U.S. patent application number 11/686239 was filed with the patent office on 2011-03-10 for secure system for the issuance, acquisition, and redemption of certificates in a transaction network.
Invention is credited to Henry Whitfield.
Application Number | 20110060904 11/686239 |
Document ID | / |
Family ID | 26811374 |
Filed Date | 2011-03-10 |
United States Patent
Application |
20110060904 |
Kind Code |
A9 |
Whitfield; Henry |
March 10, 2011 |
SECURE SYSTEM FOR THE ISSUANCE, ACQUISITION, AND REDEMPTION OF
CERTIFICATES IN A TRANSACTION NETWORK
Abstract
A transaction network contains a networked certificate
authority, by which one or more virtual certificates may be
remotely defined and stored, such as by an issuer user through a
issuer web portal interface. An acquirer user, through an acquirer
web portal interface, may acquire one or more virtual certificates,
which contain a secret public key portion, as well as a
corresponding private key, which is established by the acquirer at
the time of acquisition, and is stored at the certificate
authority. At a redemption location associated with an acquired
certificate, the acquirer (or an alternate recipient of an acquired
certificate to whom the acquirer has communicated the established
private key), submits the certificate information, along with the
established private key, to redeem the certificate.
Inventors: |
Whitfield; Henry; (Palo
Alto, CA) |
Prior
Publication: |
|
Document Identifier |
Publication Date |
|
US 20070157021 A1 |
July 5, 2007 |
|
|
Family ID: |
26811374 |
Appl. No.: |
11/686239 |
Filed: |
March 14, 2007 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
09472100 |
Dec 20, 1999 |
7209889 |
|
|
11686239 |
Mar 14, 2007 |
|
|
|
60113706 |
Dec 24, 1998 |
|
|
|
Current U.S.
Class: |
713/156 ;
713/173; 713/175 |
Current CPC
Class: |
G06Q 20/027 20130101;
G06Q 30/0239 20130101; G06Q 20/206 20130101; G06Q 20/3829 20130101;
G06Q 20/02 20130101; G06Q 20/4012 20130101; G06Q 20/3678 20130101;
G06Q 20/401 20130101; G06Q 20/382 20130101; G06Q 20/3821 20130101;
G06Q 20/367 20130101; G06Q 30/02 20130101; G06Q 30/018
20130101 |
Class at
Publication: |
713/156 ;
713/173; 713/175 |
International
Class: |
H04L 9/00 20060101
H04L009/00 |
Claims
1. A certificate system on a network, comprising: a certificate
authority connected to said network, said certificate authority
adapted to allow the definition of a virtual certificate comprising
a redemption denomination defined by an issuer user, and a first
public key identifier defined by said certificate authority; a
certificate issuance module for creation of an issued certificate
upon selectable acquisition of said virtual certificate by an
acquirer user across said network, said issued certificate
including said redemption denomination and said first public key
identifier, wherein said redemption denomination and said first
public key identifier are stored at said certificate authority in
association with said issued certificate; a certificate
authentication module for authorization of a redemption of said
issued certificate at a redemption location to a holder of said
issued certificate, based upon redemption submittal of said
redemption denomination and said first public key identifier, and a
matching comparison of said redemption denomination and said first
public key identifier stored at said certificate authority; and
means to cancel further redemption of said issued certificate at
said certificate authority.
2. The certificate system of claim 1, said issued certificate
further comprising: a single-use certificate comprising at least
one design element, a denomination, at least one redemption rule,
and identification information, which may include human readable
information, and/or machine readable information.
3. The certificate system of claim 1, said certificate issuance
module further comprising: an issuer terminal in selective
electronic communication with said certificate authority, said
issuer terminal comprising user operated means for directing said
certificate authority to create at least one customized virtual
certificates for subsequent issuance to acquirer users at one or
more acquirer terminals.
4. The certificate system of claim 1, further comprising: an issuer
facility for authorization of construction of certificates through
a web portal via a network, with which an issuer user connects to
said certificate authority; and said issuer facility further
comprising a certificate specification interface through which said
issuer user defines detailed specifications for virtual single-use
certificates.
5. The certificate system of claim 1, wherein said certificates
reflect sellable or distributable commodities comprising products
and/or services which are available for pick up by a customer at a
redemption location.
6. The certificate system of claim 3, further comprising: means for
controlling modular design of one or more virtual certificates
independently, either by selecting standard designs offered by said
certificate authority, by uploading one or more custom designs to
said certificate authority in the form of a computer file, or by
specifying that a certificate be issued using a combination of
stock elements uploaded through said issuer terminal.
7. The certificate system of claim 1, further comprising: means for
an acquirer user identifying redemption locations for one or more
products or services which are available as selectable virtual
certificates; wherein, upon said acquirer user initiating a search,
said certificate authority presents a browseable subset of an
entire virtual inventory, or of an aggregate inventory, which
matches search limiters entered by said acquirer user.
8. The certificate system of claim 1, further comprising: means for
said certificate authority communicating acquisition transaction to
an issuer; wherein a product or service which is to be received
upon redemption is reserved; wherein, for a product within an
inventory at a redemption location, said product is placed on hold;
wherein, for a designated service, said issuer uses acquisition
information to schedule personnel or equipment, or to limit the
further sale of goods or services.
9. The certificate system of claim 1, further comprising: means for
said issuer user selecting or uploading issuer information,
selecting or uploading denomination parameters for a virtual
certificate in the form of any of a currency denomination or a code
associated with a product, a service, a coupon, a voucher, or other
instrument for which an acquired certificate may be redeemed, said
issuer authorizing said certificate authority to issue certificates
within a set range of selectable denominations, or authorizing
creation of virtual certificates with a value determined by an
acquirer user.
10. The certificate system of claim 1, further comprising: means
for said issuer user selecting or uploading redemption rules
comprising any of an expiration date, any exclusion of redemption
on a basis of geographic location, or other redemption rules unique
to said issuer user; wherein redemption rule information may be
included as printed information on an acquired certificate.
11. The certificate system of claim 1, further comprising: means
for said issuer user selecting or uploading issuance restrictions
to said certificate authority for any of limiting a number of
acquired certificates to be issued by said certificate authority on
behalf of aid issuer user, for any of a specified time frame,
within a geographic region, or on a basis of other criteria unique
to said issuer user.
12. The certificate system of claim 1, further comprising: means
for said issuer user selecting or specifying a format for a unique
certificate supplementary public key identification; wherein said
issuer user may require a unique certificate public key
identification which corresponds to existing product codes,
inventory, or existing issuer certificate systems.
13. A process within a transaction network, comprising the steps
of: defining a virtual certificate on a certificate authority, said
defined virtual certificate comprised of a redemption denomination
defined by an issuer user, and a first public key identifier
defined by said certificate authority; creating an issued
certificate upon acquisition of said virtual certificate by an
acquirer user on said transaction network, said issued certificate
including said redemption denomination and said first public key
identifier, said redemption denomination and said first public key
identifier stored at said certificate authority in association with
said issued certificate; authorizing a redemption of said issued
certificate at a redemption location to a holder of said issued
certificate, based upon redemption submittal of said redemption
denomination and said first public key identifier, and a matching
comparison of said redemption denomination and said first public
key identifier stored at said certificate authority; and canceling
further redemption of said issued certificate at said certificate
authority.
14. The process of claim 13, said issued certificate further
comprising: a single-use certificate comprising at least one design
element, a denomination, at least one redemption rule, and
identification information, which may include human readable
information, and/or machine readable information.
15. The process of claim 13, further comprising the step of:
providing an issuer terminal in selective electronic communication
with said certificate authority, said issuer terminal comprising
user operated means for directing said certificate authority to
create at least one customized virtual certificates for subsequent
issuance to acquirer users at one or more acquirer terminals.
16. The process of claim 13, further comprising the step of:
providing an issuer facility for authorization of construction of
certificates through a web portal via a network, with which an
issuer user connects to said certificate authority; and said issuer
facility further comprising a certificate specification interface
through which said issuer user defines detailed specifications for
virtual single-use certificates.
17. The method of claim 13, further comprising the step of:
controlling modular design of one or more virtual certificates
independently, either by selecting standard designs offered by said
certificate authority, by uploading one or more custom designs to
said certificate authority in the form of a computer file, or by
specifying that a certificate be issued using a combination of
stock elements uploaded through said issuer terminal.
18. The process of claim 13, further comprising the step of: an
acquirer user identifying redemption locations for one or more
products or services which are available as selectable virtual
certificates; wherein, upon said acquirer user initiating a search,
said certificate authority presents a browseable subset of an
entire virtual inventory, or of an aggregate inventory, which
matches search limiters entered by said acquirer user.
19. The process of claim 13, further comprising the step of: said
certificate authority communicating acquisition transaction to an
issuer; wherein a product or service which is to be received upon
redemption is reserved; wherein, for a product within an inventory
at a redemption location, said product is placed on hold; wherein,
for a designated service, said issuer uses acquisition information
to schedule personnel or equipment, or to limit the further sale of
goods or services.
20. The process of claim 13, further comprising the step of: said
issuer user selecting or uploading issuer information, selecting or
uploading denomination parameters for a virtual certificate in the
form of any of a currency denomination or a code associated with a
product, a service, a coupon, a voucher, or other instrument for
which an acquired certificate may be redeemed, said issuer
authorizing said certificate authority to issue certificates within
a set range of selectable denominations, or authorizing creation of
virtual certificates with a value determined by an acquirer
user.
21. The process of claim 13, further comprising the step of: said
issuer user selecting or uploading redemption rules comprising any
of an expiration date, any exclusion of redemption on a basis of
geographic location, or other redemption rules unique to said
issuer user; wherein redemption rule information may be included as
printed information on an acquired certificate.
22. The process of claim 13, further comprising the step of: said
issuer user selecting or uploading issuance restrictions to said
certificate authority for any of limiting a number of acquired
certificates to be issued by said certificate authority on behalf
of aid issuer user, for any of a specified time frame, within a
geographic region, or on a basis of other criteria unique to said
issuer user.
23. The process of claim 13, further comprising the step of: said
issuer user selecting or specifying a format for a unique
certificate supplementary public key identification; wherein said
issuer user may require a unique certificate public key
identification which corresponds to existing product codes,
inventory, or existing issuer certificate systems.
Description
CROSS REFERENCE TO RELATED APPLICATIONS
[0001] This application is a Continuation of co-pending U.S. patent
application Ser. No. 09/472,100, filed Dec. 20, 1999, which
application is incorporated herein in its entirety by this
reference thereto.
FIELD OF THE INVENTION
[0002] The invention relates to the field of certificate systems.
More particularly, the invention relates to a certificate system
for the controlled and secure issuance, acquisition and redemption
of single-use certificates in a transaction network.
BACKGROUND OF THE INVENTION
[0003] The quickly expanding internet provides a variety of on-line
commerce structures and processes, allowing online browsing and
sales through a variety of dedicated retail web-sites, which
typically offer one or more products. An inventory of products,
which are typically stocked at one or more remote warehouse or
related retail locations, are offered for sale through a web site.
A purchaser, upon selecting a desired product, typically enters
purchase information, such as credit card information and shipping
information. Upon credit card authorization, typically when the
items are shipped to the designated shipping address, the
authorized card information is used to transfer monetary funds from
the purchaser's credit account to the seller's bank account. While
such on-line commerce systems provide adequate purchasing
opportunities for buyers who have access to the Internet, typically
for the purchase of smaller items which are readily sent (e.g. such
as through postal services), such online commerce does not
typically allow a buyer to conveniently pick up merchandise
locally.
[0004] As well, there is an increasing development for systems
which enhance the automation of on-line and off-line commerce, as
evidenced by on-line payment systems, point of sale terminals, and
debit cards. Related documents include Making the World Go Round
(Online Payments), Internet Business, no. 24, p. 2830 (January
1999); Wireless Point of Sale Terminal for Credit and Debit Payment
Systems, Conference Proceedings, IEEE Canadian Conference on
Electrical and Computer Engineering, (1998); Is Off-line Debit
about to Derail?, ABA Banking Journal, vol. 89, no. 9, p. 66,68,70
(September 1997); 1998: Year of the Debit Card, Bank Systems &
Equipment, vol. 24, no. 11, p. 16-18 (November 1987).
[0005] I. Krsul, J. Mudge, and A. Demers, Method Electronic
Payments that Prevents Double-Spending, U.S. Pat. No. 5,839,119 (17
Nov. 1998) and corresponding European Patent Application No.
0833285, Method and Product for Generating Electronic Tokens,
(filed 25 Sep. 1997) disclose a "method of generating electronic
monetary tokens that supports off-line transactions while
preventing double-spending. Generation of electronic token halves
by a financial services provider begins in response to a request
from a buyer to generate monetary tokens to be used with an
identified seller. First, the financial services provider generates
a plurality of electronic monetary tokens. Second, the provider
splits each monetary token into two electronic token halves and
associates with each the same serial number. These electronic token
halves when combined recreate the electronic money token from which
they were generated, but buy themselves neither electronic token
half has any value. Nor can either electronic token half by itself
be used to create the electronic monetary token without the token
half's mate. After splitting all the monetary tokens, the services
provider assigns a half of each electronic token to the seller and
the other half of each electronic token to the buyer. The buyer and
seller can now engage in multiple transactions off-line of the
financial services provider". While Krsul et al disclose a method
of generating electronic monetary tokens, they fail to disclose a
system for issuer-defined virtual certificates which are acquired
on-line during a first transaction in which an acquirer establishes
a secure private key that is associated with the acquired
certificate, and are then selectively redeemed off-line, using the
re-submitted private key to authorize the redemption transaction
with the on-line system, and to revoke further use of the acquired
certificate.
[0006] K. Ginter, V. Shear, F. Spahn and D. Van Wie, Systems and
Methods for Secure Transaction Management and Electronic Rights
Protection, U.S. Pat. No. 5,915,019 (22 Jun. 1999) disclose systems
and methods "for secure transaction management and electronic
rights protection. Electronic appliances such as computers equipped
in accordance with the present invention help to ensure that
information is accessed and used only in authorized ways, and
maintain the integrity, availability, and/or confidentiality of the
information. Such electronic appliances provide a distributed
virtual distribution environment (VDE) that may enforce a secure
chain of handling and control, for example, to control and/or meter
or otherwise monitor use of electronically stored or disseminated
information. Such a virtual distribution environment may be used to
protect rights of various participants in electronic commerce and
other electronic or electronic-facilitated transactions.
Distributed and other operating systems, environments and
architectures, such as, for example, those using tamper-resistant
hardware-based processors, may establish security at each node.
These techniques may be used to support an all-electronic
information distribution, for example, utilizing the "electronic
highway"."
[0007] Gift Certificate Systems. Traditional gift certificates are
typically offered by a small percentage of retail stores. There are
often major costs associated in the creation and distribution of
paper-based certificates, as well as in the management of in-store
redemption. Consumers are thus presented with a narrow range of
merchant outlets where certificates can be redeemed. The buyer
often has to travel to the store to buy the certificate, and then
the recipient has to wait until the buyer sends the paper-based
certificate to the recipient. As well, there is often no
authorization control on the redemption of the paper-based
certificate. Paper-based certificates are often treated as cash,
and a lost or stolen certificate usually will not be refunded to
the buyer or recipient.
[0008] Some dedicated network locations, such as web sites which
offer goods and services for a single entity, typically offer the
purchase of pre-printed and inventoried paper-based gift
certificates, which are typically purchased on-line by a buyer, and
then are typically sent to a desired recipient.
[0009] As well, aggregated web sites which offer multiple goods and
services from multiple sources often offer the similar online
purchase of generic certificates, which may then be redeemed
on-line by a recipient, such as towards the purchase of inventoried
goods, which are subsequently sent to the recipient redeemer.
[0010] As well, some web-based companies, such as
"www.giftpoint.com" and "www.giftcertificates.com", have recently
been established to sell a variety of gift certificates, which
inventory and offer for sale a large number of pre-printed gift
certificates, typically related to nationally traded products and
services (e.g. such as redeemable certificates from Gap Stores,
Inc. or Wal Mart, Inc.). While such sites allow a buyer to purchase
a certificate online, the range of merchants they support is only a
small subset of the already small number of merchants who offer
traditional paper-based certificates. Such sites inventory the
paper-based gift certificates, and offer the certificates to buyers
through the web site. When a paper-based certificate is purchased
through the site, funds are typically transferred from the buyer at
the time of the transaction, and the stocked paper-based
certificate is then sent to the designated recipient. While such
sites offer a variety of gift certificates for purchase, the
certificates are required to initially be established (i.e. printed
and recorded) by each of the businesses, and are then transferred
to the site (such as by a purchase transaction), where they are
inventoried. While large business entities may have already
established paper-based certificates, small issuers (e.g. such as
small or localized businesses) often do not have certificate
systems of their own.
[0011] A similar on-line business, located at
"www.gifttracker.com", provides gift certificates which may be
purchased online and redeemed locally. The site provides a
redemption and retail location search engine, by which an online
shopper may search for certificates, based upon redemption type
(e.g. such as by toys, books, sports equipment, or women's
apparel), as well as by location (e.g. such as by entering by zip
code). For a given product type, an online shopper typically enters
a zip code (such as the zip code of the shopper, or the postal zip
code of a potential recipient of a gift certificate). Based upon
the entered postal code, the search engine determines gift
certificates which may be redeemed locally within the submitted
postal area. While the certificate system implemented by
gifttracker.com provides the online purchase of certificates which
may be redeemed locally, the system requires an inventory of
printed certificates which are supplied by the issuers (e.g. such
as conventional printed certificates available from large chain
stores). After an on-line purchase transaction, the pre-printed
certificates are then packaged and sent to a designated address
(e.g. such as the acquirer's address, or an alternate recipient
address). Once a pre-printed certificate arrives, such as by a
conventional mail service, the pre-printed certificate is then
taken by the recipient to a corresponding store. The site does not
allow the on-line creation of a remote, electronic gift
certificates, such as for issuers that do not have pre-printed
certificates. As well, the system inherently requires an associated
inventory and distribution system for the pre-printed gift
certificates.
[0012] Another web-based company which sells certificates is
located at "www.webcertificates.com", which enables recipients of a
certificate to redeem the certificate from a wide variety of
on-line merchants. The site creates a certificate which is similar
to a virtual credit card, which is then readily accepted by a wide
variety of on-line merchants who accept credit cards as payment for
their products and services. However, recipients are required to
access the Internet, follow detailed instruction to retrieve their
online certificate, and then are required to redeem the certificate
at an online location, wherein a product is then shipped.
[0013] In an alternate embodiment of a conventional online gift
certificate site, a buyer may purchase a "generic" gift
certificate, which is then typically given as a gift to a
recipient, whereby the generic gift certificate is supplied with a
tracking number (which may be sent to a recipient, or may be
e-mailed to the recipient?). The recipient may then log on to the
gift certificate site, and "redeem" the generic gift certificate by
selecting one or more specific gift certificates, which in sum are
equal to the designated value of the original generic certificate.
However, as with other online business which offer paper-based
certificates for sale, the specific certificates are limited to an
actual inventory of paper-based gift certificates which are
available at that site. Upon redemption of the generic certificate,
the specific certificate or certificates are then physically sent
to the redeemer.
[0014] Another web-based company which sells gift certificates is
located at "www.flooz.com", which enables an on-line buyer to
purchase and send "on-line" currency, which is only available and
usable on the Internet. When a buyer sends a recipient the
"on-line" currency, such as by electronic mail, the recipient can
then spend the "on-line" currency at one or more online sites which
are registered to accept the "on-line" currency for online
commerce.
[0015] In present embodiments of online commerce, buyers and
sellers are linked electronically, at some point in the process,
and merchandise (or redeemable paper-based certificates) are
shipped to the buyer or alternate recipient, such as from a central
warehouse linked to the seller. In such embodiments, there are
inherent shipment costs, and there is often shipment delays.
[0016] On-line Ticketing Systems. In conventional networked
commerce sites which offer tickets (e.g. such as for travel,
sports, or entertainment), when a computer user purchases tickets
online, a selling sites typically provides the buyer with a serial
number (i.e. such as a confirmation or tracking number, or even a
general ticket number), such as through an e-mail notification. To
receive the tickets, the buyer is then typically required to submit
the confirmation or number at a will-call booth, whereby the
submitted confirmation number is matched to the tickets (which may
be previously printed, or may be printed upon redemption). If the
submitted number is correctly matched to the tickets, the tickets
are then given to the redeeming person. While such conventional
online systems allow the online purchase of tickets, as well as the
local pick-up of the purchased tickets, money is typically
transferred upon the initial on-line acquisition of the tickets,
and whereby anyone submitting the correct tracking number may be
given the tickets. The single tracking number is confirmed off-line
at the will-call booth and, is not authenticated with the on-line
site.
[0017] The disclosed prior art systems and methodologies thus
provide basic certificate systems, but fail to provide a secure
certificate system in which allows issuers to create an virtual
inventory of certificates, which may then be acquired online, and
then redeemed locally. It would also be advantageous to provide a
certificate system which allows customers to establish a private
key that is unique to the transaction, which is subsequently used
in a redemption transaction to authorize the local redemption with
the online system. The development of such a certificate system
would constitute a major technological advance.
SUMMARY OF THE INVENTION
[0018] A transaction network contains a networked certificate
authority, by which one or more virtual certificates may be
remotely defined and stored, such as by an issuer user through a
issuer web portal interface. The virtual certificates correspond to
a product or service denomination which is selected by the issuer,
include a public key identifier. An acquirer user may locate and
acquire one or more virtual certificates, through an acquirer web
portal interface. When a virtual certificate is acquired by an
acquirer, a corresponding private key is established by the
acquirer, and is stored at the certificate authority in association
with a record of the acquired certificate. As well, when the
certificate is acquired, the acquirer typically submits payment
agent information (e.g. such as credit card information). In one
embodiment, funds are transferred during acquisition of the
certificate. In a preferred embodiment, authorization for the
transfer of funds occurs during the acquisition transaction.
Certificate information is typically transferred to the acquirer,
or to an alternate recipient, by which the holder of the
certificate can redeem the certificate at a redemption location
associated with an acquired certificate. The acquirer (or an
alternate recipient of an acquired certificate to whom the acquirer
has communicated the established private key), submits the
certificate information at the redemption location, along with the
established private key, to redeem the certificate. Include
redemption authorization here and revoke of certificate.
BRIEF DESCRIPTION OF THE DRAWINGS
[0019] FIG. 1 is a system block diagram of a transaction network
for the issuance, acquisition and redemption of single-use
certificates;
[0020] FIG. 2 shows a single-use gift certificate;
[0021] FIG. 3 is a schematic view of a single-use gift certificate
identification packet;
[0022] FIG. 4 shows a redemption process for a single-use gift
certificate having an identification packet and an associated
private key;
[0023] FIG. 5 is a schematic block diagram of issuer facility
options;
[0024] FIG. 6 is a schematic block diagram of acquirer facility
options;
[0025] FIG. 7 is a schematic block diagram of transaction
information data entry;
[0026] FIG. 8 is a schematic block diagram of redeemer facility
options;
[0027] FIG. 9 shows the creation of virtual certificates by an
issuer on at a certificate authority server;
[0028] FIG. 10 shows an issuer virtual certificate creation module
interface;
[0029] FIG. 11 shows a graphic user interface for an issuer virtual
certificate creation module;
[0030] FIG. 12 is a block diagram of a virtual inventory stored
within a database;
[0031] FIG. 13 is a block diagram showing a site virtual inventory
at an aggregate network site, and a search subset of the site
virtual inventory directed by a search command at an acquirer
terminal;
[0032] FIG. 14 is a block diagram of an acquisition transaction
module at an acquirer terminal, which is accessible from a
selection of a virtual certificate from one or more alternate
sites;
[0033] FIG. 15 shows an embodiment of a partial certificate
transaction network having a plurality of issuers, a plurality of
acquirers, and a remote certificate authority; and
[0034] FIG. 16 shows an embodiment of a partial certificate
transaction network having a plurality of acquirer terminals, and
an issuer terminal having a dedicated certificate authority.
DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS
[0035] FIG. 1 is a system block diagram of a transaction network 10
for the issuance, acquisition and redemption of single-use
certificates 60 (FIG. 2). The transaction network 10 contains a
networked certificate authority 12, through which one or more
virtual certificates 60 are remotely created, such as by an issuer
user ISR (FIG. 9) through issuer facilities 24 (e.g. such as
through a web portal interface). The virtual certificates 60
typically correspond to sellable commodity, such as a product or
service denomination, which is selectable by the issuer user ISR.
In an alternate embodiment, the virtual certificates 60 may
correspond to a distributable commodity, such as a discount coupon
for a product or service, or a reservation (e.g. such as for travel
or dining), which is selectable by the issuer user ISR. Created
virtual certificates 60 are stored on a database 18 which is
associated with the networked certificate authority 12.
[0036] An acquirer user ACQ (FIG. 6), accessing the transaction
network 10 through an acquirer terminal 26, may locate and acquire
one or more virtual certificates 60, through an acquirer facilities
28 (e.g. such as a acquirer web portal interface). When a virtual
certificate 60 is acquired by an acquirer user ACQ, a corresponding
private key 76 is established by the acquirer user ACQ, and is
stored at the certificate authority 12 (e.g. such as within the
database 18), in association with a record of the acquired
certificate 60, along with other identifying information 98 for the
acquired certificate 60.
[0037] As well, when a virtual certificate 60 is acquired, the
acquirer user ACQ typically submits payment agent information 52
(e.g. such as credit card information). In one embodiment, funds
are transferred during acquisition of the certificate 60. In a
preferred embodiment, authorization for the transfer of funds
occurs during the acquisition transaction 72. Certificate
information 98 (FIG. 3) is typically transferred to the acquirer
user ACQ, or to an alternate recipient RCP, by which the holder of
the acquired certificate 60 can redeem the certificate 60 at a
redemption location RL (FIG. 4,8) associated with an acquired
certificate 60. The acquirer ACQ (or an alternate recipient RCP of
an acquired certificate 60 to whom the acquirer user ACQ has
communicated the established private key 76), submits the
certificate information at the redemption location, along with the
established private key, to redeem the certificate. Include
redemption authorization here and revoke of certificate.
[0038] Creation of Virtual Certificates. FIG. 2 shows a single-use
certificate 60, which may preferably be delivered in a printable
form, either to an acquirer user ACQ, or to an alternate recipient
RCP. A single-use certificate 60 typically includes one or more
design elements 62, a denomination 64, one or more redemption rules
66, and identification information 74 (FIG. 3), which may include
human readable information 68, and/or machine readable information
70 (e.g. such as a bar code symbol 70). An issuer user ISR 22 at an
issuer terminal 22, in selective electronic communication with a
certificate authority 12, has the means (i.e. issuer facilities) 24
to direct the certificate authority 12 to create one or more
customized virtual certificates 60, for subsequent issuance to
acquirer users ACQ at one or more acquirer terminals 26.
[0039] Establishment of Defined Virtual Certificates. Authorization
for the construction of certificates typically occurs through an
issuer facility 24, such as through a web portal 24 for a
transaction network 10 operating across an internet 192, whereby an
issuer user ISR (e.g. such as a merchant, or a product manager for
a plurality of stores RL) connects to the certificate authority 12
(i.e. such as through a certificate server portion 14 of a
certificate authority 12).
[0040] The issuer user ISR defines detailed specifications for
virtual single-use certificates 60 through a certificate
specification interface 194 (FIG. 10), such as design
specifications 62 and redemption rules 66, whereby the certificates
60 typically reflect sellable or distributable commodities, such as
products and/or services which are available for pick up by a
customer, typically at a redemption location RL (e.g. such as at a
retail store, a distribution center, a box office, a ticket
counter, or at a service provider).
[0041] An issuer user ISR 22 has the means 122 (FIG. 5) to control
the modular design of one or more virtual certificates 60a-60n
independently, either by selecting standard designs offered by the
certificate authority 12, by uploading 122 one or more custom
designs 62a-62n to the certificate authority 12, in the form of a
computer file, or by specifying that a certificate 60 be issued
using a combination of stock elements 162 uploaded through the
issuer terminal 22. An issuer user may preferably incorporate the
denomination 64 of the certificate 60 as an additional element in
the certificate identification packet 74. Additionally, an issuer
user ISR may preferably incorporate an additional public key
segment 82, as a part of the certificate identification packet 74,
which may be used, for example, in mapping a certificate 60 to an
issuer's coding scheme (e.g. such as to correspond to product
serial numbers, part numbers, product color codes, product size, or
service codes).
[0042] Storage of Virtual Certificates. Each virtual certificate 60
exists, until issued, as a virtual certificate 60 comprised of
multiple independent textual elements 64,66 and/or graphical
elements 62a-62n, which are stored by the certificate authority 12,
in the secure database 18.
[0043] In one embodiment of the certificate system 10, the
certificate authority 12 comprises two functional servers, a
certificate server 14, as well as an authentication server 16. In
alternate embodiments, a single certificate authority server 12 may
perform both certificate establishment functions, as well as
certificate redemption functions. In another alternate embodiment,
the certificate authority 12, the certificate module 14, the
authentication module 16, and the certificate database 18 are
integral modules within a certificate authority terminal 58 (FIG.
12).
[0044] Acquisition of Certificates and Establishment of Keys. FIG.
3 is a schematic view of an acquisition transaction 72 for a
single-use certificate 60. identification packet 74. During an
acquisition transaction 72, an acquirer user ACQ typically provides
a means to purchase the certificate, an authorization to purchase
during subsequent redemption transaction 104 (FIG. 4), or otherwise
qualifies for issuance of the acquired certificate 60.
[0045] Certificate acquisition instructions are initially defined
by an issuer user ISR at an issuer terminal 22, and are stored at
the certificate authority 12, in association with each virtual
certificate. Preceding an acquisition transaction 72, an acquirer
user ACQ at an acquirer terminal 26, by means of the acquirer
facilities 28, typically searches for or browses through a
plurality of virtual certificates 60, (i.e. a virtual inventory).
An acquirer user ACQ, upon selecting an acceptable virtual
certificate 60, may selectably begin an acquisition transaction 72
to acquire the virtual certificate 60.
[0046] Before an acquisition transaction 72, a virtual certificate
60 to be acquired is constituted from the independent data elements
62,64,66, 68,70 for the virtual certificate 60, which are stored in
the secure database 18, for presentation to the acquirer user ACQ
at an acquirer computer terminal 26 (e.g. such as in the form of an
HTML document readable through acquirer facilities 28 by an
internet browser application). However, after a certificate 60 is
acquired during an acquisition transaction 72, the independent data
elements 62,64,66,68,70 are bound together within the database
18.
[0047] During an acquisition transaction 72, in which the
certificate authority 12 issues a certificate 60 to the acquirer
user ACQ, a unique identifier 98 is bound to the issued certificate
60, typically comprising certificate information 74, which appears
on the acquired certificate 60, which typically includes a
denomination 64, and a secret public key 80 assigned by the
certificate authority. In a preferred embodiment, the certificate
information 74 includes a supplementary public key segment 82,
which is assigned by an issuer user ISR. The certificate
information 74 typically appears on the acquired certificate 60
through a printed number 68, or through an encoded symbol, such as
a bar code 70 (FIG. 2). The unique certificate identifier 98
includes the elements associated with the certificate information
74, in combination with a private key 76, which is assigned to the
certificate 60 by an acquirer user 92, as a part of the acquisition
transaction 72.
[0048] The private key 76, which is assigned to the certificate 60
by an acquirer user 92, does not appear on the certificate 60, and
is known only to the acquirer user ACQ, but is stored by the
certificate authority 12, in association with the other data
elements relating to the certificate 60, on the secure database
18.
[0049] Redemption of Certificates. FIG. 4 shows a redemption
process 90 for a single-use gift certificate 60 having a submitted
identification packet 98, which includes and an associated private
key 76. The private key 76 must be provided to the redeemer 36 as
part of the redemption process 90 by the acquirer user ACQ (FIG.
4), or by a third party and/or agent to whom the acquirer ACQ has
communicated the private key 76. A redemption clerk RC, such as a
sales clerk, through a redeemer terminal 36, in communication with
the certificate authority 12, by means of the redeemer facilities
38, or optionally, by means of a live operator intermediary 42, may
authenticate a certificate 60, by providing the certificate
authority 12 with the unique identification information 98
associated with the acquired certificate 60 (i.e. both the public
keys 80,82 assigned to the certificate upon issuance, a
denomination 64, as well as the unique private identification
information 76 which is assigned to the certificate 60 by the
acquirer user. ACQ (i.e. the private key 76).
[0050] In alternate embodiments of the certificate system 10,
either the redemption clerk RC or the holder of the acquired
certificate 60 can manually or automatically upload the certificate
information 76 during a redemption process 90, such as through a
point of sale terminal 40. As well, either the redemption clerk RC
or the holder of the acquired certificate 60 can enter the private
key PIN 76 into a point of sale terminal 40.
[0051] Authorization of Certificate During Redemption. The
certificate authority 12 authenticates a certificate 60, on the
basis of the certificate identification packet 74 (which includes
the public key 80 and supplementary public key 82), and the private
key 76 submitted by a redemption clerk RC, such as through
redemption terminal 36. As seen in comparison step 100 in FIG. 4,
the certificate authority 12 queries the secure database 18, which
stores the independent elements associated with the acquired
certificate 60, to determine whether the certificate identification
packet 74 and the private key 76 originally associated with the
certificate 60 on issuance matches the certificate identification
packet 74 and private key 76 identification information provided to
the certificate authority 12 by the redeemer, as shown in matching
step 102. If the unique identification sets correlate 103, the
certificate authority 12 validates the certificate 60, and upon
instructions by the redemption clerk RC, authorizes the redemption
transaction 104. If the unique identification sets do not correlate
105, the certificate authority 12 typically cancels 106 the
redemption transaction 104, either by requesting that the acquirer
ACQ resubmit the certificate information 74 and the private key 76,
or by revoking the certificate 60 (e.g. such as if the certificate
60 has previously been marked as used).
[0052] Authorized Redemption Transaction and Cancellation of
Single-Use Certificate. Upon a successful authorization transaction
104 of an acquired certificate 60, the certificate authority 12
allows the redemption clerk RC to proceed with redemption of the
certificate 60, and revokes the single-use certificate 60 (i.e.
thus preventing further use of the certificate information 74,76).
The certificate authority revokes the certificate 60 by updating
the certificate information stored on the secure database 18 (e.g.
by marking the certificate as "used"). In one embodiment of the
certificate system 10, the certificate authority 12, by means of
certificate payment facilities 48, initiates the transfer of
payments between the parties of the acquisition transaction 76 and
the redemption transaction 104, by issuing transfer instructions to
the certificate payment agent 58, the acquirer payment agent 52,
the issuer payment agent 54, and the redeemer payment agent 56.
[0053] When a redemption transaction 104 is successfully authorized
by the certificate authority 12, the certificate authority 12
preferably downloads a transaction code 181 (FIG. 8) to the
redemption terminal 36, which preferably becomes part of a
redemption record 41 (FIG. 1) by the redemption location RL, and is
also preferably transferred to the acquirer user ACQ or alternate
recipient RCP (e.g. such as within a redemption receipt 41).
[0054] Virtual Certificate Creation Options. FIG. 5 is a schematic
block diagram 100 of issuer facility options, which includes
initial registration of new issuers 112, secure entry 114 into the
transaction network 10, an issuer certificate parameter module, and
an issuer report module 116.
[0055] Registration of Issuers. An issuer ISR who is not previously
registered as a client with the certificate authority 12 is
preferably guided through a registration process 112, during which
the issuer user is required to input relevant information (e.g.
such as the name of the issuer user, the business name, one or more
redemption locations RL, as well as relevant banking information).
The preferred registration of issuers allows the certificate
authority 12 to confirm that the issuer is a legitimate entity
(i.e. such as an existing, valid business), and that the issuer is
offering real goods and services. As well, the preferred
registration process 112 includes the input of banking information
related to issuers, such that funds may be properly transferred to
issuers, from acquirers, such as when an acquired certificate 60 is
redeemed at a redemption location RL.
[0056] The registration process 112 also typically includes a
registration validation step, by which the certificate authority 12
or other independent entity checks pertinent registration
information, such as bank account information, credit references,
or merchant identification number. Based upon a successful
registration step 112 and validation step, the certificate
authority 12 preferably assigns an access number 113 to the new
issuer, and sends the a registration notification and access number
to the new issuer (e.g. such as by an e-mail notification). In an
alternate embodiment, a new issuer ISR, having submitted a valid
merchant number at registration step 112, may automatically gain an
access number and subsequent access to the certificate
authority.
[0057] Issuer Access. When an issuer is properly registered with
the certificate authority 12, the issuer user ISR may gain ongoing
access to the certificate authority 12. A registered issuer user
ISR typically inputs the previously established unique issuer
access code 113, to log 114 onto the certificate authority 12.
[0058] Creation of Certificate Parameters. An issuer user ISR at an
issuer terminal 22, in secure communication with the certificate
authority 12 (e.g. such as through initial registration 112 or a
subsequent log on process 114), by means of issuer facilities 24
(e.g. such as through a web portal), can direct a large variety of
certificate parameters 115. While an issuer user ISR may direct the
creation of virtual certificates 60 through the selection of
standard certificate elements 62-70, the issuer user ISR may
optionally upload discrete data elements 62-70 to the certificate
authority 12, which are unique to the issuer ISR, for storage as
stored elements associated with one or more virtual certificates
60, or may otherwise direct certificate parameters, at step 115, by
selection of options offered by the certificate authority 12.
[0059] At issuer information selection step 118, the issuer
preferably selects or uploads issuer information 118, such as
company information, or promotional information. Issuer information
118 may be preferably included within a virtual certificate 60, or
may be included as information at a network site offering selection
of the appropriate certificate 60. For example, a web page which
includes a selectable certificate for a business typically includes
other issuer information 118 to describe the business, or to
describe the selectable commodity, such as a product or service
description.
[0060] At denomination selection step 120, the issuer preferably
selects or uploads denomination parameters for a virtual
certificate 60. The denomination 78 may be in the form of a
currency denomination, or in the form of a code associated with a
product, a service, a coupon, a voucher, or other instrument for
which the an acquired certificate 60 may be redeemed. The issuer
may preferably authorize 120 the certificate authority 12 to issue
certificates 60 within a set range of selectable denomination, or
authorize the creation of virtual certificates 60 with a value
determined by an acquirer user ACQ.
[0061] Examples of virtual certificates 60 that can be offered to
acquirers by the certificate authority 12 on behalf of issuers
include certificates denominated as full payment in exchange for an
item and/or service (e.g. such as a gift certificate which is
redeemable for an item and/or service, or a ticket or coupon
voucher redeemable for an actual ticket), certificates 60 which may
be redeemed as partial payment for a particular item or service,
denominated as a currency amount (e.g. such as a gift certificate
denominated in a currency amount); or a certificate 60 redeemable
for currency, denominated in a currency amount (e.g. such as a
"traveler's check").
[0062] At issuer artwork selection step 122, the issuer preferably
selects or uploads artwork graphics 62a-62n which may be unique to
the issuer (e.g. such as logos, trademarks, or other artwork, such
as borders, illustrations, or photographs). The artwork graphics
62a-62n to be uploaded are typically uploaded in the form of
graphics files 62a-62n (FIG. 2)(e.g. such as in TIFF, PICT or EPSF
file formats), which are associated with an issuer ISR, a
redemption location RL, a product or service, or basic certificate
artwork 62.
[0063] At redemption rule information selection step 124, the
issuer preferably selects or uploads redemption rules 66, such as
an expiration date, any exclusion of redemption on the basis of
geographic location, or other redemption rules 66 unique to the
issuer. As seen in FIG. 2, redemption rule information 66 may be
included as printed information on an acquired certificate 60.
[0064] At issuance restriction information selection step 126, the
issuer preferably selects or uploads issuance restrictions to the
certificate authority 12, such as to limit the number of acquired
certificates 60a-60n to be issued by the certificate authority 12
on behalf of the issuer 22, such as within a specified time frame,
within a geographic region, or on the basis if other criteria
unique to the issuer.
[0065] At issuance certificate identification parameter selection
step 128, the issuer preferably selects or specifies the format of
unique certificate public key identification 82 (FIGS. 3,4). For
example, the issuer may require unique certificate public key
identification 82 which corresponds to existing product codes,
inventory, or existing issuer certificate systems. Therefore, the
issuer may optionally select, enter or upload certificate
identification public key parameters 82, to be combined with
certificate identification public key information 82 (FIG. 3)
assigned by the certificate authority 12.
[0066] Issuer Reports. If an issuer user ISR has already created
certificates 60, the issuer user ISR, through the report interface
116, can view, print, or download reports based upon previously
created virtual certificates 60, acquired certificates, or for
redeemed certificates 60. An issuer user ISR, at an issuer computer
22, is preferably provided with report options 116 to request,
view, print, or download, in near real time, various reports
relating to certificate parameters, issuance, redemption, and other
information.
[0067] For example, at certificate review step 130, an issuer may
preferably review existing parameters and data elements associated
with a virtual certificate 60 or a series of virtual certificates
60a-60n. At issued certificate review step 132, an issuer may
preferably review, print, or download information regarding issued
certificates. At redeemed certificate review step 134, an issuer
may preferably review information regarding certificates 60 which
have been redeemed and/or revoked (***Steps 134,136, corresponding
to steps 5-13,5-14 in original drawings, appear to be the same. Is
there a correction that should be made here?***).
[0068] Acquirer Options. FIG. 6 is a schematic block diagram 140 of
acquirer facility options. An acquirer user ACQ at an acquirer
terminal 26, through acquirer, facilities 28, in a secure
communication with the certificate authority 12, such as through a
registration or logon step 142, is preferably provided with
certificate acquisition options 144, such as the means to browse
through or search 148 for virtual certificates 60 (to be assembled
from the discrete elements) stored on the database 18 by a
certificate authority 12, and to direct various parameters 144
regarding issuance of one or more certificates 60. For a virtual
certificate which an acquirer user ACQ proceeds to acquire, the
acquirer user ACQ enters transaction information at transaction
step 150.
[0069] For previously acquired certificates 60 which have not been
redeemed, the acquirer may preferably be able to cancel the
certificate 60, at cancellation step 151. As well, for previously
acquired certificates 60 which have not been redeemed, the acquirer
user may preferably request a replacement for a certificate (e.g.
such as for a lost or destroyed certificate). At customization step
153, the acquirer user ACQ may preferably be given customization
choices, such as integrating an acquired certificate 60 within a
printed card, or modifying the artwork to display other information
(e.g. such as the name of an alternate recipient RCP). In addition,
for previously acquired certificates 60 which have not been
redeemed, an acquirer user ACQ may access reports, at step 146,
regarding acquired certificates. For example, at redemption
location report step 154, an acquirer user may view, print, or
download a list of alternate redemption locations RL, or
supplementary information regarding the redemption locations RL
(e.g. such as a map), for an acquired certificate 60.
[0070] Certificate Acquisition and Input of Acquirer Information.
FIG. 7 shows a detailed acquisition transaction process 150, by
which an acquirer user may direct a certificate authority 12 to
issue one or more selected certificates 60a-60n from an inventory
of available virtual certificates 60. An acquirer typically
receives an issued certificate 60, in exchange for an authorization
to charge the acquirer upon certificate redemption, for payment at
the time of acquisition, or on the basis of other acquirer
qualifications. An acquirer may upload other necessary instructions
and transaction information 162 to the certificate authority 12,
which are then stored (e.g. such as in database 18) as additional
independent elements associated with the issued certificate 60.
Acquirer entered transaction information 162 typically includes
name and address information 164, credit card or other information
166 associated with the acquirer's payment agent 52, assignment 170
by the acquirer of the secret private key 76 (FIG. 3) to be
associated with the selected certificate 60, and a selected
delivery method 172 for the certificate 60.
[0071] The acquirer is typically prompted (e.g. such as by a
required data entry field or a dialog box) to input the private key
76 (e.g. such as a personal identification number (PIN) into the
system. The acquirer is preferably prompted to enter the private
key 76 twice, to verify that the acquirer user has correctly
entered a known private key), to be stored in association with the
certificate 60. In a preferred embodiment of the certificate system
10, an acquirer may specify that the private key 76 to be
associated with an issued certificate 60 be comprised of other
identification information associated with the transaction, such as
an account number which associates the acquirer with the acquirer's
payment agent 52 (e.g. a credit card number), or a debit card
number. As well, an acquirer user ACQ may preferably select and/or
specify a denomination 168 for an acquired certificate 60 (e.g.
such as a currency amount), typically by selecting from among
denominations presented by an issuer. In a preferred embodiment of
the certificate system 10, the certificate authority 12 sends a
confirming e-mail to the acquirer.
[0072] When the acquisition of a certificate 60 is complete, the
certificate authority 12 preferably allows the acquirer to preview
of a printed version of the certificate 60, and typically presents
certificate delivery options 172 to the acquirer, such as the
transfer of a downloadable PDF file to the acquirer terminal 26,
the e-mail of certificate information 98 to the acquirer terminal
26 (or to an alternate recipient RCP), the facsimile transmission
32 of a certificate, an electronic encoding 34 of a smart-card
based certificate, or the electronic transfer of the certificate to
a redeemer computer 36 at a desired redemption location RL.
[0073] The acquirer can send an e-mail or other message to a
recipient (e.g. such as for a gift certificate), directing the
recipient to log on and pick up the certificate, either for
printing, such as at the recipient's computer, at the redemption
location RL, or at a third party (e.g. such as at a third party
mail service provider). If no hard-copy of the acquired certificate
60 is desired, or if printing is not feasible, the certificate
information can be transferred directly to the issuer merchant's
computer (e.g. a paperless electronic certificate), by which the
acquirer ACQ or alternate recipient RCP need only to visit a
redemption location RL, and supply the private key PIN number to
the redemption clerk RC.
[0074] Examples of alternate delivery methods for an acquired
certificate 60 which may be specified by an acquirer ACQ include
downloading of the certificate 60 as an electronic file (e.g. such
as within a portable document format (PDF) file (by ACROBAT.TM., of
Adobe Systems, Inc., of San Jose Calif.), or as an electronic
description transferred via the acquirer's computer 26 to a
transaction card encoder 34, or for printing on a printer 30
connected to the acquirer's computer 26, or for subsequent printing
later by the acquirer user.
[0075] A redeemer (i.e. a store clerk) typically needs only the
certificate information 74 (which includes the denomination 78 of
the certificate 60 and public keys 80,82), in combination with the
acquirer's private key 76, to validate an acquired certificate 60.
Hence, an issuer may request that a certificate 60 be delivered in
the form of an e-mail, containing only these items, or as
encodeable "smart card" data that can be magnetically stored by the
acquirer using a "smart card" encoder-34 attached to the acquirer
computer 26 or other communication device.
[0076] An alternate preferred delivery option 172 which an acquirer
may specify is that an acquired certificate be printed by the
certificate authority 12, and delivered by a postal service or
other delivery service, to an address specified by the acquirer
user ACQ (the typically the address of the acquirer ACQ, or the
address of an alternate recipient RCP, such as if the acquired
certificate 60 is intended as a gift certificate).
[0077] An alternate preferred delivery option 172 which an acquirer
may specify is that an image (e.g. such as a TIFF file) of an
acquired certificate 60 be faxed by the certificate authority 12,
to a facsimile (fax) machine designated by the acquirer user ACQ
(typically a facsimile machine 32 associated with the acquirer ACQ,
or a fax machine 32 associated with an alternate recipient
RCP).
[0078] As seen in FIG. 6, until an acquired certificate is
redeemed, an acquirer preferably has the ability to cancel 152 a
previously acquired certificate 60, or to request that an acquired
certificate be revoked and replaced 153 by a new certificate 60.
For example, if an acquirer user accidentally damages, destroys, or
loses a previously printed acquired certificate 60, the acquirer
may simply print out a new certificate 60, or have a new
certificate delivered or faxed, and may either retain the
previously stored private key 76, or may specify a new private key
76.
[0079] Since an acquired certificate 60 may only be used for
redemption once (at which time further use is revoked), there is no
financial risk to the issuer ISR in the use of replacement
certificates. As well, even if a certificate is lost and retrieved
by a second party, or is stolen, the lost acquired certificate is
unredeemable, without submittal of the private key 76, which is not
included as printed information on a certificate 60.
[0080] As shown in FIG. 6, an acquirer is preferably allowed to
query the secure database 18 for available redemption locations 154
for an acquired certificate 60, typically on the basis of a
geographic screening. The acquirer may request redemption locations
154 when the certificate is acquired, and is preferably provided
with ongoing access to redemption locations 154 (such as if an
alternate redemption location is desired, and is allowed by the
redemption rules 66 for an acquired certificate 60.
[0081] Prior to acquisition, the virtual certificate is 60 merely a
defined product or service, associated with an authorization to
produce a certificate, as defined by an issuer, for the defined
product or service. However, after the acquisition transaction is
completed, the certificate 60 then exists as an established entity
within the database 18, thereby becoming a token which directly
corresponds to the corresponding defined product or service, which
is to be surrendered by the seller to the holder of the certificate
60 at the time of a completed redemption transaction 104.
[0082] In addition to the previously defined public keys 80,82 and
private key identifiers, upon issuance of an acquired certificate,
the certificate authority 12 preferably creates or assigns a unique
issued certificate number (e.g. such as certificate "XYZ-203-4067")
which corresponds to the acquired certificate 60, as well as to the
collection of the defined elements of the certificate 60 (e.g. such
as the associated graphics 62, redemption rules 66, and
denomination 78), which are bound within the database 18 after the
acquisition transaction.
[0083] In a preferred embodiment, the certificate authority 12
communicates the acquisition transaction 72 to the issuer (e.g.
such as through issued certificate reports 132), such that the
product or service which is to be received upon redemption may be
held (i.e. reserved). For a product within an inventory at a
redemption location, the product may preferably be placed on hold.
For a designated service, the issuer may preferably use the
acquisition information to schedule personnel or equipment, or to
limit the further sale of goods or services (e.g. such as for an
airline flight, which has a limited number of seats available for a
scheduled flight and time).
[0084] Before the acquisition transaction 72, the virtual
certificate 60 is merely an authorization to construct a
certificate 60, wherein the virtual certificate 60 is typically
stored as a product or service category within a virtual inventory
of other virtual certificates. If a certificate is never acquired,
there is no effect upon a real inventory. If an inventory of real
goods an services (or associated cost structures) change for an
issuer, they may simply reaccess the certificate system 10, and
remove or edit previously defined virtual certificates 60, or
create other certificates 60 which reflect their current goods,
services, or cost structures.
[0085] For example, for an issuer/merchant who has a limited number
of products available (e.g. such as three mission-style coffee
tables), the issuer ISR would preferably limit the availability of
virtual certificates 60, as a redemption rule 66 at issuer facility
step 124 (FIG. 5). If an acquirer user ACQ acquires a certificate
for such a commodity having a limited availability, the certificate
authority 12 preferably limits the acquisition to the defined
virtual inventory. As well, for an issuer ISR which creates virtual
certificates 60 for a plurality of redemption locations RL, the
issuer may preferably create virtual certificates 60 which are
unique to one or more of the redemption locations. For example, a
first redemption location RL may sell products which are not
available at a second similar redemption location RL, or the
selling price for a product may be different at different
redemption locations. For virtual certificates 60 which are defined
as virtual coupons (e.g. such as for a discount at a redemption
location RL), an issuer can preferably define different discount
rates for different redemption locations RL.
[0086] Certificate Redemption. FIG. 8 is a detailed schematic block
diagram 174 of redeemer facility options. A redemption clerk RC
(e.g. such as a sales clerk at a redemption location), establishes
electronic communication with a certificate authority 12 through
redeemer facilities 38. As seen in FIG. 1, the redeemer facilities
38 are typically accessed through a redeemer computer terminal 36,
a redeemer POS terminal 40, or by a telephone 44 (either by using a
keypad driven menu, or through a live operator intermediary
14).
[0087] When an acquirer user ACQ (or alternate recipient RCP)
desires to proceed with a redemption transaction 90 at a redemption
location, the acquirer user ACQ typically hands the printed
certificate 60 to a redemption clerk RC, and communicates the
private key 76. The redemption clerk RC then validates the issued
certificate 60, to obtain a redemption authorization code 181 from
a certificate authority 12 to redeem the certificate 60, thereby
performing a certificate authentication 178. In a preferred
embodiment of the certificate system, the acquired certificate
includes redemption instructions 66 (i.e. terms of service
instructions), which a redemption clerk RC preferably follows to
redeem the acquired certificate 60. The redemption clerk RC uploads
180 certificate information 98 to the certificate authority 12,
which typically includes the certificate denomination 78, the
public keys 80,82, as well as the private key 76 (which is
submitted separately by the acquirer user ACQ).
[0088] In a preferred embodiment of the certificate system 10,
communication of redemption information 98 (e.g. such as
communication of the required public keys 80,82, private key 76 and
denomination 78) of the certificate 60 to the certificate authority
12 is made by an electronic link 39 with a point-of-sale (POS)
terminal 40 and/or a card code scanner 40, a redeemer computer 36,
or by other means having the ability to establish an electronic
link 39 with the certificate authority 12. For example, a
redemption clerk RC preferably uses a bar code image scanner or
other POS terminal 40 to determine the redemption information 98,
while the acquirer ACQ typically enters the private key 76 (e.g.
such as a PIN number) into a keypad of a POS terminal 40.
[0089] In a redemption system 174 which comprises a telephone
terminal 44, the communication of the redemption information 98 of
the certificate 60 to the certificate authority 12 may be made
using a touch-tone telephone keypad on the telephone 44, or by
live-phone contact to an operator intermediary 45 in communication
with the certificate authority 12.
[0090] Authorization of Certificate Redemption. Upon authentication
of the certificate by the certificate authority 12, on the basis of
a correlation of the unique certificate identification 74 in
combination with the acquirer's private key PIN 76 with the
transaction records associated with the certificate 60 stored in
the secure database 18, the certificate authority 12 authorizes the
redemption, and revokes the certificate 60.
[0091] In a preferred embodiment of the certificate system 10, upon
authentication of a certificate 60, the certificate authority 12,
creates a unique redemption transaction code 181, which through
redeemer facilities 38 may be downloaded 182 or otherwise
communicated to a redemption terminal 36,40,44. The certificate
authority 12 preferably stores the redemption transaction code 181
in association with the data elements relating to the certificate
60. The redemption transaction code 181 may subsequently be used by
redeemer personnel RC, such as through a redemption terminal 36, to
authenticate to the certificate authority 12 that the redemption of
the certificate 60 occurred, in the event there are subsequent
discrepancies in the final financial reconciliation of payment
transfers associated with the redemption transaction 104.
[0092] The certificate authority 12 has the means 46 to selectively
establish an electronic communication link 57 with an acquirer
payment agent 52, to request payment, and transmits to the acquirer
payment agent 52 the identification needed by the acquirer payment
agent 52 to authenticate the acquirer user ACQ, and obtain approval
for the redemption transaction 104.
[0093] Therefore, upon a successful redemption transaction 104, the
certificate authority 12 typically manages the transfer of funds
between appropriate payment agents. In one embodiment the
certificate authority 12 sends instructions to the authority
payment agent 58, to transfer funds to the redeemer payment agent
56 of a redeemer.
[0094] Issuer Creation Module. FIG. 9 shows the creation of a
virtual certificate 60 by an issuer user ISR at an issuer terminal,
through issuer facilities 24. As described above, an issuer user
ISR, in communication with the certificate authority 12 across a
network 192 (e.g. such as the internet), typically through a
certificate server 14, can direct the creation of one or more
virtual certificates 60. The issuer facilities preferably include a
issuer certificate creation module 194, in which the issuer may
define attributes for a virtual certificate 60, such as
denomination information 64a,64b, certificate design information
62a-62n, redemption rules 66a-66n, and issuer defined public key
information 82.
[0095] FIG. 10 shows an issuer virtual certificate creation module
interface 194a, which preferably includes an issuer information
module 196, an issuer commodity denomination module 198, an issuer
design module 200, and a redemption rule module 202.
[0096] The information module 196 typically includes issuer
business name 204a, issuer address 204b, registration information
204c, issuer description copy 204d, and a comprehensive list 204n
of all associated redemption locations RL. The commodity
denomination module 198 typically includes commodity type 206a,
commodity category 206b, and a denomination descriptor 206c. Other
denomination attributes may be set with denomination attribute
control 206d. The issuer design module 200 typically includes
selection of various design element 62, such as through add design
element control 122a, design library control 122b, and upload
design control 122c. Attributes for a design are preferably set by
attribute control 208. A design element 62 is preferably activated
by control 210. A design element 62 which is not needed may be
deleted by deletion control 212. The redemption rule module 202
typically includes user selectable expiration limitations 124a,
location selection 124b, or other redemption rules 124c. As well,
other issuer entered restrictions may be entered, such as
availability 126a, or other restrictions 126n.
[0097] FIG. 11 shows a preferred graphic user certificate layout
interface 194b for an issuer virtual certificate creation module
194. The certificate layout interface 194b preferably includes a
work area 214, in which an issuer user ISR can establish a defined
layout for virtual certificates 60, as they may appear on a network
site, or as an acquired certificate 60 may look if a printable form
is used. User selectable elements, such as denomination 64, design
elements 62a-62n, redemption rules 66, or issuer defined
certificate identification elements 82, preferably appear as
selectable icons. The selectable elements are preferably
established in the issuer virtual certificate creation module
interface 194a, such that selectable elements are preferably
limited to the defined attributes. The work area 214 preferably
allows the issuer user ISR to create a certificate layout in a
WYSIWYG work environment, wherein elements may be "dragged into
position in the area, and wherein a certificate preview (e.g. such
as a thumbnail or full size image) is created within the work area
214. An issuer user may save 218 a virtual certificate, rename 220
a certificate as a new certificate, print 222 a proof copy, or be
guided 224 to context-sensitive help screens.
[0098] Creation of Inventory. FIG. 12 is a block diagram of a
virtual inventory stored within a database 18. Each created virtual
certificate 60 is a defined collection of elements, such as
denomination elements 64a,64b, redemption rules 66, such as
applicable redemption locations RL, and a public key identification
packet 80,82. One or more virtual certificates 60, which are stored
within the database 18, become a virtual inventory 228 of goods and
services, which can then be accessed through one or more network
locations (e.g. such as through web sites).
[0099] The virtual inventory 228 typically comprises a wide variety
of goods and services. As well, the virtual inventory 228 typically
comprises virtual certificates which may be redeemed within
different geographic regions. For example, a first inventory subset
230a within the virtual inventory 228 may be a subset of similar
products or services, but with no limitation of a redemption
location RL. By contrast, a second inventory subset 230b within the
virtual inventory 228 may be a subset of all products or services
which may be acquired, but within a small geographic region.
[0100] Certificate elements, such as commodity type, denomination,
product descriptors, and redemption locations RL are preferably
searchable data elements, by which virtual certificates 60 for
products or services may be quickly located.
[0101] One or more network sites, such as aggregate sites 234 (FIG.
13), may preferably be established, to allow an acquirer shopper
ACQ to locate an appropriate subset 230 of virtual inventory 228,
to allow for the sale of similar goods and services from a
plurality of issuers ISR, and to allow the sale of goods and
services to be redeemed within a given region. As well, from a site
234 having a subset 230 of any portion of the virtual inventory,
the acquirer is preferably provided with search tools 238 by which
appropriate virtual certificates 60 are located.
[0102] FIG. 13 is a block diagram showing a site virtual inventory
236 at an aggregate network site 234, and a search subset 240 of
the site virtual inventory 236 directed by a search command 238
within a browsing (i.e. shopping) module 148 at an acquirer
terminal 26n.
[0103] In a preferred embodiment of the certificate system, an
acquirer user ACQ is able to control (e.g. such as by search
command 238) which of the available virtual certificates 60 are to
be displayed, on the basis of a particular store or brand of
product, or on the basis of certificate types and/or issuer types
categorized by one or more descriptive criteria available in the
discrete information associated with each unissued virtual
certificate.
[0104] In a preferred embodiment of the certificate system 10, an
acquirer user ACQ may specify a geographic location for a desired
redemption location RL (e.g. such as a redemption within a postal
code area or telephone area code region). The certificate authority
12 uses the selected geographic descriptor to create a subset 240
of available virtual certificates 60, such that only redeemable
certificates associated with the specified geographic location are
presented to the acquirer user ACQ. For example, an issuer ISR may
have specified geographic exclusions for a certificate which
correlate to the acquirer's geographic identification information,
precluding redemption within the acquirer's geographic area.
[0105] Therefore, an acquirer user ACQ can locate redemption
locations RL for one or more products or services which are
available as selectable virtual certificates 60. Upon initiating a
search, such as by product type, service type, zip code, town, or
state, the certificate authority 12 preferably presents a
browseable subset 240 of the entire virtual inventory 228 (or of an
aggregate inventory 236), which matches search limiters entered by
the acquirer user ACQ.
[0106] For example, an acquirer user in FIG. 13 may have entered
"coffee" as a search descriptor at an aggregate site 234, within a
zip code of "97213", with a selected local radius of 25 miles. The
certificate authority 12 would then perform a search for product
types or description text that includes the word "coffee", for
virtual certificates 60 which include a one or more redemption
locations within the "97213" zip code (as well, in this preferred
embodiment, within a region roughly defined by a 25 mile radius
from the center of the "97213" area code). In this manner, the
acquirer user may be presented with a selection of virtual
certificates 60 which match the search criteria.
[0107] Since the inventory 228 of virtual products and services is
a virtual product inventory 228, one or more of the virtual
products or services may be accessed by a plurality of network
locations 234. For example, a virtual certificate 60 created by an
issuer ISR who sells computers may correspond to the acquisition of
a small, hand-held tape recorder. The corresponding virtual
certificate 60 may advantageously listed within a plurality of
aggregate sites 234 such as an aggregated site 234a for
electronics, an aggregated site for business supplies 234b, an
aggregated site for school supplies 234c, or even a site for
gadgets or gifts 234d.
[0108] From an aggregated web site 234, which offers virtual
certificates 60 for goods or services from a plurality of
businesses ISR, RL, an acquirer user ACQ, searching or browsing
through an aggregate inventory 236 of virtual certificates 60, is
preferably guided to web pages or sections of web pages 248 (FIG.
14), which describe one or more certificates 60, along with a
presentation of other information 252a,252b which was input by the
user to be displayed with the virtual certificate 60 (e.g. such as
a store or product logo, a description of the store, business
address, phone number, or map, or a description of the product or
service represented by the virtual coupon 60). As well, links to
related virtual coupons for other products and services from the
same issuer are preferably included.
[0109] As well, the same certificate 60 may be accessed from the
issuer/merchant's own network site 242, which has a site virtual
inventory 236 limited to virtual certificates 60 that are created
by the issuer ISR. For example, a merchant site 242 (i.e. such as
an issuer/redeemer site) that is established by a merchant may
include a wide variety of information 244, typically related to the
issuer ISR or associated redemption locations RL. Within the
merchant site 242, the issuer ISR may preferably provide direct
access to virtual certificates, such as through selectable
certificate icons 246 (FIG. 14).
[0110] Upon selection of a selectable certificate locator icon 246,
an abbreviated certificate description page 248 is typically
presented to the acquirer user ACQ at the acquirer terminal 26,
which describes the goods and services for the selected virtual
certificate. The certificate description page 248 provides a
virtual "shelf space", which may be accessed from one or more
aggregate sites 234, or from a merchant web site 242. The
certificate description page 248 typically provide issuer defined
options, such as headers, product or service description, including
selectable options to view and acquire 250 coupons or
certificates.
[0111] An acquirer user ACQ therefore may preferably access the
inventory 228,236 of virtual certificates 60 through both one or
more larger aggregated sites 234, as well as through existing
merchant sites 242. An acquirer customer ACQ typically finds a
virtual certificate 60, or does a search to find various network
sites offering virtual certificates 60 for desired goods or
services.
[0112] Acquisition Transaction Module. FIG. 14 is a block diagram
240 of acquirer access to an acquisition transaction module 252,
wherein the acquisition transaction module 252 is accessible
through one or more aggregated sites 234, as well as through an
existing merchant site 242.
[0113] Selection of a selectable acquisition icon 250 by an
acquirer user ACQ typically transfers the acquirer user ACQ to a
acquisition transaction module 252 within the acquirer facilities
28 for the certificate system 10. While the acquisition transaction
module 252 is operated within the certificate system 10, the
description of the selected available product or service, the
denomination 64 for the selected available product or service, as
well as other redemption rules 66, are determined by the issuer
options 114 (FIG. 5). As well, limitations on appropriate acquirer
payment agents 52 are initially selectable 252 by the issuer, and
limit the payment agent choices within the shopping transaction
module 252.
[0114] For example, if a redemption location RL for an issuer ISR
accepts VISA.TM. or AMERICAN EXPRESS.TM. credit card payment agents
52, but does not accept MASTERCARD.TM. credit card payment agents
52, the issuer ISR preferably limits the selectable 256 payment
agents 52, to be displayed and selectable within the shopping
transaction module 252, to VISA.TM. or AMERICAN EXPRESS.TM. payment
agents 52.
[0115] While the shopping transaction module 252 is typically used
for a single acquisition transaction 90, related to a single issuer
ISR, the shopping transaction module 252 can alternately be used to
acquire one or more certificates related to the same issuer ISR,
for a single redemption location RL. Details of the acquisition
transaction are displayed within the transaction invoice 254.
[0116] As described above, during an acquisition transaction 72,
the acquirer facilities 28 typically prompt the acquirer user to
enter required transaction information 150 (FIG. 5), which include
the submittal of a private key 76, which is thereafter associated
with the acquired certificate 60.
[0117] Alternate Embodiments for Payment Transfer. The certificate
system 60 is easily adapted to provide alternate systems for
payment transfer. For example, as described below, funds may be
transferred directly from an acquirer payment agent 52 and a
redeemer payment agent 56 upon the acquisition of a certificate 60,
which is redeemed at a later time at a redemption location RL.
[0118] As well, funds may first be transferred directly from an
acquirer payment agent 52 to a third party (e.g. such as the
certificate payment agent 58) upon the acquisition of a certificate
60, and from the certificate payment agent 58 to the redeemer
payment agent 56 upon redemption.
[0119] In an alternate embodiment, an independent entity operates
the certificate system 10, purchases virtual certificates 60 from
one or more issuers 22, and then sells the purchased virtual
certificates to acquirers, with funds transferring between the
acquirer payment agents 52 to the certificate payment agent 58,
either during the acquisition transaction, or during the redemption
transaction 104.
[0120] Certificate Systems Having Payment Upon Acquisition. In one
embodiment of the certificate system 10, payment funds are
transferred from the acquirer payment agent 52 when a certificate
60 is acquired. While this payment system may not be applicable for
all embodiments of the certificate system 10, payment of funds at
the point of certificate acquisition 72 is often beneficial for
issuers and redeemers, wherein inventory of goods, or reservations
of services, are preferably held or reserved upon payment.
[0121] As well, for issuers, such as larger corporate clients,
which are linked to a plurality of redemption locations RL (e.g.
such as a chain of retail stores), inventory related to acquired
certificates may be routed to a particular redemption location
RL.
[0122] A certificate system 10 which offers payment upon
certificate acquisition may be beneficial for "in-house"
certificate systems 10, wherein the certificate authority 12 is a
dedicated system for an issuer ISR, as seen the certificate network
260b of FIG. 16. However, for issuers and redeemers which are may
be small or unknown businesses, acquirer users ACQ may be hesitant
to transfer funds from their respective acquirer payment agent 52
until the goods or services are deemed to be acceptable (i.e. at
the point of redemption). For large or known issuers ISR,
redemption locations RL, and for brand name products, payment upon
acquisition may be satisfactory for acquirer users ACQ.
[0123] Certificate Systems Having Payment Upon Redemption
Transaction. In a preferred embodiment of the certificate system
10, the certificate authority 12 receives an initial authorization
to transfer funds from an acquirer payment agent 52, whereby the
certificate authority establishes a "lock" on funds as a part of
the certificate acquisition transaction 72. The funds are then
transferred, from the acquirer payment agent 52 to the redeemer
payment agent 56, when a certificate is redeemed 90,104 for actual
goods or services, when the redemption transaction is authorized by
the certificate authority 12 (e.g. such as by an authentication
module 16).
[0124] For a certificate system 10 which serves a plurality of
issuers ISR, payment upon redemption is often advantageous to
acquirer users ACQ. For example, in a large independent certificate
system 10, which accepts a plurality of issuers ISR, and allows
acquirers ACQ to acquire certificates 60 for a selection of goods
and services from the plurality of issuers ISR, it is important
that only qualified and legitimate issuers be allowed to market
certificates 60. As well, it is important that the issuers ISR
clearly describe the products and services which are to be acquired
through a redemption of an acquired certificate 60.
[0125] For a system in which payment of funds from an acquirer user
ACQ is made upon the actual receipt of acceptable products or
services, the acquirer ACQ (or alternate recipient RCP) is assured
that redemption location RL, as well as the products or services to
be received, are legitimate. It is therefore advantageous that
issuers and redeemers clearly describe the goods or services which
are represented by an acquired certificate 60.
[0126] As well, for a certificate system 10 in which payment of
funds from an acquirer is made upon the actual receipt of
acceptable products or services, the redemption transaction 104 is
a true sales transaction, wherein the sale is independent of the
certificate entity (except for the authorization to transfer
funds). For example, funds are not transferred into or out of a
certificate authority account 58, and an acquirer is able to accept
or decline the transfer of funds at the time of the redemption
transaction 104 (either by redeeming the certificate 60, or by
declining a redemption). In such a certificate system, the
certificate authority 12 need not accept responsibility for the
quality of goods or services, since the redeemer receives funds
from the acquirer payment agent 52 during the redemption
transaction 104, and the acquirer receives the related goods or
services from the redemption location RL during the redemption
transaction 104.
[0127] Therefore, while an issuer ISR creates a virtual certificate
60 which is acquired through the certificate transaction network
10, the purchase transaction for the goods or services represented
by the certificate occurs at the redemption location RL, through
the merchant's point of sale terminal 40, with final redemption
authorization of acquirer funds handled by the certificate
authority 12.
[0128] In the preferred certificate system 10 wherein payment is
not transferred until actual redemption of the certificate 60,
buyers are inherently protected from mis-represented goods or
services, or from illegitimate certificate issuers ISR. If a
customer, such as an acquirer user, or a recipient of a certificate
60 (and accompanying private key 76), decides not to redeem the
certificate, or upon visiting a redemption location RL, decides
against the transaction for any reason, the customer may, at their
discretion, decide against proceeding with the redemption
transaction 104. Since the customer is not charged for the sale
unless a redemption transaction 104 is actually made, the customer
is inherently protected, since the certificate system 10 minimizes
misrepresentation of goods and services by issuers ISR.
[0129] For an acquirer who decides not to proceed with a redemption
transaction 104, the acquirer may simply let the acquired
certificate 60 "expire", or may actively return to the purchasing
site, such as through the acquirer facilities, and actively cancel
the certificate 60, while suspending the authorized lock on the
acquirer's funds.
[0130] The enhanced level of protection for the buyer provided by
the certificate system 10 is advantageous for many redemption
circumstances. While business and personal travelers commonly
purchase travel tickets (e.g. such as airline tickets, train
tickets, accommodations, and car rentals) at the present time,
funds are still transferred when the tickets are sent to or
reserved for the acquirer. If travel plans are changed, or if
flights are changed, buyers have little or no financial leverage.
In contrast to conventional ticketing and reservations, if travel
plans are changed, or if a flight is canceled, a customer in
possession of an applicable certificate 60 can easily modify their
travel plans, without being charged.
[0131] While authorization to charge against an acquirer's payment
agent 52 (e.g. such as a credit card) is first established at the
time the acquirer first acquires a certificate 60, funds are not
typically transferred during the initial authorization. Instead,
the initial authorization acts to validate an acquirer's payment
agent 52, while performing a preliminary test for funds, which are
to be typically charged later, during a second redemption
transaction 104.
[0132] The second authorization against the acquirer's funds takes
place when the certificate is redeemed. While the initial
authorization typically confirms available credit for an acquirer,
and typically establishes a hold on appropriate funds for the
certificate 60, the fund hold may either be held in place
indefinitely until redemption, or may expire before the redemption
of the certificate. For a fund hold which expires before a
certificate is redeemed, a redeemer may still gain authorization to
charge the acquirer's payment agent 52, during the redemption
transaction 90 (such as be re-entering the credit information).
[0133] The certificate system 10 therefore provides a mutually safe
and fair means for commerce between an acquirer and an issuer,
since, the acquirers ACQ are properly authorized (both during the
initial acquisition of the certificate and during the redemption
transaction 104), while the holder of the certificate 60 (i.e. the
acquirer or an authorized recipient of an acquired certificate) is
also able to accept or decline the redemption transaction 90 (e.g.
such as upon visiting the redemption location, if the goods or
services are not satisfactory).
[0134] In this preferred embodiment of the certificate system,
funds are never transferred to the hosting certificate system 10,
but are only transferred, upon a redemption transaction 104, from
the acquirer payment agent 52, either to the issuer payment agent
54, or to the redeemer payment agent 56. In this mode of operation,
a second authorization is required at the time the certificate is
redeemed, to authorize transfer of funds, and to initiate the
actual transfer of funds.
[0135] Financial institutions which offer credit card systems
typically charge merchant businesses different discount rates (e.g.
typically a percentage of each sale), based upon the type of sales
transactions. Many financial institutions charge different rates
for credit card present transactions, credit card not present
transactions, and internet transactions, with the greatest rates
typically charged to internet transactions (typically since
fraudulent use of credit cards is currently more prevalent on the
internet).
[0136] However, within the certificate system 10, for embodiments
where funds are initially locked during the acquisition, and where
a second authorization takes place upon redemption of an acquired
certificate, funds are transferred at the redemption level. For an
acquirer user who has a card present for redemption authorization,
there is a reasonable level of security for the merchant that the
card is valid. Even for a an acquirer or recipient who is in
possession of the certificate 60 and the private key 76, the
redemption transaction is significantly more secure than a remote
internet transaction. Therefore, a merchant is more likely to pay
less to the credit card issuing agency.
[0137] System Structures. The certificate system 10 may operate
across a wide variety of networks 192, and may be easily adapted to
promote various commerce models. FIG. 15 shows one network
embodiment 260a of a certificate system 10 implemented across a
network 192, having a plurality of issuer terminals 22a-22p, each
having issuer facilities 24a-24p, and network connection 23a-23p; a
remote certificate authority 12, including a certificate module 14,
an authentication module 16, a database 18, and an authority
terminal 58. A plurality of acquirer terminals 26a-26n, each having
acquirer facilities 28a-28n, and network connections 27a-27n, are
connected to network 192, such that a plurality of acquirer users
may browse and acquire certificates 60 which are created by a
plurality of issuer users at issuer terminals 22a-22p.
[0138] FIG. 16 shows an embodiment of an alternate network
embodiment 260b of a certificate system 10 implemented across a
network 192 having a single issuer terminal 22, with issuer
facility 24, and a network connection 23a-23p and a related
dedicated certificate authority 12, including a certificate module
14, an authentication module 16, a database 18, and an authority
terminal 58. For a large issuer ISR, such as a conglomerate which
provides a large selection of products or services at a plurality
of locations RL, a dedicated certificate authority system
12,14,16,18,58 may preferably be used to manage a large virtual
inventory of 228 certificates 60 on an issuer network site 242. A
plurality of acquirer terminals 26a-26n, each having acquirer
facilities 28a-28n and network connections 27a-27n, are connected
to network 192, such that a plurality of acquirer users ACQ may
browse and acquire certificates 60 within the virtual inventory 228
of the merchant site 242.
[0139] System Applications and Alternative Embodiments. The
certificate system 10 can be used for a large variety of commerce
applications, wherein products and services are located on-line,
but are picked up at a store. For example, an acquirer user ACQ may
locate a large gift item on-line (e.g. such as a television set),
which can be picked up at a location RL near a recipient RCP. The
acquirer user ACQ may simply search for and locate the desired gift
item at a location RL near the recipient RCP, proceed with an
acquisition transaction 72, transfer the acquired certificate 60
(or just the certificate information 74) to the recipient RCP (or
directly to the redemption location RL), and communicate the
private key to the recipient RCP. The recipient RCP may then
perform the redemption transaction 90, and receive the gift
item.
[0140] In a similar embodiment, an acquirer user ACQ may desire to
send a gift certificate with a selected money denomination 64 to a
recipient RCP. With the certificate information 74 and the private
key 76, the recipient RCP can either visit the redemption location
RL directly, or may alternately browse on-line through an aggregate
site or a merchant site, to locate desired goods or services,
before picking the desired goods up at the redemption location
RL.
[0141] The certificate system 10 can also be used for travel and
accommodations, and for various ticketing applications, As well,
the certificate system 10 may be used as a secure currency, in the
form of "traveler's" certificates, which are acquired online, but
are spent or cashed at one or more locations RL. As well, the
certificate system may be used to prepay for services, such as for
medical or dental services, or even home repair.
[0142] The certificate system 10 may be alternately used for
business vouchers systems, in which personnel, such as employees,
are sent to pick up and deliver goods and services, using
single-use certificates 60 to provide for the secure transfer of
various forms of inventory.
[0143] As described above, the certificate system 10 does not
require that monetary funds are transferred, or that the system be
used exclusively for purchasing products or services. For example,
the certificate system 10 may be used to distribute discount
coupons for one or more issuers ISR, which are typically redeemable
as a discount for an acquired product or service. While virtual
coupons are similar to virtual certificates 60 there is typically
no monetary value associated with a virtual coupon, such that there
may be no private key verification required during a redemption
transaction 90. An acquirer user ACQ simply accesses a desired
virtual coupon (e.g. such as for a related search for products or
businesses within their regional area), and prints a desired coupon
on an acquirer printer 30. The acquirer user ACQ may then visit a
related redemption location RL (i.e. the selected store), which
honors and redeems the coupon (typically as a discount for a
product or service specified on the virtual coupon).
[0144] A merchant issuer may preferably combine the use of virtual
certificates 60 with that of virtual coupons, such as through
virtual site, wherein an acquirer user may receive a discount that
is related to the acquisition of one or more certificates 60. For
example, to promote the redemption location RL, an issuer user may
provide an acquirer user with a virtual discount coupon, as a bonus
for prior certificate purchases.
[0145] System Advantages. Retailers, such as small merchants, may
easily establish means for selling their goods and services online,
without the requirement of establishing an extensive online
presence. Issuers may simply register their business with the
certificate authority 12, and then may create virtual certificates
60 for one or more of their products and services. Virtual
certificates 60 can be offered for acquisition at one or more
sites, such as an aggregated site 234 for a large variety of
products and services within a selected region, or a more
specialized site 234 that is related to specific types of products
or services within their area.
[0146] As well, even without a web site, an issuer/merchant can
input other store information 252a,252b (such as business location
information, logos, product descriptions) to appear on a web page
248,252 appropriate to a virtual certificate 60, as well as
acceptable credit cards 52 for the issuer/merchant. When an
acquirer ACQ navigates to a description of a virtual certificate
within a site 248, such as by limiting a search to a specific
product category within a specified zip code region, the
issuer/merchant information 252 is preferably displayed, in
conjunction with the virtual certificate 60, thereby creating a
network presence for the issuer/merchant. As well, if an acquirer
ACQ selects the certificate 60 (i.e. decides to acquire the
certificate), the acquirer facility 28 typically displays an
acquisition invoice module 252 that is specific to an
issuer/merchant for the selected certificate 60, wherein selectable
payment agent information (i.e. accepted credit cards) are limited
to cards which the issuer accepts at the redemption location
RL.
[0147] Through the certificate system 10, acquirers are able to
find goods and services that they might not have been able to find
otherwise. As well, acquirers are able to secure a price for a
transaction at the time they acquire a certificate 60. The
certificate authority creates a virtual inventory 228 of virtual
certificates 60, there is no inventory of paper-based certificates
or coupons.
[0148] Although the certificate system 10 and its methods of use
are described herein in connection with retail certificates offered
through web sites, the apparatus and techniques can be implemented
for other certificate, coupon, voucher, or token system, and over
different types of networks, or any combination thereof, as
desired.
[0149] Accordingly, although the invention has been described in
detail with reference to a particular preferred embodiment, persons
possessing ordinary skill in the art to which this invention
pertains will appreciate that various modifications and
enhancements may be made without departing from the spirit and
scope of the claims that follow.
* * * * *