WO2001041088A1 - Systeme de validation pour proteger le commerce electronique - Google Patents
Systeme de validation pour proteger le commerce electronique Download PDFInfo
- Publication number
- WO2001041088A1 WO2001041088A1 PCT/GB2000/004271 GB0004271W WO0141088A1 WO 2001041088 A1 WO2001041088 A1 WO 2001041088A1 GB 0004271 W GB0004271 W GB 0004271W WO 0141088 A1 WO0141088 A1 WO 0141088A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- subject
- user
- transaction
- assessment
- data
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
Definitions
- the present invention relates to a validation system, including assessment and receipts (termed VAR) , for use in electronic commerce performed, for example, over the Internet (World Wide Web) .
- VAR assessment and receipts
- Security protocols such as SSL (Secure Socket Layer, now standardised as Transport Layer Security (TLS) protocol) , S/MIME (Secure MIME), SET (Secure Electronic Transactions) provide a means of securing e-commerce transactions and authenticating the trading partner.
- SSL Secure Socket Layer
- S/MIME Secure MIME
- SET Secure Electronic Transactions
- X.509 public key certificates are obtainable from ITU-T X.509 (93) Directory Authentication Framework, also published as International Standard ISO/IEC 9594-8.
- Concerns relating to the validity of an identity authenticated using such protocols include the following: a) the validity of the certificate has been compromised (e.g. due to the key being compromised). In such a situation the validity of the certificate needs to be revoked.
- X.509 defines a mechanism using a Certificate Revocation List to distribute a list of revoked certificates securely; b) the certificate is used in situations for which is not intended (i.e. invalid use of certificates); c) the certificate is fraudulent.
- An Internet standard protocol has been defined for carrying out on-line checks on the validity of X.509 certificates (OCSP: On-line Certificate Status Protocol - Internet RFC2560) . This protocol provides access to a service which can check the validity of the certificate, including whether it has been revoked.
- CAs It is becoming common for CAs to publish a statement of its certification practices, defining the policies and procedures used for operating its services. This information may be used to assess the trustworthiness of a CA and the hence the certificates it produces, however, this requires significant knowledge and expertise by the human user. Standard codes of practice and assessment criteria for certification authorities are being developed.
- Such security protocols generally are designed to provide authentication at the time the transaction takes place. However, when the authentication is used to support electronic receipts the authentication information needs to remain valid over a long period so that the transaction information can be checked if there is a subsequent dispute over the transaction.
- Two solutions are commonly used for this for X.509 digital signatures; one is for a trusted system to produced a signed time-stamp linked to fingerprint of the signed data. The other is to use a trusted archive supporting long term verification.
- a fingerprint is typically applied by a hash,
- a third concern with the current system of e-commerce include: a) the relying party has no means of assessing the trustworthiness of the e-commerce trading partner; b) it is difficult for the normal relying party, to assess quickly whether certificates and other verification information have been issued and are being used in a trustworthy and legitimate manner. It can take a significant time to collect the relevant information and require expert knowledge to provide such an assessment.
- the present invention seeks to provide an improved validation system.
- a validation system for giving an indication of trustworthiness of a subject upon request from a user, including subject assessment means operable to obtain subject data from a data source, indicating means operable to provide to a user the results of the subject assessment, timing means operable to generate an indication of the time at which a request by a user is made, and receipt generating means operable to generate a receipt indicating at least one of the user, the subject assessment and the time of the request.
- the receipt can be used as evidence of an intended transaction with a subject.
- the validation system may include transaction means operable to enable a transaction to be performed between a user and a subject through the system or with verification of the transaction by the system, in which case the receipt generating means can generate a receipt indicating occurrence and, preferably, the details of, the transaction.
- the receipt generating means can generate a receipt indicating occurrence and, preferably, the details of, the transaction.
- the term receipt used herein is intended to include evidence of a transaction that can be used by the relying party to support a claim that the transaction has taken place.
- a validation system for giving an indication of trustworthiness of a subject upon request from a user, including subject assessment means operable to obtain subject data from at least one data source, recording means operable to record user requests and/or other user data relating to one or more subjects, and processing means operable to provide to a user an indication of the results of the subject assessment and/or recorded subject data.
- the processing means is operable to generate a trustworthiness indicator based upon the assessed and/or stored data on a subject.
- the trustworthiness indicator can be generated on the basis of the type of assessment data and predetermined weighting factors. For example, some types of data such as insolvency or previous legal problems can be given high weighting factors while less important types of data, such as time of delivery can be given low weighting factors. Similarly, positive types of data can be given factors which in practice offset negative data. Of course, some types of data, such as insolvency, can be set to cause a negative assessment of trustworthiness irrespective of other positive data.
- the features of the aspect described above can be combined together, as will be apparent from the specific description below.
- the preferred embodiments provide a computerised system (with associated user software) , which is accessible via a data network, which can provide one or more of the following services for secure electronic commerce (e-commerce) :
- a) provides a check on the validity of certificates used for authentication; b) provides a simple means for the user to assess the trustworthiness and previous trading record of the trading party, and the strength of the security used; c) guides the user as whether he should proceed with the electronic trade or not; d) provides the user with simple to understand information on the implications of a particular trade; e) provides a means of collecting receipts which is applicable to a range of security protocols including those which are not directly based on basic digital signatures as defined in X.509. -
- the term ⁇ subject' is used herein to indicate the party in an e-commerce transaction which is the subject of validation and assessment by this system.
- the term ⁇ relying party' is used herein to indicate the party in an e-commerce transaction which relies on the results of the validation and assessment.
- the merchant may be the subject and the buyer may be the relying party.
- the originator may be the subject and the recipient acting on the e-mail may be the relying party.
- FIG. 1 is a block diagram of an embodiment of system employing a VAR server
- Figure 2 is a flow chart of an embodiment of operation of the system of Figure 1;
- Figure 3 is a flow chart of an embodiment of validation operation
- Figure 4 is a flow chart of an embodiment of validation operation using S/MIME.
- Figure 5 shows in more detail an embodiment of system.
- the preferred embodiment includes the following features: 1) the VAR Client, software resident in the relying parties system, which monitors the secure transaction between the relying party's Internet browser and a subject, 2) a networked VAR Server used by the relying party to provide validation and assessment services as well as a time- stamp used in creating an electronic receipt.
- the VAR Server is a computerised system, which can be accessibly via a data network such as the public Internet or a private Intranet.
- the server is used by a party relying on certificates to support secured electronic commerce transaction (e.g. purchase of goods or services from an Internet web server) to help check and assess the security of the transaction.
- the VAR Server may be composed of several networked computers that together provide the VAR services.
- the VAR Server, its relationship to the relying party and a secured transaction with a remote subject is illustrated in Figure 1.
- the VAR Server a) determines the validity of the electronic security information, including certificates, on which an e-commerce transaction relies; b) provides an assessment of the trustworthiness of the transaction based on: i) information about the CA such as whether the
- CA meets recognised criteria (e.g. as defined in EU legislation, standardised or accepted codes of practice) ; ii) information about the subject such as checks carried out by the CA when registering the subject, the amount of trading already carried out with the subject (derived from any record of previous validation check done on that subject) , any reports of problems from subscribers, or is a recognised to be a member of an identified scheme for payments or codes of practice; iii) information about the transaction such as legal context and cryptographic algorithms employed;
- c) provides a time-stamp of the transaction which can be used by the relying party to produce an electronic receipt of the transaction.
- the relying party uses the VAR Server:
- the VAR client records both the secured data transferred during the transaction, or security tokens containing the security significant parts the transaction (e.g. initial SSL handshake), as well as the relying parties view of that transaction (e.g. as displayed), the identity of the relying party and other relevant contextual information.
- the secured data and the contextual information are time-stamped.
- the VAR Server may check the authenticity of the relying party' s identity before applying the time-stamp.
- the relying party stores the secured transaction or tokens and the contextual information, along with the time-stamp, as the electronic receipt or passes the receipt to the VAR Server for storage on behalf of the user.
- the relying party view is used as the relying party's claim for the transaction. If the subject disputes this claim it can replay the transaction from the secured transaction.
- This embodiment may be used to support a range of protocols for securing the transaction (e.g. SSL / SMIME / SET / Signed code) . More specifically, in use, the relying party sends to the VAR Server, relevant information (see below) for validation, assessment of the secured transactions with the subject, and to request a time-stamp as the basis of an electronic receipt. This includes:
- a simplified representation e.g. hash
- the VAR Server On reception of this information the VAR Server: a) obtains any additional information (e.g. CA certificates, CRLs) needed to validate the received certificate (where possible arrangements will be made with
- CAs to provide a copy of the latest CRL information direct to the validation service and to inform the validation service of any updates) ; b) checks the technical validity of the certificates) as required under X.509, including full certificate path and revocation checks;
- the VAR Server obtains from a local database of known CAs information on the all the CA's business standing and certification practices on which the e-commerce transaction relies including: i) identification of recognised codes of practice/assessment criteria to which the CA conforms, (e.g.
- the VAR Server looks up in its database for information on the subject of the validation and assessment including : i) the length of time over which the server has been trading (i.e. the time that validation checks were first made on that subject), ii) the number of validation checks that had been made over a recent period (e.g. 1 month), iii) the number and gravity of any reported problems when trading with the subject, iv) legal system under which the subject operates, whether the server conforms to recognised codes of practice (e.g. the Interactive Media in Retail Group code of practice for electronic commerce) , and other information on the standing of the identified entity, v) whether the subject is a recognised merchant under a payment system (e.g. credit card) vi) whether the subject is a member a scheme which has recognised codes of practice for e-commerce vii) other locally held information about the Subj ect .
- recognised codes of practice e.g. the Interactive Media in Retail Group code of practice for electronic commerce
- the VAR Server looks up in its other database for other assessment information relating to the transaction: i) any specific legal requirements or constraints that may exist; ii) a rating of the security of given cryptographic algorithms and key lengths or cipher suites, iii) any independent rating of the subject's commercial and security practices such as can be established through accredited membership of a recognised code of practice f) the VAR Server provides an overall assessment of the transaction in simple terms covering: i) any limits of liability associated with certificates (e.g. as indicated in the CA's practices or explicitly given in the certificate) .
- the validation service creates a time-stamp by signing a hashed value concatenated with the current time.
- the validation service sends back in a response to the relying party: a) an indication of whether the technical validation checks are passed; b) the identity of the certificate subject; c) the time-stamp; d) information giving reasons for any failure of checks; e) output of overall assessment; f) details in the certificates; g) other used in the assessment such as the country of registration, legal and tax implication, previous track record; h) information held on the CA and subject including information used as input to the overall assessment process .
- the validation service maintains a record of the request and response related to the subject for use in later assessments of the subject.
- FIG. 2 illustrates the sequence of actions carried out by the VAR Server.
- the above description is for a service offering validation, assessment and time-stamping in a single operation.
- the VAR Server can also be used to provide a time-stamping service as a separate independent operation without validation and assessment. Similarly validation and assessment can be provided without time-stamping.
- the exchanges between the VAR client and the server are protected path using SSL, a cryptographic message check code or other security mechanisms which at least authenticates the server and protects the integrity of the exchange.
- SSL Secure Sockets Layer
- a cryptographic message check code or other security mechanisms which at least authenticates the server and protects the integrity of the exchange.
- authentication of the relying party at their request could be offered as an optional extension to the time-stamping service to authenticate an identifier of the relying party which could be included in the time-stamp.
- the VAR Server provides an accessible web page where any problems with the use of services provided by a given certified subject can be reported.
- a problem report is e- mailed back to the person reporting the problem who is requested to reply confirming the source and verity of the problem report. Once confirmed the problem report is added to the local database entry for that Subject.
- the VAR Client monitors the communications between the subject and the relying party's secured Internet browser application (e.g. Internet web browser or Internet e-mail reader) . From this information:
- the relying party's secured Internet browser application e.g. Internet web browser or Internet e-mail reader
- the VAR Client also obtains information from the Internet browser giving the relying party's view of the transaction.
- This relying party view can include one or more of: • a snap shot image of the display at the key points in the transaction,
- the VAR client calculates the hash of the secured transaction and the relying party view of the transaction, to be time-stamped by the VAR Server.
- the secured transaction, the relying party view of the transaction and time-stamp are then placed in long-term storage medium (e.g. floppy disk, write only CD) to form the electronic receipt, or passed to the VAR Server for storage on behalf of the relying party.
- the relying party view can be used as it's claim of what went on in the transaction. If there is a dispute with the relying party's claim of the electronic receipt based on the relying party view, then the subject can be required to replay the transaction from the secured transaction data.
- the time-stamp gives independent proof that the transaction occurred at a given time.
- the VAR client can either request a validation and assessment of a secured transaction on its own, a time-stamp on its own or a combination of validation and assessment with time- stamp.
- the relying party requests a validation & assessment and a time-stamp after the initial handshake which establishes the security of the transaction.
- the time-stamp provides basic evidence of the existence of the transaction.
- the results of the validation and assessment can be displayed to the user for him/her to get an assessment and make an informed decision before proceeding with the rest of the transaction (e.g. revealing credit card numbers to the subject and proceeding with the order) .
- the relying party may also request an additional time-stamp of all the secured transaction, with the relying party view, when the transaction is complete.
- the assessment may be presented and displayed to the user in various ways depending on the uses needs. It can be simplified to a three states displayed to the user in the form of traffic lights:
- the user can be presented with a five star assessment report. A user can request the display of full details of the assessment report should he want more information, such as the country of registration, legal and tax implication, previous track record, etc.
- the message can be forwarded to the VAR Client when a message is selected for processing by the user.
- the relying party requests the validation and assessment, and a time-stamp of the whole message from the server as in a single operation.
- This embodiment also identifies an extension to SSL to provide a signature of the all the secured transaction from the subject to strengthen the evidential value of records kept by the relying party.
- This proposed extension to the SSL protocol is to allow the relying party to request that the combined hash of data passing in each direction is digitally signed by the remote SSL party (i.e. the SSL server) .
- This signature can be used by the relying party with the rest of the transaction to provide proof of the transaction.
- the above description is for transactions using X.509 based digital signatures or using X.509 certificates to provide authenticated keys as in SSL.
- the system can also be applied to other forms of certificates including the variant of X.509 defined in PGP (RFC 1991, RFC 2440) or EDIFACT certificates.
- the system can also apply to other security protocols using digital signature (e.g. Microsoft Authenticode, sign JAR files, signed XML) in a similar way as for secure e-mail.
- the main advantages of the described embodiments over existing validation and time-stamping systems include the ability: a) to provide an overall assessment of the security transaction in terms which: i) avoids the need for detailed technical knowledge and understanding of all the complexities of the security mechanisms used, ii) incorporates the range of factors which effect the security of the transaction including trustworthiness of the CA, subject and protections applied to the transaction, iii) provides the assessment in simple terms combining a range of complex factors into a simple rating, b) to provide an electronic receipt of a secured electronic transaction in a way which is: i) applicable across a range of security protocols including the secured web access protocol SSL, ii) avoids the VAR system having to handle any sensitive, private or personal encryption keys, iii) provides evidence of what the user saw linked to the secured transaction, c) to provide an integrated validation, assessment and time-stamping service supporting the relying party; d) does not require changes to the user's secure application (Internet Browser) software; e) does not require changes
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Engineering & Computer Science (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Theoretical Computer Science (AREA)
- Finance (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Marketing (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP00973082A EP1234282A1 (fr) | 1999-12-03 | 2000-11-07 | Systeme de validation pour proteger le commerce electronique |
AU11634/01A AU1163401A (en) | 1999-12-03 | 2000-11-07 | Validation system for secure electronic commerce |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GBGB9928722.9A GB9928722D0 (en) | 1999-12-03 | 1999-12-03 | Validation system for secure electronic commerce |
GB9928722.9 | 1999-12-03 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2001041088A1 true WO2001041088A1 (fr) | 2001-06-07 |
Family
ID=10865738
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/GB2000/004271 WO2001041088A1 (fr) | 1999-12-03 | 2000-11-07 | Systeme de validation pour proteger le commerce electronique |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP1234282A1 (fr) |
AU (1) | AU1163401A (fr) |
GB (2) | GB9928722D0 (fr) |
WO (1) | WO2001041088A1 (fr) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1076279A1 (fr) | 1999-08-13 | 2001-02-14 | Hewlett-Packard Company | Plate-formes d'ordinateurs et leurs procédés d'opération |
GB9922665D0 (en) | 1999-09-25 | 1999-11-24 | Hewlett Packard Co | A method of enforcing trusted functionality in a full function platform |
WO2002086684A2 (fr) | 2001-04-24 | 2002-10-31 | Hewlett-Packard Company | Systeme de securite de l'information |
GB2392262A (en) * | 2002-08-23 | 2004-02-25 | Hewlett Packard Co | A method of controlling the processing of data |
US10122734B2 (en) | 2016-11-29 | 2018-11-06 | At&T Intellectual Property I, L.P. | Secure email verification service |
US11587083B2 (en) | 2019-12-11 | 2023-02-21 | At&T Intellectual Property I, L.P. | Transaction validation service |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1998040809A2 (fr) * | 1997-03-13 | 1998-09-17 | Cha! Technologies, Inc. | Procede et systeme de traitement protege de transaction en direct |
US5958050A (en) * | 1996-09-24 | 1999-09-28 | Electric Communities | Trusted delegation system |
GB2337353A (en) * | 1998-05-15 | 1999-11-17 | Ibm | Method of generating product survey information in an electronic payment system |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2359156B (en) * | 2000-02-14 | 2004-10-13 | Reuters Ltd | Methods of computer programs for and apparatus for providing and accessing digital content |
EP1260079B1 (fr) * | 2000-02-23 | 2004-07-28 | Tradesafely.com Limited | Procede et dispositif de verification de site internet |
-
1999
- 1999-12-03 GB GBGB9928722.9A patent/GB9928722D0/en not_active Ceased
-
2000
- 2000-11-07 AU AU11634/01A patent/AU1163401A/en not_active Abandoned
- 2000-11-07 EP EP00973082A patent/EP1234282A1/fr not_active Withdrawn
- 2000-11-07 WO PCT/GB2000/004271 patent/WO2001041088A1/fr not_active Application Discontinuation
- 2000-11-17 GB GB0028128A patent/GB2365160A/en not_active Withdrawn
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5958050A (en) * | 1996-09-24 | 1999-09-28 | Electric Communities | Trusted delegation system |
WO1998040809A2 (fr) * | 1997-03-13 | 1998-09-17 | Cha! Technologies, Inc. | Procede et systeme de traitement protege de transaction en direct |
GB2337353A (en) * | 1998-05-15 | 1999-11-17 | Ibm | Method of generating product survey information in an electronic payment system |
Non-Patent Citations (1)
Title |
---|
PAYS P ET AL: "An intermediation and payment system technology", COMPUTER NETWORKS AND ISDN SYSTEMS,NL,NORTH HOLLAND PUBLISHING. AMSTERDAM, vol. 28, no. 11, 1 May 1996 (1996-05-01), pages 1197 - 1206, XP004018220, ISSN: 0169-7552 * |
Also Published As
Publication number | Publication date |
---|---|
GB9928722D0 (en) | 2000-02-02 |
EP1234282A1 (fr) | 2002-08-28 |
GB2365160A (en) | 2002-02-13 |
GB0028128D0 (en) | 2001-01-03 |
AU1163401A (en) | 2001-06-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US5671279A (en) | Electronic commerce using a secure courier system | |
CA2306865C (fr) | Procede numerique de certification de l'identite d'un utilisateur et un systeme ordinateur | |
Cox et al. | NetBill Security and Transaction Protocol. | |
US6102287A (en) | Method and apparatus for providing product survey information in an electronic payment system | |
RU2292589C2 (ru) | Аутентифицированный платеж | |
US6367013B1 (en) | System and method for electronic transmission, storage, and retrieval of authenticated electronic original documents | |
Tygar | Atomicity in electronic commerce | |
US6314517B1 (en) | Method and system for notarizing digital signature data in a system employing cryptography based security | |
US6385725B1 (en) | System and method for providing commitment security among users in a computer network | |
US6842863B1 (en) | Certificate reissuance for checking the status of a certificate in financial transactions | |
US6820199B2 (en) | Sending electronic transaction message, digital signature derived therefrom, and sender identity information in AADS system | |
CA2417406C (fr) | Recu numerique de transaction | |
US6983368B2 (en) | Linking public key of device to information during manufacture | |
US20040199469A1 (en) | Biometric transaction system and method | |
US7490069B2 (en) | Anonymous payment with a verification possibility by a defined party | |
US20030120611A1 (en) | Content distribution system and content distribution method | |
JPH09507729A (ja) | キー寄託機能付き暗号システムおよび方法 | |
NZ508562A (en) | System and method for electronic transmission, storage and retrieval of authenticated documents | |
JP2004506245A (ja) | デバイスの公開鍵と製造中の情報とのリンク | |
AU2001287164A1 (en) | Method and system for using electronic communications for an electronic contact | |
JP2002271312A (ja) | 公開鍵管理方法 | |
Van Herreweghen | Non-repudiation in SET: Open issues | |
WO2001041088A1 (fr) | Systeme de validation pour proteger le commerce electronique | |
US20230318832A1 (en) | Token failsafe system and method | |
Camp | An atomicity-generating protocol for anonymous currencies |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2000973082 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 2000973082 Country of ref document: EP |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 2000973082 Country of ref document: EP |