WO2002003290A1 - System and method for anonymous recharging of stored value accounts - Google Patents

System and method for anonymous recharging of stored value accounts Download PDF

Info

Publication number
WO2002003290A1
WO2002003290A1 PCT/US2001/019899 US0119899W WO0203290A1 WO 2002003290 A1 WO2002003290 A1 WO 2002003290A1 US 0119899 W US0119899 W US 0119899W WO 0203290 A1 WO0203290 A1 WO 0203290A1
Authority
WO
WIPO (PCT)
Prior art keywords
account
stored value
transaction
financial
anonymous authentication
Prior art date
Application number
PCT/US2001/019899
Other languages
French (fr)
Inventor
John P. Shannon
Claude C. Bouffard
Jim B. Somerville
Original Assignee
Gopin Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gopin Inc. filed Critical Gopin Inc.
Priority to AU2001271375A priority Critical patent/AU2001271375A1/en
Publication of WO2002003290A1 publication Critical patent/WO2002003290A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0866Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by active credit-cards adapted therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/28Pre-payment schemes, e.g. "pay before"
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/363Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes with the personal data of a user
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes

Definitions

  • Stored value accounts such as telephone calling cards
  • the user may call an (800) number
  • value card or other instrument may be anonymous, such as by
  • stored value account may be anonymous to the card issuer
  • consumer's choice may be aware of the consumer's identity, but
  • FIG. 1 illustrates the principle elements according to
  • FIG. 2 illustrates a the principle elements of the
  • Figure 3 illustrates a matrix indicating the availability
  • FIG. 4 illustrates an overall architecture for
  • FIG. 5 illustrates an overall architecture for
  • client 111 communicates via communication link 401 to one or
  • the stored value account identifier 121 may be or
  • the client 111 in the environment may be or include, for
  • the client 102 may also be or include a
  • network-enabled appliance such as a WebTVTM unit, radio-enabled
  • PalmTM Pilot or similar unit a set- top box, a networkable
  • game-playing console such as Sony PlaystationTM or Sega
  • Drea castTM a browser-equipped cellular .telephone, or other
  • TCP/IP client a magnetic swipe-card reader connected to a
  • the Internet for instance, the Internet, an intranet, a PAN (Personal Area
  • LAN Local Area Network
  • WAN Wide Area Network
  • MAN Micropolitan Area Network
  • AIN Advanced Intelligent Network
  • SONET synchronous optical network
  • Tl T3 or El line
  • Digital Data Service (DDS) connection DSL
  • V.90, V.34 or V.34bis analog modem connection such as a V.90, V.34 or V.34bis analog modem connection
  • FDDI Fiber Distributed Data Interface
  • CDDI Code Division Multiple Interface
  • link 401 may furthermore be, include or interface to any one
  • WAP Wireless Application Protocol
  • GPRS GPRS
  • GSM Global System for Mobile communications
  • CDMA Code Division Multiple
  • TDMA Time Division Multiple Access
  • GPS Global Positioning System
  • CDPD cellular digital packet data
  • RIM Research in
  • communications link 401 may yet further be, include or
  • communications links may include the same types of resources.
  • SSL Secure Sockets Layer
  • communications link 410 which may connect a consumer or user
  • the communications link 402 may connect the merchant or
  • links 411, 412 may connect participating banks to banks, a
  • bank to 'a business may be or employ virtual private
  • the communications links 433, 434, 435 may be physical.
  • the communications link 435 may be or interface to the common channel signaling number 7 (CCS#7)
  • the communications links 441, 442 may involve non ⁇
  • the vendor or vendors 112 communicate with the network
  • the transaction server 421 may be or
  • the transaction server 421 is
  • the stored value account 120 in turn may consist of a
  • the stored value account database network 424 may be or
  • telecommunications resources may furthermore be or
  • the network interface 422
  • the transaction authentication database network 424 may
  • authentication database network 424 may likewise be, include
  • database 110 may further be, include or interface ' to, for example, the OracleTM relational database sold commercially by
  • Database 2 or other data storage or query formats or
  • the recharge database network 422 may be or include
  • network 424 configured to manage the bank or other financial
  • merchants 112 using transaction identifier 121 may be
  • identifier 121 may be or include multi-part keys, consisting of
  • a public identifier such as an account number and a secret
  • the recharge identifier 122 may bear no relationship to
  • the transaction identifier 121 may consist in whole or in part of the transaction identifier or a subset or
  • recharge identifier 122 may
  • manager 110 creates an individual account 123a consisting of a
  • the network account manager 110 may
  • the network account manager 110 may distribute accounts
  • a customer Ilia may obtain the account from the
  • the consumer might obtain a card containing the
  • Ilia may be required or given the capability to activate the
  • a consumer Ilia may obtain a stored value account 123a
  • an individual consumer Ilia may engage with an individual
  • the consumer discloses
  • merchant 112a provides the goods to consumer Ilia in
  • This embodiment may pose a potential
  • the consumer Ilia does not disclose the
  • Consumer Ilia provides
  • merchant 112a may interact or communicate with other entities
  • network account manager 110 is not necessarily made aware of
  • the financial institution 113a may by prearrangement
  • the consumer Ilia may transmit a
  • the account 120 through the recharge identifier 122 be the
  • the merchant 112 receives any information concerning recharge
  • network account manager with the identity of consumer Ilia.
  • transaction server 421 for transaction purposes with the
  • any transaction ID (such as sales
  • the distributor 114 may
  • the network account manager 110 is only necessarily aware of
  • the merchants are only aware of the goods and services
  • bank or credit card issuer may only be aware of the i consumer's identity along with the internal banking
  • the network account manager 110 learns the transaction ID
  • network database 120 is
  • vendor 208 and authentication entity 210 may provide
  • authenticated stored value account 123 creates a more cash ⁇
  • a further aspect of the invention is that the stored
  • value account 123 is preferably instantiated as a network
  • This network database (or networks of databases) .
  • first function may be performed using an authentication
  • transaction ID 121 which could be a calling card number
  • the second function could represent a set of bank
  • the third function might be a
  • parts of the network database may be owned and operated by
  • a network account manager may wish to
  • the authentication resources again may be of a partial
  • billing against the consumer's account, telephone bill or otherwise may be triggered by a validated authentication
  • the vendor may consequently receive payment directly
  • network account manager 110 different of these functions may
  • transaction ID 121 and recharge ID 123 could either be a subset, a superset or co-extensive set with each other, or
  • the invention may also be

Abstract

A system for anonymously recharging the value on telephone, gasoline, vending or other stored value accounts enables the setting up of a secondary authentication account for the subsequent application of value on the card or other instrument to conduct cash-like transactions without disclosure of personal information. When a consumer (111) wishes to add value to a depleted card or other instrument, they may communicate with a bank, credit card issuer or other financial institutions (113) to allocate an amount for recharge, which amount may then be communicated without the identity of the consumer to the account administrator. The administrator of the account in turn validates and applies this cash-like credit to the stored value instrument, thus enabling immediate recharging of the amount available on the card. No one party other than the consumer may be aware of the identity of the consumer, purchase information and other details, although transactions may be reconstructed under appropriate legal process.

Description

SYSTEM AND METHOD FOR ANONYMOUS RECHARGING OF STORED VALUE
ACCOUNTS
Field of the Invention
The invention relates to the field of electronic
commerce, and more particularly to a technique for replacing
amounts on a stored value card or other instrument in a manner
which is anonymous to some or all participants in that
process, other than the card holder.
Background of the Invention
Stored value accounts, such as telephone calling cards,
gas cards, duplication service cards, vending machine cards
and other instruments have become a popular technique for
recording and distributing commercial value. Many stored
value accounts permit the card holder to freely use the amount
stored on the instrument down to zero, and then permit the
user to replenish the value on the card by any of a variety of
techniques. For instance, the user may call an (800) number
and provide a credit card or other account from which the
value may be transferred to the empty stored value instrument.
Similarly, a consumer who uses a . stored value account to
execute purchases over the Internet may enter a credit card number or other account number to have an online card
distributor place new value on their stored value account, for
instance to purchase movies, records, travel or other goods or
services .
However, these types of stored value recharging
techniques encroach on the flexibility and privacy of the
consumer. That is, while the initial purchase of the stored
value card or other instrument may be anonymous, such as by
purchase at a gasoline station, convenience store or other
location with cash, recharging via a credit card or other
authorization may not necessarily be similarly private. The
recharging action therefor involves the potential exposure of
sensitive credit card information to vendors or intermediaries
over the Internet or otherwise.
Likewise, the recording of the recharging action on the
credit card may create a permanent record of the consumer's
purchase activities which the consumer ay not wish to be
recorded or made public. Safer, more robust technology for
repleni-shing stored value accounts is desirable.
Summary of the Invention
The invention overcoming these and other problems in the
art relates to a system and method for recharging stored value
accounts via a transaction server and other infrastructure, in which the identity of the party applying the new value to the
stored value account may be anonymous to the card issuer,
vendors executing purchases against that value and others in
the transaction chain. According to the invention, the action
of placing value on a stored value account may be separated
from a vendor of goods or services, the issuer of the stored
value card, and even the authentication entity providing
validation of the account. In one embodiment, only the
consumer and a bank or other financial institution of the
consumer's choice may be aware of the consumer's identity, but
under, no circumstances does any party other than the consumer
have sufficient information to tie together the consumer's
identity, transaction identification number, the actual goods
or services being purchased, bank account or other
information.
Rather, separate pieces of information may be kept apart
in a transaction matrix 'according to which no one party may
discern the card holder's identity without legal permission.
Privacy is therefore enhanced, and consumers may be encouraged
to more freely recharge and make use of stored value accounts . Detailed Description of the Drawings
The invention will be described with reference to the
accompanying drawings, in which like elements are referenced
with like numerals.
Figure 1 illustrates the principle elements according to
the. invention.
Figure 2 illustrates a the principle elements of the
transactions involved in distribution, purchase and recharging
actions for a stored value account according to the invention.
Figure 3 illustrates a matrix indicating the availability
of transaction information to parties to the recharging action
of the invention.
Figure 4 illustrates an overall architecture for
transaction processing according to the invention.
Figure 5 illustrates an overall architecture for
transaction processing according to the invention in another
regard.
Detailed Description of Preferred Embodiments
As illustrated in Figures 1 and 4, in an overall
electronic commerce environment in which the invention may
operate, a customer or consumer operating an Internet or other
client 111 communicates via communication link 401 to one or
more of a group of merchants 112 to execute transactions using a stored value account identifier 121 as the method of
payment. The stored value account identifier 121 may be or
include an alphanumeric reference to a database, a •telephone-
calling card, a vending card, a gasoline card, a frequent
flier or other account, card or instrument representing
commercial value and in general may be anonymously recharged,
in general via a separately maintained account identifier 122.
The client 111 in the environment may be or include, for
instance, a personal computer running the Microsoft Windows™
95, 98, Millenium™, NT™, or 2000, Windows™CE™, PalmOS™, Unix,
Linux, Solaris ™, OS/2 ™, BeOS ™, MacOS ™ or other operating
system or platform. The client 102 may also be or include a
network-enabled appliance such as a WebTV™ unit, radio-enabled
Palm™ Pilot or similar unit, a set- top box, a networkable
game-playing console such as Sony Playstation™ or Sega
Drea cast™, a browser-equipped cellular .telephone, or other
TCP/IP client, a magnetic swipe-card reader connected to a
network via the Internet or a modem, a point of sale terminal,
or othe'r "device .
The communications link 401 to which client 111 is
connected may be, include or interface to any one or more of,
for instance, the Internet, an intranet, a PAN (Personal Area
Network) , a LAN (Local Area Network) , a WAN (Wide Area
Network) or a MAN (Metropolitan Area Network) , a frame relay connection, an Advanced Intelligent Network (AIN) connection,
a synchronous optical network (SONET) connection, a digital
Tl, T3 or El line, Digital Data Service (DDS) connection, DSL
(Digital Subscriber Line) connection, an Ethernet connection,
an ISDN (Integrated Services Digital Network) line, a dial-up
port such as a V.90, V.34 or V.34bis analog modem connection,
a cable modem, an ATM (Asynchronous Transfer Mode) connection,
or FDDI (Fiber Distributed Data Interface) or CDDI (Copper
Distributed Data Interface) connections. The communications
link 401 may furthermore be, include or interface to any one
or more of a WAP (Wireless Application Protocol) link, a GPRS
(General Packet Radio Service) link, a GSM (Global System for
Mobile Communication) link, a CDMA (Code Division Multiple
Access) or TDMA (Time Division Multiple Access) link such as a
cellular phone channel, a GPS (Global Positioning System)
link, CDPD (cellular digital packet data) , a RIM (Research in
Motion, Limited) duplex paging type device, a Bluetooth radio
link, or an IEEE 802.11-based radio frequency link. The
communications link 401 may yet further be, include or
interface to any one or more of an RS-232 serial connection,
an IEEE-1394 (Firewire) connection, an IrDA (infrared) port, a
SCSI (Small Computer Serial Interface) connection. a USB
(Universal Serial Bus) connection or other wired or wireless, digital or analog interface or connection. Other illustrated
communications links may include the same types of resources.
The communications like 401 and other communications link
described herein may employ security measures as desired, such
as by public key encryption techniques, e.g. Secure Socket
Layer (SSL) via the Internet, DES or other measures.
In the illustrated embodiment, including as illustrated
in Figure 4, other communications -resources may include
communications link 410, which may connect a consumer or user
to a bank or other financial institution, such as by any of
the above Internet protocols or via an ATM, deposit slip,
personal check, wire transfer or any other acceptable funds
transfer mechanism.
The communications link 402 may connect the merchant or
vendor to the network, and the communications link 403 may
connect the consumer to the via a point of sale terminal such
as those used for debit card transactions. The communications
links 411, 412 may connect participating banks to banks, a
bank to 'a business and may be or employ virtual private
networks, wire transfer or other techniques.
The communications links 433, 434, 435 may be physical.,
or may be software database, logical or memory linkages in the
case that all functions are integrated in certain
implementations. The communications link 435 may be or interface to the common channel signaling number 7 (CCS#7)
protocol. The communications links 441, 442 may involve non¬
electronic transfer of physical goods (e.g. plastic or paper
cards) , or may involve electronic transfer of information.
The vendor or vendors 112 communicate with the network
account manager 110 sub-element transaction server 421 via
communication link 402, to prepare transaction information for
recording and collection. The transaction server 421 may be or
include, for instance, a workstation running the Microsoft
Windows™ NT™, Windows™ 2000, Unix, Linux, Xenix, IBM AIX,
Hewlett-Packard UX, Novell Netware™, Sun Microsystems
Solaris™, OS/2™, BeOS™, Mach, Apache, OpenStep™ or other
operating system or platform. The transaction server 421 is
in turn connected and acts as a front end resource to the
stored value account database 120 via communications link 431.
The stored value account 120 in turn may consist of a
network of database functions, shown separately as three
discrete elements, namely the recharge database network 422
(indexed by Recharge ID 122), the stored value account
database network 423 which provides an association between
recharge ID 122 and transaction ID 121, and the transaction
authentication database network 424, (indexed by transaction
ID 121) . The stored value account database network 424 may be or
include a Nortel Networks DMS™ 100, 200, 300 or other series
hardware dedicated to switching and processing
telecommunications resources, and may furthermore be or
include, for instance, a workstation running the Microsoft
Windows™ NT™, Windows™ 2000, Unix, Linux, Xenix, IBM AIX,
Hewlett-Packard UX, Novell Netware™, Sun Microsystems
Solaris™, OS/2™, BeOS™, Mach, Apache, OpenStep™ or other
operating .system or platform. The network interface 422
itself communicates via communications link 432 with network
database 120 for purposes of transaction validation.
The transaction authentication database network 424 may
be, include or interface to a line information data base
(LIDB) -type resource operating under the SS7 signaling
standard and accessible in the public telecommunications
network, as understood by persons skilled in the art, for
purposes of authentication, authorization or other transaction
functions against a stored value calling card, vending card or
other "stored value account identifier 121. Transaction
authentication database network 424 may likewise be, include
or interface to resources such as the ATT Corp. Billing
Validation Application (BVA) or the U.S. West Business
Validation Service (BVS) , or others. The authentication
database 110 may further be, include or interface' to, for example, the Oracle™ relational database sold commercially by
Oracle Corp. Other databases, such as Informix™, DB2
(Database 2) or other data storage or query formats or
platforms such as OLAP (On Line Analytical Processing) , SQL
(Standard Query Language) , Microsoft Access™ or others may
also be used, incorporated or accessed in the invention.
The recharge database network 422 may be or include
similar resources as the transaction authentication database
network 424, configured to manage the bank or other financial
accounts, or a database of such accounts, maintained by or on
behalf of the network account manager 110 for replenishment of
the stored value accounts.
In general, according to the invention the stored value
account 123 to be offered in payment for transactions with the
merchants 112 using transaction identifier 121 may be
rechargeable by transferring value from another account or
resource , using recharge identifier 122. Transaction
identifier 121 may be or include multi-part keys, consisting
of a public identifier such as an account number and a secret
private identifier such as a PIN, or otherwise according to a
variety of available schemes for authenticating the usage of
an ID over an insecure public infrastructure.
The recharge identifier 122 may bear no relationship to
the transaction identifier 121, or it may consist in whole or in part of the transaction identifier or a subset or
permutation thereof. Furthermore, recharge identifier 122 may
identify a bank account number, a checking account number, a
credit card number, customer account number, a direct deposit
number, an automatic bill pay number or other identifier which
can be readily processed as a deposit identifier by the
financial industry.
In terms of the action of obtaining the instrument, as
illustrated in Figure 2, in action 211 the network account
manager 110 creates an individual account 123a consisting of a
unique transaction identifier 121a associated with a unique
recharge identifier 122a. The network account manager 110 may
optionally' associate a non-zero account balance with the
initially created account, as- is often done with prepaid
telephone cards for example.
The network account manager 110 may distribute accounts
to consumers 111 directly, or may optionally engage the
services of a distributor 114. Assuming the general aspect
where a distributor is engaged, the network, account manager
110 provides the account information to the distributor 114 in
transaction 202 according to any number of mechanisms such as
are currently used for the distribution of prepaid telephone
cards. A customer Ilia may obtain the account from the
distributor 114 in transaction 203, without providing an opportunity to have their identity associated with the
transaction ID 121a or the recharge identifier 122a. There
are a variety of methods for achieving this security. For
example, the consumer might obtain a card containing the
information from a vending machine, or they might purchase a
card from a retail store, which card has secret information
concealed from the vendor. Or, the consumer might obtain the
information via an Internet, telephone dial-up or other
communication connection, or via mass market distribution such
as in cereal boxes, with CD's or as magazine inserts.
Optionally, as shown in transaction 204, the consumer
Ilia may be required or given the capability to activate the
instrument, or charge up the instrument for the first time,
and/or change any or all of the ID information.
It may be noted- that the activities provide a mechanism
where a consumer Ilia may obtain a stored value account 123a
identified to them as consisting of a transaction ID 121a and
a recharge identifier 122a such that they do not reveal their
identity to the network account manager 110. _ Further, these
activities also provide that the distributor is unable to
associate the consumer's identity Ilia with the transaction ID
121a or the recharge identifier 122a, even if the distributor
knows the identity of the consumer (solved by concealing the
Ids from the distributor) , or if the distributor knows the Ids (solved by the consumer acquiring the account without
revealing their identity) , or both (solved by allowing the
consumer to change the IDs) .
In terms of the purchasing action, as shown in Figure 2,
an individual consumer Ilia may engage with an individual
merchant 112a to initiate a purchase request in communication
211. At least two embodiments of this communication are
possible. In a first embodiment, the consumer discloses
transaction ID 121a to .the merchant in communication 211, such
as is the case with credit card purchases today. The merchant
subsequently initiates communication 212a with the network
account manager 110, which queries the authentication elements
of network database 120 and authenticates the transaction ID
121a, provides validation that account 123a can make good on
the purchase price, confirms authentication to the merchant in
communication 212c, posts a debit to the account maintained in
network database 120 in action '213 and remits payment to the
merchant in communication 215, which payment may occur
immediately or substantially later.
Having received confirmation in communication 212c, the
merchant 112a provides the goods to consumer Ilia in
communication 214. This embodiment may pose a potential
security issue in that the merchant may fraudulently use or
distribute the transaction ID 123a. In a preferred embodiment, the consumer Ilia does not disclose the
transaction ID to the merchant in communication 211. Instead,
the in communication 212a the merchant 112a redirects an
authorization request including the amount of purchase to the
network account manager 110, who then engages communication
212b with the consumer Ilia directly. Consumer Ilia provides
transaction information 121a only to the network account
manager, who subsequently informs the merchant 112a of
successful authorization via communication 212c. The
remaining actions and communications 213 through 215 remain
the same as in the first embodiment. Hybrid embodiments
similar to today's debit cards are also possible, where the
merchant or vendor is presented with a portion of the
transaction ID 121a (the debit card number) , and the consumer
provides the rest of the transaction ID 121a (the PIN) to the
network account manager 110 in order to complete the
authorization.
In the course of providing the goods or services
provided, merchant 112a may interact or communicate with other
merchants, suppliers or distributors, and may subsequently
remit to them a portion of the payment received from the
consumer via the network account manager, which communications
are not shown for clarity. In this purchase activity, it may be noted that
consumer's identity Ilia is not required to be revealed to
either the merchant 112a nor the network account manager 110,
and that at most the merchant may learn of the consumer's
transaction ID 121a, or a portion thereof. Furthermore, the
network account manager 110 is not necessarily made aware of
the goods or services provided by the merchant 112a' to the
consumer Ilia.
In terms of the recharging action, as illustrated in
Figure 2, the financial institution 113a may by prearrangement
maintain checking, credit, deposit or other accounts on behalf
of the consumer 113a, from which the consumer may recharge
their stored value account 123. In communication 221, the
consumer Ilia authenticates themselves to the satisfaction of
the financial institution.
In communication 222 the consumer Ilia may transmit a
signal to or otherwise request financial institution 113a to
debit their bank or other account in order to apply new value
to the stored value account 122 maintained by or for the
network account manager 110. If financial institution 113a
determines that the amount presented for debit is valid,
financial institution 113a may issue a communication 224 to
the network account manager or its representative with an
instruction to credit the consumer's authentication account 122 by that same amount. The network account manager thus
receives communication 224 to increase the consumer's
authentication account 130, without any necessary indication
of the identity of the consumer.
Indeed, it is not necessary that the consumer recharging
the account 120 through the recharge identifier 122 be the
user of transaction account 121. It may be noted that for the
recharge operation neither the optional distributor 114, nor
the merchant 112 receives any information concerning recharge
identifier 122. Furthermore, the financial institution does
not receive any information concerning the transaction identifier 121.
While the network account manager must receive both
identifiers 121 and 122, 'and jointly associates them with
account 123, nothing in the recharge operation provides the
network account manager with the identity of consumer Ilia.
As illustrated in Figure 3, the interposition of a
transaction server 421 for transaction purposes with the
network interface entity 422 and network database cooperating
as the network account manager 110, along with financial
institutions 113 and other elements results in increased
security and privacy to the consumer performing the recharging
action on their stored value account 123. As shown in the transaction matrix of Figure 3, only the consumer Ilia is in
possession of all categories of information involved in the
use and recharging of the stored value account 120, including
the consumer's identity, any transaction ID (such as sales
receipt number, purchase order number or other) , the identity
of the goods or services purchased, the bank deposit
identification, and the bank account identification or other
information surrounding the replenishment of stored value or
the purchase of goods or services using that value.
Thus, the distributor 114, as shown in that matrix, may
not be aware of any of those categories of information (except
perhaps the identity of their consumers, but not what they
purchase or details of their financial situation) . Similarly,
the network account manager 110 is only necessarily aware of
the transaction ID and the recharge ID.
The merchants are only aware of the goods and services
they have provided, and possibly some or all of the
transaction ID (except in a preferred embodiment where they do
not possess this information) . Financial institutions 113
such as a bank or credit card issuer may only be aware of the i consumer's identity along with the internal banking
information such as bank deposit ID and bank account ID.
The network account manager 110 learns the transaction ID
associated with the purchase or other transaction, along with the bank deposit ID, in order to properly credit the stored
value account 123 by way of debit from the financial
institution to show account. However network database 120 is
not made aware goods or services purchased since this
information is masked by the transaction server 421 and is not
necessary in the communication between transaction server 421
and network interface 422.
At the same time, according to the invention the
combination of two or more sources of information among the
stored value account issuer 204, financial institution 206,
vendor 208 and authentication entity 210 may provide
sufficient linkage to derive the identity of the consumer, the
identity of the goods or services purchased or other
information when legally necessary and appropriate, such as by
means of a valid subpoena or other inquiry for investigative
purposes.
However, during ordinary circumstances there is no
mechanism for any party other than the consumers 111 to be
aware of -the entire recharging and transaction activities, so
that their overall privacy and security is enhanced.
Moreover, the commercial convenience of vendors 112 is
increased, since the validation of the transaction against an
authenticated stored value account 123 creates a more cash¬
like basis for online or other commerce. A further aspect of the invention is that the stored
value account 123 is preferably instantiated as a network
database 120, which may consist of two or more distinct
databases (or networks of databases) . This network database
performs at least three functions: firstly, authentication of
a transaction ID 121; secondly, maintaining the balance of
funds on account, identified by recharge ID 122, and thirdly
reconciling between these two functions. For example, the
first function may be performed using an authentication
database maintained in one part of the network database (such
as a telephone calling card account) indexed by the
transaction ID 121, which could be a calling card number and
PIN.
The second function could represent a set of bank
accounts or credit card numbers, maintained in another part of
the netv/ork database, possibly by a financial institution,
indexed by the recharge ID. The third function might be a
relational database associating the transaction ID bi-
directionally v/ith a customer number not necessarily related
to the identity of the customer, and the recharge ID with the
corresponding customer number, also bi-directionally. These
parts of the network database may be owned and operated by
different cooperating parties - for example, by financial
institutions providing deposit facilities and by telephone companies providing authentication and billing facilities, and
by service bureaus providing the linkage. Such an
implementation provides that an efficient network of both
credit and debit facilities may be constructed using existing
networks of authentication and billing systems (such as the
telephone billing system) without modification.
In another regard, a network account manager may wish to
permit the value of the stored value of the account to a given
consumer to decrease below zero value (or possibly to a limit)
in affect creating a temporary credit account, depending on
terms of the account and the nature of consumer 202.
While execution of a transaction according to the
invention thus requires the intervention of more parties then
with conventional card recharging, privacy is significantly •
increased while still permitting reconstruction of given
transactions for valid purposes.
An overall architecture according to the invention in
another regard is illustrated in Figure 5, in which the
interconnection of a transaction server 20S, a telephony
engine 208 such as the Nortel Networks DMS™ platform for
interface to the telecommunications network for authentication
and billing and other services, the vendor transaction site or
sites such as Web pages or other portals, the client and other
aspects are shown. In general, according to the overall architecture in
which the invention in one embodiment may operate, consumers
may initiate and execute transactions over a dial-up,
broadband or other Internet or other network connections,
which transactions may be monitored and mediated via
transaction server 206, a telephony engine 208 or other
network interface along with attendant database,
communications and other resources. . The messaging traffic
between the consumer and the vendor, and between the vendor
and the authentication resources, again may be of a partial,
anonymous and/or secure nature.
This is at least in part because the invention does not
demand the transmission of complete identity or account
information, whether in the clear, encrypted or otherwise, at
any one stage of the transaction process. Rather, a subset of
selected attributes, fields or keywords may be queried between
the consumer and the commercial vendor for the separate
transmission to the party, company or other organization
operating- the transaction server 206, telephony engine 208 or
other network interface, or authentication database 210, and
only the party providing the authentication function
necessarily records more complete information in order to
■carry out that task. As shown in that figure and described
above, billing against the consumer's account, telephone bill or otherwise may be triggered by a validated authentication
sequence whose details may never be communicated to the
vendor. The vendor may consequently receive payment directly
or indirectly from banks or other financial intermediaries
separately after that process, with whom the consumer
separately reconciles. Transaction privacy and flexibility
for consumers are therefore enhanced.
The foregoing description of the system and method of the
invention is illustrative, and variations in configuration and
implementation will occur to persons skilled in the art.
For instance, while the recharging cycle has generally
been described as taking place between entities including a
financial institution 113, a Web or other vendor 112 and an
network account manager 110, different of these functions may
be divided amongst other entities and resources, or likewise
combined in certain implementations. For example, the
functions of the network account manager could be performed by
a service bureau, a telephone company (authentication &
transaction billing) , and a bank (payment & recharge) .
Likewise, while the stored value account has been described in
terms of discrete parts (transaction ID, recharge ID) in terms
of separate accounts, the stored value account 123,
transaction ID 121 and recharge ID 123 could either be a subset, a superset or co-extensive set with each other, or
represent multiple accounts.
Similarly, while the invention has generally been
described with respect to the stored value card initially
coded with some amount of value, the invention may also be
applied to stored value accounts whose initial balance is
zero, or which is allowed to remain below zero for a period of
time and periodically recharged, not necessarily to a positive
balance. While the invention has . generally been described as
recharge of the stored value account being initiated by
actions of the consumer, it is possible that the consumer may
be prompted to recharge the account by presentment of a bill
for any negative value. Although the invention has been'
described as though the value is a financial currency, it
generally applies for other value systems such as loyalty
points and so on, and the term "financial institution" is
intended to generally represent providers or holders of value
whether currency or otherwise. Translation .between different
types of' value may also be possible. The scope of the
invention is accordingly intended to be limited only by the
following claims.

Claims

What is claimed is:
1. A system for the anonymous recharging of a stored
value account, comprising:
a first interface to a stored value account;
a second interface, communicating with the first
interface, to an anonymous authentication account;
a third interface to a financial account held by an
account holder, communicating with the first interface to
apply value from the financial account to the stored value
account upon instruction of the holder of the financial
account;
wherein the stored value account is recharged by the
value delivered via the third interface, and the anonymous
authentication account is reduced by the value communicated
via the second interface .
2. The system of claim 1, wherein the stored value
account comprises at least one of a telephone calling card
account, a vending card account, a duplication card account, a
gasoline -card account, a private label account, and a frequent
flier account .
3. The system of claim 1, wherein the financial account
comprises at least one of a checking account, a debit account,
a deposit account, and a credit account.
4. The system of claim 1, further comprising a fourth
interface, communicating with a transaction site, a
transaction being executed at the transaction site via the
fourth interface using the stored value account.
5. The system of claim 4, wherein the transaction site
comprises an Internet-enabled transaction site.
6. The system of claim 4, wherein only the account
holder has access to information related to all of the stored
•value account, the financial account, the anonymous
authentication account and the transaction.
7. The system of claim 1, wherein at least one of the
stored value account, the financial account and the anonymous
authentication account comprises a subset of the remainder of
the stored value account, the financial account and the
anonymous authentication account.
8. The system of claim 1, wherein at -least one of the
stored value account, the financial account and the anonymous
authentication account comprises a superset of the remainder
of the- stored value account, the financial account and the
anonymous authentication account.
9. The system of claim 1, wherein at least one of the
stored value account, the financial account and the anonymous
authentication account comprises a coextensive set with the remainder of the stored value account, the financial account
and the anonymous authentication account.
10. The system of claim 1, wherein the stored value
account may store a value less than zero.
11. The system of -claim 1, '.wherein the anonymous
authentication account is provided by the telecommunications
network.
12. The system of claim 1, wherein the recharging is via
at least one of automatic bill payment and direct deposit.
13. The system of claim 1, wherein the transaction is
conducted with reference to a stored value account indicator,
which a network account manager translates to transaction ID
and authenticates.
14. A method for the anonymous recharging of a stored
value account, comprising the steps of:
a) communicating instructions to a financial institution
to deliver value by deposit to a recharging account;
b) recharging the stored value account by the value
delivered- from the financial institution;
wherein the account to which funds are deposited is
maintained for the purpose of recharging the stored value
account, and where the recharging account is associated with
the stored value account .
15. The method of claim 14, wherein the stored value
account comprises at least one of a telephone calling card
account, a vending card account, a gasoline card account, a
private label account, a duplication card account, and a
frequent flier account.
16. The method of claim 14, wherein the financial
account comprises at least one of a checking account, a debit
account, a deposit account, and a credit account.
17. The method of claim 14, further comprising a step of
c) executing a transaction on a transaction site using the
stored value account .
18. The method of claim 17, wherein the transaction site
comprises an Internet-enabled transaction site.
19. The method of claim 17, wherein only the account
holder has access to information related to all of the stored
value account, the financial account, the anonymous
authentication account and the transaction.
20. The method of claim 14, wherein at least one of the
stored -value account, the financial account and the anonymous
authentication account comprises a subset of the remainder of
the stored value account, the financial account and the
anonymous authentication account.
21. The method of claim 14, wherein at least one of the
stored value account, the financial account and the anonymous authentication account comprises a superset of the remainder
of the stored value account, the financial account and the
anonymous authentication account.
22. The method of claim 14, wherein at least one of the
stored value account, the financial account and the anonymous
authentication account comprises a coextensive set with the
remainder of the stored value account, the financial account
and the anonymous authentication accoun .
23. The method of claim 1.4, wherein the stored value
account may store a value less than zero.
24. The method of claim 14, wherein the anonymous
authentication account is provided by the telecommunications
network.
25. The method of claim 14, wherein the recharging is
via at least one of automatic bill payment and direct deposit.
26. The method of claim 14, wherein the transaction is
conducted _with reference to a stored value account indicator,
which a network account manager translates to transaction ID
and authenticates.
PCT/US2001/019899 2000-06-22 2001-06-22 System and method for anonymous recharging of stored value accounts WO2002003290A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001271375A AU2001271375A1 (en) 2000-06-22 2001-06-22 System and method for anonymous recharging of stored value accounts

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US59898700A 2000-06-22 2000-06-22
US09/598,987 2000-06-22

Publications (1)

Publication Number Publication Date
WO2002003290A1 true WO2002003290A1 (en) 2002-01-10

Family

ID=24397735

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/019899 WO2002003290A1 (en) 2000-06-22 2001-06-22 System and method for anonymous recharging of stored value accounts

Country Status (2)

Country Link
AU (1) AU2001271375A1 (en)
WO (1) WO2002003290A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1490745A2 (en) * 2002-03-14 2004-12-29 Euronet Worldwide, Inc. A system and method for purchasing goods and services through data network access points over a point of sale network
FR2889784A1 (en) * 2005-08-10 2007-02-16 Claude Mathieu Franc Trapletti Electronic recharge card`s distribution and use automation method for prepaid mobile telephone subscriber, involves sending short messaging system message with card data from mobile equipment to telephone, and automating recharge request
US7346927B2 (en) 2002-12-12 2008-03-18 Access Business Group International Llc System and method for storing and accessing secure data
CN100411415C (en) * 2003-06-13 2008-08-13 腾讯科技(深圳)有限公司 Personal account money-adding system by sound mode and control flow chart

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5963647A (en) * 1997-02-14 1999-10-05 Citicorp Development Center, Inc. Method and system for transferring funds from an account to an individual
US6014646A (en) * 1995-06-08 2000-01-11 France Telecom Process for making a payment using an account manager
US6062472A (en) * 1996-12-23 2000-05-16 Koninklijke Ptt Nederland N.V. System and method for increasing a value of an electronic payment card including performing a restore transaction in response to interruption of a value increase transaction
US6064990A (en) * 1998-03-31 2000-05-16 International Business Machines Corporation System for electronic notification of account activity
US6078902A (en) * 1997-04-15 2000-06-20 Nush-Marketing Management & Consultance System for transaction over communication network

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6014646A (en) * 1995-06-08 2000-01-11 France Telecom Process for making a payment using an account manager
US6062472A (en) * 1996-12-23 2000-05-16 Koninklijke Ptt Nederland N.V. System and method for increasing a value of an electronic payment card including performing a restore transaction in response to interruption of a value increase transaction
US5963647A (en) * 1997-02-14 1999-10-05 Citicorp Development Center, Inc. Method and system for transferring funds from an account to an individual
US6078902A (en) * 1997-04-15 2000-06-20 Nush-Marketing Management & Consultance System for transaction over communication network
US6064990A (en) * 1998-03-31 2000-05-16 International Business Machines Corporation System for electronic notification of account activity

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1490745A2 (en) * 2002-03-14 2004-12-29 Euronet Worldwide, Inc. A system and method for purchasing goods and services through data network access points over a point of sale network
EP1490745A4 (en) * 2002-03-14 2005-04-27 Euronet Worldwide Inc A system and method for purchasing goods and services through data network access points over a point of sale network
US7346927B2 (en) 2002-12-12 2008-03-18 Access Business Group International Llc System and method for storing and accessing secure data
CN100411415C (en) * 2003-06-13 2008-08-13 腾讯科技(深圳)有限公司 Personal account money-adding system by sound mode and control flow chart
FR2889784A1 (en) * 2005-08-10 2007-02-16 Claude Mathieu Franc Trapletti Electronic recharge card`s distribution and use automation method for prepaid mobile telephone subscriber, involves sending short messaging system message with card data from mobile equipment to telephone, and automating recharge request

Also Published As

Publication number Publication date
AU2001271375A1 (en) 2002-01-14

Similar Documents

Publication Publication Date Title
CA2117440C (en) Integrated point-of-sale multiple application system
US5757917A (en) Computerized payment system for purchasing goods and services on the internet
EP0926637B1 (en) Electronic cash implementing method for issuer having electronic cash balance counters, corresponding issuer equipment and recording medium having recorded thereon a program for execution of the method
US20170236115A1 (en) Method and/or system for extending payment system architectures and/or legacy order processing systems to mobile commerce applications via text messaging
US5903652A (en) System and apparatus for monitoring secure information in a computer network
EP0818763B1 (en) Method for controlling secure independant transactions, using a unique physical device
US20020191816A1 (en) System and method of selecting consumer profile and account information via biometric identifiers
US20050035847A1 (en) Systems and methods for providing a rf transaction device for use in a private label transaction
JP2942478B2 (en) Network billing method
JP2003531447A (en) Methods and systems for virtual safety
WO2001035304A1 (en) On-line payment system
JP2001273454A (en) Internet charging method
JP2004506973A (en) Automatic payment system
KR20040084917A (en) Loadable debit card system and method
HU218646B (en) Method and apparatus for effecting financial and commercial transactions between a remote point of service terminal and a host computer
HU225076B1 (en) Method and system of transferring currency
JP2004527015A (en) Method and apparatus for transmitting an electronic amount from a fund storage device
US20010046283A1 (en) Arrangement for billing or billing authorization using a calling card
US6745940B1 (en) Method for the secure handling of monetary or value units using prepaid data carriers
WO2002003290A1 (en) System and method for anonymous recharging of stored value accounts
JP2002324200A (en) System for electronic payment, recording medium recorded data processing program for terminal, recording medium recorded data processing program for controller, data processing program for terminal, data processing program for controller, and method for electronic payment
JP2003281234A (en) Small sum of loan on credit certificate for accessing to service provided by access network using different access technology
RU2296367C2 (en) Method for receiving or purchasing a service provided via information network
WO2002014975A2 (en) System and method for autorizing e-commerce
JP2001325547A (en) Selling system by credit card, credit card authenticating device, and credit card

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ CZ DE DE DK DK DM DZ EC EE EE ES FI FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

ENP Entry into the national phase

Ref document number: 10765501

Country of ref document: BG

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 5131

Country of ref document: GE

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP