer participating in said electronic account statement delivery system, said customer being issued with a customer certificate from said certificate issuer, said customer certificate including data related to said customer and a digital signature of said certificate issuer, customer means for generating a request to initiate electronic billing, said request including customer information and said customer certificate;
statement issuer means for authenticating said customer request to initiate electronic billing using said customer certificate;
means for generating an encrypted electronic account statement message including account statement data for said customer related to an account of said customer with said statement issuer, said statement issuer certificate, and said certificate issuer certificate; and an electronic mail system, whereby said electronic account statement message is delivered from said statement issuer to said customer via electronic mail.
a certificate issuer having a certificate issuer certificate including data related to said certificate issuer and a digital signature of a certification authority;
a statement issuer, said statement issuer being issued with a statement issuer certificate from said certificate issuer, said statement issuer certificate including data related to said statement issuer and a digital signature of said certificate issuer;
a customer, said customer participating in said electronic account statement delivery system, said customer being issued with a customer certificate from said certificate issuer, said customer certificate including data related to said customer and a digital signature of said certificate issuer, customer means for generating a request to initiate electronic billing, said request including customer information and said customer certificate;
statement issuer means for authenticating said customer request to initiate electronic billing using said customer certificate;
means for generating an encrypted electronic account statement message including account statement data for said customer related to an account of said customer with said statement issuer, said statement issuer certificate, and said certificate issuer certificate; and an electronic mail system, whereby said electronic account statement message is delivered from said statement issuer to said customer via electronic mail.
103. The electronic account statement delivery system of claim 102, wherein the electronic account statement message further comprises certification authority identification data identifying said certification authority.
104. The electronic account statement delivery system of either claim 102 or claim 103, wherein said communications network is an open network.
105. The electronic account statement delivery system of any one of claims 102 to 104, wherein said account statement data comprises summary data.
106. The electronic account statement delivery system of any one of claims 102 to 105, wherein said account statement data comprises detailed data.
107. The electronic account statement delivery system of any one of claims 102 to 106, wherein said digital signature of said statement issuer comprises an encrypted message digest of said account statement data.
108. The electronic account statement delivery system of any one of claims 102 to 107, wherein said data related to said statement issuer comprises an identification number for said statement issuer and a public key of said statement issuer.
109. The electronic account statement delivery system of any one of claims 102 to 108, wherein said digital signature of said first certificate issuer comprises an encrypted message digest of said data related to said statement issuer.
110. The electronic account statement delivery system of any one of claims 102 to 109, wherein said data related to said first certificate issuer comprises an identification number for said first certificate issuer and a public key of said first certificate issuer.
111. The electronic account statement delivery system of any one of claims 102 to 110, wherein said digital signature of said certification authority comprises an encrypted message digest of said data related to said first certificate issuer.
112. The electronic account statement delivery system of any one of claims 102 to 110, further comprising:
link activation data for initiating a request for additional data;
link descriptive data comprising data related to said request.
link activation data for initiating a request for additional data;
link descriptive data comprising data related to said request.
113. The electronic account statement delivery system of any one of claims 102 to 112, wherein said link activation data comprises a network address of a source of said additional data.
114. The electronic account statement delivery system of claim 113, wherein said network address comprises a URL address.
115. The electronic account statement delivery system of any one of claims 102 to 114, wherein said account statement data comprises an amount due and wherein said account statement data further comprises:
payment process activation data for initiating an electronic payment process for paying said amount due.
payment process activation data for initiating an electronic payment process for paying said amount due.
116. The electronic account statement delivery system of any one of claims 102 to 115, wherein said account statement data comprises an amount due and wherein said account statement data further comprises:
payment process activation data for initiating an electronic payment process for paying said amount due.
payment process activation data for initiating an electronic payment process for paying said amount due.
117. The electronic account statement delivery system of any one of claims 102 to 116, wherein said link descriptive data comprises advertising data.
118. The electronic account statement delivery system of claim 117, wherein said link activation data comprises a URL address of a third party merchant.
119. A program storage device readable by a machine and encoding one or more programs of instructions for executing the method steps of any of claims 70 to 101.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US08/766,498 US6285991B1 (en) | 1996-12-13 | 1996-12-13 | Secure interactive electronic account statement delivery system |
US08/766,498 | 1996-12-13 | ||
PCT/US1997/023025 WO1998026386A1 (en) | 1996-12-13 | 1997-12-12 | Secure interactive electronic account statement delivery system |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2275211A1 CA2275211A1 (en) | 1998-06-18 |
CA2275211C true CA2275211C (en) | 2007-11-27 |
Family
ID=25076615
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002275211A Expired - Fee Related CA2275211C (en) | 1996-12-13 | 1997-12-12 | Secure interactive electronic account statement delivery system |
Country Status (7)
Country | Link |
---|---|
US (1) | US6285991B1 (en) |
EP (1) | EP0961999B1 (en) |
AT (1) | ATE329336T1 (en) |
AU (1) | AU744610B2 (en) |
CA (1) | CA2275211C (en) |
DE (1) | DE69736074T2 (en) |
WO (1) | WO1998026386A1 (en) |
Families Citing this family (287)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6289322B1 (en) * | 1998-03-03 | 2001-09-11 | Checkfree Corporation | Electronic bill processing |
US6438527B1 (en) * | 1993-11-01 | 2002-08-20 | Visa International Service Association | Method and apparatus for paying bills electronically using machine readable information from an invoice |
US6192407B1 (en) * | 1996-10-24 | 2001-02-20 | Tumbleweed Communications Corp. | Private, trackable URLs for directed document delivery |
DE19716861C2 (en) * | 1997-04-22 | 2000-04-27 | Deutsche Telekom Ag | Encryption method and device |
ATE347200T1 (en) * | 1997-07-24 | 2006-12-15 | Tumbleweed Comm Corp | ELECTRONIC MAIL FIREWALL WITH ENCRYPTION/DECRYPTION USING STORED KEYS |
US7127741B2 (en) * | 1998-11-03 | 2006-10-24 | Tumbleweed Communications Corp. | Method and system for e-mail message transmission |
US20040167823A1 (en) * | 1997-09-08 | 2004-08-26 | Neely Robert Alan | Automated electronic payment system |
FI974341A (en) * | 1997-11-26 | 1999-05-27 | Nokia Telecommunications Oy | Data protection for data connections |
US6782506B1 (en) | 1998-02-12 | 2004-08-24 | Newriver, Inc. | Obtaining consent for electronic delivery of compliance information |
US7860725B2 (en) * | 1998-05-26 | 2010-12-28 | Ineedmd.Com, Inc. | Method for remote medical consultation and care |
US6224548B1 (en) * | 1998-05-26 | 2001-05-01 | Ineedmd.Com, Inc. | Tele-diagnostic device |
US6248064B1 (en) * | 1998-05-26 | 2001-06-19 | Ineedmd.Com,Inc. | Tele-diagnostic device |
US7533064B1 (en) * | 1998-10-07 | 2009-05-12 | Paypal Inc. | E-mail invoked electronic commerce |
JP3935276B2 (en) * | 1998-10-21 | 2007-06-20 | キヤノン株式会社 | Network device management method, apparatus, storage medium, and transmission apparatus |
US6820202B1 (en) | 1998-11-09 | 2004-11-16 | First Data Corporation | Account authority digital signature (AADS) system |
US7047416B2 (en) | 1998-11-09 | 2006-05-16 | First Data Corporation | Account-based digital signature (ABDS) system |
WO2000028494A1 (en) * | 1998-11-11 | 2000-05-18 | Ncr International, Inc. | Digital data interchange devices and networks |
FR2787224A1 (en) * | 1998-12-14 | 2000-06-16 | Charles Henri Edgar Mourre | Electronic transactions system between purchaser and seller with secure transfer of payment; transmits electronic validation code, an access code, payment title code and bank identity code |
JP2003502721A (en) * | 1999-01-14 | 2003-01-21 | ジェイピーモルガン・チェース・バンク | Electronic account data or transaction routing system |
US6442593B1 (en) * | 1999-02-01 | 2002-08-27 | Sony Corporation | Methods and apparatus for transmitting prioritized electronic mail messages |
CA2371791A1 (en) | 1999-02-12 | 2000-08-17 | Mack Hicks | System and method for providing certification-related and other services |
US8041604B1 (en) * | 1999-03-16 | 2011-10-18 | Studebaker & Brackett PC | Method of embedding advertisements in communication |
EP1047028A1 (en) * | 1999-04-19 | 2000-10-25 | TELEFONAKTIEBOLAGET LM ERICSSON (publ) | Communication system and method for efficiently processing electronical transactions in mobile communication networks |
EP1049056A3 (en) * | 1999-04-26 | 2001-06-13 | CheckFree Corporation | Electronic bill presentment and/or payment clearinghouse |
US6609113B1 (en) | 1999-05-03 | 2003-08-19 | The Chase Manhattan Bank | Method and system for processing internet payments using the electronic funds transfer network |
US6704714B1 (en) | 1999-05-03 | 2004-03-09 | The Chase Manhattan Bank | Virtual private lock box |
US6760752B1 (en) * | 1999-06-28 | 2004-07-06 | Zix Corporation | Secure transmission system |
EP1067472A1 (en) * | 1999-07-05 | 2001-01-10 | Swedgiro AB | Method for sending invoices/account statements |
US7966372B1 (en) * | 1999-07-28 | 2011-06-21 | Rpost International Limited | System and method for verifying delivery and integrity of electronic messages |
AU6610300A (en) | 1999-07-28 | 2001-02-19 | Terrance A. Tomkow | System and method for verifying delivery and integrity of electronic messages |
US6990514B1 (en) * | 1999-09-03 | 2006-01-24 | Cisco Technology, Inc. | Unified messaging system using web based application server for management of messages using standardized servers |
US7249093B1 (en) | 1999-09-07 | 2007-07-24 | Rysix Holdings, Llc | Method of and system for making purchases over a computer network |
US7149893B1 (en) * | 1999-09-07 | 2006-12-12 | Poofaway.Com, Inc. | System and method for enabling the originator of an electronic mail message to preset an expiration time, date, and/or event, and to control processing or handling by a recipient |
CA2384158A1 (en) * | 1999-09-10 | 2001-03-15 | David Solo | System and method for providing certificate validation and other services |
US20020029200A1 (en) | 1999-09-10 | 2002-03-07 | Charles Dulin | System and method for providing certificate validation and other services |
CA2384242A1 (en) | 1999-09-24 | 2001-04-05 | Mary Mckenney | System and method for providing payment services in electronic commerce |
CN1451213B (en) | 1999-09-30 | 2012-10-10 | 美国邮政服务 | Systems and methods for authenticating an electronic message |
US7797543B1 (en) | 1999-09-30 | 2010-09-14 | United States Postal Service | Systems and methods for authenticating an electronic message |
ES2265694T3 (en) * | 1999-10-01 | 2007-02-16 | Swisscom Mobile Ag | PROCEDURE TO VERIFY IN A MOBILE DEVICE THE AUTHENTICITY OF ELECTRONIC CERTIFICATES ISSUED BY A CERTIFICATING AUTHORITY AND CORRESPONDING IDENTIFICATION MODULE. |
US7366696B1 (en) | 1999-10-08 | 2008-04-29 | Checkfree Corporation | Electronic billing with flexible biller controlled electronic bill presentment |
US7313543B1 (en) | 1999-10-12 | 2007-12-25 | Ameriprise Financial, Inc. | System and method for dividing a remittance and distributing a portion of the funds to multiple investment products |
US7418402B2 (en) * | 1999-11-18 | 2008-08-26 | First Aura, Llc | Method and system for providing local information over a network |
ES2200598T3 (en) | 1999-11-19 | 2004-03-01 | Swisscom Mobile Ag | PROCEDURE AND SYSTEM FOR ORDERING AND SUPPLYING DIGITAL CERTIFICATES. |
US6842863B1 (en) | 1999-11-23 | 2005-01-11 | Microsoft Corporation | Certificate reissuance for checking the status of a certificate in financial transactions |
US8571975B1 (en) | 1999-11-24 | 2013-10-29 | Jpmorgan Chase Bank, N.A. | System and method for sending money via E-mail over the internet |
US7603311B1 (en) | 1999-11-29 | 2009-10-13 | Yadav-Ranjan Rani K | Process and device for conducting electronic transactions |
US7143144B2 (en) | 1999-11-30 | 2006-11-28 | Ricoh Company, Ltd. | System, method and computer readable medium for certifying release of electronic information on an internet |
US6948063B1 (en) * | 1999-12-23 | 2005-09-20 | Checkfree Corporation | Securing electronic transactions over public networks |
US7376587B1 (en) | 2000-07-11 | 2008-05-20 | Western Union Financial Services, Inc. | Method for enabling transfer of funds through a computer network |
CA2396266C (en) * | 2000-01-12 | 2007-03-13 | Metavante Corporation | Integrated systems for electronic bill presentment and payment |
US6879959B1 (en) * | 2000-01-21 | 2005-04-12 | Quality Care Solutions, Inc. | Method of adjudicating medical claims based on scores that determine medical procedure monetary values |
FI112286B (en) * | 2000-01-24 | 2003-11-14 | Smarttrust Systems Oy | Payment service apparatus and secure payment procedure |
WO2001061603A1 (en) * | 2000-02-17 | 2001-08-23 | Newriver Investor Communications, Inc. | Method and apparatus for providing financial transaction data via the internet |
US7140036B2 (en) | 2000-03-06 | 2006-11-21 | Cardinalcommerce Corporation | Centralized identity authentication for electronic communication networks |
US7484088B2 (en) * | 2000-03-17 | 2009-01-27 | United States Postal Service | Methods and systems for proofing identities using a certificate authority |
US6865671B1 (en) | 2000-04-07 | 2005-03-08 | Sendmail, Inc. | Electronic mail system with authentication methodology for supporting relaying in a message transfer agent |
US6986037B1 (en) | 2000-04-07 | 2006-01-10 | Sendmail, Inc. | Electronic mail system with authentication/encryption methodology for allowing connections to/from a message transfer agent |
US7234103B1 (en) | 2000-04-26 | 2007-06-19 | Accenture Llp | Network-based tax framework database |
US7603301B1 (en) * | 2000-04-26 | 2009-10-13 | Accenture Llp | Verification and printing of a tax return in a network-based tax architecture |
AU2001259307A1 (en) * | 2000-05-01 | 2001-11-12 | Jewell Lim Esposito | Method and apparatus for distributing documents on an event-triggered basis through a communications network system |
WO2001084443A1 (en) * | 2000-05-03 | 2001-11-08 | Harrison Shelton E Jr | Electronic bond & guaranty process and business method |
JP2001325516A (en) * | 2000-05-16 | 2001-11-22 | Sony Corp | Device and method for providing information, device and method for processing information, and program storage medium |
US20020013899A1 (en) * | 2000-06-17 | 2002-01-31 | Faul Jacob Joel | Automated document distribution and transaction verification |
US20040073617A1 (en) | 2000-06-19 | 2004-04-15 | Milliken Walter Clark | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
AU2001268517A1 (en) * | 2000-06-19 | 2002-01-02 | United States Postal Service | Systems and methods for providing mail item retrieval |
AU2001269881A1 (en) * | 2000-06-19 | 2002-01-02 | United States Postal Service | System, method, and article of manufacture for shipping a package privately to acustomer |
US8244809B2 (en) * | 2000-06-20 | 2012-08-14 | United States Postal Service | System and methods for electronic message content identification |
US8417628B2 (en) | 2000-06-29 | 2013-04-09 | Jpmorgan Chase Bank, N.A. | Electronic bill presentment and payment system and method |
EP1312012A4 (en) | 2000-07-11 | 2006-09-06 | First Data Corp | Wide area network person-to-person payment |
US7996310B1 (en) * | 2000-07-19 | 2011-08-09 | Globys, Inc. | Electronic financial management and analysis system and related methods |
KR20020008502A (en) * | 2000-07-20 | 2002-01-31 | 조영도 | One-stop integral finance service system and method |
US7729957B2 (en) * | 2000-07-25 | 2010-06-01 | United States Postal Service | Item attribute preverification |
US7146338B2 (en) * | 2001-06-28 | 2006-12-05 | Checkfree Services Corporation | Inter-network financial service |
WO2002013047A2 (en) * | 2000-08-04 | 2002-02-14 | Athenahealth, Inc. | Practice management and billing automation system |
JP2004506245A (en) * | 2000-08-04 | 2004-02-26 | ファースト データ コーポレイション | Linking the device's public key with information during manufacture |
US6789189B2 (en) | 2000-08-04 | 2004-09-07 | First Data Corporation | Managing account database in ABDS system |
WO2002013016A1 (en) * | 2000-08-08 | 2002-02-14 | Wachovia Corporation | Internet third-party authentication using electronic tickets |
WO2002019282A2 (en) * | 2000-08-31 | 2002-03-07 | Atm Direct, Inc. | System and method for online atm transaction with digital certificate |
SE0003171L (en) * | 2000-09-07 | 2002-03-08 | Bankgirocentralen Bgc Ab | Network related user identification system |
EP1325599A1 (en) | 2000-09-08 | 2003-07-09 | Guy S. Tallent | System and method for providing authorization and other services |
US7000105B2 (en) * | 2000-09-08 | 2006-02-14 | Identrus, Llc | System and method for transparently providing certificate validation and other services within an electronic transaction |
US7107248B1 (en) * | 2000-09-11 | 2006-09-12 | Nokia Corporation | System and method of bootstrapping a temporary public-key infrastructure from a cellular telecommunication authentication and billing infrastructure |
JP2002152259A (en) * | 2000-11-13 | 2002-05-24 | Yozan Inc | Communication terminal and charging processing unit |
US7702579B2 (en) * | 2000-12-19 | 2010-04-20 | Emergis Technologies, Inc. | Interactive invoicer interface |
US6832349B1 (en) * | 2001-01-08 | 2004-12-14 | Cardiff Software, Inc. | Remote activation of enhanced functionality features in locally created documents |
US20020111855A1 (en) * | 2001-01-23 | 2002-08-15 | Hammerstad Diane R. | Delivery of time significant advertising |
US7039803B2 (en) * | 2001-01-26 | 2006-05-02 | International Business Machines Corporation | Method for broadcast encryption and key revocation of stateless receivers |
US7010125B2 (en) | 2001-01-26 | 2006-03-07 | Interntional Business Machines Corporation | Method for tracing traitor receivers in a broadcast encryption system |
US9520993B2 (en) | 2001-01-26 | 2016-12-13 | International Business Machines Corporation | Renewable traitor tracing |
US20020107931A1 (en) * | 2001-02-07 | 2002-08-08 | Servzone.Com, Inc. | Multi-way interactive email performing functions of networks and the web |
WO2002066344A1 (en) * | 2001-02-20 | 2002-08-29 | United States Postal Service | Universal delivery and collection box unit (udcbu) |
US6820802B2 (en) * | 2001-02-27 | 2004-11-23 | American Express Travel Related Services Company, Inc. | Online card activation system and method |
AU2002307066A1 (en) | 2001-04-03 | 2002-10-21 | United States Postal Service | Systems and methods for capturing mail for electronic bill presentment |
US7779481B2 (en) | 2001-04-12 | 2010-08-17 | United States Postal Service | Systems and methods for electronic postmarking of data including location data |
US20030172297A1 (en) * | 2002-03-05 | 2003-09-11 | Gunter Carl A. | Method and system for maintaining secure access to web server services using public keys |
US6885388B2 (en) * | 2001-04-25 | 2005-04-26 | Probaris Technologies Inc. | Method for automatically generating list of meeting participants and delegation permission |
US20020162002A1 (en) * | 2001-04-25 | 2002-10-31 | Gunter Carl A. | Method and system for controlling access to services |
US20030172296A1 (en) * | 2002-03-05 | 2003-09-11 | Gunter Carl A. | Method and system for maintaining secure access to web server services using permissions delegated via electronic messaging systems |
US20030172299A1 (en) * | 2002-03-05 | 2003-09-11 | Gunter Carl A. | Method and system for maintaining secure access to web server services using permissions |
US20020162019A1 (en) * | 2001-04-25 | 2002-10-31 | Berry Michael C. | Method and system for managing access to services |
US20030236977A1 (en) * | 2001-04-25 | 2003-12-25 | Levas Robert George | Method and system for providing secure access to applications |
US20020162004A1 (en) * | 2001-04-25 | 2002-10-31 | Gunter Carl A. | Method and system for managing access to services |
JP2002329065A (en) * | 2001-04-27 | 2002-11-15 | Fujitsu Ltd | Invitation method for modification of loan contract for consumption |
US7975139B2 (en) * | 2001-05-01 | 2011-07-05 | Vasco Data Security, Inc. | Use and generation of a session key in a secure socket layer connection |
US20030195844A1 (en) * | 2001-05-31 | 2003-10-16 | Hogan Lawrence Daniel | Electronic bill and non-bill information presentation |
US8166115B2 (en) * | 2001-06-20 | 2012-04-24 | United States Postal Service | Systems and methods for electronic message content identification |
FR2827448B1 (en) * | 2001-07-12 | 2003-12-19 | Gemplus Card Int | METHOD FOR PROVIDING A PAYMENT GUARANTEE FOR ELECTRONIC COMMERCE ESPECIALLY BY MOBILE TELEPHONE AND IMPLEMENTATION SYSTEM |
CA2355785C (en) * | 2001-08-16 | 2010-06-01 | Ibm Canada Limited-Ibm Canada Limitee | Electronic presentation of invoices using a trusted document repository |
JP2003075164A (en) * | 2001-09-06 | 2003-03-12 | Sony Corp | Positioning information transmission device and positioning information transmission/reception system |
US8255235B2 (en) | 2001-09-07 | 2012-08-28 | United States Postal Service | Item tracking and anticipated delivery confirmation system method |
DE10149298A1 (en) * | 2001-10-05 | 2003-04-17 | Siemens Ag | Method for electronic posting and payment of invoices, involves setting up connection from customer to bank server |
US8374962B2 (en) | 2001-10-26 | 2013-02-12 | First Data Corporation | Stored value payouts |
US8244632B2 (en) | 2001-10-26 | 2012-08-14 | First Data Corporation | Automated transfer with stored value |
US20030093373A1 (en) * | 2001-11-13 | 2003-05-15 | Smirnoff Kellie M. | Systems and methods for providing invoice-based billing information associated with a credit card transaction |
EP1451741A2 (en) * | 2001-11-26 | 2004-09-01 | Epacific Inc. | Systems and methods for fund transfers |
US20030105707A1 (en) * | 2001-11-30 | 2003-06-05 | Yves Audebert | Financial risk management system and method |
US20030110128A1 (en) * | 2001-12-07 | 2003-06-12 | Pitney Bowes Incorporated | Method and system for importing invoice data into accounting and payment programs |
JP3826782B2 (en) * | 2001-12-12 | 2006-09-27 | ソニー株式会社 | Data transmission system, information processing apparatus and method, recording medium, and program |
US20030144913A1 (en) * | 2002-01-31 | 2003-07-31 | Greenberg Jeffrey Douglas | E-mail launched web transaction |
US20050240491A1 (en) * | 2002-01-31 | 2005-10-27 | Jeff Greenberg | E-mail launched Web transaction |
AU2003213021A1 (en) * | 2002-02-11 | 2003-09-04 | Zoe Boza | Multiparty transaction system |
US6941467B2 (en) * | 2002-03-08 | 2005-09-06 | Ciphertrust, Inc. | Systems and methods for adaptive message interrogation through multiple queues |
US7693947B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for graphically displaying messaging traffic |
US7870203B2 (en) | 2002-03-08 | 2011-01-11 | Mcafee, Inc. | Methods and systems for exposing messaging reputation to an end user |
US20060015942A1 (en) | 2002-03-08 | 2006-01-19 | Ciphertrust, Inc. | Systems and methods for classification of messaging entities |
US8578480B2 (en) | 2002-03-08 | 2013-11-05 | Mcafee, Inc. | Systems and methods for identifying potentially malicious messages |
US8132250B2 (en) | 2002-03-08 | 2012-03-06 | Mcafee, Inc. | Message profiling systems and methods |
US20030172291A1 (en) | 2002-03-08 | 2003-09-11 | Paul Judge | Systems and methods for automated whitelisting in monitored communications |
US8561167B2 (en) | 2002-03-08 | 2013-10-15 | Mcafee, Inc. | Web reputation scoring |
US7903549B2 (en) | 2002-03-08 | 2011-03-08 | Secure Computing Corporation | Content-based policy compliance systems and methods |
US7124438B2 (en) | 2002-03-08 | 2006-10-17 | Ciphertrust, Inc. | Systems and methods for anomaly detection in patterns of monitored communications |
US7694128B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for secure communication delivery |
US20040122780A1 (en) * | 2002-04-02 | 2004-06-24 | Devar Rodney C | Universal delivery and collection box unit |
US7979348B2 (en) | 2002-04-23 | 2011-07-12 | Clearing House Payments Co Llc | Payment identification code and payment system using the same |
US8393001B1 (en) * | 2002-07-26 | 2013-03-05 | Mcafee, Inc. | Secure signature server system and associated method |
WO2004034226A2 (en) | 2002-10-10 | 2004-04-22 | Intercomputer Corporation | Secure electronic payment messaging system with reconcilable finality |
US20040143546A1 (en) * | 2002-11-01 | 2004-07-22 | Wood Jeff A. | Easy user activation of electronic commerce services |
US8073773B2 (en) * | 2002-11-01 | 2011-12-06 | Checkfree Corporation | Technique for identifying probable billers of a consumer |
US7729996B2 (en) | 2002-11-01 | 2010-06-01 | Checkfree Corporation | Reuse of an EBP account through alternate authentication |
US20040133515A1 (en) * | 2002-11-01 | 2004-07-08 | Mccoy Randal A. | Distributed matching of consumers with billers having bills available for electronic presentment |
US7526448B2 (en) * | 2002-11-01 | 2009-04-28 | Checkfree Corporation | Matching consumers with billers having bills available for electronic presentment |
US20040133509A1 (en) * | 2002-11-01 | 2004-07-08 | Mccoy Randal A. | Technique for making payments for a non-subscriber payor |
US7395243B1 (en) | 2002-11-01 | 2008-07-01 | Checkfree Corporation | Technique for presenting matched billers to a consumer |
US20040139011A1 (en) * | 2002-11-01 | 2004-07-15 | Kozee Casey W. | Technique for identifying probable payees of a consumer |
US20040088254A1 (en) * | 2002-11-01 | 2004-05-06 | Zielke William D. | Selective noticing of availability of an electronic bill |
US20040133514A1 (en) * | 2002-11-01 | 2004-07-08 | Zielke William D. | Selective noticing of availability of an electronic bill based on service provider data |
US20040133513A1 (en) * | 2002-11-01 | 2004-07-08 | Mccoy Randal | Identity protection technique in matching consumers with electronic billers |
US20040088235A1 (en) * | 2002-11-01 | 2004-05-06 | Ziekle William D. | Technique for customizing electronic commerce user |
US20040088251A1 (en) * | 2002-11-01 | 2004-05-06 | Peter Moenickheim | Easy establishment of biller or payees of a payor |
US7104441B2 (en) * | 2002-11-25 | 2006-09-12 | Diebold Self-Service Systems Division Of Diebold, Incorporated | Cash dispensing automated banking machine diagnostic method |
US6859822B2 (en) * | 2002-12-17 | 2005-02-22 | Secure Data In Motion, Inc. | Interactive e-mail statement |
WO2004077317A1 (en) * | 2003-02-28 | 2004-09-10 | Sap Aktiengesellschaft | Method and software application for processing electronic documents |
US7627640B2 (en) * | 2003-03-17 | 2009-12-01 | Epostal Services, Inc. | Messaging and document management system and method |
CN102170406B (en) * | 2003-03-17 | 2014-04-23 | 易邮服务公司 | Messaging and document management system and method |
US7702916B2 (en) | 2003-03-31 | 2010-04-20 | Visa U.S.A. Inc. | Method and system for secure authentication |
US20040215696A1 (en) * | 2003-03-31 | 2004-10-28 | Clay Fisher | Method and apparatus for generating a message with embedded content |
US20040220876A1 (en) * | 2003-05-02 | 2004-11-04 | Liu David J. | Systems and methods for services over a financial transaction platform |
US8458067B2 (en) * | 2003-05-06 | 2013-06-04 | American Express Travel Related Services Company, Inc. | System and method for emergency tracking |
US7647257B2 (en) * | 2003-05-06 | 2010-01-12 | American Express Travel Related Services Company, Inc. | System and method for web access to financial data |
FR2857126A1 (en) * | 2003-06-17 | 2005-01-07 | Ecureuil Proximite | Electronic transaction method, involves verifying integrity of data contained in uniform resource locator using digital authenticator by comparing private keys to make online payment and confirming acceptance of payment to user or vendor |
US8725607B2 (en) | 2004-01-30 | 2014-05-13 | The Clearing House Payments Company LLC | Electronic payment clearing and check image exchange systems and methods |
US7519812B2 (en) * | 2004-02-19 | 2009-04-14 | International Business Machines Corporation | Architecture and design for central authentication and authorization in an on-demand utility environment |
US7853790B2 (en) * | 2004-03-19 | 2010-12-14 | Microsoft Corporation | Enhancement to volume license keys |
WO2006118558A1 (en) * | 2004-04-14 | 2006-11-09 | Sagi Richberg | Method and system for connecting users |
US7412719B2 (en) * | 2004-05-20 | 2008-08-12 | International Business Machines Corporation | Architecture and design for central authentication and authorization in an on-demand utility environment using a secured global hashtable |
US7748606B2 (en) * | 2004-06-29 | 2010-07-06 | United States Postal Service | Cluster box mail delivery unit having security features |
CH694900A5 (en) * | 2004-08-27 | 2005-08-31 | Easecredit Charles Mason Dr | Method is for issue of bank account E-mail statement on occasion of money transfer via Internet |
US7509120B2 (en) * | 2004-09-07 | 2009-03-24 | Research In Motion Limited | System and method for updating message trust status |
CN100425018C (en) * | 2004-09-08 | 2008-10-08 | 中国工商银行股份有限公司 | Dynamic encrypting device in network and its password identification method |
US7909237B2 (en) | 2004-10-25 | 2011-03-22 | Todd Tredeau | Monetary transaction system and method |
US7886144B2 (en) * | 2004-10-29 | 2011-02-08 | Research In Motion Limited | System and method for retrieving certificates associated with senders of digitally signed messages |
US8635690B2 (en) | 2004-11-05 | 2014-01-21 | Mcafee, Inc. | Reputation based message processing |
US7593527B2 (en) * | 2005-01-07 | 2009-09-22 | First Data Corporation | Providing digital signature and public key based on shared knowledge |
US20060153364A1 (en) * | 2005-01-07 | 2006-07-13 | Beeson Curtis L | Asymmetric key cryptosystem based on shared knowledge |
US20060153369A1 (en) * | 2005-01-07 | 2006-07-13 | Beeson Curtis L | Providing cryptographic key based on user input data |
US7693277B2 (en) * | 2005-01-07 | 2010-04-06 | First Data Corporation | Generating digital signatures using ephemeral cryptographic key |
US7936869B2 (en) * | 2005-01-07 | 2011-05-03 | First Data Corporation | Verifying digital signature based on shared knowledge |
US20060153367A1 (en) * | 2005-01-07 | 2006-07-13 | Beeson Curtis L | Digital signature system based on shared knowledge |
US20060153370A1 (en) * | 2005-01-07 | 2006-07-13 | Beeson Curtis L | Generating public-private key pair based on user input data |
US7869593B2 (en) * | 2005-01-07 | 2011-01-11 | First Data Corporation | Software for providing based on shared knowledge public keys having same private key |
US7490239B2 (en) * | 2005-01-07 | 2009-02-10 | First Data Corporation | Facilitating digital signature based on ephemeral private key |
US7937480B2 (en) | 2005-06-02 | 2011-05-03 | Mcafee, Inc. | Aggregation of reputation data |
USD745765S1 (en) | 2005-06-29 | 2015-12-15 | United States Postal Service | Cluster box mail delivery unit |
US8060555B2 (en) | 2005-08-17 | 2011-11-15 | Canada Post Corporation | Electronic content management systems and methods |
US8874477B2 (en) | 2005-10-04 | 2014-10-28 | Steven Mark Hoffberg | Multifactorial optimization system and method |
US8025213B2 (en) * | 2005-10-31 | 2011-09-27 | Sandra Hartfield | Automatic settlement of user account with creditor from transaction kiosk |
US20100268754A1 (en) * | 2006-01-19 | 2010-10-21 | David John Holton | Method and System for Electronic Delivery of Essential Mail Items |
AU2011101676B4 (en) * | 2006-01-19 | 2012-08-09 | David John Holton | Method and System for Electronic Delivery of Essential Mail Items |
US20070235524A1 (en) * | 2006-04-11 | 2007-10-11 | Little Michael E | Data card management system |
US7526530B2 (en) * | 2006-05-05 | 2009-04-28 | Adobe Systems Incorporated | System and method for cacheing web files |
WO2007147080A1 (en) | 2006-06-16 | 2007-12-21 | Almondnet, Inc. | Media properties selection method and system based on expected profit from profile-based ad delivery |
US8566227B2 (en) * | 2006-10-27 | 2013-10-22 | Ccip Corp. | Location based credit |
JP4609773B2 (en) * | 2006-11-28 | 2011-01-12 | コニカミノルタビジネステクノロジーズ株式会社 | Document data creation apparatus, document data creation method, and control program |
US7702585B2 (en) * | 2006-11-30 | 2010-04-20 | Checkfree Corporation | Methods and systems for the determination and display of payment lead time in an electronic payment system |
US20080147561A1 (en) * | 2006-12-18 | 2008-06-19 | Pitney Bowes Incorporated | Image based invoice payment with digital signature verification |
US20080177656A1 (en) * | 2007-01-22 | 2008-07-24 | Microsoft Corporation | Client applications with third party payment integration |
US7779156B2 (en) | 2007-01-24 | 2010-08-17 | Mcafee, Inc. | Reputation based load balancing |
US8763114B2 (en) | 2007-01-24 | 2014-06-24 | Mcafee, Inc. | Detecting image spam |
US7949716B2 (en) | 2007-01-24 | 2011-05-24 | Mcafee, Inc. | Correlation and analysis of entity attributes |
US8214497B2 (en) | 2007-01-24 | 2012-07-03 | Mcafee, Inc. | Multi-dimensional reputation scoring |
US8179798B2 (en) | 2007-01-24 | 2012-05-15 | Mcafee, Inc. | Reputation based connection throttling |
US7866551B2 (en) * | 2007-02-15 | 2011-01-11 | Visa U.S.A. Inc. | Dynamic payment device characteristics |
US20080288400A1 (en) | 2007-04-27 | 2008-11-20 | Cashedge, Inc. | Centralized Payment Method and System for Online and Offline Transactions |
US8131592B2 (en) * | 2007-04-27 | 2012-03-06 | Sojern, Inc. | Method and system for providing targeted content with verification information |
US20080275771A1 (en) * | 2007-05-01 | 2008-11-06 | Visa U.S.A. Inc. | Merchant transaction based advertising |
US7933798B1 (en) * | 2007-05-25 | 2011-04-26 | Google Inc. | Determining and displaying impression share to advertisers |
EP2009587A1 (en) * | 2007-06-29 | 2008-12-31 | Deutsche Thomson OHG | Method for distributing display information to a remote display device, a corresponding display device, a system for distributing display information and a signal comprising display information |
US8185930B2 (en) | 2007-11-06 | 2012-05-22 | Mcafee, Inc. | Adjusting filter or classification control settings |
US8045458B2 (en) | 2007-11-08 | 2011-10-25 | Mcafee, Inc. | Prioritizing network traffic |
US20090144380A1 (en) | 2007-11-21 | 2009-06-04 | Kallman William R | Peer-to-peer email |
US8793487B2 (en) | 2008-01-18 | 2014-07-29 | Identrust, Inc. | Binding a digital certificate to multiple trust domains |
US8160975B2 (en) | 2008-01-25 | 2012-04-17 | Mcafee, Inc. | Granular support vector machine with random granularity |
US10043201B2 (en) * | 2008-01-31 | 2018-08-07 | Bill.Com, Inc. | Enhanced invitation process for electronic billing and payment system |
US20140129431A1 (en) * | 2008-01-31 | 2014-05-08 | Bill.Com, Inc. | Enhanced System and Method For Private Interbank Clearing System |
US9141991B2 (en) | 2008-01-31 | 2015-09-22 | Bill.Com, Inc. | Enhanced electronic data and metadata interchange system and process for electronic billing and payment system |
US20110184843A1 (en) * | 2008-01-31 | 2011-07-28 | Bill.Com, Inc. | Enhanced electronic anonymous payment system |
US20110196786A1 (en) * | 2008-01-31 | 2011-08-11 | Rene Lacerte | Determining trustworthiness and familiarity of users of an electronic billing and payment system |
US10769686B2 (en) | 2008-01-31 | 2020-09-08 | Bill.Com Llc | Enhanced invitation process for electronic billing and payment system |
US20100027786A1 (en) * | 2008-02-14 | 2010-02-04 | Patrick Faith | Dynamic encryption authentication |
US8589503B2 (en) | 2008-04-04 | 2013-11-19 | Mcafee, Inc. | Prioritizing network traffic |
US8150731B1 (en) * | 2008-04-25 | 2012-04-03 | Sojern, Inc. | Method and system presenting and distributing customized information associated with verification information |
US8200562B2 (en) * | 2008-05-05 | 2012-06-12 | Massachusetts Mutual Life Insurance Company | System and method for generating a transactionable multimedia financial planning statement |
US8019642B2 (en) * | 2008-05-06 | 2011-09-13 | Richrelevance, Inc. | System and process for receiving boosting recommendations for use in providing personalized advertisements to retail customers |
US8108329B2 (en) * | 2008-05-06 | 2012-01-31 | Richrelevance, Inc. | System and process for boosting recommendations for use in providing personalized advertisements to retail customers |
US8364528B2 (en) | 2008-05-06 | 2013-01-29 | Richrelevance, Inc. | System and process for improving product recommendations for use in providing personalized advertisements to retail customers |
US8583524B2 (en) * | 2008-05-06 | 2013-11-12 | Richrelevance, Inc. | System and process for improving recommendations for use in providing personalized advertisements to retail customers |
US10008067B2 (en) | 2008-06-16 | 2018-06-26 | Visa U.S.A. Inc. | System and method for authorizing financial transactions with online merchants |
US20100017413A1 (en) * | 2008-07-17 | 2010-01-21 | Ian Edward James | Systems and methods for transferring value |
US20100031333A1 (en) * | 2008-07-22 | 2010-02-04 | Mitchell Mark T | Secure email |
US9225941B2 (en) * | 2008-08-22 | 2015-12-29 | Dish Network, L.L.C. | Systems and methods for high-bandwidth delivery of customer-specific information |
US20100057548A1 (en) * | 2008-08-27 | 2010-03-04 | Globy's,Inc. | Targeted customer offers based on predictive analytics |
US8275710B1 (en) | 2008-09-30 | 2012-09-25 | United Services Automobile Association (Usaa) | Systems and methods for automatic bill pay enrollment |
US20100179909A1 (en) * | 2009-01-14 | 2010-07-15 | Jubin Dana | User defined udk |
US20120004965A1 (en) * | 2009-01-21 | 2012-01-05 | Billshrink, Inc. | System and method for user-driven savings opportunity matching |
US10504126B2 (en) | 2009-01-21 | 2019-12-10 | Truaxis, Llc | System and method of obtaining merchant sales information for marketing or sales teams |
US10594870B2 (en) | 2009-01-21 | 2020-03-17 | Truaxis, Llc | System and method for matching a savings opportunity using census data |
US8284048B2 (en) | 2010-03-22 | 2012-10-09 | Visa International Service Association | Auto activation of a mobile device |
US8621638B2 (en) | 2010-05-14 | 2013-12-31 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
US9299056B2 (en) | 2010-09-12 | 2016-03-29 | Scayl, Inc. | Peer-to-peer email with video and advertising aspects |
US20130218779A1 (en) * | 2012-02-21 | 2013-08-22 | Rawllin International Inc. | Dual factor digital certificate security algorithms |
US8819789B2 (en) | 2012-03-07 | 2014-08-26 | Bill.Com, Inc. | Method and system for using social networks to verify entity affiliations and identities |
US9626664B2 (en) | 2012-03-07 | 2017-04-18 | Clearxchange, Llc | System and method for transferring funds |
US10395223B2 (en) | 2012-03-07 | 2019-08-27 | Early Warning Services, Llc | System and method for transferring funds |
US10318936B2 (en) | 2012-03-07 | 2019-06-11 | Early Warning Services, Llc | System and method for transferring funds |
US10970688B2 (en) | 2012-03-07 | 2021-04-06 | Early Warning Services, Llc | System and method for transferring funds |
US11593800B2 (en) | 2012-03-07 | 2023-02-28 | Early Warning Services, Llc | System and method for transferring funds |
US10395247B2 (en) | 2012-03-07 | 2019-08-27 | Early Warning Services, Llc | Systems and methods for facilitating a secure transaction at a non-financial institution system |
US10318923B1 (en) | 2012-08-01 | 2019-06-11 | Cognizant Trizetto Software Group, Inc. | Payment assurance and claim pre-validation |
US9100189B2 (en) | 2012-08-31 | 2015-08-04 | Freescale Semiconductor, Inc. | Secure provisioning in an untrusted environment |
US9100174B2 (en) | 2012-08-31 | 2015-08-04 | Freescale Semiconductor, Inc. | Secure provisioning in an untrusted environment |
US9129536B2 (en) | 2012-08-31 | 2015-09-08 | Freescale Semiconductor, Inc. | Circuit for secure provisioning in an untrusted environment |
US9094205B2 (en) * | 2012-08-31 | 2015-07-28 | Freescale Semiconductor, Inc. | Secure provisioning in an untrusted environment |
US10282712B2 (en) | 2013-02-07 | 2019-05-07 | Jpmorgan Chase Bank, N.A. | Integrated electronic disbursement and cash flow management system and method |
US10387858B2 (en) | 2013-02-07 | 2019-08-20 | Jpmorgan Chase Bank, N.A. | Integrated electronic cash flow management system and method |
US10115137B2 (en) | 2013-03-14 | 2018-10-30 | Bill.Com, Inc. | System and method for enhanced access and control for connecting entities and effecting payments in a commercially oriented entity network |
US10417674B2 (en) | 2013-03-14 | 2019-09-17 | Bill.Com, Llc | System and method for sharing transaction information by object tracking of inter-entity transactions and news streams |
US10410191B2 (en) | 2013-03-14 | 2019-09-10 | Bill.Com, Llc | System and method for scanning and processing of payment documentation in an integrated partner platform |
US10572921B2 (en) | 2013-07-03 | 2020-02-25 | Bill.Com, Llc | System and method for enhanced access and control for connecting entities and effecting payments in a commercially oriented entity network |
US9754260B2 (en) | 2013-10-28 | 2017-09-05 | Quisk, Inc. | Account locking using transaction codes |
US10373154B2 (en) * | 2014-05-19 | 2019-08-06 | Mastercard International Incorporated | Apparatus, method, and computer program product for settlement to a merchant's card account using an on-line bill payment platform |
US11295308B1 (en) | 2014-10-29 | 2022-04-05 | The Clearing House Payments Company, L.L.C. | Secure payment processing |
US9430658B2 (en) | 2014-12-16 | 2016-08-30 | Freescale Semiconductor, Inc. | Systems and methods for secure provisioning of production electronic circuits |
US10769606B2 (en) | 2015-03-23 | 2020-09-08 | Early Warning Services, Llc | Payment real-time funds availability |
US20190378182A1 (en) * | 2015-03-23 | 2019-12-12 | Early Warning Services, Llc | Secure electronic billing with real-time funds availability |
US10748127B2 (en) | 2015-03-23 | 2020-08-18 | Early Warning Services, Llc | Payment real-time funds availability |
US10832246B2 (en) | 2015-03-23 | 2020-11-10 | Early Warning Services, Llc | Payment real-time funds availability |
US10878387B2 (en) | 2015-03-23 | 2020-12-29 | Early Warning Services, Llc | Real-time determination of funds availability for checks and ACH items |
US10839359B2 (en) | 2015-03-23 | 2020-11-17 | Early Warning Services, Llc | Payment real-time funds availability |
US11042882B2 (en) | 2015-07-01 | 2021-06-22 | The Clearing House Payments Company, L.L.C. | Real-time payment system, method, apparatus, and computer program |
US11694168B2 (en) | 2015-07-01 | 2023-07-04 | The Clearing House Payments Company L.L.C. | Real-time payment system, method, apparatus, and computer program |
US11151523B2 (en) | 2015-07-21 | 2021-10-19 | Early Warning Services, Llc | Secure transactions with offline device |
US10970695B2 (en) | 2015-07-21 | 2021-04-06 | Early Warning Services, Llc | Secure real-time transactions |
US11157884B2 (en) | 2015-07-21 | 2021-10-26 | Early Warning Services, Llc | Secure transactions with offline device |
US11151522B2 (en) | 2015-07-21 | 2021-10-19 | Early Warning Services, Llc | Secure transactions with offline device |
US10956888B2 (en) | 2015-07-21 | 2021-03-23 | Early Warning Services, Llc | Secure real-time transactions |
US11037122B2 (en) | 2015-07-21 | 2021-06-15 | Early Warning Services, Llc | Secure real-time transactions |
US11386410B2 (en) | 2015-07-21 | 2022-07-12 | Early Warning Services, Llc | Secure transactions with offline device |
US10963856B2 (en) | 2015-07-21 | 2021-03-30 | Early Warning Services, Llc | Secure real-time transactions |
US10438175B2 (en) | 2015-07-21 | 2019-10-08 | Early Warning Services, Llc | Secure real-time payment transactions |
US11037121B2 (en) | 2015-07-21 | 2021-06-15 | Early Warning Services, Llc | Secure real-time transactions |
US11062290B2 (en) | 2015-07-21 | 2021-07-13 | Early Warning Services, Llc | Secure real-time transactions |
US11151566B2 (en) | 2016-09-19 | 2021-10-19 | Early Warning Services, Llc | Authentication and fraud prevention in provisioning a mobile wallet |
US11042858B1 (en) * | 2016-12-23 | 2021-06-22 | Wells Fargo Bank, N.A. | Assessing validity of mail item |
US11436577B2 (en) | 2018-05-03 | 2022-09-06 | The Clearing House Payments Company L.L.C. | Bill pay service with federated directory model support |
US10248527B1 (en) | 2018-09-19 | 2019-04-02 | Amplero, Inc | Automated device-specific dynamic operation modifications |
US11348041B2 (en) | 2020-07-02 | 2022-05-31 | Bank Of America Corporation | System for predictive resource access within a technical environment |
GB2612349A (en) * | 2021-10-29 | 2023-05-03 | Mastercard International Inc | Transaction key generation |
Family Cites Families (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5193055A (en) | 1987-03-03 | 1993-03-09 | Brown Gordon T | Accounting system |
US4868877A (en) | 1988-02-12 | 1989-09-19 | Fischer Addison M | Public key/signature cryptosystem with enhanced digital signature certification |
US5214702A (en) * | 1988-02-12 | 1993-05-25 | Fischer Addison M | Public key/signature cryptosystem with enhanced digital signature certification |
US5007084A (en) | 1988-08-29 | 1991-04-09 | Richard H. Materna | Payment Authorization and Information Device |
US5383113A (en) | 1991-07-25 | 1995-01-17 | Checkfree Corporation | System and method for electronically providing customer services including payment of bills, financial analysis and loans |
US5557518A (en) | 1994-04-28 | 1996-09-17 | Citibank, N.A. | Trusted agents for open electronic commerce |
AU662805B2 (en) | 1992-04-06 | 1995-09-14 | Addison M. Fischer | A method for processing information among computers which may exchange messages |
US5465206B1 (en) | 1993-11-01 | 1998-04-21 | Visa Int Service Ass | Electronic bill pay system |
US5748738A (en) * | 1995-01-17 | 1998-05-05 | Document Authentication Systems, Inc. | System and method for electronic transmission, storage and retrieval of authenticated documents |
US5832460A (en) * | 1995-06-02 | 1998-11-03 | International Business Machines Corporation | Method and system for bill presentation and payment reconciliation |
NZ306846A (en) * | 1995-06-05 | 2000-01-28 | Certco Llc | Digital signing method using partial signatures |
US5699528A (en) * | 1995-10-31 | 1997-12-16 | Mastercard International, Inc. | System and method for bill delivery and payment over a communications network |
US5794210A (en) * | 1995-12-11 | 1998-08-11 | Cybergold, Inc. | Attention brokerage |
US5848397A (en) * | 1996-04-19 | 1998-12-08 | Juno Online Services, L.P. | Method and apparatus for scheduling the presentation of messages to computer users |
US5848400A (en) * | 1996-07-01 | 1998-12-08 | Sun Microsystems, Inc. | Electronic check exchange, clearing and settlement system |
-
1996
- 1996-12-13 US US08/766,498 patent/US6285991B1/en not_active Expired - Lifetime
-
1997
- 1997-12-12 CA CA002275211A patent/CA2275211C/en not_active Expired - Fee Related
- 1997-12-12 AU AU53820/98A patent/AU744610B2/en not_active Ceased
- 1997-12-12 DE DE69736074T patent/DE69736074T2/en not_active Expired - Lifetime
- 1997-12-12 EP EP97950952A patent/EP0961999B1/en not_active Expired - Lifetime
- 1997-12-12 WO PCT/US1997/023025 patent/WO1998026386A1/en active IP Right Grant
- 1997-12-12 AT AT97950952T patent/ATE329336T1/en not_active IP Right Cessation
Also Published As
Publication number | Publication date |
---|---|
ATE329336T1 (en) | 2006-06-15 |
DE69736074T2 (en) | 2006-12-07 |
EP0961999B1 (en) | 2006-06-07 |
AU5382098A (en) | 1998-07-03 |
US6285991B1 (en) | 2001-09-04 |
WO1998026386A1 (en) | 1998-06-18 |
CA2275211A1 (en) | 1998-06-18 |
DE69736074D1 (en) | 2006-07-20 |
EP0961999A1 (en) | 1999-12-08 |
AU744610B2 (en) | 2002-02-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2275211C (en) | Secure interactive electronic account statement delivery system | |
US10659413B2 (en) | Methods and systems for providing and electronic account to a customer | |
CA2366517C (en) | Person-to-person, person-to-business, business-to-person, and business-to-business financial transaction system | |
US5671279A (en) | Electronic commerce using a secure courier system | |
EA003681B1 (en) | Process and system for remote payments and transactions in real time by mobile telephone | |
AU775197B2 (en) | Secure interactive electronic account statement delivery system | |
KR100485243B1 (en) | payment method by on-line account commerce using security system | |
Tantivuthanon | Bill paying service on the Internet | |
MXPA97007739A (en) | Instruments for defon electronic transfer |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
MKLA | Lapsed |
Effective date: 20171212 |